]>
Commit | Line | Data |
---|---|---|
3796e3d5 MT |
1 | # HEADER_CHECKS(5) HEADER_CHECKS(5) |
2 | # | |
3 | # NAME | |
4 | # header_checks - Postfix built-in header/body inspection | |
5 | # | |
6 | # SYNOPSIS | |
7 | # header_checks = pcre:/etc/postfix/header_checks | |
8 | # mime_header_checks = pcre:/etc/postfix/mime_header_checks | |
9 | # nested_header_checks = pcre:/etc/postfix/nested_header_checks | |
10 | # body_checks = pcre:/etc/postfix/body_checks | |
11 | # | |
12 | # postmap -fq "string" pcre:/etc/postfix/filename | |
13 | # postmap -fq - pcre:/etc/postfix/filename <inputfile | |
14 | # | |
15 | # DESCRIPTION | |
16 | # Postfix provides a simple built-in content inspection | |
17 | # mechanism that examines incoming mail one message header | |
18 | # or one message body line at a time. Each input is compared | |
19 | # against a list of patterns, and when a match is found the | |
20 | # corresponding action is executed. This feature is imple- | |
21 | # mented by the Postfix cleanup(8) server. | |
22 | # | |
23 | # For examples, see the EXAMPLES section at the end of this | |
24 | # manual page. | |
25 | # | |
26 | # Postfix header or body_checks are designed to stop a flood | |
27 | # of mail from worms or viruses; they do not decode attach- | |
28 | # ments, and they do not unzip archives. See the documents | |
29 | # referenced below in the README FILES section if you need | |
30 | # more sophisticated content analysis. | |
31 | # | |
32 | # Postfix supports four built-in content inspection classes: | |
33 | # | |
34 | # header_checks | |
35 | # These are applied to initial message headers | |
36 | # (except for the headers that are processed with | |
37 | # mime_header_checks). | |
38 | # | |
39 | # mime_header_checks (default: $header_checks) | |
40 | # These are applied to MIME related message headers | |
41 | # only. | |
42 | # | |
43 | # This feature is available in Postfix 2.0 and later. | |
44 | # | |
45 | # nested_header_checks (default: $header_checks) | |
46 | # These are applied to message headers of attached | |
47 | # email messages (except for the headers that are | |
48 | # processed with mime_header_checks). | |
49 | # | |
50 | # This feature is available in Postfix 2.0 and later. | |
51 | # | |
52 | # body_checks | |
53 | # These are applied to all other content, including | |
54 | # multi-part message boundaries. | |
55 | # | |
56 | # With Postfix versions before 2.0, all content after | |
57 | # the initial message headers is treated as body con- | |
58 | # tent. | |
59 | # | |
60 | # Note: message headers are examined one logical header at a | |
61 | # time, even when a message header spans multiple lines. | |
62 | # Body lines are always examined one line at a time. | |
63 | # | |
64 | # TABLE FORMAT | |
65 | # This document assumes that header and body_checks rules | |
66 | # are specified in the form of Postfix regular expression | |
67 | # lookup tables. Usually the best performance is obtained | |
68 | # with pcre (Perl Compatible Regular Expression) tables, but | |
69 | # the slower regexp (POSIX regular expressions) support is | |
70 | # more widely available. Use the command "postconf -m" to | |
71 | # find out what lookup table types your Postfix system sup- | |
72 | # ports. | |
73 | # | |
74 | # The general format of Postfix regular expression tables is | |
75 | # given below. For a discussion of specific pattern or | |
76 | # flags syntax, see pcre_table(5) or regexp_table(5), | |
77 | # respectively. | |
78 | # | |
79 | # /pattern/flags action | |
80 | # When pattern matches the input string, execute the | |
81 | # corresponding action. See below for a list of pos- | |
82 | # sible actions. | |
83 | # | |
84 | # !/pattern/flags action | |
85 | # When pattern does not match the input string, exe- | |
86 | # cute the corresponding action. | |
87 | # | |
88 | # if /pattern/flags | |
89 | # | |
90 | # endif Match the input string against the patterns between | |
91 | # if and endif, if and only if the input string also | |
92 | # matches pattern. The if..endif can nest. | |
93 | # | |
94 | # Note: do not prepend whitespace to patterns inside | |
95 | # if..endif. | |
96 | # | |
97 | # if !/pattern/flags | |
98 | # | |
99 | # endif Match the input string against the patterns between | |
100 | # if and endif, if and only if the input string does | |
101 | # not match pattern. The if..endif can nest. | |
102 | # | |
103 | # blank lines and comments | |
104 | # Empty lines and whitespace-only lines are ignored, | |
105 | # as are lines whose first non-whitespace character | |
106 | # is a `#'. | |
107 | # | |
108 | # multi-line text | |
109 | # A pattern/action line starts with non-whitespace | |
110 | # text. A line that starts with whitespace continues | |
111 | # a logical line. | |
112 | # | |
113 | # TABLE SEARCH ORDER | |
114 | # For each line of message input, the patterns are applied | |
115 | # in the order as specified in the table. When a pattern is | |
116 | # found that matches the input line, the corresponding | |
117 | # action is executed and then the next input line is | |
118 | # inspected. | |
119 | # | |
120 | # TEXT SUBSTITUTION | |
121 | # Substitution of substrings from the matched expression | |
122 | # into the action string is possible using the conventional | |
123 | # Perl syntax ($1, $2, etc.). The macros in the result | |
124 | # string may need to be written as ${n} or $(n) if they | |
125 | # aren't followed by whitespace. | |
126 | # | |
127 | # Note: since negated patterns (those preceded by !) return | |
128 | # a result when the expression does not match, substitutions | |
129 | # are not available for negated patterns. | |
130 | # | |
131 | # ACTIONS | |
132 | # Action names are case insensitive. They are shown in upper | |
133 | # case for consistency with other Postfix documentation. | |
134 | # | |
135 | # DISCARD optional text... | |
136 | # Claim successful delivery and silently discard the | |
137 | # message. Log the optional text if specified, oth- | |
138 | # erwise log a generic message. | |
139 | # | |
140 | # Note: this action disables further header or | |
141 | # body_checks inspection of the current message and | |
142 | # affects all recipients. | |
143 | # | |
144 | # This feature is available in Postfix 2.0 and later. | |
145 | # | |
146 | # DUNNO Pretend that the input line did not match any pat- | |
147 | # tern, and inspect the next input line. This action | |
148 | # can be used to shorten the table search. | |
149 | # | |
150 | # For backwards compatibility reasons, Postfix also | |
151 | # accepts OK but it is (and always has been) treated | |
152 | # as DUNNO. | |
153 | # | |
154 | # This feature is available in Postfix 2.1 and later. | |
155 | # | |
156 | # FILTER transport:destination | |
157 | # Write a content filter request to the queue file | |
158 | # and inspect the next input line. After the com- | |
159 | # plete message is received it will be sent through | |
160 | # the specified external content filter. More infor- | |
161 | # mation about external content filters is in the | |
162 | # Postfix FILTER_README file. | |
163 | # | |
164 | # Note: this action overrides the main.cf con- | |
165 | # tent_filter setting, and affects all recipients of | |
166 | # the message. In the case that multiple FILTER | |
167 | # actions fire, only the last one is executed. | |
168 | # | |
169 | # This feature is available in Postfix 2.0 and later. | |
170 | # | |
171 | # HOLD optional text... | |
172 | # Arrange for the message to be placed on the hold | |
173 | # queue, and inspect the next input line. The mes- | |
174 | # sage remains on hold until someone either deletes | |
175 | # it or releases it for delivery. Log the optional | |
176 | # text if specified, otherwise log a generic message. | |
177 | # | |
178 | # Mail that is placed on hold can be examined with | |
179 | # the postcat(1) command, and can be destroyed or | |
180 | # released with the postsuper(1) command. | |
181 | # | |
182 | # Note: use "postsuper -r" to release mail that was | |
183 | # kept on hold for a significant fraction of $maxi- | |
184 | # mal_queue_lifetime or $bounce_queue_lifetime, or | |
185 | # longer. | |
186 | # | |
187 | # Note: this action affects all recipients of the | |
188 | # message. | |
189 | # | |
190 | # This feature is available in Postfix 2.0 and later. | |
191 | # | |
192 | # IGNORE Delete the current line from the input and inspect | |
193 | # the next input line. | |
194 | # | |
195 | # PREPEND text... | |
196 | # Prepend one line with the specified text and | |
197 | # inspect the next input line. | |
198 | # | |
199 | # Notes: | |
200 | # | |
201 | # o The prepended text is output on a separate | |
202 | # line, immediately before the input that | |
203 | # triggered the PREPEND action. | |
204 | # | |
205 | # o The prepended text is not considered part of | |
206 | # the input stream: it is not subject to | |
207 | # header/body checks or address rewriting, and | |
208 | # it does not affect the way that Postfix adds | |
209 | # missing message headers. | |
210 | # | |
211 | # o When prepending text before a message header | |
212 | # line, the prepended text must begin with a | |
213 | # valid message header label. | |
214 | # | |
215 | # o This action cannot be used to prepend multi- | |
216 | # line text. | |
217 | # | |
218 | # This feature is available in Postfix 2.1 and later. | |
219 | # | |
220 | # REDIRECT user@domain | |
221 | # Write a message redirection request to the queue | |
222 | # file and inspect the next input line. After the | |
223 | # message is queued, it will be sent to the specified | |
224 | # address instead of the intended recipient(s). | |
225 | # | |
226 | # Note: this action overrides the FILTER action, and | |
227 | # affects all recipients of the message. If multiple | |
228 | # REDIRECT actions fire, only the last one is exe- | |
229 | # cuted. | |
230 | # | |
231 | # This feature is available in Postfix 2.1 and later. | |
232 | # | |
233 | # REPLACE text... | |
234 | # Replace the current line with the specified text | |
235 | # and inspect the next input line. | |
236 | # | |
237 | # This feature is available in Postfix 2.2 and later. | |
238 | # The description below applies to Postfix 2.2.2 and | |
239 | # later. | |
240 | # | |
241 | # Notes: | |
242 | # | |
243 | # o When replacing a message header line, the | |
244 | # replacement text must begin with a valid | |
245 | # header label. | |
246 | # | |
247 | # o The replaced text remains part of the input | |
248 | # stream. Unlike the result from the PREPEND | |
249 | # action, a replaced message header may be | |
250 | # subject to address rewriting and may affect | |
251 | # the way that Postfix adds missing message | |
252 | # headers. | |
253 | # | |
254 | # REJECT optional text... | |
255 | # Reject the entire message. Reply with optional | |
256 | # text... when the optional text is specified, other- | |
257 | # wise reply with a generic error message. | |
258 | # | |
259 | # Note: this action disables further header or | |
260 | # body_checks inspection of the current message and | |
261 | # affects all recipients. | |
262 | # | |
263 | # WARN optional text... | |
264 | # Log a warning with the optional text... (or log a | |
265 | # generic message) and inspect the next input line. | |
266 | # This action is useful for debugging and for testing | |
267 | # a pattern before applying more drastic actions. | |
268 | # | |
269 | # BUGS | |
270 | # Many people overlook the main limitations of header and | |
271 | # body_checks rules. These rules operate on one logical | |
272 | # message header or one body line at a time, and a decision | |
273 | # made for one line is not carried over to the next line. | |
274 | # If text in the message body is encoded (RFC 2045) then the | |
275 | # rules have to specified for the encoded form. Likewise, | |
276 | # when message headers are encoded (RFC 2047) then the rules | |
277 | # need to be specified for the encoded form. | |
278 | # | |
279 | # Message headers added by the cleanup(8) daemon itself are | |
280 | # excluded from inspection. Examples of such message headers | |
281 | # are From:, To:, Message-ID:, Date:. | |
282 | # | |
283 | # Message headers deleted by the cleanup(8) daemon will be | |
284 | # examined before they are deleted. Examples are: Bcc:, Con- | |
285 | # tent-Length:, Return-Path:. | |
286 | # | |
287 | # CONFIGURATION PARAMETERS | |
288 | # body_checks | |
289 | # Lookup tables with content filter rules for message | |
290 | # body lines. These filters see one physical line at | |
291 | # a time, in chunks of at most $line_length_limit | |
292 | # bytes. | |
293 | # | |
294 | # body_checks_size_limit | |
295 | # The amount of content per message body segment | |
296 | # (attachment) that is subjected to $body_checks fil- | |
297 | # tering. | |
298 | # | |
299 | # header_checks | |
300 | # | |
301 | # mime_header_checks (default: $header_checks) | |
302 | # | |
303 | # nested_header_checks (default: $header_checks) | |
304 | # Lookup tables with content filter rules for message | |
305 | # header lines: respectively, these are applied to | |
306 | # the initial message headers (not including MIME | |
307 | # headers), to the MIME headers anywhere in the mes- | |
308 | # sage, and to the initial headers of attached mes- | |
309 | # sages. | |
310 | # | |
311 | # Note: these filters see one logical message header | |
312 | # at a time, even when a message header spans multi- | |
313 | # ple lines. Message headers that are longer than | |
314 | # $header_size_limit characters are truncated. | |
315 | # | |
316 | # disable_mime_input_processing | |
317 | # While receiving mail, give no special treatment to | |
318 | # MIME related message headers; all text after the | |
319 | # initial message headers is considered to be part of | |
320 | # the message body. This means that header_checks is | |
321 | # applied to all the initial message headers, and | |
322 | # that body_checks is applied to the remainder of the | |
323 | # message. | |
324 | # | |
325 | # Note: when used in this manner, body_checks will | |
326 | # process a multi-line message header one line at a | |
327 | # time. | |
328 | # | |
329 | # EXAMPLES | |
330 | # Header pattern to block attachments with bad file name | |
331 | # extensions. | |
332 | # | |
333 | # /etc/postfix/main.cf: | |
334 | # header_checks = regexp:/etc/postfix/header_checks | |
335 | # | |
336 | # /etc/postfix/header_checks: | |
337 | # /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/ | |
338 | # REJECT Bad attachment file name extension: $2 | |
339 | # | |
340 | # Body pattern to stop a specific HTML browser vulnerability | |
341 | # exploit. | |
342 | # | |
343 | # /etc/postfix/main.cf: | |
344 | # body_checks = regexp:/etc/postfix/body_checks | |
345 | # | |
346 | # /etc/postfix/body_checks: | |
347 | # /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/ | |
348 | # REJECT IFRAME vulnerability exploit | |
349 | # | |
350 | # SEE ALSO | |
351 | # cleanup(8), canonicalize and enqueue Postfix message | |
352 | # pcre_table(5), format of PCRE lookup tables | |
353 | # regexp_table(5), format of POSIX regular expression tables | |
354 | # postconf(1), Postfix configuration utility | |
355 | # postmap(1), Postfix lookup table management | |
356 | # postsuper(1), Postfix janitor | |
357 | # postcat(1), show Postfix queue file contents | |
358 | # RFC 2045, base64 and quoted-printable encoding rules | |
359 | # RFC 2047, message header encoding for non-ASCII text | |
360 | # | |
361 | # README FILES | |
362 | # Use "postconf readme_directory" or "postconf html_direc- | |
363 | # tory" to locate this information. | |
364 | # DATABASE_README, Postfix lookup table overview | |
365 | # CONTENT_INSPECTION_README, Postfix content inspection overview | |
366 | # BUILTIN_FILTER_README, Postfix built-in content inspection | |
367 | # BACKSCATTER_README, blocking returned forged mail | |
368 | # | |
369 | # LICENSE | |
370 | # The Secure Mailer license must be distributed with this | |
371 | # software. | |
372 | # | |
373 | # AUTHOR(S) | |
374 | # Wietse Venema | |
375 | # IBM T.J. Watson Research | |
376 | # P.O. Box 704 | |
377 | # Yorktown Heights, NY 10598, USA | |
378 | # | |
379 | # HEADER_CHECKS(5) |