]> git.ipfire.org Git - ipfire-2.x.git/blob - config/postfix/header_checks
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
GeƤndert:
[ipfire-2.x.git] / config / postfix / header_checks
1 # HEADER_CHECKS(5) HEADER_CHECKS(5)
2 #
3 # NAME
4 # header_checks - Postfix built-in header/body inspection
5 #
6 # SYNOPSIS
7 # header_checks = pcre:/etc/postfix/header_checks
8 # mime_header_checks = pcre:/etc/postfix/mime_header_checks
9 # nested_header_checks = pcre:/etc/postfix/nested_header_checks
10 # body_checks = pcre:/etc/postfix/body_checks
11 #
12 # postmap -fq "string" pcre:/etc/postfix/filename
13 # postmap -fq - pcre:/etc/postfix/filename <inputfile
14 #
15 # DESCRIPTION
16 # Postfix provides a simple built-in content inspection
17 # mechanism that examines incoming mail one message header
18 # or one message body line at a time. Each input is compared
19 # against a list of patterns, and when a match is found the
20 # corresponding action is executed. This feature is imple-
21 # mented by the Postfix cleanup(8) server.
22 #
23 # For examples, see the EXAMPLES section at the end of this
24 # manual page.
25 #
26 # Postfix header or body_checks are designed to stop a flood
27 # of mail from worms or viruses; they do not decode attach-
28 # ments, and they do not unzip archives. See the documents
29 # referenced below in the README FILES section if you need
30 # more sophisticated content analysis.
31 #
32 # Postfix supports four built-in content inspection classes:
33 #
34 # header_checks
35 # These are applied to initial message headers
36 # (except for the headers that are processed with
37 # mime_header_checks).
38 #
39 # mime_header_checks (default: $header_checks)
40 # These are applied to MIME related message headers
41 # only.
42 #
43 # This feature is available in Postfix 2.0 and later.
44 #
45 # nested_header_checks (default: $header_checks)
46 # These are applied to message headers of attached
47 # email messages (except for the headers that are
48 # processed with mime_header_checks).
49 #
50 # This feature is available in Postfix 2.0 and later.
51 #
52 # body_checks
53 # These are applied to all other content, including
54 # multi-part message boundaries.
55 #
56 # With Postfix versions before 2.0, all content after
57 # the initial message headers is treated as body con-
58 # tent.
59 #
60 # Note: message headers are examined one logical header at a
61 # time, even when a message header spans multiple lines.
62 # Body lines are always examined one line at a time.
63 #
64 # TABLE FORMAT
65 # This document assumes that header and body_checks rules
66 # are specified in the form of Postfix regular expression
67 # lookup tables. Usually the best performance is obtained
68 # with pcre (Perl Compatible Regular Expression) tables, but
69 # the slower regexp (POSIX regular expressions) support is
70 # more widely available. Use the command "postconf -m" to
71 # find out what lookup table types your Postfix system sup-
72 # ports.
73 #
74 # The general format of Postfix regular expression tables is
75 # given below. For a discussion of specific pattern or
76 # flags syntax, see pcre_table(5) or regexp_table(5),
77 # respectively.
78 #
79 # /pattern/flags action
80 # When pattern matches the input string, execute the
81 # corresponding action. See below for a list of pos-
82 # sible actions.
83 #
84 # !/pattern/flags action
85 # When pattern does not match the input string, exe-
86 # cute the corresponding action.
87 #
88 # if /pattern/flags
89 #
90 # endif Match the input string against the patterns between
91 # if and endif, if and only if the input string also
92 # matches pattern. The if..endif can nest.
93 #
94 # Note: do not prepend whitespace to patterns inside
95 # if..endif.
96 #
97 # if !/pattern/flags
98 #
99 # endif Match the input string against the patterns between
100 # if and endif, if and only if the input string does
101 # not match pattern. The if..endif can nest.
102 #
103 # blank lines and comments
104 # Empty lines and whitespace-only lines are ignored,
105 # as are lines whose first non-whitespace character
106 # is a `#'.
107 #
108 # multi-line text
109 # A pattern/action line starts with non-whitespace
110 # text. A line that starts with whitespace continues
111 # a logical line.
112 #
113 # TABLE SEARCH ORDER
114 # For each line of message input, the patterns are applied
115 # in the order as specified in the table. When a pattern is
116 # found that matches the input line, the corresponding
117 # action is executed and then the next input line is
118 # inspected.
119 #
120 # TEXT SUBSTITUTION
121 # Substitution of substrings from the matched expression
122 # into the action string is possible using the conventional
123 # Perl syntax ($1, $2, etc.). The macros in the result
124 # string may need to be written as ${n} or $(n) if they
125 # aren't followed by whitespace.
126 #
127 # Note: since negated patterns (those preceded by !) return
128 # a result when the expression does not match, substitutions
129 # are not available for negated patterns.
130 #
131 # ACTIONS
132 # Action names are case insensitive. They are shown in upper
133 # case for consistency with other Postfix documentation.
134 #
135 # DISCARD optional text...
136 # Claim successful delivery and silently discard the
137 # message. Log the optional text if specified, oth-
138 # erwise log a generic message.
139 #
140 # Note: this action disables further header or
141 # body_checks inspection of the current message and
142 # affects all recipients.
143 #
144 # This feature is available in Postfix 2.0 and later.
145 #
146 # DUNNO Pretend that the input line did not match any pat-
147 # tern, and inspect the next input line. This action
148 # can be used to shorten the table search.
149 #
150 # For backwards compatibility reasons, Postfix also
151 # accepts OK but it is (and always has been) treated
152 # as DUNNO.
153 #
154 # This feature is available in Postfix 2.1 and later.
155 #
156 # FILTER transport:destination
157 # Write a content filter request to the queue file
158 # and inspect the next input line. After the com-
159 # plete message is received it will be sent through
160 # the specified external content filter. More infor-
161 # mation about external content filters is in the
162 # Postfix FILTER_README file.
163 #
164 # Note: this action overrides the main.cf con-
165 # tent_filter setting, and affects all recipients of
166 # the message. In the case that multiple FILTER
167 # actions fire, only the last one is executed.
168 #
169 # This feature is available in Postfix 2.0 and later.
170 #
171 # HOLD optional text...
172 # Arrange for the message to be placed on the hold
173 # queue, and inspect the next input line. The mes-
174 # sage remains on hold until someone either deletes
175 # it or releases it for delivery. Log the optional
176 # text if specified, otherwise log a generic message.
177 #
178 # Mail that is placed on hold can be examined with
179 # the postcat(1) command, and can be destroyed or
180 # released with the postsuper(1) command.
181 #
182 # Note: use "postsuper -r" to release mail that was
183 # kept on hold for a significant fraction of $maxi-
184 # mal_queue_lifetime or $bounce_queue_lifetime, or
185 # longer.
186 #
187 # Note: this action affects all recipients of the
188 # message.
189 #
190 # This feature is available in Postfix 2.0 and later.
191 #
192 # IGNORE Delete the current line from the input and inspect
193 # the next input line.
194 #
195 # PREPEND text...
196 # Prepend one line with the specified text and
197 # inspect the next input line.
198 #
199 # Notes:
200 #
201 # o The prepended text is output on a separate
202 # line, immediately before the input that
203 # triggered the PREPEND action.
204 #
205 # o The prepended text is not considered part of
206 # the input stream: it is not subject to
207 # header/body checks or address rewriting, and
208 # it does not affect the way that Postfix adds
209 # missing message headers.
210 #
211 # o When prepending text before a message header
212 # line, the prepended text must begin with a
213 # valid message header label.
214 #
215 # o This action cannot be used to prepend multi-
216 # line text.
217 #
218 # This feature is available in Postfix 2.1 and later.
219 #
220 # REDIRECT user@domain
221 # Write a message redirection request to the queue
222 # file and inspect the next input line. After the
223 # message is queued, it will be sent to the specified
224 # address instead of the intended recipient(s).
225 #
226 # Note: this action overrides the FILTER action, and
227 # affects all recipients of the message. If multiple
228 # REDIRECT actions fire, only the last one is exe-
229 # cuted.
230 #
231 # This feature is available in Postfix 2.1 and later.
232 #
233 # REPLACE text...
234 # Replace the current line with the specified text
235 # and inspect the next input line.
236 #
237 # This feature is available in Postfix 2.2 and later.
238 # The description below applies to Postfix 2.2.2 and
239 # later.
240 #
241 # Notes:
242 #
243 # o When replacing a message header line, the
244 # replacement text must begin with a valid
245 # header label.
246 #
247 # o The replaced text remains part of the input
248 # stream. Unlike the result from the PREPEND
249 # action, a replaced message header may be
250 # subject to address rewriting and may affect
251 # the way that Postfix adds missing message
252 # headers.
253 #
254 # REJECT optional text...
255 # Reject the entire message. Reply with optional
256 # text... when the optional text is specified, other-
257 # wise reply with a generic error message.
258 #
259 # Note: this action disables further header or
260 # body_checks inspection of the current message and
261 # affects all recipients.
262 #
263 # WARN optional text...
264 # Log a warning with the optional text... (or log a
265 # generic message) and inspect the next input line.
266 # This action is useful for debugging and for testing
267 # a pattern before applying more drastic actions.
268 #
269 # BUGS
270 # Many people overlook the main limitations of header and
271 # body_checks rules. These rules operate on one logical
272 # message header or one body line at a time, and a decision
273 # made for one line is not carried over to the next line.
274 # If text in the message body is encoded (RFC 2045) then the
275 # rules have to specified for the encoded form. Likewise,
276 # when message headers are encoded (RFC 2047) then the rules
277 # need to be specified for the encoded form.
278 #
279 # Message headers added by the cleanup(8) daemon itself are
280 # excluded from inspection. Examples of such message headers
281 # are From:, To:, Message-ID:, Date:.
282 #
283 # Message headers deleted by the cleanup(8) daemon will be
284 # examined before they are deleted. Examples are: Bcc:, Con-
285 # tent-Length:, Return-Path:.
286 #
287 # CONFIGURATION PARAMETERS
288 # body_checks
289 # Lookup tables with content filter rules for message
290 # body lines. These filters see one physical line at
291 # a time, in chunks of at most $line_length_limit
292 # bytes.
293 #
294 # body_checks_size_limit
295 # The amount of content per message body segment
296 # (attachment) that is subjected to $body_checks fil-
297 # tering.
298 #
299 # header_checks
300 #
301 # mime_header_checks (default: $header_checks)
302 #
303 # nested_header_checks (default: $header_checks)
304 # Lookup tables with content filter rules for message
305 # header lines: respectively, these are applied to
306 # the initial message headers (not including MIME
307 # headers), to the MIME headers anywhere in the mes-
308 # sage, and to the initial headers of attached mes-
309 # sages.
310 #
311 # Note: these filters see one logical message header
312 # at a time, even when a message header spans multi-
313 # ple lines. Message headers that are longer than
314 # $header_size_limit characters are truncated.
315 #
316 # disable_mime_input_processing
317 # While receiving mail, give no special treatment to
318 # MIME related message headers; all text after the
319 # initial message headers is considered to be part of
320 # the message body. This means that header_checks is
321 # applied to all the initial message headers, and
322 # that body_checks is applied to the remainder of the
323 # message.
324 #
325 # Note: when used in this manner, body_checks will
326 # process a multi-line message header one line at a
327 # time.
328 #
329 # EXAMPLES
330 # Header pattern to block attachments with bad file name
331 # extensions.
332 #
333 # /etc/postfix/main.cf:
334 # header_checks = regexp:/etc/postfix/header_checks
335 #
336 # /etc/postfix/header_checks:
337 # /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
338 # REJECT Bad attachment file name extension: $2
339 #
340 # Body pattern to stop a specific HTML browser vulnerability
341 # exploit.
342 #
343 # /etc/postfix/main.cf:
344 # body_checks = regexp:/etc/postfix/body_checks
345 #
346 # /etc/postfix/body_checks:
347 # /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
348 # REJECT IFRAME vulnerability exploit
349 #
350 # SEE ALSO
351 # cleanup(8), canonicalize and enqueue Postfix message
352 # pcre_table(5), format of PCRE lookup tables
353 # regexp_table(5), format of POSIX regular expression tables
354 # postconf(1), Postfix configuration utility
355 # postmap(1), Postfix lookup table management
356 # postsuper(1), Postfix janitor
357 # postcat(1), show Postfix queue file contents
358 # RFC 2045, base64 and quoted-printable encoding rules
359 # RFC 2047, message header encoding for non-ASCII text
360 #
361 # README FILES
362 # Use "postconf readme_directory" or "postconf html_direc-
363 # tory" to locate this information.
364 # DATABASE_README, Postfix lookup table overview
365 # CONTENT_INSPECTION_README, Postfix content inspection overview
366 # BUILTIN_FILTER_README, Postfix built-in content inspection
367 # BACKSCATTER_README, blocking returned forged mail
368 #
369 # LICENSE
370 # The Secure Mailer license must be distributed with this
371 # software.
372 #
373 # AUTHOR(S)
374 # Wietse Venema
375 # IBM T.J. Watson Research
376 # P.O. Box 704
377 # Yorktown Heights, NY 10598, USA
378 #
379 # HEADER_CHECKS(5)
IPFire 2.x development tree