[people/pmueller/ipfire-2.x.git] / config / postfix / header_checks

# HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
# 
# NAME
#        header_checks - Postfix built-in header/body inspection
# 
# SYNOPSIS
#        header_checks = pcre:/etc/postfix/header_checks
#        mime_header_checks = pcre:/etc/postfix/mime_header_checks
#        nested_header_checks = pcre:/etc/postfix/nested_header_checks
#        body_checks = pcre:/etc/postfix/body_checks
# 
#        postmap -fq "string" pcre:/etc/postfix/filename
#        postmap -fq - pcre:/etc/postfix/filename <inputfile
# 
# DESCRIPTION
#        Postfix  provides  a  simple  built-in  content inspection
#        mechanism that examines incoming mail one  message  header
#        or one message body line at a time. Each input is compared
#        against a list of patterns, and when a match is found  the
#        corresponding  action is executed.  This feature is imple-
#        mented by the Postfix cleanup(8) server.
# 
#        For examples, see the EXAMPLES section at the end of  this
#        manual page.
# 
#        Postfix header or body_checks are designed to stop a flood
#        of mail from worms or viruses; they do not decode  attach-
#        ments,  and  they do not unzip archives. See the documents
#        referenced below in the README FILES section if  you  need
#        more sophisticated content analysis.
# 
#        Postfix supports four built-in content inspection classes:
# 
#        header_checks
#               These  are  applied  to  initial  message   headers
#               (except  for  the  headers  that are processed with
#               mime_header_checks).
# 
#        mime_header_checks (default: $header_checks)
#               These are applied to MIME related  message  headers
#               only.
# 
#               This feature is available in Postfix 2.0 and later.
# 
#        nested_header_checks (default: $header_checks)
#               These are applied to message  headers  of  attached
#               email  messages  (except  for  the headers that are
#               processed with mime_header_checks).
# 
#               This feature is available in Postfix 2.0 and later.
# 
#        body_checks
#               These  are  applied to all other content, including
#               multi-part message boundaries.
# 
#               With Postfix versions before 2.0, all content after
#               the initial message headers is treated as body con-
#               tent.
# 
#        Note: message headers are examined one logical header at a
#        time,  even  when  a  message header spans multiple lines.
#        Body lines are always examined one line at a time.
# 
# TABLE FORMAT
#        This document assumes that header  and  body_checks  rules
#        are  specified  in  the form of Postfix regular expression
#        lookup tables. Usually the best  performance  is  obtained
#        with pcre (Perl Compatible Regular Expression) tables, but
#        the slower regexp (POSIX regular expressions)  support  is
#        more  widely  available.  Use the command "postconf -m" to
#        find out what lookup table types your Postfix system  sup-
#        ports.
# 
#        The general format of Postfix regular expression tables is
#        given below.  For a  discussion  of  specific  pattern  or
#        flags   syntax,   see  pcre_table(5)  or  regexp_table(5),
#        respectively.
# 
#        /pattern/flags action
#               When pattern matches the input string, execute  the
#               corresponding  action. See below for a list of pos-
#               sible actions.
# 
#        !/pattern/flags action
#               When pattern does not match the input string,  exe-
#               cute the corresponding action.
# 
#        if /pattern/flags
# 
#        endif  Match the input string against the patterns between
#               if and endif, if and only if the input string  also
#               matches pattern. The if..endif can nest.
# 
#               Note:  do not prepend whitespace to patterns inside
#               if..endif.
# 
#        if !/pattern/flags
# 
#        endif  Match the input string against the patterns between
#               if  and endif, if and only if the input string does
#               not match pattern. The if..endif can nest.
# 
#        blank lines and comments
#               Empty lines and whitespace-only lines are  ignored,
#               as  are  lines whose first non-whitespace character
#               is a `#'.
# 
#        multi-line text
#               A pattern/action line  starts  with  non-whitespace
#               text.  A line that starts with whitespace continues
#               a logical line.
# 
# TABLE SEARCH ORDER
#        For each line of message input, the patterns  are  applied
#        in  the order as specified in the table. When a pattern is
#        found that  matches  the  input  line,  the  corresponding
#        action  is  executed  and  then  the  next  input  line is
#        inspected.
# 
# TEXT SUBSTITUTION
#        Substitution of substrings  from  the  matched  expression
#        into  the action string is possible using the conventional
#        Perl syntax ($1, $2, etc.).   The  macros  in  the  result
#        string  may  need  to  be  written as ${n} or $(n) if they
#        aren't followed by whitespace.
# 
#        Note: since negated patterns (those preceded by !)  return
#        a result when the expression does not match, substitutions
#        are not available for negated patterns.
# 
# ACTIONS
#        Action names are case insensitive. They are shown in upper
#        case for consistency with other Postfix documentation.
# 
#        DISCARD optional text...
#               Claim  successful delivery and silently discard the
#               message.  Log the optional text if specified,  oth-
#               erwise log a generic message.
# 
#               Note:   this  action  disables  further  header  or
#               body_checks inspection of the current  message  and
#               affects all recipients.
# 
#               This feature is available in Postfix 2.0 and later.
# 
#        DUNNO  Pretend that the input line did not match any  pat-
#               tern,  and inspect the next input line. This action
#               can be used to shorten the table search.
# 
#               For backwards compatibility reasons,  Postfix  also
#               accepts  OK but it is (and always has been) treated
#               as DUNNO.
# 
#               This feature is available in Postfix 2.1 and later.
# 
#        FILTER transport:destination
#               Write  a  content  filter request to the queue file
#               and inspect the next input line.   After  the  com-
#               plete  message  is received it will be sent through
#               the specified external content filter.  More infor-
#               mation  about  external  content  filters is in the
#               Postfix FILTER_README file.
# 
#               Note:  this  action  overrides  the  main.cf   con-
#               tent_filter  setting, and affects all recipients of
#               the message.  In  the  case  that  multiple  FILTER
#               actions fire, only the last one is executed.
# 
#               This feature is available in Postfix 2.0 and later.
# 
#        HOLD optional text...
#               Arrange for the message to be placed  on  the  hold
#               queue,  and  inspect the next input line.  The mes-
#               sage remains on hold until someone  either  deletes
#               it  or  releases it for delivery.  Log the optional
#               text if specified, otherwise log a generic message.
# 
#               Mail  that  is  placed on hold can be examined with
#               the postcat(1) command, and  can  be  destroyed  or
#               released with the postsuper(1) command.
# 
#               Note:  use  "postsuper -r" to release mail that was
#               kept on hold for a significant fraction  of  $maxi-
#               mal_queue_lifetime  or  $bounce_queue_lifetime,  or
#               longer.
# 
#               Note: this action affects  all  recipients  of  the
#               message.
# 
#               This feature is available in Postfix 2.0 and later.
# 
#        IGNORE Delete the current line from the input and  inspect
#               the next input line.
# 
#        PREPEND text...
#               Prepend  one  line  with  the  specified  text  and
#               inspect the next input line.
# 
#               Notes:
# 
#               o      The prepended text is output on  a  separate
#                      line,  immediately  before  the  input  that
#                      triggered the PREPEND action.
# 
#               o      The prepended text is not considered part of
#                      the  input  stream:  it  is  not  subject to
#                      header/body checks or address rewriting, and
#                      it does not affect the way that Postfix adds
#                      missing message headers.
# 
#               o      When prepending text before a message header
#                      line,  the  prepended text must begin with a
#                      valid message header label.
# 
#               o      This action cannot be used to prepend multi-
#                      line text.
# 
#               This feature is available in Postfix 2.1 and later.
# 
#        REDIRECT user@domain
#               Write a message redirection request  to  the  queue
#               file  and  inspect  the  next input line. After the
#               message is queued, it will be sent to the specified
#               address instead of the intended recipient(s).
# 
#               Note:  this action overrides the FILTER action, and
#               affects all recipients of the message. If  multiple
#               REDIRECT  actions  fire,  only the last one is exe-
#               cuted.
# 
#               This feature is available in Postfix 2.1 and later.
# 
#        REPLACE text...
#               Replace  the  current  line with the specified text
#               and inspect the next input line.
# 
#               This feature is available in Postfix 2.2 and later.
#               The  description below applies to Postfix 2.2.2 and
#               later.
# 
#               Notes:
# 
#               o      When replacing a message  header  line,  the
#                      replacement  text  must  begin  with a valid
#                      header label.
# 
#               o      The replaced text remains part of the  input
#                      stream.  Unlike  the result from the PREPEND
#                      action, a replaced  message  header  may  be
#                      subject  to address rewriting and may affect
#                      the way that Postfix  adds  missing  message
#                      headers.
# 
#        REJECT optional text...
#               Reject  the  entire  message.  Reply  with optional
#               text... when the optional text is specified, other-
#               wise reply with a generic error message.
# 
#               Note:   this  action  disables  further  header  or
#               body_checks inspection of the current  message  and
#               affects all recipients.
# 
#        WARN optional text...
#               Log  a  warning with the optional text... (or log a
#               generic message) and inspect the next  input  line.
#               This action is useful for debugging and for testing
#               a pattern before applying more drastic actions.
# 
# BUGS
#        Many people overlook the main limitations  of  header  and
#        body_checks  rules.   These  rules  operate on one logical
#        message header or one body line at a time, and a  decision
#        made  for  one  line is not carried over to the next line.
#        If text in the message body is encoded (RFC 2045) then the
#        rules  have  to specified for the encoded form.  Likewise,
#        when message headers are encoded (RFC 2047) then the rules
#        need to be specified for the encoded form.
# 
#        Message  headers added by the cleanup(8) daemon itself are
#        excluded from inspection. Examples of such message headers
#        are From:, To:, Message-ID:, Date:.
# 
#        Message  headers  deleted by the cleanup(8) daemon will be
#        examined before they are deleted. Examples are: Bcc:, Con-
#        tent-Length:, Return-Path:.
# 
# CONFIGURATION PARAMETERS
#        body_checks
#               Lookup tables with content filter rules for message
#               body lines.  These filters see one physical line at
#               a  time,  in  chunks  of at most $line_length_limit
#               bytes.
# 
#        body_checks_size_limit
#               The amount of  content  per  message  body  segment
#               (attachment) that is subjected to $body_checks fil-
#               tering.
# 
#        header_checks
# 
#        mime_header_checks (default: $header_checks)
# 
#        nested_header_checks (default: $header_checks)
#               Lookup tables with content filter rules for message
#               header  lines:  respectively,  these are applied to
#               the initial message  headers  (not  including  MIME
#               headers),  to the MIME headers anywhere in the mes-
#               sage, and to the initial headers of  attached  mes-
#               sages.
# 
#               Note:  these filters see one logical message header
#               at a time, even when a message header spans  multi-
#               ple  lines.  Message  headers  that are longer than
#               $header_size_limit characters are truncated.
# 
#        disable_mime_input_processing
#               While receiving mail, give no special treatment  to
#               MIME  related  message  headers; all text after the
#               initial message headers is considered to be part of
#               the  message body. This means that header_checks is
#               applied to all the  initial  message  headers,  and
#               that body_checks is applied to the remainder of the
#               message.
# 
#               Note: when used in this  manner,  body_checks  will
#               process  a  multi-line message header one line at a
#               time.
# 
# EXAMPLES
#        Header pattern to block attachments  with  bad  file  name
#        extensions.
# 
#        /etc/postfix/main.cf:
#            header_checks = regexp:/etc/postfix/header_checks
# 
#        /etc/postfix/header_checks:
#            /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
#                REJECT Bad attachment file name extension: $2
# 
#        Body pattern to stop a specific HTML browser vulnerability
#        exploit.
# 
#        /etc/postfix/main.cf:
#            body_checks = regexp:/etc/postfix/body_checks
# 
#        /etc/postfix/body_checks:
#            /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
#                REJECT IFRAME vulnerability exploit
# 
# SEE ALSO
#        cleanup(8), canonicalize and enqueue Postfix message
#        pcre_table(5), format of PCRE lookup tables
#        regexp_table(5), format of POSIX regular expression tables
#        postconf(1), Postfix configuration utility
#        postmap(1), Postfix lookup table management
#        postsuper(1), Postfix janitor
#        postcat(1), show Postfix queue file contents
#        RFC 2045, base64 and quoted-printable encoding rules
#        RFC 2047, message header encoding for non-ASCII text
# 
# README FILES
#        Use "postconf readme_directory" or  "postconf  html_direc-
#        tory" to locate this information.
#        DATABASE_README, Postfix lookup table overview
#        CONTENT_INSPECTION_README, Postfix content inspection overview
#        BUILTIN_FILTER_README, Postfix built-in content inspection
#        BACKSCATTER_README, blocking returned forged mail
# 
# LICENSE
#        The  Secure  Mailer  license must be distributed with this
#        software.
# 
# AUTHOR(S)
#        Wietse Venema
#        IBM T.J. Watson Research
#        P.O. Box 704
#        Yorktown Heights, NY 10598, USA
# 
#                                                               HEADER_CHECKS(5)
Commit	Line	Data
3796e3d5 MT	1	# HEADER_CHECKS(5) HEADER_CHECKS(5)
	2	#
	3	# NAME
	4	# header_checks - Postfix built-in header/body inspection
	5	#
	6	# SYNOPSIS
	7	# header_checks = pcre:/etc/postfix/header_checks
	8	# mime_header_checks = pcre:/etc/postfix/mime_header_checks
	9	# nested_header_checks = pcre:/etc/postfix/nested_header_checks
	10	# body_checks = pcre:/etc/postfix/body_checks
	11	#
	12	# postmap -fq "string" pcre:/etc/postfix/filename
	13	# postmap -fq - pcre:/etc/postfix/filename <inputfile
	14	#
	15	# DESCRIPTION
	16	# Postfix provides a simple built-in content inspection
	17	# mechanism that examines incoming mail one message header
	18	# or one message body line at a time. Each input is compared
	19	# against a list of patterns, and when a match is found the
	20	# corresponding action is executed. This feature is imple-
	21	# mented by the Postfix cleanup(8) server.
	22	#
	23	# For examples, see the EXAMPLES section at the end of this
	24	# manual page.
	25	#
	26	# Postfix header or body_checks are designed to stop a flood
	27	# of mail from worms or viruses; they do not decode attach-
	28	# ments, and they do not unzip archives. See the documents
	29	# referenced below in the README FILES section if you need
	30	# more sophisticated content analysis.
	31	#
	32	# Postfix supports four built-in content inspection classes:
	33	#
	34	# header_checks
	35	# These are applied to initial message headers
	36	# (except for the headers that are processed with
	37	# mime_header_checks).
	38	#
	39	# mime_header_checks (default: $header_checks)
	40	# These are applied to MIME related message headers
	41	# only.
	42	#
	43	# This feature is available in Postfix 2.0 and later.
	44	#
	45	# nested_header_checks (default: $header_checks)
	46	# These are applied to message headers of attached
	47	# email messages (except for the headers that are
	48	# processed with mime_header_checks).
	49	#
	50	# This feature is available in Postfix 2.0 and later.
	51	#
	52	# body_checks
	53	# These are applied to all other content, including
	54	# multi-part message boundaries.
	55	#
	56	# With Postfix versions before 2.0, all content after
	57	# the initial message headers is treated as body con-
	58	# tent.
	59	#
	60	# Note: message headers are examined one logical header at a
	61	# time, even when a message header spans multiple lines.
	62	# Body lines are always examined one line at a time.
	63	#
	64	# TABLE FORMAT
65	# This document assumes that header and body_checks rules
66	# are specified in the form of Postfix regular expression
67	# lookup tables. Usually the best performance is obtained
68	# with pcre (Perl Compatible Regular Expression) tables, but
69	# the slower regexp (POSIX regular expressions) support is
70	# more widely available. Use the command "postconf -m" to
71	# find out what lookup table types your Postfix system sup-
72	# ports.
73	#
74	# The general format of Postfix regular expression tables is
75	# given below. For a discussion of specific pattern or
76	# flags syntax, see pcre_table(5) or regexp_table(5),
77	# respectively.
78	#
79	# /pattern/flags action
80	# When pattern matches the input string, execute the
81	# corresponding action. See below for a list of pos-
82	# sible actions.
83	#
84	# !/pattern/flags action
85	# When pattern does not match the input string, exe-
86	# cute the corresponding action.
87	#
88	# if /pattern/flags
89	#
90	# endif Match the input string against the patterns between
91	# if and endif, if and only if the input string also
92	# matches pattern. The if..endif can nest.
93	#
94	# Note: do not prepend whitespace to patterns inside
95	# if..endif.
96	#
97	# if !/pattern/flags
98	#
99	# endif Match the input string against the patterns between
100	# if and endif, if and only if the input string does
101	# not match pattern. The if..endif can nest.
102	#
103	# blank lines and comments
104	# Empty lines and whitespace-only lines are ignored,
105	# as are lines whose first non-whitespace character
106	# is a `#'.
107	#
108	# multi-line text
109	# A pattern/action line starts with non-whitespace
110	# text. A line that starts with whitespace continues
111	# a logical line.
112	#
113	# TABLE SEARCH ORDER
114	# For each line of message input, the patterns are applied
115	# in the order as specified in the table. When a pattern is
116	# found that matches the input line, the corresponding
117	# action is executed and then the next input line is
118	# inspected.
119	#
120	# TEXT SUBSTITUTION
121	# Substitution of substrings from the matched expression
122	# into the action string is possible using the conventional
123	# Perl syntax ($1, $2, etc.). The macros in the result
124	# string may need to be written as ${n} or $(n) if they
125	# aren't followed by whitespace.
126	#
127	# Note: since negated patterns (those preceded by !) return
128	# a result when the expression does not match, substitutions
129	# are not available for negated patterns.
130	#
131	# ACTIONS
132	# Action names are case insensitive. They are shown in upper
133	# case for consistency with other Postfix documentation.
134	#
135	# DISCARD optional text...
136	# Claim successful delivery and silently discard the
137	# message. Log the optional text if specified, oth-
138	# erwise log a generic message.
139	#
140	# Note: this action disables further header or
141	# body_checks inspection of the current message and
142	# affects all recipients.
143	#
144	# This feature is available in Postfix 2.0 and later.
145	#
146	# DUNNO Pretend that the input line did not match any pat-
147	# tern, and inspect the next input line. This action
148	# can be used to shorten the table search.
149	#
150	# For backwards compatibility reasons, Postfix also
151	# accepts OK but it is (and always has been) treated
152	# as DUNNO.
153	#
154	# This feature is available in Postfix 2.1 and later.
155	#
156	# FILTER transport:destination
157	# Write a content filter request to the queue file
158	# and inspect the next input line. After the com-
159	# plete message is received it will be sent through
160	# the specified external content filter. More infor-
161	# mation about external content filters is in the
162	# Postfix FILTER_README file.
163	#
164	# Note: this action overrides the main.cf con-
165	# tent_filter setting, and affects all recipients of
166	# the message. In the case that multiple FILTER
167	# actions fire, only the last one is executed.
168	#
169	# This feature is available in Postfix 2.0 and later.
170	#
171	# HOLD optional text...
172	# Arrange for the message to be placed on the hold
173	# queue, and inspect the next input line. The mes-
174	# sage remains on hold until someone either deletes
175	# it or releases it for delivery. Log the optional
176	# text if specified, otherwise log a generic message.
177	#
178	# Mail that is placed on hold can be examined with
179	# the postcat(1) command, and can be destroyed or
180	# released with the postsuper(1) command.
181	#
182	# Note: use "postsuper -r" to release mail that was
183	# kept on hold for a significant fraction of $maxi-
184	# mal_queue_lifetime or $bounce_queue_lifetime, or
185	# longer.
186	#
187	# Note: this action affects all recipients of the
188	# message.
189	#
190	# This feature is available in Postfix 2.0 and later.
191	#
192	# IGNORE Delete the current line from the input and inspect
193	# the next input line.
194	#
195	# PREPEND text...
196	# Prepend one line with the specified text and
197	# inspect the next input line.
198	#
199	# Notes:
200	#
201	# o The prepended text is output on a separate
202	# line, immediately before the input that
203	# triggered the PREPEND action.
204	#
205	# o The prepended text is not considered part of
206	# the input stream: it is not subject to
207	# header/body checks or address rewriting, and
208	# it does not affect the way that Postfix adds
209	# missing message headers.
210	#
211	# o When prepending text before a message header
212	# line, the prepended text must begin with a
213	# valid message header label.
214	#
215	# o This action cannot be used to prepend multi-
216	# line text.
217	#
218	# This feature is available in Postfix 2.1 and later.
219	#
220	# REDIRECT user@domain
221	# Write a message redirection request to the queue
222	# file and inspect the next input line. After the
223	# message is queued, it will be sent to the specified
224	# address instead of the intended recipient(s).
225	#
226	# Note: this action overrides the FILTER action, and
227	# affects all recipients of the message. If multiple
228	# REDIRECT actions fire, only the last one is exe-
229	# cuted.
230	#
231	# This feature is available in Postfix 2.1 and later.
232	#
233	# REPLACE text...
234	# Replace the current line with the specified text
235	# and inspect the next input line.
236	#
237	# This feature is available in Postfix 2.2 and later.
238	# The description below applies to Postfix 2.2.2 and
239	# later.
240	#
241	# Notes:
242	#
243	# o When replacing a message header line, the
244	# replacement text must begin with a valid
245	# header label.
246	#
247	# o The replaced text remains part of the input
248	# stream. Unlike the result from the PREPEND
249	# action, a replaced message header may be
250	# subject to address rewriting and may affect
251	# the way that Postfix adds missing message
252	# headers.
253	#
254	# REJECT optional text...
255	# Reject the entire message. Reply with optional
256	# text... when the optional text is specified, other-
257	# wise reply with a generic error message.
258	#
259	# Note: this action disables further header or
260	# body_checks inspection of the current message and
261	# affects all recipients.
262	#
263	# WARN optional text...
264	# Log a warning with the optional text... (or log a
265	# generic message) and inspect the next input line.
266	# This action is useful for debugging and for testing
267	# a pattern before applying more drastic actions.
268	#
269	# BUGS
270	# Many people overlook the main limitations of header and
271	# body_checks rules. These rules operate on one logical
272	# message header or one body line at a time, and a decision
273	# made for one line is not carried over to the next line.
274	# If text in the message body is encoded (RFC 2045) then the
275	# rules have to specified for the encoded form. Likewise,
276	# when message headers are encoded (RFC 2047) then the rules
277	# need to be specified for the encoded form.
278	#
279	# Message headers added by the cleanup(8) daemon itself are
280	# excluded from inspection. Examples of such message headers
281	# are From:, To:, Message-ID:, Date:.
282	#
283	# Message headers deleted by the cleanup(8) daemon will be
284	# examined before they are deleted. Examples are: Bcc:, Con-
285	# tent-Length:, Return-Path:.
286	#
287	# CONFIGURATION PARAMETERS
288	# body_checks
289	# Lookup tables with content filter rules for message
290	# body lines. These filters see one physical line at
291	# a time, in chunks of at most $line_length_limit
292	# bytes.
293	#
294	# body_checks_size_limit
295	# The amount of content per message body segment
296	# (attachment) that is subjected to $body_checks fil-
297	# tering.
298	#
299	# header_checks
300	#
301	# mime_header_checks (default: $header_checks)
302	#
303	# nested_header_checks (default: $header_checks)
304	# Lookup tables with content filter rules for message
305	# header lines: respectively, these are applied to
306	# the initial message headers (not including MIME
307	# headers), to the MIME headers anywhere in the mes-
308	# sage, and to the initial headers of attached mes-
309	# sages.
310	#
311	# Note: these filters see one logical message header
312	# at a time, even when a message header spans multi-
313	# ple lines. Message headers that are longer than
314	# $header_size_limit characters are truncated.
315	#
316	# disable_mime_input_processing
317	# While receiving mail, give no special treatment to
318	# MIME related message headers; all text after the
319	# initial message headers is considered to be part of
320	# the message body. This means that header_checks is
321	# applied to all the initial message headers, and
322	# that body_checks is applied to the remainder of the
323	# message.
324	#
325	# Note: when used in this manner, body_checks will
326	# process a multi-line message header one line at a
327	# time.
328	#
329	# EXAMPLES
330	# Header pattern to block attachments with bad file name
331	# extensions.
332	#
333	# /etc/postfix/main.cf:
334	# header_checks = regexp:/etc/postfix/header_checks
335	#
336	# /etc/postfix/header_checks:
337	# /^content-(type\|disposition):.name[[:space:]]=.*\.(exe\|vbs)/
338	# REJECT Bad attachment file name extension: $2
339	#
340	# Body pattern to stop a specific HTML browser vulnerability
341	# exploit.
342	#
343	# /etc/postfix/main.cf:
344	# body_checks = regexp:/etc/postfix/body_checks
345	#
346	# /etc/postfix/body_checks:
347	# /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
348	# REJECT IFRAME vulnerability exploit
349	#
350	# SEE ALSO
351	# cleanup(8), canonicalize and enqueue Postfix message
352	# pcre_table(5), format of PCRE lookup tables
353	# regexp_table(5), format of POSIX regular expression tables
354	# postconf(1), Postfix configuration utility
355	# postmap(1), Postfix lookup table management
356	# postsuper(1), Postfix janitor
357	# postcat(1), show Postfix queue file contents
358	# RFC 2045, base64 and quoted-printable encoding rules
359	# RFC 2047, message header encoding for non-ASCII text
360	#
361	# README FILES
362	# Use "postconf readme_directory" or "postconf html_direc-
363	# tory" to locate this information.
364	# DATABASE_README, Postfix lookup table overview
365	# CONTENT_INSPECTION_README, Postfix content inspection overview
366	# BUILTIN_FILTER_README, Postfix built-in content inspection
367	# BACKSCATTER_README, blocking returned forged mail
368	#
369	# LICENSE
370	# The Secure Mailer license must be distributed with this
371	# software.
372	#
373	# AUTHOR(S)
374	# Wietse Venema
375	# IBM T.J. Watson Research
376	# P.O. Box 704
377	# Yorktown Heights, NY 10598, USA
378	#
379	# HEADER_CHECKS(5)