about postfix and Mailscanner
Cheng Bruce
itlist at gmail.com
Thu Sep 28 04:49:06 IST 2006
Hi Glenn,
Thank you so much.
In Archvie Mail function, I think it is better to use Maildrop to
delete those unwanted mails.
Best Regards,
Bruce
2006/9/27, Glenn Steen <glenn.steen at gmail.com>:
> On 27/09/06, Cheng Bruce <itlist at gmail.com> wrote:
> > Dear all,
> >
> > I use Postfix 2.3.2, MailScanner 4.55.10, maildrop, openldap,
> > courier-imap to setup the mail server.
> >
> > I am trying to hide the private IP information in header, but when I
> > use header_check function in postfix to hide the private information,
> > the archive mail function will not be worked.
> >
> > How can I do or modify it in order to hide the private IP information ?
> >
> > # more /etc/postfix/header_checks.txt
> > # Hide Private Information
> > /^Received:.*\[(192\.168|172\.(1[6-9]|2[0-9]|3[01])|10)\./ IGNORE
> > /^Received:.*\[127\.0\.0\.1/ IGNORE
> >
> > # for MailScanner
> > /^Received:/ HOLD
> >
>
> Why?
> Munging the Received lines is strictly _not_ correct (RFC 2821 section
> 3.8.2). Lying so that they contain what you want (the ones you add) is
> OK, but not fiddling with the ones already there.
> Furthermore, "hiding" the fact that you are using private IP addresses
> on the inside fills no discernable purpose. It certainly will buy you
> no extra security.
>
> On a somewhat different note, how could you be sure that those
> received lines are yours? Not that way.
>
> > By the way, how can I config the setting so that MailScanner can't
> > archive some Email like boss at a.com ?
> >
> > My arhicve rules is like the following:
> > [root at linux01 rules]# more archive.rules
> > To: boss at a.com no
> > From: boss at a.com no
> > FromOrTo: boss at b.com no
> >
> > FromOrTo: *@a.com backup at a.com
> > FromOrTo: *@b.net yes forward backup at b.net
>
> Looking at http://www.mailscanner.info/MailScanner.conf.index.html#Archive%20Mail
> one can see that those rules aren't really valid for the Archive Mail
> setting (I'm not even sure how to make a negative entry here, aside
> from forwarding it to an email address that will end up in /dev/null).
> The next to last one is the only one working, right? You could make an
> alias like this:
> bosstrap: /dev/null
> newalias that, then make the rules something like
>
> FromOrTo: boss at a.com bosstrap at your.machine.adr.ess
> FromOrTo: boss at b.com bosstrap at your.machine.adr.ess
> FromOrTo: *@a.com backup at a.com
> FromOrTo: *@b.net backup at b.net
>
> But beware that I certainly haven't tested that. Also, since this will
> archive _all_ mail (spam, virus, ...) it might not be exactly what you
> want.
> If you want to "archive after scanning", you should make a ryuleset on
> the Non Spam Actions setting instead (if you make that a ruleset, make
> sure you have _valid actions_ for that setting...).
>
> --
> -- Glenn
> email: glenn < dot > steen < at > gmail < dot > com
> work: glenn < dot > steen < at > ap1 < dot > se
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
More information about the MailScanner
mailing list