Adding Signature based on header?

Steve Freegard steve.freegard at
Wed Apr 4 00:59:43 IST 2007

Hi Dhawal,

Dhawal Doshy wrote:
> Steve Freegard wrote:
>> Hi Dhawal/Paul,
>> Dhawal Doshy wrote:
>>> Paul Hutchings wrote:
>>>> I have MailScanner on a Postfix box.
>>>> I run one instance on Postfix and 2 Postfix listeners, normal SMTP, and
>>>> a separate Authenticated SMTP listener.
>>>> I have a Signature rule to only sign email from my internal mail
>>>> servers
>>>> IP address. How would I apply this signature to email sent via the
>>>> Authenticated
>>>> SMTP listener?
>>>> AIUI Postfix adds some sort of "Authenticated User" header, can I
>>>> have a
>>>> From: rule based on that?
>>> MailScanner doesn't support header based rules, however you can write
>>> a custom function to do this..  <quoting Ken A>The headers are
>>> available as @{$message->{headers}} in the Message Object, so you can
>>> use a Custom Function to get the result of a header check and a
>>> yes/no result for a rule.</quoting Ken A>
>>> Has anyone on the list written a header based custom function that
>>> can be trivially modified for such a purpose?
>> No - but if one of you can mail me some examples - I have some code in
>> MailScanner that does something similar that I should be able to
>> modify and put on the Wiki as this would seem to be pretty useful in a
>> lot of cases.
> Would this be enough?? See the part "(Authenticated sender:
> dhawal at"
> Return-Path: <dhawal at>
> Received: (qmail 2963 invoked from network); 3 Apr 2007 14:47:12 -0000
> Received: from (
>   by with SMTP; 3 Apr 2007 14:47:12 -0000
> Received: from ( [])
>     (Authenticated sender: dhawal at
>     by (Postfix) with ESMTP id 0934B40109F
>     for <dhawal at>; Tue,  3 Apr 2007 20:15:26 +0530
> (IST)
> Message-Id: <20070403144528.0934B40109F at>
> Date: Tue,  3 Apr 2007 20:15:26 +0530 (IST)
> From: dhawal at
> To: undisclosed-recipients:;
> Thanks a ton, Steve..

I've done an initial version which is attached and that I have done some
basic testing with, it takes a list of trusted IPs and the regexps that
should be checked against the headers from the trusted IPs to see if the
connection is authenticated.

Any problems - run set my($debug) = 1; and run MailScanner --debug to
see what it is doing.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: SignCleanMessagesFunction.tar.gz
Type: application/x-gzip
Size: 1109 bytes
Desc: not available
Url :

More information about the MailScanner mailing list