How to Remove X-headers
Randal, Phil
prandal at herefordshire.gov.uk
Tue Apr 7 20:49:35 IST 2009
Microsoft seem to have noticed the problem with their approach too:
http://msexchangeteam.com/archive/2009/04/06/451003.aspx
They're fixing it in Exchange 2007 and E14. No word (yet) about
Exchange 2003.
It might be worthwhile having a whitelist/blacklist approach to header
removal.
A "Retain Headers" which takes precedence over the header removal might
be a worthwhile additional feature.
Comments, anyone?
Cheers,
Phil
-----Original Message-----
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn
Sent: 07 April 2009 20:21
To: MailScanner discussion
Subject: Re: How to Remove X-headers
I finally got back to this a few days ago. Took the opportunity to
build a new mail gateway using Red Hat EL5, Sendmail, milter-greylist,
ClamAV and MailScanner 4.75.9-2. Everything works great, so I'm about
ready to try removing some X-headers. Only one question -- would
removing all X-headers mess up MailScanner? After all, MailScanner does
put some X-headers in, right? We do have a downstream server running
MailScanner (unnecessarily now), but I'm mainly concerned with the
gateway server itself.
I suppose Exchange 2003 might rely on some X-headers coming through. If
anyone can think of some, do tell. Thanks. -Glenn.
---------- Original Message -----------
From: Julian Field <MailScanner at ecs.soton.ac.uk>
To: MailScanner discussion <mailscanner at lists.mailscanner.info>
Sent: Sun, 15 Mar 2009 13:36:13 +0000
Subject: Re: How to Remove X-headers
> I have found and fixed that bug. Missed out a $pos++ in a loop exit
> condition.
> Please try 4.75.9-2.
>
> Cheers,
> Jules.
>
> On 13/3/09 13:05, Glenn wrote:
> > Julian - Thanks very much for adding this functionality. I tried
upgrading
> > our Red Hat EL4/Postfix machines, and the new version stopped mail
> > flow altogether. I have gone back to the older version (4.73.4-2)
until I can
> > figure out what went wrong. -Glenn.
> >
> >
> > ---------- Original Message -----------
> > From: Julian Field<MailScanner at ecs.soton.ac.uk>
> > To: MailScanner discussion<mailscanner at lists.mailscanner.info>
> > Sent: Thu, 12 Mar 2009 15:39:40 +0000
> > Subject: Re: How to Remove X-headers
> >
> >
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> On the basis that sounds fairly sensible and appears to provide the
> >> flexibility people are after, I have written and released it as
4.75.9.
> >>
> >> There is new text near the start of the description of "Remove
> >> These Headers" which says this:
> >>
> >> # This is a space-separated list of a mixture of any combination of
> >> # 1. Names of headers, optionally ending with a ':'
> >> # (the ':' will be added if not supplied)
> >> # 2. Regular expressions starting and ending with a '/'.
> >> # These regular expressions are matched against the entire
header
line,
> >> # not just the name of the header.
> >> # **NOTE** The regular expressions must *not* contain spaces,
> >> # so use '\s' instead of ' '.
> >>
> >> It appears to work fine in sendmail, I would be grateful if people
> >> using other mailers could also test it for me.
> >>
> >> Thanks guys,
> >> Jules.
> >>
> >> On 12/3/09 15:17, Julian Field wrote:
> >>
> >>> * PGP Signed: 03/12/09 at 15:18:00
> >>>
> >>> Okay, no problem.
> >>> The new functionality will still take a list of header names or
> >>> regexps. The regexps mustn't contain spaces or I can't parse them,
> >>> so use \s when you mean a space.
> >>> Header names can optionally end in a ':', it will be added if not
> >>> supplied.
> >>> Header names can optionally be of the form /regular-expression/ in
> >>> which case this will be applied to the whole header line
> >>> (including the name and value of the header of course). The test
> >>> will be appled in a case-insensitive manner.
> >>>
> >>> Is that what people want?
> >>>
> >>> Jules.
> >>>
> >>> On 12/3/09 14:58, Glenn wrote:
> >>>
> >>>> Julian - Yes, I tried X-Mime.* and it does not work.
> >>>>
> >>>> It seems the X-header limit in Microsoft Exchange is just now
> >>>> beginning to cause problems. There is already a commercial fix
> >>>> for Exchange 2007 (http://www.codeplex.com/HeaderFilterAgent),
> >>>> but of course we are using Exchange 2003. So you have at least
> >>>> one "people" who could put this functionality to use, and
> >>>> probably others will be looking for it soon.
> >>>> Thanks. -Glenn.
> >>>>
> >>>>
> >>>> ---------- Original Message -----------
> >>>> From: Julian Field<MailScanner at ecs.soton.ac.uk>
> >>>> To: MailScanner discussion<mailscanner at lists.mailscanner.info>
> >>>> Sent: Thu, 12 Mar 2009 14:40:51 +0000
> >>>> Subject: Re: How to Remove X-headers
> >>>>
> >>>>
> >>>>> -----BEGIN PGP SIGNED MESSAGE-----
> >>>>> Hash: SHA1
> >>>>>
> >>>>> Have just taken a look at the code.
> >>>>> Have you tried something like this in your ruleset
> >>>>>
> >>>>> From: 10.11.12.13 X-Mime.*
> >>>>>
> >>>>> as I think that may well indeed work. It won't work in Exim, but
> >>>>> may well work in the others.
> >>>>> If people want this functionality put in properly so you could
> >>>>> do something like
> >>>>> From: 10.11.12.13 ^X-Mime.*
> >>>>> to anchor it properly, then I could add this.
> >>>>>
> >>>>> Jules.
> >>>>>
> >>>>> On 12/3/09 14:22, Julian Field wrote:
> >>>>>
> >>>>>>> Old Signed: 03/12/09 at 14:22:04
> >>>>>>>
> >>>>>> No, you can't use a regular expression to define which headers
> >>>>>> you want to remove, just a list of header names. I'm fairly
> >>>>>> sure the documentation does not imply that you *can* use
regexps here.
> >>>>>>
> >>>>>> On 12/3/09 14:14, Glenn wrote:
> >>>>>>
> >>>>>>> Oh, sorry, I did not read Joost's post carefully enough to see
> >>>>>>> the difference between his expression and mine. However, I
> >>>>>>> just tested his expression, /^X- Mime.*\:/ , and it doesn't
> >>>>>>> work either. I am wondering if MailScanner can
> >>>>>>> use Perl expressions in this ruleset? Thanks again. -Glenn.
> >>>>>>>
> >>>>>>> ---------- Original Message -----------
> >>>>>>> From: "Glenn"<glenn at mail.txwes.edu>
> >>>>>>> To: MailScanner discussion<mailscanner at lists.mailscanner.info>
> >>>>>>> Sent: Thu, 12 Mar 2009 09:02:37 -0500
> >>>>>>> Subject: Re: How to Remove X-headers
> >>>>>>>
> >>>>>>>
> >>>>>>>> Thanks for all the attention, but I'm afraid I still have the
> >>>>>>>> same problem. Regardless of the propriety of doing so, I
> >>>>>>>> would like to be able to filter headers using the "Remove
These Headers" ruleset,
> >>>>>>>> and I can't get it to work with Perl regular expressions.
> >>>>>>>> Joost's
> >>>>>>>> post seems to confirm that I am using an expression that
> >>>>>>>> should remove the X-MimeOLE: header, but it doesn't. Can
> >>>>>>>> anyone shed
light
> >>>>>>>> on this? Thanks. -Glenn.
> >>>>>>>>
> >>>>>>>> ---------- Original Message -----------
> >>>>>>>> From: Joost Waversveld<joost at waversveld.nl>
> >>>>>>>> To: MailScanner
> >>>>>>>> discussion<mailscanner at lists.mailscanner.info>
> >>>>>>>> Sent: Thu, 12 Mar 2009 09:38:58 +0100
> >>>>>>>> Subject: Re: How to Remove X-headers
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>> /^XMime.*\:/ would match XMime<something> (and not X-
> >>>>>>>>> Mime<something>)
> >>>>>>>>>
> >>>>>>>>> The regular expression should be /^X-Mime.*\:/
> >>>>>>>>>
> >>>>>>>>> Best regards,
> >>>>>>>>>
> >>>>>>>>> Joost Waversveld
> >>>>>>>>>
> >>>>>>>>> Alex Broens wrote:
> >>>>>>>>>
> >>>>>>>>>> On 3/11/2009 10:50 PM, Glenn wrote:
> >>>>>>>>>>
> >>>>>>>>>>> We use MailScanner and Postfix on a mail gateway server
> >>>>>>>>>>> and forward mail to an internal Microsoft Exchange 2003
> >>>>>>>>>>> server. Evidently, enough X-headers have accumulated in
> >>>>>>>>>>> an Exchange database to cause a problem, so we need to
> >>>>>>>>>>> remove X-headers before they are forwarded to the Exchange
> >>>>>>>>>>> server.
> >>>>>>>>>>>
> >>>>>>>>>>> There is a line in MailScanner.conf that allows us to name
> >>>>>>>>>>> whatever headers we want to remove ("Remove These
> >>>>>>>>>>> Headers"), but this raises some questions. If we just
> >>>>>>>>>>> blanket remove all X-headers, won't this defeat features
> >>>>>>>>>>> of MailScanner that depend on MailScanner adding headers?
> >>>>>>>>>>>
> >>>>>>>>>>> According to hints in the MailScanner rules directory, we
> >>>>>>>>>>> should be able to use regular Perl expresssions to create
> >>>>>>>>>>> a ruleset to exclude certain headers from the delete list.
> >>>>>>>>>>> My problem is that I
don't
> >>>>>>>>>>> have a clue how to write regular Perl expressions. From
> >>>>>>>>>>> what I've read online, for example, the lines below should
> >>>>>>>>>>> be equivalent, but when I use the Perl expression in the
> >>>>>>>>>>> ruleset it doesn't work.
> >>>>>>>>>>>
> >>>>>>>>>>> From: [ipaddress] X-MimeOLE: ##this removes the
X-MimeOLE
> >>>>>>>>>>> header
> >>>>>>>>>>>
> >>>>>>>>>>> From: [ipaddress] /^XMime.*\:/ ##this doesn't
> >>>>>>>>>>>
> >>>>>>>>>>> I know this isn't a Perl forum, but I'm hoping that
> >>>>>>>>>>> someone who has tried this can enlighten me. If I could
> >>>>>>>>>>> just get a simple expression
> >>>>>>>>>>> to work, I might be able to build what I need. Thanks.
-
Glenn.
> >>>>>>>>>>>
> >>>>>>>>>> Before you start breaking MIME headers, who told you this
> >>>>>>>>>> or what MS KB article covers this?
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>> --
> >>>>>>>>> Joost Waversveld
> >>>>>>>>>
> >>>>>>>>> --
> >>>>>>>>> MailScanner mailing list
> >>>>>>>>> mailscanner at lists.mailscanner.info
> >>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >>>>>>>>>
> >>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting
> >>>>>>>>>
> >>>>>>>>> Support MailScanner development - buy the book off the
website!
> >>>>>>>>>
> >>>>>>>> ------- End of Original Message -------
> >>>>>>>>
> >>>>>>>> --
> >>>>>>>> MailScanner mailing list
> >>>>>>>> mailscanner at lists.mailscanner.info
> >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >>>>>>>>
> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting
> >>>>>>>>
> >>>>>>>> Support MailScanner development - buy the book off the
website!
> >>>>>>>>
> >>>>>>> ------- End of Original Message -------
> >>>>>>>
> >>>>>>>
> >>>>>> Jules
> >>>>>>
> >>>>>>
> >>>>> Jules
> >>>>>
> >>>>> - -- Julian Field MEng CITP CEng www.MailScanner.info Buy the
> >>>>> MailScanner book at www.MailScanner.info/store
> >>>>>
> >>>>> Need help customising MailScanner?
> >>>>> Contact me!
> >>>>> Need help fixing or optimising your systems?
> >>>>> Contact me!
> >>>>> Need help getting you started solving new requirements from your
> >>>>> boss? Contact me!
> >>>>>
> >>>>> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> >>>>>
> >>>>> -----BEGIN PGP SIGNATURE-----
> >>>>> Version: PGP Desktop 9.9.1 (Build 287)
> >>>>> Comment: Use Enigmail to decrypt or check this message is
> >>>>> legitimate
> >>>>> Charset: ISO-8859-1
> >>>>>
> >>>>> wj8DBQFJuR71EfZZRxQVtlQRAjxQAKCWXxHnjDlgWXLyJM+w/5Xa8ljlZwCgiUZt
> >>>>> pgTRow7Fqx83C5gTW0Kilco=
> >>>>> =Iqy2
> >>>>> -----END PGP SIGNATURE-----
> >>>>>
> >>>>> --
> >>>>> This message has been scanned for viruses and dangerous content
> >>>>> by MailScanner, and is believed to be clean.
> >>>>>
> >>>>> --
> >>>>> MailScanner mailing list
> >>>>> mailscanner at lists.mailscanner.info
> >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >>>>>
> >>>>> Before posting, read http://wiki.mailscanner.info/posting
> >>>>>
> >>>>> Support MailScanner development - buy the book off the website!
> >>>>>
> >>>> ------- End of Original Message -------
> >>>>
> >>>>
> >>> Jules
> >>>
> >>>
> >> Jules
> >>
> >> - --
> >> Julian Field MEng CITP CEng
> >> www.MailScanner.info
> >> Buy the MailScanner book at www.MailScanner.info/store
> >>
> >> Need help customising MailScanner?
> >> Contact me!
> >> Need help fixing or optimising your systems?
> >> Contact me!
> >> Need help getting you started solving new requirements from your
> >> boss? Contact me!
> >>
> >> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> >>
> >> -----BEGIN PGP SIGNATURE-----
> >> Version: PGP Desktop 9.9.1 (Build 287)
> >> Comment: Use Enigmail to decrypt or check this message is
> >> legitimate
> >> Charset: ISO-8859-1
> >>
> >> wj8DBQFJuSy8EfZZRxQVtlQRArdmAKC05+diwhk2XuJoQ31gJASOjlX57QCcDcum
> >> B2jdj/D1uqVV8JA87+T0kHM=
> >> =p4ZI
> >> -----END PGP SIGNATURE-----
> >>
> >> --
> >> This message has been scanned for viruses and dangerous content by
> >> MailScanner, and is believed to be clean.
> >>
> >> --
> >> MailScanner mailing list
> >> mailscanner at lists.mailscanner.info
> >> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >>
> >> Before posting, read http://wiki.mailscanner.info/posting
> >>
> >> Support MailScanner development - buy the book off the website!
> >>
> > ------- End of Original Message -------
> >
> >
>
> Jules
>
> --
> Julian Field MEng CITP CEng
> www.MailScanner.info
> Buy the MailScanner book at www.MailScanner.info/store
>
> MailScanner customisation, or any advanced system administration help?
> Contact me at Jules at Jules.FM
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654 PGP
> public key: http://www.jules.fm/julesfm.asc
>
> --
> This message has been scanned for viruses and dangerous content by
> MailScanner, and is believed to be clean.
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
------- End of Original Message -------
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list