Using rules for "Remove These Headers"

Julian Field MailScanner at ecs.soton.ac.uk
Fri Jun 11 12:03:57 IST 2010



On 10/06/2010 19:03, Dave Jones wrote:
> I need to remove read receipt headers from email coming in from the
> Internet.  There are 4 SMTP proxy firewalls (172.16.21.10,
> 172.16.21.11, 172.16.11.10, 172.16.11.11) in front of the MailScanner
> servers that show up in the Received: headers.
>
> Received: from server.blahblah.com (firewall.blahblah.com [172.16.11.11])
>       by sendmail.blahblah.com (8.13.8/8.13.8) with ESMTP id o5AHZkoM025256
>       for<someone at somedomain.com>; Thu, 10 Jun 2010 12:35:46 -0500
>
> MailScanner.conf (4.78.17)
> ======================
> Remove These Headers = %rules-dir%/remove-these-headers.rules
>
> remove-these-headers.rules
> ======================
> From:           /172\.16\.[12]1\.1[10]/
> Disposition-Notification-To: X-Mozilla-Status: X-Mozilla-Status2:
> FromOrTo:       default         X-Mozilla-Status: X-Mozilla-Status2:
>    
Your regexp is right.
Check your maillog for any complaint about "Invalid expression in rule".

You can also test out things without having to generate test messages 
and so on using the command-line arguments that the MailScanner program 
will take.
[root at al MailScanner]# MailScanner --help
Usage:
MailScanner [ -h|-v|--debug|--debug-sa|--lint ] |
             [ --processing | --processing=<minimum> ] |
             [ -c|--changed ] |
             [ --id=<message-id> ] |
             [ --inqueuedir=<dir-name|glob> ] |
             [--value=<option-name> --from=<from-address>
              --to=<to-address>,    --to=<to-address-2>, ...]
              --ip=<ip-address>,    --virus=<virus-name> ]
<MailScanner.conf-file-location>

So a command like this might help you:

[root at al MailScanner]# MailScanner --value=removetheseheaders 
--from=came at from.here --to=going at to.here --ip=172.16.11.11 
/etc/MailScanner/MailScanner.conf

This should at least make your testing a lot easier.
If all else fails, 4 separate rules instead of a regexp will work pretty 
darned quickly :-)

Jules.

> I have tried many combinations from the MailScanner Wiki ruleset
> examples but the header gets through.
>
> Does the "From:" in rulesets cover the from email address and any
> Received: headers too?  The wiki seems to show that but I am not able
> to remove the header no matter what I use in the second field.
>
> Dave
>    

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM and twitter.com/MailScanner


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list