>> removed the `i` and they are still getting through.
>
> milter_header_checks cannot see all headers, not even all headers
> added by a milter. They only see headers that are added by a milter
> that is connected to the cleanup process that implements
> milter_header_checks.
>
> If you add the milters before (or after) a content filter, then the
> milter_header_checks must also be configured wiith the cleanup
> process before (or after).
duck duck going on doing that in coordination with rspamd
> Otherwise be prepared to post output from "postconf -nf"
> and "postconf -Mf".
that was not as scary as you made it sound :)
# postconf -nf
alias_maps =
append_dot_mydomain = no
best_mx_transport = smtp:[psg.com]
biff = no
compatibility_level = 3.6
delay_warning_time = 4h
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
milter_default_action = accept
milter_header_checks = regexp:/etc/postfix/milter_header_checks
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_protocol = 6
mydestination = $myhostname, m0.rg.net, localhost.rg.net, , localhost
myhostname = m0.rg.net
mynetworks = 127.0.0.0/8 [::1]/128 [::ffff:127.0.0.0]/104 [::1]/128
147.28.0.0/23 198.180.150.0/24 198.180.152.0/24 [2001:418:1::0/64]
[2001:418:1:8006::0/64] [2001:418:1:3807::0/64] 38.99.102.194
38.108.184.77
myorigin = /etc/mailname
non_smtpd_milters = inet:127.0.0.1:11332
readme_directory = no
recipient_delimiter = +
relay_domains = balletpixelle.org, katandmaouche.com, psg.com, rg.net
relayhost =
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_connection_count_limit = 12
smtpd_client_connection_rate_limit = 12
smtpd_milters = inet:127.0.0.1:11332
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
permit_auth_destination, reject_rbl_client zen.spamhaus.org,
reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_helo
dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org
smtpd_tls_cert_file = /etc/letsencrypt/live/m0.rg.net/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/m0.rg.net/privkey.pem
smtpd_tls_protocols = TLSv1.3, TLSv1.2, !SSLv2, !SSLv3, !TLSv1
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = regexp:/etc/postfix/virtual.regexp
# postconf -Mf
smtp inet n - y - - smtpd
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
-o syslog_name=postfix/$service_name
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
postlog unix-dgram n - n - 1 postlogd
maildrop unix - n n - - pipe flags=DRXhu
user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe flags=Fqhu
user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe flags=F
user=ftn
argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe flags=Fq.
user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe flags=R
user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
${user} ${extension}
mailman unix - n n - - pipe flags=FRX
user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
${user}
randy
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
