Re: How to get rid of the "Received: from localhost" header?

Tue, 26 Jan 2010 17:40:51 -0800 

On 1/26/2010 3:59 PM, Justin Piszcz wrote:



On Tue, 26 Jan 2010, Noel Jones wrote:


On 1/26/2010 12:33 PM, Justin Piszcz wrote:

This needs to be more specific so you don't remove headers added by
other servers. Maybe:
/^Received: from localhost.*by lucidpixels\.com / IGNORE

If you need special header_checks for your amavisd reinjection port,
you should define a separate cleanup service with the custom
header_checks. and of course remove the no_header_body_checks. See
FILTER_README.

OK, no header/body checks for the local network.

Why would you force stress=yes? Shouldn't ever need to do that, except
maybe briefly for testing.

Assuming your IGNORE rule is specific enough to not remove unintended
headers, removing "no_header_body_checks" on the amavisd reinjection
port won't break anything.


Hi,

Thanks! It is working, can you please confirm that is correct?

1. no_header_body_checks is removed from 127.0.0.1:1002
2. the existing header_checks will still apply to incoming e-mail on inet
3. the pre-cleanup header checks for amavisd are specified as you noted
4. then add the custom cleanup filter (seecond -o)

FILE: master.cf

127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o
cleanup_service_name=pcleanup -o smtpd_delay_reject=no -o
smtpd_client_restrictions=permit_mynetworks,reject -o
smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o
smtpd_recipient_restrictions=permit_mynetworks,reject -o
smtpd_data_restrictions=reject_unauth_pipelining -o
smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o
mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o
smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o
smtpd_client_connection_count_limit=0 -o
smtpd_client_connection_rate_limit=0 -o
receive_override_options=no_unknown_recipient_checks,no_milters -o
local_header_rewrite_clients=

pcleanup unix n - - - 0 cleanup -o
header_checks=pcre:/etc/postfix/amavisd_header_checks.pcre

It seems to be doing what I want perfectly. Just want to confirm that this
is what you meant, thanks!

Justin.



Looks OK.  Well, no reason to check amavisd-new for unauth 
pipelining, but that won't break anything.


  -- Noel Jones























					Reply via email to