Il 09/12/19 15:34, Dominic Raferd ha scritto:
On Mon, 9 Dec 2019 at 14:13, Simone Marchioni <s.marchi...@lynx2000.it
<mailto:s.marchi...@lynx2000.it>> wrote:
I have a problem with Postfix. Recently we are receiving mail
messages
with malformed "From:" headers as these:
From: "Name Surname <u...@good-domain.com
<mailto:u...@good-domain.com>>" <us...@bad-domain.com
<mailto:us...@bad-domain.com>>
From: "u...@good-domain.com <mailto:u...@good-domain.com>"
<us...@bad-domain.com <mailto:us...@bad-domain.com>>
Ended up with a solution based on PCRE header checks, with these
two regexp:
/^From:.+(".+<(.*@+.*)>").*<((?!\2).*)>$/ REJECT
/^From:.+("([^<>]*@+[^<>]*)").*<((?!\2).*)>$/ REJECT
Modified /etc/postfix/header_checks with these and then made a:
postmap /etc/postfix/header_checks
and reloaded postfix.
Seems to work ok and Postfix apparently handles the PCRE with no
problem:
postmap -q 'From: "Name Surname <u...@good-domain.com
<mailto:u...@good-domain.com>>"
<us...@bad-domain.com <mailto:us...@bad-domain.com>>'
pcre:/etc/postfix/header_checks
REJECT
postmap -q 'From: "u...@good-domain.com
<mailto:u...@good-domain.com>" <us...@bad-domain.com
<mailto:us...@bad-domain.com>>'
pcre:/etc/postfix/header_checks
REJECT
But in real usage the mails are not being blocked.
Looking at the logs there are the following (repeated) errors:
Nov 22 10:52:19 mx1 postfix/cleanup[32087]: warning: regexp map
/etc/postfix/header_checks, line 497: Invalid preceding regular
expression
Nov 22 10:52:19 mx1 postfix/cleanup[32087]: warning: regexp map
/etc/postfix/header_checks, line 498: Invalid preceding regular
expression
The content of the /etc/postfix/header_checks file is the
following (the
first 496 lines are comments):
/^From:.+(".+<(.*@+.*)>").*<((?!\2).*)>$/ REJECT
/^From:.+("([^<>]*@+[^<>]*)").*<((?!\2).*)>$/ REJECT
/^Subject:/ WARN
Additional info:
- There are no receive_override_options: the file is used as the
subject
are correctly logged in logfile (last line of
/etc/postfix/header_checks). And the errors too shows the file is
handled by postfix.
- Tested the two regexp with multiple online services and they seems
correct: also the postmap -q tests shows they are working correctly.
- Version and operating system: Postfix 2.10.1 and PCRE 8.32 on a
CentOS 7.7
Any idea why with postmap -q it shows REJECT but in real usage it
doesn't work?
Check that in main.cf <http://main.cf> and/or master.cf
<http://master.cf> you are specifying the file with type pcre: (and
not say type regexp:)
Makes me feels so stupid... you're right: was specified with regexp.
Now with pcre: the error gone away.
Thank you very much for your time.
Simone
