Re: dummy question, discard rcpt-to with header_checks

Mon, 10 Aug 2020 11:37:09 -0700 

On Mon, Aug 10, 2020 at 03:21:00PM -0300, SysAdmin EM wrote:

> Hello, I am trying to discard the message after the DISCARD I add a
> message which I use for informational purposes in the system.
> 
> Example:
> 
> /^To.*gus...@gmail.com/                         DISCARD BLABLA001

This regular expression is sloppy.  And where does this appear in the
header_checks file?

> Aug 10 10:40:22 smarthost01-ded postfix/cleanup[9766]: 13F1D60065: warning:
> header From: ...
> Aug 10 10:40:22 smarthost01-ded postfix/cleanup[9766]: 13F1D60065: warning:
> header Subject:

What's causing the "Subject:" and "From:" headers to be logged as
warnings?

> Aug 10 10:40:23 smarthost01-ded postfix/smtp[1438]: 13F1D60065: to=<
> gus...@gmail.com>, relay=gmail-smtp-in.l.google.com[172.217.192.27]:25,
> delay=1.7, delays=0.11/0/0.8/0.81, dsn=2.0.0, status=sent (250 2.0.0 OK  
> 1597066823
> h71si11798516pgc.228 - gsmtp)

This is an ENVELOPE RECIPIENT.  This address may not even appear in the
"To:" header, it could be a "Cc", or not be present in the message
headers at all (i.e. a Bcc).  The right way to block envelope recipients
is with a "check_recipient_access type:table":

    main.cf:
        indexed = ${default_database_type}:${config_directory}/
        smtpd_recipient_restrictions =
            check_recipient_access ${indexed}rcpt-access

    rcpt-access:
        gus...@gmail.com REJECT 5.7.1 for some reason

> El sáb., 8 de ago. de 2020 a la(s) 13:52, Viktor Dukhovni (
> postfix-us...@dukhovni.org) escribió:
> 
> > On Sat, Aug 08, 2020 at 01:00:20PM -0300, SysAdmin EM wrote:
> >
> > > I'm trying to block a recipient's address (To:) but it doesn't work.
> >
> > Why are you trying to use header_checks and NOT an access(5)
> > table with "check_recipient_access"?
> >
> > > /^To.*gus...@gmail.com/                         DISCARD
> >
> > Since you don't operate gmail.com, this is likely a remote recipient
> > that you don't want your local users to send email to.  How do your
> > local users submit outbound email, is it via SMTP, or are they logged
> > into the Postfix server and sending email (indirectly) via the
> > sendmail(1) command (invoked via mail(1), Pine, Mutt, ...).

--
    Viktor.

Reply via email to