Re: Rewrite subject for unauth messages only

Sat, 06 Nov 2021 14:34:14 -0700 

Il 2021-11-06 19:04 Viktor Dukhovni ha scritto:

Though I don't recommend complex all-in-one configurations, you
use the "-o cleanup_service_name" option to configure separate
cleanup(8) services for separate smtpd(8) instances:


Yes, in my initial testing, I was missing -o cleanup_service_name


  master.cf:
    smtp inet ... smtpd
        -o cleanup_service_name=cleanup-mta
        ...
    cleanup-mta unix ... cleanup
        -o syslog_name=postfix/cleanup-mta
        -o header_checks=$mta_header_checks
        -o mime_header_checks=$mta_mime_header_checks
        -o nested_header_checks=$mta_nested_header_checks
        ...

  main.cf:
    # Local (sendmail/postdrop) and SMTP submission:
    header_checks = ...
    mime_header_checks = ...
    nested_header_checks = ... best explicitly empty ...

    #
    mta_header_checks = ... date, subject etc. rules ...
    mta_mime_header_checks = ... attachment MIME header rules ...
    mta_nested_header_checks = ... best explicitly empty ...

I think that the default setting:

    nested_header_checks = $header_checks

is unfortunate, perhaps we should change it to empty at compatibility
level >= 3.7.



On current test setup, I do not define nested_headers_check at all. Is 
this an issue? For reference, here you can find my current test config:


# main.cf
# auth client are immediately permitted, all other messages are FILTERed

smtpd_client_restrictions = permit_sasl_authenticated, 
check_client_access regexp:/etc/postfix/custom


# master.cf
# secondary smtpd and cleanup process
# disable milters to avoid double spam check
127.0.0.1:10025    inet  n       -       n       -       -       smtpd
  -o smtpd_client_restrictions=
  -o smtpd_milters=
  -o cleanup_service_name=mycleanup
mycleanup unix  n       -       n       -       0       cleanup
  -o header_checks=regexp:/etc/postfix/rewrite

# custom
# all unauth messages are FILTERed
/.*/    FILTER smtp:127.0.0.1:10025

# rewrite
# only add tag if it is not already present
if !/^Subject: .*[EXTERNAL].*/i
/^Subject: (.+)$/i REPLACE Subject: [EXTERNAL] $1
endif

I am missing something important?
Thanks.

--
Danti Gionatan
Supporto Tecnico
Assyoma S.r.l. - www.assyoma.it
email: g.da...@assyoma.it - i...@assyoma.it
GPG public key ID: FF5F32A8






















					Reply via email to