Hi, I'm having trouble figuring out why this header check doesn't reject a mailer-daemon bounce email with ".lan" in the From address:
/^From:.*\.lan>$/ REJECT Invalid domain It works if I use postmap directly, but not when the bounce message is received. Does it have something to do with it being a bounce message? $ postmap -q 'From: Mail Delivery System <mailer-dae...@smtp03.nrtc.email-ash1.sync.lan>' pcre:/etc/postfix-110/header_checks.pcre REJECT Invalid domain /etc/postfix-110/main.cf: header_checks = regexp:/etc/postfix-110/header_checks pcre:$config_directory/header_checks.pcre Apr 5 03:33:44 armor postfix-110/smtpd[1323082]: connect from mail.nrtc.syn-alias.com[129.213.214.220] Apr 5 03:33:45 armor policyd-spf[1323084]: prepend Received-SPF: None (no SPF record) identity=no SPF record; client-ip=129.213.214.220; helo=mail.nrtc.syn-alias.com; envelope-from=<>; receiver=<UNKNOWN> Apr 5 03:33:45 armor postfix-110/smtpd[1323082]: 3EA5320055E46: client=mail.nrtc.syn-alias.com[129.213.214.220] Apr 5 03:33:45 armor postfix-110/cleanup[1323942]: 3EA5320055E46: message-id=<6e.b8.17947.1d0fb...@smtp03.nrtc.email-ash1.sync.lan> Apr 5 03:33:45 armor postfix-110/qmgr[1314349]: 3EA5320055E46: from=<>, size=4906, nrcpt=2 (queue active) The message is then quarantined by amavis because of the From address having ".lan". Return-Path: <> X-Envelope-From: <> Received: from mail.nrtc.syn-alias.com (mail.nrtc.syn-alias.com [129.213.214.220]) Received: from [127.0.0.1] ([local]) by smtp03.nrtc.email-ash1.sync.lan (envelope-from <>) (ecelerity 4.3.1.69410 r(Core:4.3.1.0)) with INTERNAL id 6E/B8-17947-1D0FB426; Tue, 05 Apr 2022 03:33:37 -0400 From: Mail Delivery System <mailer-dae...@smtp03.nrtc.email-ash1.sync.lan> To: u...@example.com Subject: Mail Delivery Failure Message-ID: <6e.b8.17947.1d0fb...@smtp03.nrtc.email-ash1.sync.lan> I've pasted the entire message here https://pastebin.com/zEkxMzuq How should I handle this? Ideas greatly appreciated. Thanks, Alex