On 14/01/23 23:34, Viktor Dukhovni wrote:
On Sat, Jan 14, 2023 at 03:16:53PM +1300, Peter wrote:
Perhaps:
/^(Received:.*)192\.168\.1\.2(.*)$/ REPLACE ${1}127.0.0.2${2}
No. This is neither precise nor accurate.
* Precision, the proposed regular expression can match unexpected
parts of the "Received" header.
But only a part with his exact IP address in it, the IP address that the
OP is trying to hide.
* Accuracy, this is completely the wrong test, the IP address in
received lines is a *remote* address, but we're looking to prune
lines added by the local server. For that, one matches the
hostname (same as $myhostname) in the "by <name>" part of the
receving line... with due precision, e.g. with (not too ancient)
PCRE:
/\AReceived: \s+ from \s+ \S+
(?# Received from <heloname>)
(?: \s+ ( [(] (?: [^()\\]*+ | \\. | (?1)+)* [)] ))*
(?# zero or more nestable backslash escapable comments)
(\n \s+ by \s+ (?: \Qmta.name.example\E ) \s+
(?# by mta.name.example )
.* )
/x REPLACE Received: from localhost ${2}
The above can precisely match nested paired parentheses, with backslash
escaping, ... which is perhaps overkill in this context.
This is certainly more accurate. I was going for the idea that the OP
said he wanted to hide a specific IP in the Received headers, so the
simple way is to look for that IP and replace it with something else,
regardless of where in the header it appears.
The hostname is a different matter, but the OP didn't say hostname and I
feel like the OP should be able to modify the pcre expression to account
for a hostname as well.
The one downside is that the expression I gave will only match the IP
address in the header once, so if it appears more than one time then the
second and subsequent matches won't get replaced. I didn't think this
would realistically occur, though, so I didn't worry about it in my
response too much. I'm also not aware of a way to easily accomplish
multiple replacements on one line with the syntax that Postfix allows.
Peter
