Victor Duchovni:
> On Sat, Jun 13, 2009 at 01:09:49AM +0200, mouss wrote:
>
> > by default:
> >
> > mime_header_checks = $header_checks
> > nested_header_checks = $header_checks
> >
> > so header_checks apply to more than 822 headers.
> >
> > > I'm
> > > not sure if this is a bug/'feature' - bu
On Sat, Jun 13, 2009 at 01:09:49AM +0200, mouss wrote:
> by default:
>
> mime_header_checks = $header_checks
> nested_header_checks = $header_checks
>
> so header_checks apply to more than 822 headers.
>
> > I'm
> > not sure if this is a bug/'feature' - but to have to keep commenting out
> > ce
EASY steve.h...@digitalcertainty.co.uk a écrit :
> On Fri, 2009-06-12 at 12:51 +0200, Magnus Bäck wrote:
>> On Fri, June 12, 2009 12:12 pm, Steve said:
>>
>>> Is this right?
>>>
>>> "You cannot whitelist a sender or client in an access list to bypass
>>> header or body checks. Header and body chec
On Fri, 2009-06-12 at 14:52 -0400, Victor Duchovni wrote:
> On Fri, Jun 12, 2009 at 07:40:27PM +0100, EASY
> steve.h...@digitalcertainty.co.uk wrote:
>
> > > Currently, as in, what is available now. I am not good
> > > at predicting the future.
> >
> > I know. If you were I would not be asking fo
On Fri, Jun 12, 2009 at 07:40:27PM +0100, EASY
steve.h...@digitalcertainty.co.uk wrote:
> > Currently, as in, what is available now. I am not good
> > at predicting the future.
>
> I know. If you were I would not be asking for basic features you never
> had the foresight to see would be requested
On Fri, 2009-06-12 at 14:09 -0400, Wietse Venema wrote:
> EASY steve.h...@digitalcertainty.co.uk:
> > On Fri, 2009-06-12 at 12:36 -0400, Wietse Venema wrote:
> > > Steve:
> > > > On Fri, 2009-06-12 at 11:07 -0400, Wietse Venema wrote:
> > > > > If there is a reproducible example where header_checks
EASY steve.h...@digitalcertainty.co.uk:
> On Fri, 2009-06-12 at 12:36 -0400, Wietse Venema wrote:
> > Steve:
> > > On Fri, 2009-06-12 at 11:07 -0400, Wietse Venema wrote:
> > > > If there is a reproducible example where header_checks triggers on
> > > > body content, then I will fix it.
> > > >
>
On Fri, 2009-06-12 at 12:36 -0400, Wietse Venema wrote:
> Steve:
> > On Fri, 2009-06-12 at 11:07 -0400, Wietse Venema wrote:
> > > If there is a reproducible example where header_checks triggers on
> > > body content, then I will fix it.
> > >
> > > All I ask for is that conditions be independentl
Steve:
> On Fri, 2009-06-12 at 11:07 -0400, Wietse Venema wrote:
> > If there is a reproducible example where header_checks triggers on
> > body content, then I will fix it.
> >
> > All I ask for is that conditions be independently reproducible.
> >
> > Wietse
> In the meantime - how do I whi
Wietse Venema:
> Steve:
> > It is easy enough to reproduce. Just build a header filter like this;
> > (put aside the fact this is going to catch a shed load of legit mail)
> >
> > /^Received: from.*(cmodem|dhcp|adsl|broadband|dynamic)/ REJECT dynamic
> > host in headers
>
> This matches Received:
On Fri, 2009-06-12 at 11:07 -0400, Wietse Venema wrote:
> If there is a reproducible example where header_checks triggers on
> body content, then I will fix it.
>
> All I ask for is that conditions be independently reproducible.
>
> Wietse
In the meantime - how do I white-list this?
Steve:
> It is easy enough to reproduce. Just build a header filter like this;
> (put aside the fact this is going to catch a shed load of legit mail)
>
> /^Received: from.*(cmodem|dhcp|adsl|broadband|dynamic)/ REJECT dynamic
> host in headers
This matches Received: headers.
> This mail;
> Subje
If there is a reproducible example where header_checks triggers on
body content, then I will fix it.
All I ask for is that conditions be independently reproducible.
Wietse
On Fri, 2009-06-12 at 16:56 +0200, Ralf Hildebrandt wrote:
> * EASY steve.h...@digitalcertainty.co.uk :
>
> > Yep, I had already done that. I tried the same thing to ab...@bt.com and
> > got the same result.
>
> Log entry for exactly that case?
>
reads 6 minutes later but was sent to 'ab...@bt.c
* EASY steve.h...@digitalcertainty.co.uk :
> Yep, I had already done that. I tried the same thing to ab...@bt.com and
> got the same result.
Log entry for exactly that case?
--
Ralf Hildebrandt
Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
http://www.computerbeschi
Mark Goodge:
> I wouldn't call it a bug, since it's a feature that works as designed.
> It is, however, a design choice that makes the feature less useful than
> it otherwise could have been. [other good points omitted]
For SMTP submissions, header/body checks whitelisting could be done
by addin
EASY steve.h...@digitalcertainty.co.uk wrote:
On Fri, 2009-06-12 at 16:40 +0200, Ralf Hildebrandt wrote:
* Ralf Hildebrandt :
* Steve :
/^Received: from.*(cmodem|dhcp|adsl|broadband|dynamic)/ REJECT dynamic host in
headers
OK
In the logs; tripped on the header filter;
Jun 12 11:01:58 mail
On Fri, 2009-06-12 at 16:50 +0200, Ralf Hildebrandt wrote:
> * EASY steve.h...@digitalcertainty.co.uk :
>
> > > for ...
> > >
> > > You COULD solve this using:
> > >
> > > /^Received: from .*(cmodem|dhcp|adsl|broadband|dynamic).*by / REJECT
> > > dynamic host in headers
> > >
> > > It's w
* Ralf Hildebrandt :
> > > /^Received: from .*(cmodem|dhcp|adsl|broadband|dynamic).*by / REJECT
> > > dynamic host in headers
> > >
> > > It's worth a try.
>
> > Indeed, but it's *not* in the header section of the email, is it! It has
> > been pasted into the *BODY* of an email.
>
> Your syste
* EASY steve.h...@digitalcertainty.co.uk :
> > for ...
> >
> > You COULD solve this using:
> >
> > /^Received: from .*(cmodem|dhcp|adsl|broadband|dynamic).*by / REJECT
> > dynamic host in headers
> >
> > It's worth a try.
> >
> Indeed, but it's *not* in the header section of the email,
* EASY steve.h...@digitalcertainty.co.uk :
> > Since the headers look like:
> >
> > Received: from [192.168.1.xx] (xx [192.168.1.xx]) NEWLINE
> > by mail4.xx.co.uk (xx) with ESMTPA id B9F16AC09D NEWLINE
> > for ...
> >
> > You COULD solve this using:
> >
> > /^Received: from .
On Fri, 2009-06-12 at 16:40 +0200, Ralf Hildebrandt wrote:
> * Ralf Hildebrandt :
> > * Steve :
> >
> > > /^Received: from.*(cmodem|dhcp|adsl|broadband|dynamic)/ REJECT dynamic
> > > host in headers
> >
> > OK
> >
> > > In the logs; tripped on the header filter;
> > > Jun 12 11:01:58 mail4 post
* Ralf Hildebrandt :
> * Steve :
>
> > /^Received: from.*(cmodem|dhcp|adsl|broadband|dynamic)/ REJECT dynamic host
> > in headers
>
> OK
>
> > In the logs; tripped on the header filter;
> > Jun 12 11:01:58 mail4 postfix/cleanup[1419]: B9F16AC09D: reject: header
> > Received: from [192.168.1.xx]
* Steve :
> /^Received: from.*(cmodem|dhcp|adsl|broadband|dynamic)/ REJECT dynamic host
> in headers
OK
> In the logs; tripped on the header filter;
> Jun 12 11:01:58 mail4 postfix/cleanup[1419]: B9F16AC09D: reject: header
> Received: from [192.168.1.xx] (xx [192.168.1.xx])??by mail4.xx.co.uk
>
Quoting Mark Goodge :
EASY steve.h...@digitalcertainty.co.uk wrote:
It's a bug. Read the original question carefully. If I'm pasting the
original headers into the BODY of a fresh mail, and the header filters
are *blocking* it - is that intended behaviour? Answer (hopefully) 'No'.
If the head
On Fri, 2009-06-12 at 15:09 +0100, Mark Goodge wrote:
> EASY steve.h...@digitalcertainty.co.uk wrote:
>
> [1] http://www.postfix.org/header_checks.5.html
>
> Mark
Did you find that all on your own, or did you get some help with that?
I honestly can't be tossed to bother with the guy and raising
EASY steve.h...@digitalcertainty.co.uk wrote:
It's a bug. Read the original question carefully. If I'm pasting the
original headers into the BODY of a fresh mail, and the header filters
are *blocking* it - is that intended behaviour? Answer (hopefully) 'No'.
If the header-only filters are bloc
On Fri, 2009-06-12 at 15:54 +0200, Ralf Hildebrandt wrote:
> * EASY steve.h...@digitalcertainty.co.uk :
>
> > > I only use it for stuff I absolutely don't want to see. Everything
> > > else gets handled by amavisd-new
> >
> > Which is flaky.
>
> Not here.
And the tens of thousands of Barracuda o
* EASY steve.h...@digitalcertainty.co.uk :
> > I only use it for stuff I absolutely don't want to see. Everything
> > else gets handled by amavisd-new
>
> Which is flaky.
Not here.
> The fix is to make the content scanner in Postfix work as it should -
> or do we keep making excuses for it so w
On Fri, 2009-06-12 at 15:47 +0200, Ralf Hildebrandt wrote:
> * Mark Goodge :
>
> > I wouldn't call it a bug, since it's a feature that works as designed.
> > It is, however, a design choice that makes the feature less useful than
> > it otherwise could have been. But the point here is that content
On Fri, 2009-06-12 at 14:36 +0100, Mark Goodge wrote:
> Steve wrote:
> > On Fri, 2009-06-12 at 08:17 -0400, Wietse Venema wrote:
> >> Mark Goodge:
> >>> Ralf Hildebrandt wrote:
> * Steve :
> > Is this right?
> Yes
> > "You cannot whitelist a sender or client in an access list to
* Mark Goodge :
> I wouldn't call it a bug, since it's a feature that works as designed.
> It is, however, a design choice that makes the feature less useful than
> it otherwise could have been. But the point here is that content
> inspection isn't a core part of the job of an MTA anyway, so if th
On Fri, 12 Jun 2009, Steve wrote:
Wietse
Always a clever answer for a bug - nice one :-) wanker.
As someone who mostly site on the side of this forum but is extremely
appreciative of the work Wietse and others have done to bring Postfix to
the community, I'd like to suggest that i
Steve wrote:
On Fri, 2009-06-12 at 08:17 -0400, Wietse Venema wrote:
Mark Goodge:
Ralf Hildebrandt wrote:
* Steve :
Is this right?
Yes
"You cannot whitelist a sender or client in an access list to bypass
header or body checks. Header and body checks take place whether you
explicitly "OK" a
On Fri, 2009-06-12 at 08:17 -0400, Wietse Venema wrote:
> Mark Goodge:
> > Ralf Hildebrandt wrote:
> > > * Steve :
> > >> Is this right?
> > >
> > > Yes
> > >> "You cannot whitelist a sender or client in an access list to bypass
> > >> header or body checks. Header and body checks take place whe
Mark Goodge:
> Ralf Hildebrandt wrote:
> > * Steve :
> >> Is this right?
> >
> > Yes
> >> "You cannot whitelist a sender or client in an access list to bypass
> >> header or body checks. Header and body checks take place whether you
> >> explicitly "OK" a client or sender, in access lists, or no
Ralf Hildebrandt wrote:
* Steve :
Is this right?
Yes
"You cannot whitelist a sender or client in an access list to bypass
header or body checks. Header and body checks take place whether you
explicitly "OK" a client or sender, in access lists, or not."
I'm gob smacked if it is?
Why?
Be
* Steve :
> Is this right?
Yes
> "You cannot whitelist a sender or client in an access list to bypass
> header or body checks. Header and body checks take place whether you
> explicitly "OK" a client or sender, in access lists, or not."
>
> I'm gob smacked if it is?
Why?
--
Ralf Hildebrandt
On Fri, 2009-06-12 at 12:51 +0200, Magnus Bäck wrote:
> On Fri, June 12, 2009 12:12 pm, Steve said:
>
> > Is this right?
> >
> > "You cannot whitelist a sender or client in an access list to bypass
> > header or body checks. Header and body checks take place whether you
> > explicitly "OK" a clie
On Fri, June 12, 2009 12:12 pm, Steve said:
> Is this right?
>
> "You cannot whitelist a sender or client in an access list to bypass
> header or body checks. Header and body checks take place whether you
> explicitly "OK" a client or sender, in access lists, or not."
Yes, that's correct.
--
M
Is this right?
"You cannot whitelist a sender or client in an access list to bypass
header or body checks. Header and body checks take place whether you
explicitly "OK" a client or sender, in access lists, or not."
I'm gob smacked if it is?
41 matches
Mail list logo
