Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

postfix ignore header_checks options

103 views
Skip to first unread message

Beast

unread,
May 12, 2005, 8:00:45 AM5/12/05
to

I have create separate instance of smtpd for outgoing mail only.
I want to remove any "Received:" header written by my internal mail server.

master.cf:
## outgoing smtp server
192.168.1.99:250 inet n - n - 30 smtpd
-o disable_dns_lookups=yes
-o content_filter=
-o header_checks=pcre:/etc/postfix/header_outgoing
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_data_restrictions=
-o
smtpd_recipient_restrictions=reject_non_fqdn_sender,reject_non_fqdn_recipient,permit_mynetworks,reject

header_outgoing:
/^Received:/ IGNORE
/\s*by/ IGNORE
/\s*for </ IGNORE

I turn on debug on main.cf but it says nothing about header_checks.

[root@blowfish postfix]# postconf -m |grep pcre
pcre


--

--beast

Matt Fretwell

unread,
May 12, 2005, 8:16:31 AM5/12/05
to
Beast wrote:

> header_checks=pcre:/etc/postfix/header_outgoing


main.cf, not master.


Matt

Beast

unread,
May 12, 2005, 8:23:06 AM5/12/05
to

In main.cf i already had different rule for incoming.

header_checks = pcre:/etc/postfix/header_incoming

--

--beast

Matt Fretwell

unread,
May 12, 2005, 8:44:34 AM5/12/05
to
Beast wrote:

> In main.cf i already had different rule for incoming.
>
> header_checks = pcre:/etc/postfix/header_incoming


You cannot define different sets of header|body_checks within a single
instance. I will repeat, main.cf, not master.cf. Listen to an answer. If
you already knew the answer, you would not ask the question.


Matt

Magnus Bäck

unread,
May 12, 2005, 9:10:18 AM5/12/05
to
On Thu, May 12, 2005 2:44 pm, Matt Fretwell said:

> You cannot define different sets of header|body_checks within a single
> instance. I will repeat, main.cf, not master.cf. Listen to an answer. If
> you already knew the answer, you would not ask the question.

It's possible to have different header_checks etc within a single Postfix
instance, but you must in that case define multiple cleanup services and
select among them with cleanup_service_name.

--
Magnus Bäck
mag...@dsek.lth.se

Matt Fretwell

unread,
May 12, 2005, 9:17:10 AM5/12/05
to
Magnus Bäck wrote:

> > You cannot define different sets of header|body_checks within a
> > single instance. I will repeat, main.cf, not master.cf. Listen to an
> > answer. If you already knew the answer, you would not ask the
> > question.
>
> It's possible to have different header_checks etc within a single
> Postfix instance, but you must in that case define multiple cleanup
> services and select among them with cleanup_service_name.


Oops :)


Matt

Matt Fretwell

unread,
May 12, 2005, 9:34:12 AM5/12/05
to
Matt Fretwell wrote:

> > It's possible to have different header_checks etc within a single
> > Postfix instance, but you must in that case define multiple cleanup
> > services and select among them with cleanup_service_name.


That would also require setting up separate smtpd listeners for each
cleanup_service_name as well, would it not?


Matt

mouss

unread,
May 13, 2005, 2:59:26 AM5/13/05
to
Beast wrote:

>
> I have create separate instance of smtpd for outgoing mail only.
> I want to remove any "Received:" header written by my internal mail
> server.
>
> master.cf:
> ## outgoing smtp server
> 192.168.1.99:250 inet n - n - 30 smtpd
> -o disable_dns_lookups=yes
> -o content_filter=
> -o header_checks=pcre:/etc/postfix/header_outgoing
> -o smtpd_restriction_classes=
> -o smtpd_client_restrictions=
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_data_restrictions=
> -o
> smtpd_recipient_restrictions=reject_non_fqdn_sender,reject_non_fqdn_recipient,permit_mynetworks,reject
>
>
> header_outgoing:
> /^Received:/ IGNORE
> /\s*by/ IGNORE
> /\s*for </ IGNORE


Do you really want to remove
To: john.ford <j...@example.com>
To: <be...@example.com>, bylaw <by...@example.net>, <co...@show.example>
Subject: my connection is rejected by your firewall
and so on...


The /^Received:/ rule is enough. header_checks parse a "logical header".

PS. Note that
/\s*xzy/ matches the same things as /xyz/
/\s+xyz/ matches the same things as /\sxyz/
the \s is only useful if you have other things to match, such as in
/Received:\s*from/.


mouss

unread,
May 13, 2005, 3:19:12 AM5/13/05
to
mouss wrote:

> Beast wrote:
>
>>
>> I have create separate instance of smtpd for outgoing mail only.
>> I want to remove any "Received:" header written by my internal mail
>> server.
>>
>> master.cf:
>> ## outgoing smtp server
>> 192.168.1.99:250 inet n - n - 30 smtpd
>> -o disable_dns_lookups=yes
>> -o content_filter=
>> -o header_checks=pcre:/etc/postfix/header_outgoing
>> -o smtpd_restriction_classes=
>> -o smtpd_client_restrictions=
>> -o smtpd_helo_restrictions=
>> -o smtpd_sender_restrictions=
>> -o smtpd_data_restrictions=
>> -o
>> smtpd_recipient_restrictions=reject_non_fqdn_sender,reject_non_fqdn_recipient,permit_mynetworks,reject
>>
>>
>> header_outgoing:
>> /^Received:/ IGNORE
>> /\s*by/ IGNORE
>> /\s*for </ IGNORE
>
>
>
> Do you really want to remove
> To: john.ford <j...@example.com>

oops. this one won't match. but
To: for <friends.o...@nowhere.example>
would.

Magnus Bäck

unread,
May 14, 2005, 4:06:38 AM5/14/05
to
On Thursday, May 12, 2005 at 15:34 CEST,
Matt Fretwell <ma...@bauchan.org> wrote:

Indeed it would.

--
Magnus Bäck
mag...@dsek.lth.se

0 new messages