--- On Wed, 9/3/08, Jannis Kafkoulas <[EMAIL PROTECTED]> wrote:
From: Jannis Kafkoulas <[EMAIL PROTECTED]>
Subject: Re: _checks in a postfix instance?
To: "mouss" <[EMAIL PROTECTED]>
Date: Wednesday, September 3, 2008, 9:44 AM
--- On Tue, 9/2/08, mouss <[EMAIL PROTECTED]> wrote:
From: mouss <[EMAIL PROTECTED]>
Subject: Re: _checks in a postfix instance?
To:
Cc: postfix-users@postfix.org
Date: Tuesday, September 2, 2008, 7:20 AM
Jannis Kafkoulas wrote:
> Hi,
>
> we're using postfix 2.3.8-2+b1 on a debian etch box with imss.
> I wanted to reject all emails to the company ccc.com or ccc.net with a
subject
> containing a specific string ("Subject: [xxx] " in this test. I
also tried different variations).
>
> So I created a new postfix instance on port 10023 where the
no, you added an smtpd listener on 10023. you did not create a "new
POSTFIX instance". a new postfix
instance has its own config_directory
(thus its own main.cf and master.cf), ... etc.
#Right, I see. Now I'm going to use a "real" 2nd instance...
> subject should be checked against the string of interest.
> A filter directs all emails going to ccc.com to this instance.
if your filter gets mail after the queue, it should not reject. it's too
late. otherwise, you generate backscatter and we hate you.
>
> This instance receives the email but now it seems that the header_check
doesn't work.
it doesn't work if you don't define them where they should be defined.
> The regexp works fine when I'm testing a test file with the postmap
command.
>
> [snip]
> mydomain = aaa.com
does "aaa.com" belong to you or this is a silly example? please
don't
hijack other people domains. if you want to hide your domain, use
example.com and the
like.
#No, I just overwrote the real domain names in this posting with aaa, bbb and
ccc
> myhostname = postprx2.fw.aaa.com
> mynetworks = localhost 10.6.7.90 10.6.7.91 10.6.7.92 10.8.66.138
10.8.66.164 10.8.67.2...
what is "10.8.67.2..."? ok, I guess I see. but please remove
"localhost"
and put 127.0.0.1.
#Ah, OK, I gues it's faster?
> smtpd_banner = $myhostname ESMTP - much luck!
do you find this funny? keep your imagination for constructive tasks.
leave the banner as clean as you found it.
#No, it's just, the company who implemented postfix had put a very specific
#banner in latin and I had to change it, again, in order to hide
any hint at our Identity (it's just paranoia!)
> ccc_recipient_access.cf:
> =========================
> ccc.net FILTER smtp:[127.0.0.1]:10023
> ccc.com FILTER smtp:[127.0.0.1]:10023
per
recipient FILTER is the wrong approach. only _ONE_ filter is used
for each message, even if there are multiple recipients.
#So, how do I direct mail for @example.com to the 2nd instance then
#especially, if there are many recipients, also in other domains?
>
> header_checks_NR.cf
> ===================
> # Filter classified messages
> /^Subject:.*\[xxxx\].*/ WARN TEST rejecting [xxxx] mails
ccc.com, ccc.net
".*" at the end of a regular expression is useless. /foo/ and /foo.*/
match the same things.
# OK, I'll keep it also in mind...
>
> # ( testing on port 26! )
> ccc-smtp inet n - n - - smtpd -D
> [127.0.0.1]:10023 inet n - n - - smtpd -D
why do you put brakets ('[' and ']') here?
#well, I saw it in an example and just reused it.
> -o
header_checks=regexp:/etc/postfix/header_checks_NR.cf
This is useless. header_checks are checked by cleanup, not by smtpd.
#Yes, I see.
Now look mouss, as I wrote also to Noel Jones,
(so no necessary to open the other email too)
this is again what I want to achieve:
We communicate with some partner companies in an extranet.
If an email
a) goes to the partner @example_domain1.com (then send it to the 2nd
instance) and
b) this email contains a specific string in the subject ([CR])
then it should be rejected or otherwise delievered to @dst_domain1.com (by 2nd
instance).
All other email should be delievered by the first instance as it does now.
Important: All email should be scanned by trendmicro imss-scanner.
First question: can I use the same ip address
for the 2nd instance (with another port)?
The second question is, do I also need a second instance of imss?
Since I need to use imss from both postfix instances.
How does imss know to which postfix instance ( port number) it should return
the scanned emails?
Does it work automatically by tfhe definition of the content filter loop back
port in the 2nd master.cf?
Thanks for all
Jannis
