The short question:
I'm looking for a way to store the headers of every message that passes through
my postfix system. Any pointers?
(I've read FAQ #45 and it seems to require me to enter the headers I want
flagged)
The longer and possibly un-needed explanation:
We have a ton of clients running Exchange / Outlook.
We use postfix and spamassassin for spam filtering because Exchange is terrible
at spam filtering in addition to being terrible at mail exchanging. ;)
Occasionally 'legit' mail (in the customers mind) gets flagged as spam because
of RDNS, blacklists, etc...
Customers are clueless about forwarding mail headers.
Because of company politics, the user receiving the message flagged as spam
usually forwards the message to someone they think is technically competent at
the company--or they send it to their manager. In turn it gets forwarded to
us. It takes a few back-and-forths to explain how to forward the headers and
finally get what we need.
What we need from the headers is the SA report line that says:
X-Spam-Report:
* -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
low
* trust
* [66.220.144.151 listed in list.dnswl.org]
* -0.0 SPF_PASS SPF: sender matches SPF record
* 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay
lines
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
It would cut a significant amount of time out of my week if that information
(and the rest of the headers) were easily accessible in a file somewhere--or
even tossed into syslog.
SA apparently doesn't log that info. If I want it, it looks like I have to
hack the source. Meh.
My Google-fu doesn't show any method built into Postfix to store all the
headers. (I have read the FAQ #45 which seems to require that I manually enter
all the headers I want logged, but I would like all of them)
I suspect there is nothing, and I should whip up a milter to grab/store that
info to the filesystem or a database...
Thank you all for your time,
-A
