Betr.: Re: Betr.: Re: Trim part of the header with header rewriting ?
Yea I just found that out when I just tried to sed the queue file :-) Any way to limit it to only take out the line on domain X Y and Z ? On a sidenote, its actually the RCPT TO: line and not the normal TO: line ... not sure if that's going to be a problem .. RCPT TO: ORCPT=rfc822;groupwise-sou...@email.addy;1:1 Thanks for the help so far. - Arjan >>> Noel Jones 12-11-09 18:29 >>> The emergency workaround is to remove the offending header. If you try to rewrite it, you're likely to break it in new and interesting ways. -- Noel Jones On 11/12/2009 7:51 AM, Arjan Melein wrote: > Is there no way to somehow rewrite it instead of removing it fully ? > I know its better to fix GroupWise, I've been *trying* to get it fixed > really hard for a few weeks now, but trying to get Novell to move a > little is like trying to fight a major house fire with just a supersoaker .. > I need a temporary solution because people are starting to get really > annoyed by their e-mail not getting where it should be. The ISP in > question does not give a valid error and e-mails just vanish into thin > air when they're sent there. > - > Arjan > > >>> Op 12-11-2009 om 14:40 is door Noel Jones > geschreven: > On 11/12/2009 3:50 AM, Arjan Melein wrote: > > Hello, > > > > I am currently having an issue where our enterprise mail system is > bugged(groupwise8sp1) and for some unknown reason, even for Novell, it > is adding ";1:1" to the end of the TO: line and this is causing e-mails > to bounce with a certain ISP who has very strict header checking. > > I'm using postfix as the MTA for our MailScanner setup so I'm > currently trying to figure out if and how it's possible to somehow strip > the ;1:1 from outgoing e-mails. > > I ran into the REPLACE function for the header checks but I can't > seem to figure out how to properly use it (still working on my regexp > knowledge) > > Currently the header_checks only holds '/^Received:/ HOLD' so the > scanner can pick it up. > > > > Is there anyone who can give me some pointers on if this is possible > and how ? > > > > My only other option is to use a 2nd hold directory and write some > kind of script to pick up e-mails and rewrite them before handing them > to the scanner. > > > > - > > Arjan > > > > You'll need to fix this on the groupwise server. > > RFC822 header syntax is quite complex. I don't think it's > possible to create a regular expression that correctly handles > and fixes every case, especially with multiple addresses in a > header. > > If you must fix this in postfix, your best choice is probably > to just remove the header with IGNORE. > > # header_checks > /^(To|CC): .*;1:1/ IGNORE > > Postfix will then insert the undisclosed_recipients_header in > the message. > > This is a very ugly solution. Better to fix groupwise. > > -- Noel Jones >
Re: Betr.: Re: Betr.: Re: Trim part of the header with header rewriting ?
On 11/12/2009 12:28 PM, Arjan Melein wrote: Yea I just found that out when I just tried to sed the queue file :-) Any way to limit it to only take out the line on domain X Y and Z ? On a sidenote, its actually the RCPT TO: line and not the normal TO: line ... not sure if that's going to be a problem .. RCPT TO: ORCPT=rfc822;groupwise-sou...@email.addy;1:1 Thanks for the help so far. Stop top posting. Google for the term if you don't understand. That doesn't look like a header. You need to show exact evidence of the error you're getting. -- Noel Jones
Re: Betr.: Re: Betr.: Re: Trim part of the header with header rewriting ?
Noel Jones: > On 11/12/2009 12:28 PM, Arjan Melein wrote: > > Yea I just found that out when I just tried to sed the queue file :-) > > Any way to limit it to only take out the line on domain X Y and Z ? > > On a sidenote, its actually the RCPT TO: line and not the normal TO: > > line ... not sure if that's going to be a problem .. > > RCPT TO: ORCPT=rfc822;groupwise-sou...@email.addy;1:1 > > > > Thanks for the help so far. > > That doesn't look like a header. You need to show exact > evidence of the error you're getting. As shown below, Postfix 2.7 can "fix" commands from remote SMTP clients. Meanwhile, I am adding a similar feature to "fix" replies from remote SMTP servers. In your case the regexp could look like: /^RCPT\s+TO:(.*);1:1$/ RCPT TO:$1 This an incredibly unsafe tool. Wietse smtpd_command_filter (default: empty) A mechanism to substitute incoming SMTP commands. This is a last- resort tool to work around problems with clients that send invalid com- mand syntax that would otherwise be rejected by Postfix. Specify the name of a "type:table" lookup table. The search string is the SMTP command as received from the SMTP client, except that initial whitespace and the trailing are removed. The result value is executed by the Postfix SMTP server. Examples: /etc/postfix/main.cf: smtpd_command_filter = pcre:/etc/postfix/command_filter /etc/postfix/command_filter: # Work around clients that send malformed HELO commands. /^HELO\s*$/ HELO domain.invalid # Work around clients that send empty lines. /^\s*$/ NOOP # Work around clients that send RCPT TO:<'u...@domain'>. # WARNING: do not lose the parameters that follow the address. /^RCPT\s+TO:\s*<'([^[:space:]]+)'>(.*)/ RCPT TO:<$1>$2 This feature is available in Postfix 2.7.
Re: Betr.: Re: Betr.: Re: Trim part of the header with header rewriting ?
On 12-Nov-2009, at 13:35, Wietse Venema wrote: > This an incredibly unsafe tool. Ooo, those are my favorite kinds! -- The very existence of flame-throwers proves that some time, somewhere, someone said to themselves, You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.
Re: Betr.: Re: Betr.: Re: Trim part of the header with header rewriting ?
>>> Op 12-11-2009 om 21:35 is door Wietse Venema geschreven: > Noel Jones: >> On 11/12/2009 12:28 PM, Arjan Melein wrote: >> > Yea I just found that out when I just tried to sed the queue file :-) >> > Any way to limit it to only take out the line on domain X Y and Z ? >> > On a sidenote, its actually the RCPT TO: line and not the normal TO: >> > line ... not sure if that's going to be a problem .. >> > RCPT TO: ORCPT=rfc822;groupwise-sou...@email.addy;1:1 >> > >> > Thanks for the help so far. >> >> That doesn't look like a header. You need to show exact >> evidence of the error you're getting. > > As shown below, Postfix 2.7 can "fix" commands from remote SMTP > clients. Meanwhile, I am adding a similar feature to "fix" replies > from remote SMTP servers. > > In your case the regexp could look like: > > /^RCPT\s+TO:(.*);1:1$/ RCPT TO:$1 > > This an incredibly unsafe tool. > > Wietse > > smtpd_command_filter (default: empty) >A mechanism to substitute incoming SMTP commands. This is a > last- >resort tool to work around problems with clients that send invalid > com- >mand syntax that would otherwise be rejected by Postfix. > >Specify the name of a "type:table" lookup table. The search string > is >the SMTP command as received from the SMTP client, except that > initial >whitespace and the trailing are removed. The result value is >executed by the Postfix SMTP server. > >Examples: > >/etc/postfix/main.cf: >smtpd_command_filter = pcre:/etc/postfix/command_filter > >/etc/postfix/command_filter: ># Work around clients that send malformed HELO commands. >/^HELO\s*$/ HELO domain.invalid > ># Work around clients that send empty lines. >/^\s*$/ NOOP > ># Work around clients that send RCPT TO:<'u...@domain'>. ># WARNING: do not lose the parameters that follow the address. >/^RCPT\s+TO:\s*<'([^[:space:]]+)'>(.*)/ RCPT TO:<$1>$2 > >This feature is available in Postfix 2.7. First, Sorry for the top posting before. Client default puts replies on top. Second, I'll try and get another relay setup with 2.7 and just add an extra hop to our internal mail path so I can take it out again eventually and not have a ton of configuration changing to do.. if they ever manage to fix it. Its only for outgoing e-mails and people are getting mad enough for me that resorting to IPoAC is even an option as long as it works. - Arjan
Re: Betr.: Re: Betr.: Re: Trim part of the header with header rewriting ?
>>> Op 12-11-2009 om 21:35 is door Wietse Venema geschreven: > Noel Jones: >> On 11/12/2009 12:28 PM, Arjan Melein wrote: >> > Yea I just found that out when I just tried to sed the queue file :-) >> > Any way to limit it to only take out the line on domain X Y and Z ? >> > On a sidenote, its actually the RCPT TO: line and not the normal TO: >> > line ... not sure if that's going to be a problem .. >> > RCPT TO: ORCPT=rfc822;groupwise-sou...@email.addy;1:1 >> > >> > Thanks for the help so far. >> >> That doesn't look like a header. You need to show exact >> evidence of the error you're getting. > > As shown below, Postfix 2.7 can "fix" commands from remote SMTP > clients. Meanwhile, I am adding a similar feature to "fix" replies > from remote SMTP servers. > > In your case the regexp could look like: > > /^RCPT\s+TO:(.*);1:1$/ RCPT TO:$1 > > This an incredibly unsafe tool. > > Wietse > > smtpd_command_filter (default: empty) >A mechanism to substitute incoming SMTP commands. This is a > last- >resort tool to work around problems with clients that send invalid > com- >mand syntax that would otherwise be rejected by Postfix. > >Specify the name of a "type:table" lookup table. The search string > is >the SMTP command as received from the SMTP client, except that > initial >whitespace and the trailing are removed. The result value is >executed by the Postfix SMTP server. > >Examples: > >/etc/postfix/main.cf: >smtpd_command_filter = pcre:/etc/postfix/command_filter > >/etc/postfix/command_filter: ># Work around clients that send malformed HELO commands. >/^HELO\s*$/ HELO domain.invalid > ># Work around clients that send empty lines. >/^\s*$/ NOOP > ># Work around clients that send RCPT TO:<'u...@domain'>. ># WARNING: do not lose the parameters that follow the address. >/^RCPT\s+TO:\s*<'([^[:space:]]+)'>(.*)/ RCPT TO:<$1>$2 > >This feature is available in Postfix 2.7. It might be unsafe, but it seems to do its job properly from what I can see in the tcpdumps.. I set up an extra relay between our enterprise system and our gateway and just re-routed outgoing e-mails for certain domains from GroupWise over that extra relay, that changes the header and hands it off to our normal gateway. This way e-mail which was working normally does not run over anything marked as incredibly unsafe :-) Thanks for the help both of you. - Arjan
Re: Betr.: Re: Betr.: Re: Trim part of the header with header rewriting ?
>>> Op 12-11-2009 om 21:35 is door Wietse Venema geschreven: > As shown below, Postfix 2.7 can "fix" commands from remote SMTP > clients. Meanwhile, I am adding a similar feature to "fix" replies > from remote SMTP servers. > > In your case the regexp could look like: > > /^RCPT\s+TO:(.*);1:1$/ RCPT TO:$1 > > This an incredibly unsafe tool. > > Wietse > > smtpd_command_filter (default: empty) >A mechanism to substitute incoming SMTP commands. This is a > last- >resort tool to work around problems with clients that send invalid > com- >mand syntax that would otherwise be rejected by Postfix. > >Specify the name of a "type:table" lookup table. The search string > is >the SMTP command as received from the SMTP client, except that > initial >whitespace and the trailing are removed. The result value is >executed by the Postfix SMTP server. > >Examples: > >/etc/postfix/main.cf: >smtpd_command_filter = pcre:/etc/postfix/command_filter > >/etc/postfix/command_filter: ># Work around clients that send malformed HELO commands. >/^HELO\s*$/ HELO domain.invalid > ># Work around clients that send empty lines. >/^\s*$/ NOOP > ># Work around clients that send RCPT TO:<'u...@domain'>. ># WARNING: do not lose the parameters that follow the address. >/^RCPT\s+TO:\s*<'([^[:space:]]+)'>(.*)/ RCPT TO:<$1>$2 > >This feature is available in Postfix 2.7. It's been a few days but i just ran into a little bump in the road.. It looks like the ;1:1 actually changes depending on the number of recipients. How would I change '/^RCPT\s+TO:(.*);1:1$/ RCPT TO:$1' into matching 'domain.tld;#:#' and put the domain.tld back without the ;#:# - Arjan
Re: Betr.: Re: Betr.: Re: Trim part of the header with header rewriting ?
Arjan Melein: > It's been a few days but i just ran into a little bump in the road.. It looks > like the ;1:1 actually changes depending on the number of recipients. > How would I change '/^RCPT\s+TO:(.*);1:1$/ RCPT TO:$1' into matching > 'domain.tld;#:#' and put the domain.tld back without the ;#:# What does the # stand for? If it is one digit, replace 1 by [0-9], to handle multiple digits, replace 1 by [0-9]+ You can test this with: postmap -q "RCPT TO: ORCPT=rfc822;a...@b.c;3;4" pcre:/file/name Wietse
Re: Betr.: Re: Betr.: Re: Trim part of the header with header rewriting ?
>>> Op 17-11-2009 om 12:48 is door Wietse Venema geschreven: > Arjan Melein: >> It's been a few days but i just ran into a little bump in the road.. It > looks like the ;1:1 actually changes depending on the number of recipients. >> How would I change '/^RCPT\s+TO:(.*);1:1$/ RCPT TO:$1' into matching > 'domain.tld;#:#' and put the domain.tld back without the ;#:# > > What does the # stand for? If it is one digit, replace 1 by [0-9], > to handle multiple digits, replace 1 by [0-9]+ > > You can test this with: > > postmap -q "RCPT TO: ORCPT=rfc822;a...@b.c;3;4" pcre:/file/name > > Wietse I thought it was 1 number at first, but it seems to be going multi digit as well.. I changed it into "/^RCPT\s+TO:(.*);[0-9]+:[0-9]+$/ RCPT TO:$1" and it seems to work. If I've learned one thing from this, its that I really need to brush up on regexp :-) - Arjan
