Postfix Header and Body Checks - action PASS

Discussion in 'Installation/Configuration' started by Aiku, Jun 16, 2020.

  1. Aiku

    Aiku New Member

    Hi,
    how I can use action PASS from Postfix built-in content inspection? Ispconfig 3 => Email => Content Filter lists DISCARD, DUNNO, FILTER, HOLD, IGNORE, PREPEND, REDIRECT, REPLACE, REJECT, WARN. My IspConfig upgraded through years and versions, may be I need just clean install or manually modify something?
    I need to mark/process entire TLD but exclude one subdomain from there. Like:
    -
    # first filter
    Regexp. pattern: /<[email protected]>/ #Allow emails from one subdomain pass clean
    Action: PASS
    # second filter
    Regexp. pattern: /<[email protected]+?.tld>/ #Mark or disallow all those bad spammerboys
    Action: REDIRECT/PREPEND/REJECT/DISCARD
    -
    /etc/postfix/header_checks file is managed by IspConfig, is it possible to say to Postfix to merge this file before use with user manually added data file for example header_checks.local or something?
    Or are there better ways to do that?
    IspConfig 3.1.15p3, Postfix 3.3 (action PASS starting from 3.2), Ubuntu 18.04
     
  2. Jesse Norell

    Jesse Norell ISPConfig Developer ISPConfig Developer

    PASS is not a supported action, as you have noted. It likely would be fairly trivial to add, my only hesitation would be testing what happens on older postfix versions (ISPConfig still supports them) if PASS is encountered but not supported. As long as it's non-fatal, simply adding to the list of supported actions would likely be received upstream as a contribution.

    As for now, you'd just have to add a custom header checks. Copy install/tpl/debian_postfix.conf.master from the ispconfig installation sources to /usr/local/ispconfig/server/conf-custom/ and modify header_checks (and/or {nested,mime}_header_checks if needed) to specify your own file, in addition to ISPConfig's file, so your changes are upgrade-safe, and also make the same changes to /etc/postfix/main.cf.
     
  3. Aiku

    Aiku New Member

    Thank you Jesse,
    it works and I like the idea make user changes independent of Ispconfig upgrades.
    I made /etc/postfix/header_checks_pass file containing all PASS directives, modified /etc/postfix/main.cf file directive:
    header_checks = regexp:/etc/postfix/header_checks_pass, regexp:/etc/postfix/header_checks
    (note: Postfix processing first file argument and then handling the second - PASS directives must be handled before the fatal directives REJECT/REDIRECT/DISCARD)
    Then copied debian_postfix.conf.master from install with the same modifications to the /usr/local/ispconfig/server/conf-custom/ to upgrade-safe changes.
     

Share This Page