The 03.09.18 at 19:25, James Newman wrote:
Not sure if I made clear what I was trying to do. Postfix is doing header and body checks on the mail that is comming in to this mail server. We are using fetchmail to retrieve mail from another server. I do not believe this is being checked against the header and body checks listed with postfix. Is there a way to make fetchmail go through these checks or is there a seperate header/body check that can be assigned to the fetchmail process?
Ah, then it is what I thought, and it is what I'm doing. Have a look at the thread (and additions on some other threads): Date: Thu, 4 Sep 2003 01:51:24 +0200 (CEST) From: Carlos E. R. <robin1.listas@tiscali.es> To: SLE <suse-linux-e@suse.com> Subject: [SLE] Rejecting email with attachs X-Message-Number-for-archive: 158210 You can get that from this list archive, or using mail alone (see the list FAQ for instructions on that). Quick excerpt: In /etc/postfix/header_checks, I have the line - note that you no longer need need body checks for rejecting attaches: /(filename|name)=".*\.(scr|pif|exe)"/ REJECT "*** DOS/WIN executables rejected ***" The docs say (asd|chm|exe|doc|dll|hlp|hta|js|ocx|pif). Note that fetchmail, by default, hands off mail to postfix for delivery, and doesn't wait till the fetching is complete. So, as soon as postfix sees the disturbing header, it rejects it, and fetchmail stops fetching, generating a bounce message. Note that if you make procmail hand mail directly to procmail (possible), postfix never sees it and it is not rejected. That could be your problem. If you want to stop the bounce message from FETCHMAIL-DAEMON, theoretically you could stop them being produced adding this line: set no bouncemail to the fetchmailrc file; don't do it. For details on this, check again this list archive: Date: Sat, 6 Sep 2003 16:15:57 +0200 (CEST) From: Carlos E. R. <robin1.listas@tiscali.es> To: SLE <suse-linux-e@suse.com> Subject: [SLE] Fetchmail: do not use "no bouncemail" X-Message-Number-for-archive: 158575 The problem, told briefly, is that although the bounce is not generated, the rejected mail is not deleted from the pop/imap servers, and awaits manual collection/deletion by some other means. Instead, you can do this in "/etc/postfix/header_checks" (use your local domain name): /^From:.*FETCHMAIL\-DAEMON\@nimrodel\.valinor/ HOLD /^From:.*fetchmail\-daemon\@nimrodel\.valinor/ HOLD (I don't know if parsing is case sensitive in postfix). That line will cause mail coming from FETCHMAIL-DAEMON to be put on hold locally. I use a script to delete them (you'll have to edit it): #!/bin/bash mailq|grep FETCHMAIL-DAEMON@nimrodel.valinor | cut -c 1-10 > /root/bin/killmails.lst echo -e -n "Hay un total de: " echo -e -n `wc -l /root/bin/killmails.lst` | cut -c1-3 echo pringaos while read FILES ; do FILE=`find /var/spool/postfix/hold/*/$FILES` /usr/sbin/postcat $FILE > /root/bin/killmails.msg echo "=============================================================" >> /root/bin/killmails.msg /usr/sbin/postsuper -d $FILES 2>&1 | tee /root/bin/killmails.msg2 cat /root/bin/killmails.msg2 >> /root/bin/killmails.msg cat /root/bin/killmails.msg | /usr/bin/mailx -s "Correo rechazado ("$FILES"), puesto en hold, y borrado" postmaster rm /root/bin/killmails.msg2 /root/bin/killmails.msg done < /root/bin/killmails.lst Be aware that the postfix doc makes some warning about the queue id being reused and possible mishaps. I don't think it is an issue here, but I don't warranty it :-) -- Cheers, Carlos Robinson