Postfix Header Checks
Postfix Header Checks
If like almost everyone who administers a mail server you find yourself receiving lots of spam, there are a few tricks to stop some of them dead in their tracks if you are using Postfix as your MTA. The simple way to do this is to block them by the messages regional encoding in the subject line. Most of the spam that I receive originates from China, Korea and countries that use the Cyrillic alphabet so it is these that we will block.
At this point I should note that this is not a substitute for having some good spam filters in place to begin with. In my case I use this method to compliment spamassassin and mailscanner as both of these were ineffective with mail from mailing lists.
Also there are two methods of checking headers on Postfix. The first is by using regular expressions and the second is by using Perl Compatible Regular Expressions (PCRE). This document describes regular expressions only!
I am assuming the configuration files for your Postfix installation are in /etc/postfix.
Ensure Postfix is configured to use header checks
First up under /etc/postfix ensure that you have a file called header_checks. If not create it.
Next we want to ensure Postfix is configured to use this file so you do this from a command line by entering the following:
postconf -e "header_checks = regexp:/etc/postfix/header_checks"
Adding our header checks
In the file header_checks we can add our regular expressions. For example to block Chinese encoding you would have the following line:
/^Subject: =?big5?/ REJECT Chinese encoding not accepted by this server
The REJECT in the above example means that your Postfix will send a rejection message with the message Chinese encoding not accepted by this server to the originating MTA. If you would rather reject them outright without sending a non delivery report change REJECT to DISCARD.
Here are some more examples that are pretty self explanatory:
/^Subject: =?EUC-KR?/ REJECT Korean encoding not allowed by this server /^Subject: =?Windows-1251?/ REJECT Russian encoding not allowed by this server /^Subject: =\?KOI8-R\?/ REJECT Russian encoding not allowed by this server /^Subject: ADV:/ REJECT Advertisements not accepted by this server
If you are familiar with regular expressions then you may add your own. Once you make any changes to your header_access file don't forget to get Postfix to reload its configuration with the folllowing command: