Postfix Header Checks

From RSWiki
Revision as of 14:07, 8 December 2009 by Robert (talk | contribs)
Jump to navigation Jump to search

Template:AdWords2 Please considering making a donation to keep this site running In the three years that I have been running this site costs have increased significantly. Unfortunately advertising does not come anywhere near covering the costs to keep this site running. Any donations, however small will help enormously in keeping this site running. If you found the information on this page helpful in any way why not make a donation now? <donationform></donationform>

Postfix Header Checks

If like almost everyone who administers a mail server you find yourself receiving lots of spam, there are a few tricks to stop some of them dead in their tracks if you are using Postfix as your MTA. The simple way to do this is to block them by the messages regional encoding in the subject line. Most of the spam that I receive originates from China, Korea and countries that use the Cyrillic alphabet so it is these that we will block.

At this point I should note that this is not a substitute for having some good spam filters in place to begin with. In my case I use this method to compliment spamassassin and mailscanner as both of these were ineffective with mail from mailing lists.

Also there are two methods of checking headers on Postfix. The first is by using regular expressions and the second is by using Perl Compatible Regular Expressions (PCRE). This document describes regular expressions only!

I am assuming the configuration files for your Postfix installation are in /etc/postfix.

Ensure Postfix is configured to use header checks

First up under /etc/postfix ensure that you have a file called header_checks. If not create it.

Next we want to ensure Postfix is configured to use this file so you do this from a command line by entering the following:

postconf -e "header_checks = regexp:/etc/postfix/header_checks"

Adding our header checks

In the file header_checks we can add our regular expressions. For example to block Chinese encoding you would have the following line:

/^Subject: =?big5?/ REJECT Chinese encoding not accepted by this server

The REJECT in the above example means that your Postfix will send a rejection message with the message Chinese encoding not accepted by this server to the originating MTA. If you would rather reject them outright without sending a non delivery report change REJECT to DISCARD.

Here are some more examples that are pretty self explanatory:

/^Subject: =?EUC-KR?/   REJECT Korean encoding not allowed by this server
/^Subject: =?Windows-1251?/     REJECT Russian encoding not allowed by this server
/^Subject: =\?KOI8-R\?/ REJECT Russian encoding not allowed by this server
/^Subject: ADV:/        REJECT Advertisements not accepted by this server

If you are familiar with regular expressions then you may add your own. Once you make any changes to your header_access file don't forget to get Postfix to reload its configuration with the folllowing command:

postfix reload