Mailscanner & Postfix: HOLD everything except messages with a custom header

mailscannerpostfix

ATM I'm using the normal method to put all messages on HOLD to pass them from postfix to MailScanner as described on http://www.mailscanner.info/postfix.html:

In the Postfix configuration file /etc/postfix/main.cf add this line: 

header_checks = regexp:/etc/postfix/header_checks

In the file /etc/postfix/header_checks add this line: 

/^Received:/ HOLD

The effect of this is to tell Postfix to move all messages to the HOLD
queue.

But I have some SMTP message that I have no need to pass them through MailScanner, messages identified by a custom header. I need to find a way to bypass MailScanner for these messages, but I can't find it, given I need to check the presence of a custom header and not i.e. the From: or To: address…

Tried modifying /etc/postfix/header_checks:

/^X-Custom-Header:/ FILTER smtp:[ip.addr.next.hop]:10025

in the mail.log I see the message filtered:

Aug 19 17:52:17 servername postfix/cleanup[19423]: AFB842E33A: filter: header X-Custom-Header: from relay.sender.foo[xx.yy.zz.kk]; from=<sender@senderdomain.foo> to=<me@mydomain.foo> proto=ESMTP helo=<mail.sender.foo>: smtp:[ip.addr.next.hop]:10025

and if the one above is the only rule in header_checks it's delivered to the next hop via smtp.

Now I need to catch everything else in the Mailscanner (so in the Postfix HOLD queue), so how can I tell header_checks to do that? If I leave the /^Received:/ check even the AFB842E33A is held in the HOLD queue…

Maybe is just a dumb question, but… any idea?

Best Answer

Yes there is even a solution. It is called header_checks and is part of the *_restrictions. The format (dependent on what you want) is described at it's own documentation.

But I can't recommend using after-queue-filters like Mailscanner and Spamassassin. The better way to reduce Spam and inform the sender are before-queue-filters like the built-in postscreen, client_restrictions, sender_restrictions, recipient_restrictions, before-queue milters and external tools like policyd-weight.

Only before-queue-filters reduce the load and resources on the server and can block 80% of all Spam before they even reach the server. Mailscanner in particular is on my personal "hate-list" as it only has a crippled integration into Postfix and is not able to use Postfix' built-in interfaces for anti-spam filters and filters in general.

Edit: Due to the edited question, I will answer that now.

FILTER is not an action that stops Postfix from working on the header_checks-file. It only tells "when I'm finished with the checks I'll filter". And so the next line matches and sets the mail on hold.

The solution (even if it looks crippled) is this header_checks-file:

/^X-Custom-Header:/ FILTER smtp:[ip.addr.next.hop]:10025
/^X-Custom-Header:/ OK
/^Received:/ HOLD
Related Topic