install_postfix_advanced.sh: add support for PCRE header/mime-header/body-checks - you have uncomment the directicesgit add .

2021-06-14 10:46:10 +02:00 · 2021-06-14 10:46:10 +02:00 · 4e17844d9c
commit 4e17844d9c
parent 88268f1130
1 changed files with 77 additions and 7 deletions
--- a/install_postfix_advanced.sh
+++ b/install_postfix_advanced.sh
@ -1244,7 +1244,13 @@ bounce_queue_lifetime = \$maximal_queue_lifetime
 ## - The default time unit is h (hours). 
 delay_warning_time = 1d

-#header_checks = pcre:/etc/postfix/header_checks_pcre
+
+# ============ header/mime-header/body checks ============
+
+#header_checks = pcre:/etc/postfix/header_checks.pcre
+#mime_header_checks = pcre:/etc/postfix/mime_header_check.pcre
+#body_checks = pcre:/etc/postfix/body_check.pcre
+
 prepend_delivered_header =
   forward
   file
@ -2187,7 +2193,7 @@ else
 	echo_skipped
 fi

-_file="/etc/postfix/header_checks_pcre"
+_file="/etc/postfix/header_checks.pcre"
 echononl "   Create file '$_file' used for header replacing"
 if [[ ! -f "$_file" ]]; then
 	cat << EOF > "$_file"
@ -2196,16 +2202,35 @@ if [[ ! -f "$_file" ]]; then
 # ---

 # - Replace recieved from
-/^Received: from (.* \\([-._[:alnum:]]+ \\[[.[:digit:]]{7,15}\\]\\)).*?([[:space:]]+).*\\(Authenticated sender: ([^)]+)\\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])\$2(Authenticated sender: \$3)\$4
+#/^Received: from (.* \\([-._[:alnum:]]+ \\[[.[:digit:]]{7,15}\\]\\)).*?([[:space:]]+).*\\(Authenticated sender: ([^)]+)\\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])\$2(Authenticated sender: \$3)\$4

 # ---
 # - Ignore Headers
 # ---

-/^\s*User-Agent/        IGNORE
-/^\s*X-Enigmail/        IGNORE
-/^\s*X-Mailer/          IGNORE
-/^\s*X-Originating-IP/  IGNORE
+#/^\s*User-Agent/        IGNORE
+#/^\s*X-Enigmail/        IGNORE
+#/^\s*X-Mailer/          IGNORE
+#/^\s*X-Originating-IP/  IGNORE
+
+/^To:.*<>/                    DISCARD Possible SPAM Blank email address To: header - Header-Spamschutzregel T0-1001
+/^From:.*<>/                  DISCARD Possible SPAM Blank email address To: header - Header-Spamschutzregel FROM-1002
+/\(envelope-from <>\)/        REJECT Possible SPAM - Header-Spamschutzregel RECIEV-1003
+
+/^Reply-To: .+\@inx1and1\..+/                REJECT Possible SPAM - Header-Spamschutzregel REPLY-1004
+/^Reply-To: .+\@ppe-healthcare-europe\..+/   REJECT Possible SPAM - Header-Spamschutzregel REPLY-1005
+/^Reply-To: .+\@testbedarf.shop/             REJECT Possible SPAM - Header-Spamschutzregel REPLY-1006
+/^Reply-To: .+\@acieu\..+/                   REJECT Possible SPAM - Header-Spamschutzregel REPLY-1007
+/^Reply-To: .+\@acievents\..+/               REJECT Possible SPAM - Header-Spamschutzregel REPLY-1008
+/^Reply-To: .+\@dokpotenz\..+/               REJECT Possible SPAM - Header-Spamschutzregel REPLY-1009
+/^Reply-To: .+\@sendelope.eu/                REJECT Possible SPAM - Header-Spamschutzregel REPLY-1010
+/^Reply-To: .+\@team-de-luxe\..+/            REJECT Possible SPAM - Header-Spamschutzregel REPLY-1011
+/^Reply-To: .+\@doktorapo\..+/               REJECT Possible SPAM - Header-Spamschutzregel REPLY-1012
+
+/^Date: .* 19[0-9][0-9]/      REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1005
+/^Date: .* 200[0-9]/          REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1006
+/^Date: .* 201[0-9]/          REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1007
+/^Date: .* 2020/              REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1008
 EOF
 	if [[ $? -eq 0 ]] ; then
 		echo_ok
@ -2217,6 +2242,51 @@ else
 fi


+_file="/etc/postfix/mime_header_check.pcre"
+echononl "   Create file '$_file' used for header replacing"
+if [[ ! -f "$_file" ]]; then
+   cat << EOF > "$_file"
+# ---
+# - MIME-Header Checks
+# ---
+
+/name=[^>]*\.exe/                         REJECT No .exe files allowed  - Mime--Spamschutzregel EXE-1001
+/name=[^>]*\.bat/                         REJECT No .bat files allowed  - Mime--Spamschutzregel BAT-1002
+/name=[^>](screensaver|movie)\.zip/       REJECT Sobig Virus found - Mime-Spamschutzregel VIR-1003
+EOF
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+   fi
+else
+   echo_skipped
+fi
+
+
+_file="/etc/postfix/body_check.pcre"
+echononl "   Create file '$_file' used for header replacing"
+if [[ ! -f "$_file" ]]; then
+   cat << EOF > "$_file"
+# ---
+# - Body Checks
+# ---
+
+/See the attached file for details/       REJECT Sobig Virus found. - Body-Spamschutzregel TEXT-1001
+
+/.*https?:\/\/click2eat.shop\/Installer\/updatedwebmails/   REJECT Maype fishing E-Mail credentials - Body-Spamschutzregel TEXT-1002
+EOF
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+   fi
+else
+   echo_skipped
+fi
+
+
+
 if ! $IS_RELAY_HOST ; then
   ## - Create Directory '/var/vmail' for virtual mailboxes
   ## -