install_postfix_advanced.sh: add support for PCRE header/mime-header/body-checks - you have uncomment the directicesgit add .
This commit is contained in:
@@ -1244,7 +1244,13 @@ bounce_queue_lifetime = \$maximal_queue_lifetime
|
|||||||
## - The default time unit is h (hours).
|
## - The default time unit is h (hours).
|
||||||
delay_warning_time = 1d
|
delay_warning_time = 1d
|
||||||
|
|
||||||
#header_checks = pcre:/etc/postfix/header_checks_pcre
|
|
||||||
|
# ============ header/mime-header/body checks ============
|
||||||
|
|
||||||
|
#header_checks = pcre:/etc/postfix/header_checks.pcre
|
||||||
|
#mime_header_checks = pcre:/etc/postfix/mime_header_check.pcre
|
||||||
|
#body_checks = pcre:/etc/postfix/body_check.pcre
|
||||||
|
|
||||||
prepend_delivered_header =
|
prepend_delivered_header =
|
||||||
forward
|
forward
|
||||||
file
|
file
|
||||||
@@ -2187,7 +2193,7 @@ else
|
|||||||
echo_skipped
|
echo_skipped
|
||||||
fi
|
fi
|
||||||
|
|
||||||
_file="/etc/postfix/header_checks_pcre"
|
_file="/etc/postfix/header_checks.pcre"
|
||||||
echononl " Create file '$_file' used for header replacing"
|
echononl " Create file '$_file' used for header replacing"
|
||||||
if [[ ! -f "$_file" ]]; then
|
if [[ ! -f "$_file" ]]; then
|
||||||
cat << EOF > "$_file"
|
cat << EOF > "$_file"
|
||||||
@@ -2196,16 +2202,35 @@ if [[ ! -f "$_file" ]]; then
|
|||||||
# ---
|
# ---
|
||||||
|
|
||||||
# - Replace recieved from
|
# - Replace recieved from
|
||||||
/^Received: from (.* \\([-._[:alnum:]]+ \\[[.[:digit:]]{7,15}\\]\\)).*?([[:space:]]+).*\\(Authenticated sender: ([^)]+)\\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])\$2(Authenticated sender: \$3)\$4
|
#/^Received: from (.* \\([-._[:alnum:]]+ \\[[.[:digit:]]{7,15}\\]\\)).*?([[:space:]]+).*\\(Authenticated sender: ([^)]+)\\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])\$2(Authenticated sender: \$3)\$4
|
||||||
|
|
||||||
# ---
|
# ---
|
||||||
# - Ignore Headers
|
# - Ignore Headers
|
||||||
# ---
|
# ---
|
||||||
|
|
||||||
/^\s*User-Agent/ IGNORE
|
#/^\s*User-Agent/ IGNORE
|
||||||
/^\s*X-Enigmail/ IGNORE
|
#/^\s*X-Enigmail/ IGNORE
|
||||||
/^\s*X-Mailer/ IGNORE
|
#/^\s*X-Mailer/ IGNORE
|
||||||
/^\s*X-Originating-IP/ IGNORE
|
#/^\s*X-Originating-IP/ IGNORE
|
||||||
|
|
||||||
|
/^To:.*<>/ DISCARD Possible SPAM Blank email address To: header - Header-Spamschutzregel T0-1001
|
||||||
|
/^From:.*<>/ DISCARD Possible SPAM Blank email address To: header - Header-Spamschutzregel FROM-1002
|
||||||
|
/\(envelope-from <>\)/ REJECT Possible SPAM - Header-Spamschutzregel RECIEV-1003
|
||||||
|
|
||||||
|
/^Reply-To: .+\@inx1and1\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1004
|
||||||
|
/^Reply-To: .+\@ppe-healthcare-europe\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1005
|
||||||
|
/^Reply-To: .+\@testbedarf.shop/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1006
|
||||||
|
/^Reply-To: .+\@acieu\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1007
|
||||||
|
/^Reply-To: .+\@acievents\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1008
|
||||||
|
/^Reply-To: .+\@dokpotenz\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1009
|
||||||
|
/^Reply-To: .+\@sendelope.eu/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1010
|
||||||
|
/^Reply-To: .+\@team-de-luxe\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1011
|
||||||
|
/^Reply-To: .+\@doktorapo\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1012
|
||||||
|
|
||||||
|
/^Date: .* 19[0-9][0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1005
|
||||||
|
/^Date: .* 200[0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1006
|
||||||
|
/^Date: .* 201[0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1007
|
||||||
|
/^Date: .* 2020/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1008
|
||||||
EOF
|
EOF
|
||||||
if [[ $? -eq 0 ]] ; then
|
if [[ $? -eq 0 ]] ; then
|
||||||
echo_ok
|
echo_ok
|
||||||
@@ -2217,6 +2242,51 @@ else
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
_file="/etc/postfix/mime_header_check.pcre"
|
||||||
|
echononl " Create file '$_file' used for header replacing"
|
||||||
|
if [[ ! -f "$_file" ]]; then
|
||||||
|
cat << EOF > "$_file"
|
||||||
|
# ---
|
||||||
|
# - MIME-Header Checks
|
||||||
|
# ---
|
||||||
|
|
||||||
|
/name=[^>]*\.exe/ REJECT No .exe files allowed - Mime--Spamschutzregel EXE-1001
|
||||||
|
/name=[^>]*\.bat/ REJECT No .bat files allowed - Mime--Spamschutzregel BAT-1002
|
||||||
|
/name=[^>](screensaver|movie)\.zip/ REJECT Sobig Virus found - Mime-Spamschutzregel VIR-1003
|
||||||
|
EOF
|
||||||
|
if [[ $? -eq 0 ]] ; then
|
||||||
|
echo_ok
|
||||||
|
else
|
||||||
|
echo_failed
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo_skipped
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
_file="/etc/postfix/body_check.pcre"
|
||||||
|
echononl " Create file '$_file' used for header replacing"
|
||||||
|
if [[ ! -f "$_file" ]]; then
|
||||||
|
cat << EOF > "$_file"
|
||||||
|
# ---
|
||||||
|
# - Body Checks
|
||||||
|
# ---
|
||||||
|
|
||||||
|
/See the attached file for details/ REJECT Sobig Virus found. - Body-Spamschutzregel TEXT-1001
|
||||||
|
|
||||||
|
/.*https?:\/\/click2eat.shop\/Installer\/updatedwebmails/ REJECT Maype fishing E-Mail credentials - Body-Spamschutzregel TEXT-1002
|
||||||
|
EOF
|
||||||
|
if [[ $? -eq 0 ]] ; then
|
||||||
|
echo_ok
|
||||||
|
else
|
||||||
|
echo_failed
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo_skipped
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if ! $IS_RELAY_HOST ; then
|
if ! $IS_RELAY_HOST ; then
|
||||||
## - Create Directory '/var/vmail' for virtual mailboxes
|
## - Create Directory '/var/vmail' for virtual mailboxes
|
||||||
## -
|
## -
|
||||||
|
|||||||
Reference in New Issue
Block a user