ATM I'm using the normal method to put all messages on HOLD to pass them from postfix to MailScanner as described on http://www.mailscanner.info/postfix.html:
In the Postfix configuration file /etc/postfix/main.cf add this line:
header_checks = regexp:/etc/postfix/header_checks
In the file /etc/postfix/header_checks add this line:
/^Received:/ HOLD
The effect of this is to tell Postfix to move all messages to the HOLD queue.
But I have some SMTP message that I have no need to pass them through MailScanner, messages identified by a custom header. I need to find a way to bypass MailScanner for these messages, but I can't find it, given I need to check the presence of a custom header and not i.e. the From: or To: address...
Tried modifying /etc/postfix/header_checks:
/^X-Custom-Header:/ FILTER smtp:[ip.addr.next.hop]:10025
in the mail.log I see the message filtered:
Aug 19 17:52:17 servername postfix/cleanup[19423]: AFB842E33A: filter: header X-Custom-Header: from relay.sender.foo[xx.yy.zz.kk]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail.sender.foo>: smtp:[ip.addr.next.hop]:10025
and if the one above is the only rule in header_checks it's delivered to the next hop via smtp.
Now I need to catch everything else in the Mailscanner (so in the Postfix HOLD queue), so how can I tell header_checks to do that? If I leave the /^Received:/ check even the AFB842E33A is held in the HOLD queue...
Maybe is just a dumb question, but... any idea?
Yes there is even a solution. It is called
header_checks
and is part of the*_restrictions
. The format (dependent on what you want) is described at it's own documentation.But I can't recommend using after-queue-filters like Mailscanner and Spamassassin. The better way to reduce Spam and inform the sender are before-queue-filters like the built-in
postscreen
,client_restrictions
,sender_restrictions
,recipient_restrictions
, before-queue milters and external tools likepolicyd-weight
.Only before-queue-filters reduce the load and resources on the server and can block 80% of all Spam before they even reach the server. Mailscanner in particular is on my personal "hate-list" as it only has a crippled integration into Postfix and is not able to use Postfix' built-in interfaces for anti-spam filters and filters in general.
Edit: Due to the edited question, I will answer that now.
FILTER
is not an action that stops Postfix from working on theheader_checks
-file. It only tells "when I'm finished with the checks I'll filter". And so the next line matches and sets the mail on hold.The solution (even if it looks crippled) is this
header_checks
-file: