Emailheader und Postfix: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(IPv4 Beispiel) |
(header_checks_auth.pcre und IPv6 mutt EMail Header Beispiel) |
||
Zeile 27: | Zeile 27: | ||
</pre> | </pre> | ||
=== IPv6 === | === IPv6 === | ||
==== Thunderbird ==== | |||
<pre> | <pre> | ||
Return-Path: <c3d2@example.net> | Return-Path: <c3d2@example.net> | ||
Zeile 49: | Zeile 50: | ||
test | test | ||
</pre> | |||
==== Mutt ==== | |||
<pre> | |||
Return-Path: <c3d2@example.net> | |||
Delivered-To: <fsteinel@example.com> | |||
Received: from server.example.com | |||
by example.com (Dovecot) with LMTP id abc1De23F4G5HIJKlMNopq | |||
for <fsteinel@example.com>; Thu, 16 Apr 2015 19:01:03 +0200 | |||
Received: from mediamaster.example.net (unknown [IPv6:2a00:1828:a008:103:c802:e416:38c3:9462]) | |||
(Authenticated sender: c3d2) | |||
by server.example.com (Postfix) with ESMTPSA id 12ABC3D4567 | |||
for <fsteinel@example.com>; Thu, 16 Apr 2015 19:01:03 +0200 (CEST) | |||
Date: Thu, 16 Apr 2015 19:01:01 +0200 | |||
From: c3d2 wiki <c3d2@example.net> | |||
To: Herr F Steinel <fsteinel@example.com> | |||
Subject: test | |||
Message-ID: <1234A5B6.7890123@mediamaster.example.net> | |||
MIME-Version: 1.0 | |||
Content-Type: text/plain; charset=us-ascii | |||
Content-Disposition: inline | |||
X-Clacks-Overhead: GNU Terry Pratchett | |||
test | |||
</pre> | |||
== header_checks_auth.pcre == | |||
<pre> | |||
if /^Received:/ | |||
#ipv6+thunderbird | |||
/\s+from\s+\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1]) | |||
#ipv6+mutt | |||
/\s+from\s+[[:alpha:][:digit:]]+\.example\.com\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1]) | |||
#ipv4 | |||
/\s+from\s+\[[.[:digit:]]{7,15}]\s+\([^)][[:alpha:][:digit:]]+\.example\.com\s\[192\.[.[:digit:]]{5,11}\]\)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1]) | |||
#print info on EVERY RECEIVED line | |||
#/\s+/ INFO "Received found" | |||
endif | |||
/^\s*Mime-Version: 1\.0\.\w+/ REPLACE MIME-Version: 1.0 | |||
/^\s*User-Agent/ IGNORE | |||
/^\s*X-Enigmail/ IGNORE | |||
/^\s*X-Mailer/ IGNORE | |||
/^\s*X-Originating-IP/ IGNORE | |||
</pre> | </pre> | ||
Version vom 16. April 2015, 20:12 Uhr
Basierend auf den Blogpost von Daniel wollte ich meinen Postfix anweisen in Email die sensitive Informationen (Email Client IP usw.) zu bereinigen.
Beispiel
IPv4
Return-Path: <c3d2@example.net> Delivered-To: <fsteinel@example.com> Received: from server.example.com by example.com (Dovecot) with LMTP id abc1De23F4G5HIJKlMNopq for <fsteinel@example.com>; Sun, 19 Jan 2014 16:20:08 +0100 Received: from [192.168.18.10] (wiki.c3d2.example.net [192.168.18.10]) (Authenticated sender: c3d2) by server.example.com (Postfix) with ESMTPSA id 12ABC3D4567; Sun, 19 Jan 2014 16:20:07 +0100 (CET) Message-ID: <1234A5B6.7890123@example.net> Date: Sun, 19 Jan 2014 16:20:07 +0100 From: c3d2 wiki <c3d2@example.net> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 MIME-Version: 1.0 To: Herr F Steinel <fsteinel@example.com> Subject: test Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 8bit test
IPv6
Thunderbird
Return-Path: <c3d2@example.net> Delivered-To: <fsteinel@example.com> Received: from server.example.com by example.com (Dovecot) with LMTP id abc1De23F4G5HIJKlMNopq for <fsteinel@example.com>; Thu, 09 Apr 2015 19:19:41 +0200 Received: from [IPv6:2a00:1828:a008:103:6883:eefe:4240:6042] (unknown [IPv6:2a00:1828:a008:103:6883:eefe:4240:6042]) (Authenticated sender: c3d2) by server.example.com (Postfix) with ESMTPSA id 12ABC3D4567 for <fsteinel@example.com>; Thu, 9 Apr 2015 19:19:41 +0200 (CEST) Message-ID: <1234A5B6.7890123@example.net> Date: Thu, 09 Apr 2015 19:19:37 +0200 From: c3d2 wiki <c3d2@example.net> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: Herr F Steinel <fsteinel@example.com> Subject: test Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit test
Mutt
Return-Path: <c3d2@example.net> Delivered-To: <fsteinel@example.com> Received: from server.example.com by example.com (Dovecot) with LMTP id abc1De23F4G5HIJKlMNopq for <fsteinel@example.com>; Thu, 16 Apr 2015 19:01:03 +0200 Received: from mediamaster.example.net (unknown [IPv6:2a00:1828:a008:103:c802:e416:38c3:9462]) (Authenticated sender: c3d2) by server.example.com (Postfix) with ESMTPSA id 12ABC3D4567 for <fsteinel@example.com>; Thu, 16 Apr 2015 19:01:03 +0200 (CEST) Date: Thu, 16 Apr 2015 19:01:01 +0200 From: c3d2 wiki <c3d2@example.net> To: Herr F Steinel <fsteinel@example.com> Subject: test Message-ID: <1234A5B6.7890123@mediamaster.example.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Clacks-Overhead: GNU Terry Pratchett test
header_checks_auth.pcre
if /^Received:/ #ipv6+thunderbird /\s+from\s+\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1]) #ipv6+mutt /\s+from\s+[[:alpha:][:digit:]]+\.example\.com\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1]) #ipv4 /\s+from\s+\[[.[:digit:]]{7,15}]\s+\([^)][[:alpha:][:digit:]]+\.example\.com\s\[192\.[.[:digit:]]{5,11}\]\)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1]) #print info on EVERY RECEIVED line #/\s+/ INFO "Received found" endif /^\s*Mime-Version: 1\.0\.\w+/ REPLACE MIME-Version: 1.0 /^\s*User-Agent/ IGNORE /^\s*X-Enigmail/ IGNORE /^\s*X-Mailer/ IGNORE /^\s*X-Originating-IP/ IGNORE
Tests
Testen der Einstellungen mit
postmap -hmq - pcre:/etc/postfix/header_checks_auth.pcre < testdatei
Parameter | Erläuterung |
---|---|
-h | Enable message header query mode. |
-m | Enable MIME parsing |
-q | Search the specified maps |
- | If a key value of - is specified, the program reads key values from the standard input stream and writes one line of key value output for each key that was found. |