Emailheader und Postfix: Unterschied zwischen den Versionen

Aus C3D2
Zur Navigation springen Zur Suche springen
(header_checks_auth.pcre und IPv6 mutt EMail Header Beispiel)
(header_checks_auth.pcre abändern so das die restlichen Zeilen von "Received:" wieder angehängt werden)
Zeile 80: Zeile 80:
if /^Received:/
if /^Received:/
#ipv6+thunderbird
#ipv6+thunderbird
/\s+from\s+\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])
/\s+from\s+\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])$1
#ipv6+mutt
#ipv6+mutt
/\s+from\s+[[:alpha:][:digit:]]+\.example\.com\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])
/\s+from\s+[[:alpha:][:digit:]]+\.example\.com\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])$1
#ipv4
#ipv4
/\s+from\s+\[[.[:digit:]]{7,15}]\s+\([^)][[:alpha:][:digit:]]+\.example\.com\s\[192\.[.[:digit:]]{5,11}\]\)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])
/\s+from\s+\[[.[:digit:]]{7,15}]\s+\([^)][[:alpha:][:digit:]]+\.example\.com\s\[192\.[.[:digit:]]{5,11}\]\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])$1
#print info on EVERY RECEIVED line
#print info on EVERY RECEIVED line
#/\s+/ INFO "Received found"
#/\s+/ INFO "Received found"

Version vom 16. April 2015, 20:26 Uhr

Basierend auf den Blogpost von Daniel wollte ich meinen Postfix anweisen in Email die sensitive Informationen (Email Client IP usw.) zu bereinigen.

Beispiel

IPv4

Return-Path: <c3d2@example.net>
Delivered-To: <fsteinel@example.com>
Received: from server.example.com
        by example.com (Dovecot) with LMTP id abc1De23F4G5HIJKlMNopq
        for <fsteinel@example.com>; Sun, 19 Jan 2014 16:20:08 +0100
Received: from [192.168.18.10] (wiki.c3d2.example.net [192.168.18.10])
        (Authenticated sender: c3d2)
        by server.example.com (Postfix) with ESMTPSA id 12ABC3D4567;
        Sun, 19 Jan 2014 16:20:07 +0100 (CET)
Message-ID: <1234A5B6.7890123@example.net>
Date: Sun, 19 Jan 2014 16:20:07 +0100
From: c3d2 wiki <c3d2@example.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Herr F Steinel <fsteinel@example.com>
Subject: test
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 8bit

test

IPv6

Thunderbird

Return-Path: <c3d2@example.net>
Delivered-To: <fsteinel@example.com>
Received: from server.example.com
        by example.com (Dovecot) with LMTP id abc1De23F4G5HIJKlMNopq
        for <fsteinel@example.com>; Thu, 09 Apr 2015 19:19:41 +0200
Received: from [IPv6:2a00:1828:a008:103:6883:eefe:4240:6042] (unknown [IPv6:2a00:1828:a008:103:6883:eefe:4240:6042])
        (Authenticated sender: c3d2)
        by server.example.com (Postfix) with ESMTPSA id 12ABC3D4567
        for <fsteinel@example.com>; Thu,  9 Apr 2015 19:19:41 +0200 (CEST)
Message-ID: <1234A5B6.7890123@example.net>
Date: Thu, 09 Apr 2015 19:19:37 +0200
From: c3d2 wiki <c3d2@example.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Herr F Steinel <fsteinel@example.com>
Subject: test
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit

test

Mutt

Return-Path: <c3d2@example.net>
Delivered-To: <fsteinel@example.com>
Received: from server.example.com
        by example.com (Dovecot) with LMTP id abc1De23F4G5HIJKlMNopq
        for <fsteinel@example.com>; Thu, 16 Apr 2015 19:01:03 +0200
Received: from mediamaster.example.net (unknown [IPv6:2a00:1828:a008:103:c802:e416:38c3:9462])
        (Authenticated sender: c3d2)
        by server.example.com (Postfix) with ESMTPSA id 12ABC3D4567
        for <fsteinel@example.com>; Thu, 16 Apr 2015 19:01:03 +0200 (CEST)
Date: Thu, 16 Apr 2015 19:01:01 +0200
From: c3d2 wiki <c3d2@example.net>
To: Herr F Steinel <fsteinel@example.com>
Subject: test
Message-ID: <1234A5B6.7890123@mediamaster.example.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Clacks-Overhead: GNU Terry Pratchett

test

header_checks_auth.pcre

if /^Received:/
#ipv6+thunderbird
/\s+from\s+\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])$1
#ipv6+mutt
/\s+from\s+[[:alpha:][:digit:]]+\.example\.com\s+\(unknown\s\[IPv6:2a00:1828:a008:103:[\dA-F:]+\]\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])$1
#ipv4
/\s+from\s+\[[.[:digit:]]{7,15}]\s+\([^)][[:alpha:][:digit:]]+\.example\.com\s\[192\.[.[:digit:]]{5,11}\]\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])$1
#print info on EVERY RECEIVED line
#/\s+/ INFO "Received found"
endif
/^\s*Mime-Version: 1\.0\.\w+/ REPLACE MIME-Version: 1.0
/^\s*User-Agent/ IGNORE
/^\s*X-Enigmail/ IGNORE
/^\s*X-Mailer/ IGNORE
/^\s*X-Originating-IP/ IGNORE

Tests

Testen der Einstellungen mit postmap -hmq - pcre:/etc/postfix/header_checks_auth.pcre < testdatei

Parameter Erläuterung
-h Enable message header query mode.
-m Enable MIME parsing
-q Search the specified maps
- If a key value of - is specified, the program reads key values from the standard input stream and writes one line of key value output for each key that was found.
Abgerufen von „https://wiki.c3d2.de/w/index.php?title=Emailheader_und_Postfix&oldid=20845