postfix add warning message for all external incoming emails

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

postfix add warning message for all external incoming emails

Durga Prasad Malyala
Hello Friends,
I would like to make postfix add a warning message for all external
incoming emails - Something like this at the top of each mail.

WARNING: This email originated outside of our organization. Do not
click any links or open any attachments unless you recognize the
sender and know the content is safe

How is this possible in postfix?

Thanks/DP
Reply | Threaded
Open this post in threaded view
|

Re: postfix add warning message for all external incoming emails

Richard Damon
On 9/9/18 1:35 PM, Durga Prasad Malyala wrote:

> Hello Friends,
> I would like to make postfix add a warning message for all external
> incoming emails - Something like this at the top of each mail.
>
> WARNING: This email originated outside of our organization. Do not
> click any links or open any attachments unless you recognize the
> sender and know the content is safe
>
> How is this possible in postfix?
>
> Thanks/DP
>
I can't see any way for postfix to do this itself. As far as I know, it
doesn't have any general changing of the content of an email message in
it. The best is can probably do is route the messages through something
to try and add it.

The bigger issue is that due to the way mail is structured, It can be
very difficult to actually do something like that. First, a message may
actually not have ANY text in it to add the message to, but might be
just something like a picture. Also, if the message is HTML formatted,
it can be very tricky to figure out how to insert text into it to be
displayed in a given manner.

You could add a text section to the beginning of the document with MIME,
but you would need to find out all the MUAs used internally, and make
sure you add the message in a way that they all handle reasonably (some
MUAs will take any multisection message and display all but the first
part as attachments, and don't handle email messages as attachments well.

--
Richard Damon

Reply | Threaded
Open this post in threaded view
|

Re: postfix add warning message for all external incoming emails

Wietse Venema
In reply to this post by Durga Prasad Malyala
Durga Prasad Malyala:
> Hello Friends,
> I would like to make postfix add a warning message for all external
> incoming emails - Something like this at the top of each mail.
>
> WARNING: This email originated outside of our organization. Do not
> click any links or open any attachments unless you recognize the
> sender and know the content is safe
>
> How is this possible in postfix?

Yes.

http://www.postfix.org/postconf.5.html#smtpd_client_restrictions
http://www.postfix.org/access.5.html

smtpd_client_restrictions =
    check_client_access cidr:/etc/postfix/client_access.cidr

/etc/postfix/client_access.cidr
    # An "internal" source.
    127.0.0.0/8 dunno
    192.168.0.0/16 dunno
    # Everyone else.
    0.0.0.0/0 prepend WARNING: This email originated outside of our
      organization. Do not click any links or open any attachments
      unless you recognize the sender and know the content is safe.

I suppose lawyers love this. Otherwise I think it is useless.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: postfix add warning message for all external incoming emails

Viktor Dukhovni


> On Sep 9, 2018, at 8:38 PM, Wietse Venema <[hidden email]> wrote:
>
> smtpd_client_restrictions =
>    check_client_access cidr:/etc/postfix/client_access.cidr
>
> /etc/postfix/client_access.cidr
>    # An "internal" source.
>    127.0.0.0/8 dunno
>    192.168.0.0/16 dunno
>    # Everyone else.
>    0.0.0.0/0 prepend WARNING: This email originated outside of our
>      organization. Do not click any links or open any attachments
>      unless you recognize the sender and know the content is safe.
>
> I suppose lawyers love this. Otherwise I think it is useless.

Indeed, and the OP probably wanted to prepend message body content,
not a "WARNING:" header.

What I see much more often is organizations prepending "[EXTERNAL]"
to the subject lines of messages arriving from outside.

   main.cf:
        pcre = pcre:${config_directory}/
        header_checks = ${pcre}header-checks.pcre
        mime_header_checks = ... season to taste ...
        nested_header_checks = ... typically best empty ...

   header-checks.pcre:
        if /^Subject:/
        # Subject checks go here
        /:(.*)/ REPLACE Subject: [EXTERNAL]$1
        /^/ OK
        endif

        # Non-subject tests below
        ...

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: postfix add warning message for all external incoming emails

Bill Cole-3
In reply to this post by Durga Prasad Malyala
On 9 Sep 2018, at 13:35 (-0400), Durga Prasad Malyala wrote:

> Hello Friends,
> I would like to make postfix add a warning message for all external
> incoming emails - Something like this at the top of each mail.
>
> WARNING: This email originated outside of our organization. Do not
> click any links or open any attachments unless you recognize the
> sender and know the content is safe
>
> How is this possible in postfix?

It's not possible in Postfix itself.

This can be done in a milter. The MIMEDefang milter has a function to
add arbitrary MIME parts to a message before or after the existing
content and if you are up to writing a few lines of Perl and learning
how the MIME::Entity module works, you could even modify existing
plaintext and/or HTML parts.

--
Bill Cole
[hidden email] or [hidden email]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steadier Work: https://linkedin.com/in/billcole
Reply | Threaded
Open this post in threaded view
|

Re: postfix add warning message for all external incoming emails

Bill Cole-3
In reply to this post by Wietse Venema
On 9 Sep 2018, at 20:38 (-0400), Wietse Venema wrote:

> Durga Prasad Malyala:
>> Hello Friends,
>> I would like to make postfix add a warning message for all external
>> incoming emails - Something like this at the top of each mail.
>>
>> WARNING: This email originated outside of our organization. Do not
>> click any links or open any attachments unless you recognize the
>> sender and know the content is safe
>>
>> How is this possible in postfix?
>
> Yes.
>
> http://www.postfix.org/postconf.5.html#smtpd_client_restrictions
> http://www.postfix.org/access.5.html
>
> smtpd_client_restrictions =
>     check_client_access cidr:/etc/postfix/client_access.cidr
>
> /etc/postfix/client_access.cidr
>     # An "internal" source.
>     127.0.0.0/8 dunno
>     192.168.0.0/16 dunno
>     # Everyone else.
>     0.0.0.0/0 prepend WARNING: This email originated outside of our
>       organization. Do not click any links or open any attachments
>       unless you recognize the sender and know the content is safe.
>
> I suppose lawyers love this. Otherwise I think it is useless.

Won't that just add a "WARNING:" RFC822 header to the message?

That would be more useless than the average boilerplate addition to
email, since very few users see arbitrary headers.

--
Bill Cole
[hidden email] or [hidden email]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steadier Work: https://linkedin.com/in/billcole