rejecting charsets

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

rejecting charsets

Juan Miscaro-2
I'm trying to reject character sets but stuff keeps getting through.
Today I got some Russian in my subject field:

Content-Type: text/html;
        charset="koi8-r"

It may have got through because it's on 2 lines.  This is what I have
in my header_checks files:

/^Content-Type:.*charset\s*=[\s\"]*(koi8|koi8-r|KOI8-R|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
        DISCARD         Rejected

So is there a way to deal with that?  Secondly, how can I have such
rejections end up in my logs so I can monitor the situation?

Thank you.

/juan
Reply | Threaded
Open this post in threaded view
|

Re: rejecting charsets

Sahil Tandon
Juan Miscaro <[hidden email]> wrote:

>         DISCARD         Rejected
>
> So is there a way to deal with that?  Secondly, how can I have such
> rejections end up in my logs so I can monitor the situation?

DISCARD != REJECT.  Both DISCARD and REJECT actions are logged by Postfix.

--
Sahil Tandon <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: rejecting charsets

Juan Miscaro-2
2008/6/21 Sahil Tandon <[hidden email]>:
> Juan Miscaro <[hidden email]> wrote:
>
>>         DISCARD         Rejected
>>
>> So is there a way to deal with that?  Secondly, how can I have such
>> rejections end up in my logs so I can monitor the situation?
>
> DISCARD != REJECT.  Both DISCARD and REJECT actions are logged by Postfix.

Allright, allright.  :)

Now how do I deal with my cited email?

/juan
Reply | Threaded
Open this post in threaded view
|

Re: rejecting charsets

Ralf Hildebrandt
In reply to this post by Juan Miscaro-2
* Juan Miscaro <[hidden email]>:
> I'm trying to reject character sets but stuff keeps getting through.
> Today I got some Russian in my subject field:
>
> Content-Type: text/html;
>         charset="koi8-r"

This header should be reconstructed to one line by the MIME parser.

> It may have got through because it's on 2 lines.  This is what I have
> in my header_checks files:
>
> /^Content-Type:.*charset\s*=[\s\"]*(koi8|koi8-r|KOI8-R|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
>         DISCARD         Rejected

/^Content-Type:.*charset="?(koi8|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/ DISCARD

--
Ralf Hildebrandt ([hidden email])          [hidden email]
Postfix - Einrichtung, Betrieb und Wartung       Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de
If you were an SCO employee, would you feel at least a little
concerned that your boss is aparently dilusional? I know I would.
Reply | Threaded
Open this post in threaded view
|

Re: rejecting charsets

Juan Miscaro-2
2008/6/21 Ralf Hildebrandt <[hidden email]>:

> * Juan Miscaro <[hidden email]>:
>> I'm trying to reject character sets but stuff keeps getting through.
>> Today I got some Russian in my subject field:
>>
>> Content-Type: text/html;
>>         charset="koi8-r"
>
> This header should be reconstructed to one line by the MIME parser.
>
>> It may have got through because it's on 2 lines.  This is what I have
>> in my header_checks files:
>>
>> /^Content-Type:.*charset\s*=[\s\"]*(koi8|koi8-r|KOI8-R|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
>>         DISCARD         Rejected
>
> /^Content-Type:.*charset="?(koi8|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/ DISCARD


I forgot that I actually have two such lines (I'm testing):

/^Content-Type:.*charset="?(koi8|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
DISCARD
/^Content-Type:.*charset\s*=[\s\"]*(koi8|koi8-r|KOI8-R|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
DISCARD

This seems to cover what you have Ralf.  So I still don't understand
why this mail got through.

/juan
Reply | Threaded
Open this post in threaded view
|

Re: rejecting charsets

Victor Duchovni
In reply to this post by Juan Miscaro-2
On Sat, Jun 21, 2008 at 10:36:52AM -0400, Juan Miscaro wrote:

> I'm trying to reject character sets but stuff keeps getting through.
> Today I got some Russian in my subject field:
>
> Content-Type: text/html;
>         charset="koi8-r"
>
> It may have got through because it's on 2 lines.  This is what I have
> in my header_checks files:
>
> /^Content-Type:.*charset\s*=[\s\"]*(koi8|koi8-r|KOI8-R|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
>         DISCARD         Rejected
>
> So is there a way to deal with that?  Secondly, how can I have such
> rejections end up in my logs so I can monitor the situation?

Is that a "pcre" header_checks file or a "regexp" header checks file?
Omitting "postconf -n" does not save time...

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
Reply | Threaded
Open this post in threaded view
|

Re: rejecting charsets

Juan Miscaro-2
2008/6/21 Victor Duchovni <[hidden email]>:

> On Sat, Jun 21, 2008 at 10:36:52AM -0400, Juan Miscaro wrote:
>
>> I'm trying to reject character sets but stuff keeps getting through.
>> Today I got some Russian in my subject field:
>>
>> Content-Type: text/html;
>>         charset="koi8-r"
>>
>> It may have got through because it's on 2 lines.  This is what I have
>> in my header_checks files:
>>
>> /^Content-Type:.*charset\s*=[\s\"]*(koi8|koi8-r|KOI8-R|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
>>         DISCARD         Rejected
>>
>> So is there a way to deal with that?  Secondly, how can I have such
>> rejections end up in my logs so I can monitor the situation?
>
> Is that a "pcre" header_checks file or a "regexp" header checks file?
> Omitting "postconf -n" does not save time...

regexp

$ postconf -n

alias_database = /etc/postfix/aliases
biff = no
broken_sasl_auth_clients = no
command_directory = /usr/local/sbin
config_directory = /etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/run/postfix
debug_peer_level = 2
disable_vrfy_command = yes
empty_address_recipient = MAILER-DAEMON
html_directory = /usr/local/share/doc/postfix/html
mail_owner = _postfix
mailbox_size_limit = 1000000000
mailq_path = /usr/local/sbin/mailq
manpage_directory = /usr/local/man
message_size_limit = 80000000
mydestination = $myhostname, myhost.mydomain.com
mydomain = mydomain.com
myhostname = mail.mydomain.com
mynetworks = 127.0.0.0/8 192.168.3.0/24
myorigin = $myhostname
newaliases_path = /usr/local/sbin/newaliases
notify_classes = resource,software
queue_directory = /var/spool/postfix
queue_minfree = 120000000
readme_directory = /usr/local/share/doc/postfix/readme
relay_domains = hash:/etc/postfix/relay_domains
sample_directory = /etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = _postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_data_restrictions = reject_multi_recipient_bounce
reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_recipient_restrictions = reject_non_fqdn_recipient
permit_mynetworks        reject_non_fqdn_sender
reject_unknown_sender_domain        permit_sasl_authenticated
reject_unauth_destination        check_helo_access
regexp:/etc/postfix/helo_checks        check_sender_mx_access
cidr:/etc/postfix/bogus_mx        reject_rbl_client zen.spamhaus.org
     permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /usr/local/etc/ssl/certs/mail.mydomain.com.crt
smtpd_tls_key_file = /usr/local/etc/ssl/certs/mail.mydomain.com_key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:$data_directory/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/sql/virtual_alias_maps.cf
virtual_gid_maps = mysql:/etc/postfix/sql/virtual_gid_maps.cf
virtual_mailbox_base = /var/spool/virtual_mailboxes
virtual_mailbox_domains = mysql:/etc/postfix/sql/virtual_mailbox_domains.cf
virtual_mailbox_limit = 80000000
virtual_mailbox_maps = mysql:/etc/postfix/sql/virtual_mailbox_recipients.cf
virtual_transport = maildrop
virtual_uid_maps = mysql:/etc/postfix/sql/virtual_uid_maps.cf


/juan
Reply | Threaded
Open this post in threaded view
|

Re: rejecting charsets

mouss-2
Juan Miscaro wrote:

> 2008/6/21 Victor Duchovni <[hidden email]>:
>  
>> On Sat, Jun 21, 2008 at 10:36:52AM -0400, Juan Miscaro wrote:
>>
>>    
>>> I'm trying to reject character sets but stuff keeps getting through.
>>> Today I got some Russian in my subject field:
>>>
>>> Content-Type: text/html;
>>>         charset="koi8-r"
>>>
>>> It may have got through because it's on 2 lines.  This is what I have
>>> in my header_checks files:
>>>
>>> /^Content-Type:.*charset\s*=[\s\"]*(koi8|koi8-r|KOI8-R|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
>>>         DISCARD         Rejected
>>>
>>> So is there a way to deal with that?  Secondly, how can I have such
>>> rejections end up in my logs so I can monitor the situation?
>>>      
>> Is that a "pcre" header_checks file or a "regexp" header checks file?
>> Omitting "postconf -n" does not save time...
>>    
>
> regexp
>
> $ postconf -n
>
> [snip]
>
>  

I see no header_checks in your config. Please show _how_ you setup your
checks.

Reply | Threaded
Open this post in threaded view
|

Re: rejecting charsets

Juan Miscaro-2
2008/6/21 mouss <[hidden email]>:

> Juan Miscaro wrote:
>>
>> 2008/6/21 Victor Duchovni <[hidden email]>:
>>
>>>
>>> On Sat, Jun 21, 2008 at 10:36:52AM -0400, Juan Miscaro wrote:
>>>
>>>
>>>>
>>>> I'm trying to reject character sets but stuff keeps getting through.
>>>> Today I got some Russian in my subject field:
>>>>
>>>> Content-Type: text/html;
>>>>        charset="koi8-r"
>>>>
>>>> It may have got through because it's on 2 lines.  This is what I have
>>>> in my header_checks files:
>>>>
>>>>
>>>> /^Content-Type:.*charset\s*=[\s\"]*(koi8|koi8-r|KOI8-R|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
>>>>        DISCARD         Rejected
>>>>
>>>> So is there a way to deal with that?  Secondly, how can I have such
>>>> rejections end up in my logs so I can monitor the situation?
>>>>
>>>
>>> Is that a "pcre" header_checks file or a "regexp" header checks file?
>>> Omitting "postconf -n" does not save time...
>>>
>>
>> regexp
>>
>> $ postconf -n
>>
>> [snip]
>>
>>
>
> I see no header_checks in your config. Please show _how_ you setup your
> checks.

Ok, got it.  Thank you.

I was mixing up the different checks.

m(_)m

/juan
Reply | Threaded
Open this post in threaded view
|

Re: rejecting charsets

Victor Duchovni
On Sat, Jun 21, 2008 at 09:39:29PM -0400, Juan Miscaro wrote:

> >>>>
> >>>> /^Content-Type:.*charset\s*=[\s\"]*(koi8|koi8-r|KOI8-R|big5|gb2312|ks_c_5601-1987|ISO-2022-JP)/
> >>>>        DISCARD         Rejected
> >>>>
> >>>> So is there a way to deal with that?  Secondly, how can I have such
> >>>> rejections end up in my logs so I can monitor the situation?
> >>>>
> >>>
> >>> Is that a "pcre" header_checks file or a "regexp" header checks file?
> >>> Omitting "postconf -n" does not save time...
> >>>
> >>
> >> regexp
> >>
> >> $ postconf -n
> >>
> >> [snip]
> >>
> >>
> >
> > I see no header_checks in your config. Please show _how_ you setup your
> > checks.
>
> Ok, got it.  Thank you.
>
> I was mixing up the different checks.

And using "pcre" syntax with "regexp" tables.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.