From d2aef8a785b06d1b383ef52915e18e6bd4ffbc77 Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Sat, 10 Sep 2011 09:39:42 -0300 Subject: Postfix forwarder - change regex from REGEXP to PCRE format. --- config/postfix/postfix.inc | 20 +++++++++--------- config/postfix/postfix_acl.xml | 38 +++++++++++++++++----------------- config/postfix/postfix_view_config.php | 10 ++++----- 3 files changed, 34 insertions(+), 34 deletions(-) (limited to 'config/postfix') diff --git a/config/postfix/postfix.inc b/config/postfix/postfix.inc index 2e854ead..7ba67e56 100644 --- a/config/postfix/postfix.inc +++ b/config/postfix/postfix.inc @@ -259,17 +259,17 @@ ABOUT; $postfix_main="#main.cf\n".$copyright; #Header Maps if ($config['installedpackages']['postfixacl']['config'][0]['header_maps']){ - $postfix_main .= "header_checks = regexp:/usr/local/etc/postfix/header_check\n"; + $postfix_main .= "header_checks = pcre:/usr/local/etc/postfix/header_check\n"; $header_check = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['header_maps']); } #MIME Maps if ($config['installedpackages']['postfixacl']['config'][0]['mime_maps']){ - $postfix_main .= "mime_header_checks = regexp:/usr/local/etc/postfix/mime_check\n"; + $postfix_main .= "mime_header_checks = pcre:/usr/local/etc/postfix/mime_check\n"; $mime_check = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['mime_maps']); } #Body Maps if ($config['installedpackages']['postfixacl']['config'][0]['body_maps']){ - $postfix_main .= "body_checks = regexp:/usr/local/etc/postfix/body_check\n"; + $postfix_main .= "body_checks = pcre:/usr/local/etc/postfix/body_check\n"; $body_check = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['body_maps']); } #Client CIDR @@ -281,9 +281,9 @@ ABOUT; $cal_cidr_tmp = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['cal_cidr']); $cal_cidr = preg_replace('/ ok/i'," permit",$cal_cidr_tmp); } - #Client REGEXP - if ($config['installedpackages']['postfixacl']['config'][0]['cal_regexp']){ - $cal_regexp = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['cal_regexp']); + #Client PCRE + if ($config['installedpackages']['postfixacl']['config'][0]['cal_pcre']){ + $cal_pcre = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['cal_pcre']); } $postfix_main .= px_text_area_decode($postfix_config['maincf'])."\n". "relay_domains ={$relay_domains}\n" . @@ -300,7 +300,7 @@ ABOUT; if($antispam['antispam_enabled']){ switch ($antispam['antispam_software']){ case "mailscanner": - $header_check .= (!preg_match("/^Received:/",$header_check)?"\n/^Received:/ HOLD\n":""); + $header_check .= (!preg_match('@/ HOLD@',$header_check)?"\n/^Received:/ HOLD\n":"\n"); $postfix_main_antispam = "#Saving all mail after header/body/rbl/spf checks to mailscanner\n\n"; break; case "policyd2": @@ -344,7 +344,7 @@ smtpd_sender_restrictions = reject_non_fqdn_sender, permit # Allow connections from specified local clients and strong check everybody else. -smtpd_client_restrictions = check_client_access regexp:/usr/local/etc/postfix/cal_regexp, +smtpd_client_restrictions = check_client_access pcre:/usr/local/etc/postfix/cal_pcre, check_client_access cidr:/usr/local/etc/postfix/cal_cidr, reject_unknown_client_hostname, reject_unauth_pipelining, @@ -377,7 +377,7 @@ smtpd_sender_restrictions = reject_unknown_sender_domain, RBLRBLRBL # Allow connections from specified local clients and rbl check everybody else if rbl check are set. -smtpd_client_restrictions = check_client_access regexp:/usr/local/etc/postfix/cal_regexp, +smtpd_client_restrictions = check_client_access pcre:/usr/local/etc/postfix/cal_pcre, check_client_access cidr:/usr/local/etc/postfix/cal_cidr, RBLRBLRBL @@ -525,7 +525,7 @@ MASTEREOF2; file_put_contents("/usr/local/etc/postfix/master.cf", $postfix_master, LOCK_EX); file_put_contents("/usr/local/etc/postfix/transport", $transport, LOCK_EX); file_put_contents("/usr/local/etc/postfix/cal_cidr", $cal_cidr, LOCK_EX); - file_put_contents("/usr/local/etc/postfix/cal_regexp", $cal_regexp, LOCK_EX); + file_put_contents("/usr/local/etc/postfix/cal_pcre", $cal_pcre, LOCK_EX); file_put_contents("/usr/local/etc/postfix/header_check", $header_check, LOCK_EX); file_put_contents("/usr/local/etc/postfix/mime_check", $mime_check, LOCK_EX); file_put_contents("/usr/local/etc/postfix/body_check", $body_check, LOCK_EX); diff --git a/config/postfix/postfix_acl.xml b/config/postfix/postfix_acl.xml index 9c59c102..f3f944e5 100644 --- a/config/postfix/postfix_acl.xml +++ b/config/postfix/postfix_acl.xml @@ -127,39 +127,39 @@ Header header_maps - REGEXP filters that are applied to initial message headers(except for the headers that are processed with mime_header_checks Hint:
- /^Subject: viagra|cialis|levitra|day price:/i REJECT
- /^From: spammer@myspam.net/i REJECT
- /^From: *@mytrustdomain OK
+ PCRE filters that are applied to initial message headers(except for the headers that are processed with mime_header_checks Hint:
+ /^Subject:.*(viagra|cialis|levitra|day price):/ REJECT
+ /^From:.*spammer@myspam.net/ REJECT
+ /^From:.*@mytrustdomain OK
See http://www.postfix.org/header_checks.5.html for more help]]> textarea - 80 - 10 + 83 + 15 base64 MIME mime_maps - REGEXP filters that are applied to MIME related message headers only. Hint:
+ PCRE filters that are applied to MIME related message headers only. Hint:
/^name=[^>]*\.(com|vbs|js|jse|exe|bat|cmd|vxd|scr|hlp|pif|shs|ini|dll)/ REJECT W do not allow files of type "$3" because of security concerns - "$2" caused the block.
/^Content-(Disposition|Type):\s+.+?(?:file)?name="?.+?\.(386|ad[ept]|drv|em(ai)?l|ex[_e]|xms|\{[\da-f]{8}(?:-[\da-f]{4}){3}-[\da-f]{12}\})\b/ REJECT ".$2" file attachment types not allowed]]> textarea - 80 - 10 + 83 + 15 base64 body body_maps - REGEXP filters that are applied to all other content, including multi-part message boundaries. Hint:
+ PCRE filters that are applied to all other content, including multi-part message boundaries. Hint:
# First skip over base 64 encoded text to save CPU cycles.
~^[[:alnum:]+/]{60,}$~ OK]]> textarea - 80 - 10 + 83 + 15 base64 @@ -175,21 +175,21 @@ 192.168.3.2 OK
spammer.junkdomain.com REJECT]]> textarea - 80 - 10 + 83 + 15 base64 - REGEXP - cal_regexp - + PCRE + cal_pcre + This list is used by postfix to check who has access or not to this relay.Hint:
/.*\.dsl\..*/ REJECT DSLs not allowed
/.*\.adsl\..*/ REJECT DSLs not allowed]]> textarea - 80 - 10 + 83 + 15 base64 diff --git a/config/postfix/postfix_view_config.php b/config/postfix/postfix_view_config.php index 1b3e9fc5..0f92574f 100644 --- a/config/postfix/postfix_view_config.php +++ b/config/postfix/postfix_view_config.php @@ -76,8 +76,8 @@ include("head.inc");       -   -   +   +   @@ -86,12 +86,12 @@ include("head.inc");