Test Your Body/Header Filter Pattern Matching

Posted January 18, 2004 by Michilimackinac in Postfix

These are some useful commands found on the postfix mailing list. They are used to determine whether the body_checks and header_checks are rejecting the mail that you do not want (unsolicited commercial email or UCE) and receiving the ones that you do want.

First, show the parameter value for header checks:

% postconf -h header_checksregexp:/etc/postfix/header_checks

Let’s assume that we have a header_checks file with this one line in it:

/super new viagra/ REJECT

We can do a test to see if the header checks will catch and reject things:

% postmap -q 'super new viagra' regexp:/etc/postfix/header_checks
% postmap -q 'super new v1agra' regexp:/etc/postfix/header_checks
% postmap -q 'super viagra' regexp:/etc/postfix/header_checks

We see that, in the first example, it successfully rejected what was probably spam.
With the regular expression syntax, we could probably make a better filter such as the following:

/super new v[i1]agra/ REJECT

Hopefully, you get the idea about expanding on this.

If you can save a spam mail as a single file, then you can also easily test body_checks. Again, check what type of map body_checks is. (“postconf -m” will output the list of available types on the system.)

% postconf -h body_checks regexp:/etc/postfix/body_checks

Let’s assume our body_checks file has one line in it with the following:

/http:\/\/www.77yy4.com/ REJECT

We have a file with a line like this:

.....<a href=http://www.77yy4.com/yt4/>....

% postmap -q - regexp:/etc/postfix/body_checks < /tmp/message

This is a way that you can test your body_checks to make sure that certain mail fails and that other mail that you want to go through does not get rejected.

The Conversation

Follow the reactions below and share your own thoughts.