help to filter postifx header via regex/other
by compused from LinuxQuestions.org on (#5MPSY)
Hi
Re this regular expression in a postfix header_checks file:
Code:From:(?!.*\.((net|com|edu|gov|org|co)(?:.*))$)Is there anyway to force a regex to continue searching after it has found a match, ie the regex above codes to reject an email if the source is not .com, .org and others, but its failing when although a .com etc is present, which satisfies the regex, I can see that the spam has arrived via a non .com etc pathway that would have resulted in a reject, viz:
Or is there some other way to do it?
From the email header, modified for privacy reasons
(Is there anyway to regex for 'server1.spammerdomain.live' for example):
Code:Return-Path: <my_favorite_spammer@gmail.com>
X-Original-To: me@mydomain.com.au
Delivered-To: me@mydomain.com.au
Received: from server1.spammerdomain.live (server1.spammerdomain.live [123.456.43.26])
by mydomain.com.au (Postfix) with ESMTP id 70B497C4FA
for <me@mydomain.com.au>; Wed, 28 Jul 2021 12:41:35 +1000 (EST)
Received: from [103.149.160.83] (unknown [123.456.160.83])
by server1.spammerdomain.live (Postfix) with ESMTPA id 3FC9B3F322A
for <me@mydomain.com.au>; Tue, 27 Jul 2021 21:08:02 -0500 (CDT)
Reply-To: <my_favorite_spammer@gmail.com>
From: "Favorite Spammer" <my_favorite_spammer@gmail.com>
To: me@mydomain.com.au
Subject: We build magnificent websites
Date: 28 Jul 2021 07:43:21 +0530
Message-ID: <20210728012345.12345CA583D80D15@gmail.com>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printablethanks, in anticipation
Compused
Re this regular expression in a postfix header_checks file:
Code:From:(?!.*\.((net|com|edu|gov|org|co)(?:.*))$)Is there anyway to force a regex to continue searching after it has found a match, ie the regex above codes to reject an email if the source is not .com, .org and others, but its failing when although a .com etc is present, which satisfies the regex, I can see that the spam has arrived via a non .com etc pathway that would have resulted in a reject, viz:
Or is there some other way to do it?
From the email header, modified for privacy reasons
(Is there anyway to regex for 'server1.spammerdomain.live' for example):
Code:Return-Path: <my_favorite_spammer@gmail.com>
X-Original-To: me@mydomain.com.au
Delivered-To: me@mydomain.com.au
Received: from server1.spammerdomain.live (server1.spammerdomain.live [123.456.43.26])
by mydomain.com.au (Postfix) with ESMTP id 70B497C4FA
for <me@mydomain.com.au>; Wed, 28 Jul 2021 12:41:35 +1000 (EST)
Received: from [103.149.160.83] (unknown [123.456.160.83])
by server1.spammerdomain.live (Postfix) with ESMTPA id 3FC9B3F322A
for <me@mydomain.com.au>; Tue, 27 Jul 2021 21:08:02 -0500 (CDT)
Reply-To: <my_favorite_spammer@gmail.com>
From: "Favorite Spammer" <my_favorite_spammer@gmail.com>
To: me@mydomain.com.au
Subject: We build magnificent websites
Date: 28 Jul 2021 07:43:21 +0530
Message-ID: <20210728012345.12345CA583D80D15@gmail.com>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printablethanks, in anticipation
Compused