LinuxQuestions.org
Have you heard the LinuxQuestions.org Podcast?
Go Back   LinuxQuestions.org > Forums > Linux > Linux - Server
Reload this Page Postfix Regexp lookahead body check
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Tags used in this thread
Popular LQ Tags

Reply
 
Thread Tools
Old 07-23-2009, 03:13 PM   #1
shudini
LQ Newbie
 
Registered: Jul 2008
Posts: 6
Thanked: 0
Postfix Regexp lookahead body check

[Log in to get rid of this advertisement]
I am trying to have my Postfix server block emails that contain links that are highly likely to be spam - specifically links that contain a format similar to mysite.com.something.dn where the recipient is supposed to be fooled into thinking it's mysite.com when in reality it is something else. i am trying to use a regexp in the body check to do this, but for some reason it is not working. initially, i tried blocking using /.*http:.*?\.(com|org)\./ which worked but found that there were legitimate sites that contained mysite.com.com. As a result, i decided to only block emails that contained a standard root domain but did not end with that actual root domain: /.*http:.*?\.(com|org)\.(?!(com|org)).*/ (any link containing .com or .org not followed by .com or .org. It's primitive, I know, but for my operation it would be effective and i am prepared to take the risk of false positives. Unfortunately, this is not working. I debugged the mail going through and it clearly contained an entry which should have matched but didn't. Does Postfix have the ability to perform a negative lookahead in a regexp?

Here's the line from my config file:

body_checks = regexp:/etc/postfix/body_checks

Any help would be greatly appreciated.

Shuie
shudini is offline  
Tag This Post
Reply With Quote
Old 07-23-2009, 05:30 PM   #2
Berhanie
Senior Member
 
Registered: Dec 2003
Distribution: Slackware
Posts: 1,260
Thanked: 36
I would use clamav-milter. Clamav already has facilities for such things. This is from clamd.conf:
Code:
...
# Scan URLs found in mails for phishing attempts using heuristics.
# Default: yes
#PhishingScanURLs yes
...
You'd also be getting a virus scanner for free. To do the lookahead stuff, you need to use pcre, not regexp.
Berhanie is offline     Reply With Quote
Thanked by:
Old 07-24-2009, 09:32 AM   #3
shudini
LQ Newbie
 
Registered: Jul 2008
Posts: 6
Thanked: 0

Original Poster
Thank you for your help!

-shuie
shudini is offline     Reply With Quote

Reply

Bookmarks


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hello every body, i'm using redhat linux I don't know about samba server any body seenas Linux - Newbie 2 07-04-2009 04:47 AM
Postfix regexp header_checks issue shudini Linux - Server 4 06-07-2009 02:19 PM
Starting postfix: Postfix integrity check failed! Leirith Linux - Software 2 01-02-2008 10:55 PM
How do I use a regexp in Postfix alias table? quackking Linux - Server 11 04-13-2007 01:10 PM
postfix regexp question wijnands Linux - Newbie 1 06-03-2004 07:19 AM


All times are GMT -5. The time now is 02:10 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap - LinuxQuestions.org - Linux Forums
Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
RSS2  LQ Podcast
RSS2  LQ Radio
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration