LinuxQuestions.org - Postfix "Content Filter" setup to reject emails with too many recipients in TO: field

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - Postfix "Content Filter" setup to reject emails with too many recipients in TO: field (https://www.linuxquestions.org/questions/linux-server-73/postfix-content-filter-setup-to-reject-emails-with-too-many-recipients-in-to-field-680681/)

Postfix "Content Filter" setup to reject emails with too many recipients in TO: field

Dear all,

I am willing to setup a content filter to reject messages with too many recipients in TO: or CC: fiels but to let for BCC:

This way suppose I may avoid mistakes such as putting all the recipients in TO: or CC: fields instead of BCC: so this way they wont ever see each other.

(Some of my colleagues had done it quite a few times in the past and exposed all our private address book to every recipient.)

Appreciate your help

Regards
Bahadir

It's quite strange that nobody could reply however I helped myself reading a lot about this question and would like to share with others:

in header_checks, write a regexp like below which regret not working and needs a bit modification

/^To:[/.*/@/.*/]{5}$

Don't know where I am doing wrong but feels like very close to the answer though :)

You probably need to work in a delimiter between emails as well

Here's a pcre regexp that matches at least 5 '@' in the To header:

Code:

^To: ([^@]*@){5,}

Note that if you reject such messages, you will also be filtering incoming messages
from the outside, so for example you would reject mail addressed to you and four other recipients.

It aint working mate. Still can successfully send any kind of messages outbound. By the way, I dont use this server for inbound traffic so not concerned about filtering incoming messages.

In that case, you should post your header_checks file, so people can see what's not working. Your file should look something like this:

Code:

/^To: ([^@]*@){5,}.*/ ACTION

I tested the expression in my first post with pcretest. For postfix, I think you
need to match the entire line (i.e. header), which is why you need the ".*" at the end. I haven't tested it with postfix, so you might have
to improve it.

Here is the solution :

/^To: (.*@.*){5,}/ REJECT too many recipients
/^Cc: (.*@.*){5,}/ REJECT too many recipients

Berhanine, thanks for your help but regret it did not work out. So I posted the correct syntax

Quote:

but regret it did not work out

Hi, bahadirtonguc. In the course of this thread, you went from writing a nonsensical regular expression at the beginning to solving your own problem by the end. So, I would say that it did work out. Good job!

I realize this is an old post, but just wanted to report what worked for me, in case someone else is looking to do this.

Berhanie's solution worked, here's my config.

/etc/postfix/main.cf:

Code:

# restrict based on message header content 

header_checks = pcre:/etc/postfix/header_checks

/etc/postfix/header_checks:

Code:

/^To:([^@]*@){10,}/        REJECT Sorry, your message has too many recepients.

/^Cc:([^@]*@){10,}/        REJECT Sorry, your message has too many recepients.

On the other hand, bahadirtonguc regex caused Postfix to choke:

Quote:

Out: 220 my.sweet.mx ESMTP Postfix (No UCE)
In: HELO some.other.mx
Out: 250 my.sweet.mx
In: MAIL FROM:<other@example.com>
Out: 250 2.1.0 Ok
In: RCPT TO:<me@example.com>
Out: 250 2.1.5 Ok
In: DATA
Out: 354 End data with <CR><LF>.<CR><LF>
Out: 451 4.3.0 Error: queue file write error
In: QUIT
Out: 221 2.0.0 Bye

/var/log/mail.err:

Quote:

May 26 20:17:00 my.sweet.mx postfix/cleanup[14318]: fatal: pcre map /etc/postfix/header_checks, line 2: matched text exceeds buffer limit

--
Reject an email message with too many recipients with Postfix