1

Apparently Postfix does not natively support BATV tags. We'd like to strip these prvs=-tags from the FROM field because we think our mailman setup has issues with it (sees sender as a non-member).

I have an ISPConfig 3 mail server setup. This includes amavisd-new and clamav. I installed dkimproxy, just to verify the tag and put the result in the email header (I don't want it to reject mail).

I should mention I've tried batv-milter, but this gave an error ("smfi_main failed"). And I looked at batv-proxy.pl too.

But this solution seemed better for Postfix and is advised to use in combination with amavisd-new. And it was in the Debian repos, too!

I have tried setting up dkimproxy as a postfix smtpd_proxy_filter but then the connection to dkimproxy's TCP port (127.0.0.1:10026 in my case) times out.

Now I am not sure if the connection to dkimproxy times out, or if it's relay connection (I send it to amavisd-new as per the configuration below) times out. There seems to be no logging whatsoever for dkimproxy.

# set correct hostname
hostname $fqdn-of-my-mailserver

# specify what address/port DKIMproxy should listen on
listen    127.0.0.1:10026

# specify what address/port DKIMproxy forwards mail to
relay     127.0.0.1:10024

Am I doing something wrong?

Has anyone been succesful with BATV filtering and Postfix?

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
aairey
  • 310
  • 2
  • 13
  • AFAIK, dkimproxy was used to verifying dkim signature? What's the its relationship with BATV? – masegaloeh Oct 30 '14 at 12:50
  • Hmm, yeah looks like I took the wrong road here with dkimproxy. What I'm really looking for is stripping of BATV-tags. – aairey Oct 30 '14 at 14:52
  • Oh, I see. Could you post the output of `postconf -n`, so we can understand your stack better? – masegaloeh Oct 30 '14 at 21:23
  • Here is the output. I stripped the private information. http://paste.debian.net/hidden/2b11208b/ – aairey Oct 31 '14 at 12:11
  • [Administration panels are off topic](http://serverfault.com/help/on-topic). [Even the presence of an administration panel on a system,](http://meta.serverfault.com/q/6538/118258) because they [take over the systems in strange and non-standard ways, making it difficult or even impossible for actual system administrators to manage the servers normally](http://meta.serverfault.com/a/3924/118258), and tend to indicate low-quality questions from *users* with insufficient knowledge for this site. – HopelessN00b Feb 25 '15 at 09:00
  • I don't know if you read this question and it's answers thoroughly, but this has nothing to do with administration panels. Your comment and action are completely irrelevant. Also, this question is quite old by now and is better left as is. – aairey Feb 26 '15 at 11:38

1 Answers1

2

Maybe this case was same as yours. Anyway, you can fix it with steps as explained in this batv page.

In main.cf, define

canonical_maps = regexp:/etc/postfix/batv.regexp

In /etc/postfix/batv.regexp, add this line

/^prvs=[0-9]{4}[0-9A-Fa-f]{6}=(.*)$/ $1

If it doesn't work please provide the sample of batv address that you encounter in the system.

For side effects. please take a look the notes from the author

please note that this regexp table may affect other messages entering your mail system, in particular via pickup and submission. If you don't restrict the pattern to your own local domains (typically as defined in mydestination, virtual_alias_domains, and virtual_mailbox_domains), you might inadvertently strip the BATV tag off external recipients' addresses. Unfortunately, it doesn't seem possible to define the cleanup_service_name just for internally generated bounces and notices. It might be possible to define an override for all other services (i.e. forward, pickup, qmqpd, smtpd) in master.conf, though, which would leave the one in main.cf just for internally generated messages; I haven't looked too deeply into this yet, though.

masegaloeh
  • 17,978
  • 9
  • 56
  • 104