I have a problem with Postfix. Recently we are receiving mail messages with malformed "From:" headers as these:
From: "Name Surname <user@good-domain.com>" <user2@bad-domain.com>
From: "user@good-domain.com" <user2@bad-domain.com>
Ended up with a solution based on PCRE header checks, with these two regexp:
/^From:.+(".+<(.*@+.*)>").*<((?!\2).*)>$/ REJECT
/^From:.+("([^<>]*@+[^<>]*)").*<((?!\2).*)>$/ REJECT
Done
postmap /etc/postfix/header_checks
and reloaded postfix.
Seems to work ok and POstfix apparently handles the PCRE with no problem:
postmap -q 'From: "Name Surname <user@good-domain.com>" <user2@bad-domain.com>' pcre:/etc/postfix/header_checks
REJECT
postmap -q 'From: "user@good-domain.com" <user2@bad-domain.com>' pcre:/etc/postfix/header_checks
REJECT
But in real usage the mails are not blocked. In the log there are the following (repeated) errors:
Nov 22 10:52:19 mx1 postfix/cleanup[32087]: warning: regexp map /etc/postfix/header_checks, line 497: Invalid preceding regular expression
Nov 22 10:52:19 mx1 postfix/cleanup[32087]: warning: regexp map /etc/postfix/header_checks, line 498: Invalid preceding regular expression
The content of the /etc/postfix/header_checks file is the following (the first 496 lines are comments):
/^From:.+(".+<(.*@+.*)>").*<((?!\2).*)>$/ REJECT
/^From:.+("([^<>]*@+[^<>]*)").*<((?!\2).*)>$/ REJECT
/^Subject:/ WARN
Additional info:
- There are no receive_override_options: the file is used as the subject are correctly logged in logfile (last line). And the errors too shows the file is handled by postfix.
- Tested the two regexp with multiple online services and they seems correct: also the postmap -q tests shows they are working correctly.
- Postfix 2.10.1 and PCRE 8.32 on a CentOS 7.7
Any idea?
