[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postfix-users
Subject:    Re: collection of methods for bypassing/whitelisting of header_checks rules
From:       "Bill Cole" <postfixlists-070913 () billmail ! scconsult ! com>
Date:       2014-09-30 23:40:20
Message-ID: 8550232F-FEF4-4ACE-B2F4-D669650ACD0A () billmail ! scconsult ! com
[Download RAW message or body]

On 30 Sep 2014, at 10:53, Mai Ling wrote:

> Every now and then people ask for ways to skip some or all checks 
> defined
> in header_checks done by the cleanup daemon, then they learn[1] that 
> due to
> postifx design they must figure out workarounds or use external 
> filters.

It seems that you may not have read Postfix's CONTENT_INSPECTION_README, 
or perhaps not really understood it.

The reason that header_checks and it's evil twin body_checks are unfit 
for primary content filtering is because they are explicitly not 
designed for that role. When you try to use it as such, you will get 
lousy results. That leads to important users and/or senders needing 
exemptions from the dull hatchetwork of an over-used header_checks. If 
there is some mail you absolutely never want to accept for any reason 
ever that can be unequivocally identified by a single header, 
header_checks is a great tool for THAT task. If you get traffic from a 
mailing list that inexplicably fails to provide certain headers from 
RFC2919 and RFC2369 that MUAs find useful, header_checks can often fix 
THAT flaw. Being flooded by spam using an encoding specific to a 
language that none of your users can read: a PERFECT task for 
header_checks. It is a simple tool designed for simple tasks that 
sometimes can overwhelm a more complex tool (e.g. a comprehensive spam 
filter) by their sheer volume.

Please don't encourage the shoddy practice of using header_checks for 
general spam filtering. The workarounds to make some mail bypass it add 
complexity just as an external milter or SMTP proxy spam filter would, 
without the benefit of providing actually *good* spam filtering.
[prev in list] [next in list] [prev in thread] [next in thread]