[Avcheck] postfix always_bcc

Michael Tokarev mjt@tls.msk.ru
Tue, 23 Oct 2001 01:59:39 +0400 

Peter Mann wrote:
> 
> Heyaaa!!!
> 
> can i remove always_bcc mail address from list of recipients?
> 
> ( ... The mail system received a message from $SENDER destined to"
>   for i do echo " $i" ; done    <------ here???
>   echo "that contains either infected or suspicious file(s) ... )

This is *almost* a good place.  Something like:

  for i do [ ".$i" = ".$always_bcc_addr" ] || echo " $i"; done

But that's not a complete solution.  First of all, you'll need
to do similar changes in several place (may be -- you only interested
to hide always_bcc from Sender Notification, yes?  For Recipient
notification, none of recipient addresses are shown at in examples).
And second, recipient notification will be sent to $always_bcc
in any case -- there is no *portable* solution to *reliable* and
*safe* filter some addresses from a list of arguments.

Another, better variant, but works with ksh and bash only.
Before any processing, specify:

 av=()
 for i do
   [ ".$i" = ".$always_bcc_addr" ] || av=( "${av[@]}" "$i" )
 done
 set -- "${av[@]}"
 [ $# -gt 0 ] || set -- "$always_bcc_addr"


This way, $@ will not include $always_bcc_addr anymore, and
all further processing will work as expected.  Last trick is
needed if the *original* mail was sent to $always_bcc_addr
*only*.

> and how show only virtual address? i want to show only left side
> of virtual maps, e.g. i have
> Peter.Mann@tuke.sk      account@machine.somewhere.tuke.sk

This one isn't very easy, or at least can't be solved by
simple means.  Postfix doesn't keeps original recipients,
so in trivial setup, that information was lost at a time
when avcheck gets called.  If you *really* need to keep
original addresses here, you have 2 options, both are
somewhat ugly.

First, to have two postfix instances.  One will receive
mail only (having only *list* of valid recipients), and
then feed it into avcheck.  It in turn will feed checked
(or infected if that matter) mail into second instance,
where actual rewriting and delivery will occur.

And second is to have some tricks with rewriting.  It
depends heavily on setup details you're using, and may
be dangerous if not implemented *very* carefully.  Just
as an example:
 virtual have
  Peter.Mann@tuke.sk  account+Peter.Mann+tuke.sk@machine.somewhere.tuke.sk

Next, in infected script, using bash or ksh, have something:

  av=()
  for i do
    case "$i" in
      *+*+tuke.sk@machine.somewhere.tuke.sk)
        i="${i%@*}"  # strip last @domain part (unnecessary here)
        i="${i%+*}"  # strip +tuke.sk
        i="${i##*+}" # strip all but text after the last "+"
        i="${i}@tuke.sk" # restore original domain
        ;;
    esac
    av=("${av[@]}" "$i")
  done

In short -- try to save original address somewhere, and
then try to "decode" it back.  I showed you only idea, actual
details will heavily depend on your virtual table entries,
obviously, and there may be some typos above too.  It is
also not clear what sideeffects will have such an addresses
when finally delivered.

As I said, there is no simple solution.  At least before postfix
will be able to provide original addresses.

> thanks

Regards,
 Michael.