#++
# NAME
#	header_checks 5
# SUMMARY
#	Postfix built-in header/body inspection
# SYNOPSIS
#	\fBheader_checks = pcre:/etc/postfix/header_checks\fR
# .br
#	\fBmime_header_checks = pcre:/etc/postfix/mime_header_checks\fR
# .br
#	\fBnested_header_checks = pcre:/etc/postfix/nested_header_checks\fR
# .sp
#	\fBbody_checks = pcre:/etc/postfix/body_checks\fR
# .sp
#	\fBpostmap -q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
# .br
#	\fBpostmap -q - pcre:/etc/postfix/\fIfilename <\fIinputfile\fR
# DESCRIPTION
#	Postfix provides a simple built-in content inspection mechanism that
#	examines incoming mail one message header or one message body line
#	at a time.
#	This feature is implemented by the Postfix \fBcleanup\fR(8) server.
#
#	Postfix header or body_checks are designed to stop a flood of mail
#	from worms or viruses. They are not meant to be a substitute for
#	content filters that decode attachments and that do other
#	sophisticated content analyses.
#
#	Postfix supports four built-in content inspection classes:
# .IP \fBheader_checks\fR
#	These are applied to each primary message header (except for
#	the MIME related headers).
# .IP "\fBmime_header_checks\fR (default: \fB$header_checks\fR)"
#	These are applied each MIME related message header only.
# .IP "\fBnested_header_checks\fR (default: \fB$header_checks\fR)"
#	These are applied to each message header of attached email
#	messages (except for the MIME related headers).
# .IP \fBbody_checks\fR
#	These are applied to all other content, including multi-part
#	message boundaries.
# .PP
#	Note: message headers are examined one logical header at a time,
#	even when a message header spans multiple lines. Body lines are
#	always examined one line at a time.
# TABLE FORMAT
# .ad
# .fi
#	This document assumes that header and body_checks rules are specified
#	in the form of Postfix regular expression lookup tables. Usually the
#	best performance is obtained with \fBpcre\fR (Perl Compatible Regular
#	Expression) tables, but the slower \fBregexp\fR (POSIX regular
#	expressions) support is more widely available.
#	Use the command \fBpostconf -m\fR to find out what lookup table
#	types your Postfix system supports.
#
#	The general format of a Postfix regular expression table is:
# .IP "\fB/\fIpattern\fB/\fIflags action\fR"
#	When \fIpattern\fR matches the input string, execute
#	the corresponding \fIaction\fR. See below for a list
#	of possible actions.
# .IP "\fB!/\fIpattern\fB/\fIflags action\fR"
#	When \fIpattern\fR does \fBnot\fR match the input string,
#	execute the corresponding \fIaction\fR.
# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
# .IP "\fBendif\fR"
#	Match the input string against the patterns between \fBif\fR
#	and \fBendif\fR, if and only if the input string also matches
#	\fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
# .sp
#	Note: do not prepend whitespace to patterns inside
#	\fBif\fR..\fBendif\fR.
# .IP "\fBif !/\fIpattern\fB/\fIflags\fR"
# .IP "\fBendif\fR"
#	Match the input string against the patterns between \fBif\fR
#	and \fBendif\fR, if and only if the input string does \fBnot\fR
#	match \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
# .IP "blank lines and comments"
#	Empty lines and whitespace-only lines are ignored, as
#	are lines whose first non-whitespace character is a `#'.
# .IP "multi-line text"
#	A pattern/action line starts with non-whitespace text. A line that
#	starts with whitespace continues a logical line.
# .PP
#	For a discussion of specific pattern or flags syntax details,
#	see \fBpcre_table\fR(5) or \fBregexp_table\fR(5), respectively.
# TABLE SEARCH ORDER
# .ad
# .fi
#	For each line of message input, the patterns are applied in the
#	order as specified in the table. When a pattern is found that matches
#	the input line, the corresponding action is executed and then the
#	next input line is inspected.
# TEXT SUBSTITUTION
# .ad
# .fi
#	Substitution of substrings from the matched expression into the
#	\fIaction\fR
#	string is possible using the conventional Perl syntax ($1, $2, etc.).
#	The macros in the result string may need to be written as ${n}
#	or $(n) if they aren't followed by whitespace.
#
#	Note: since negated patterns (those preceded by \fB!\fR) return a
#	result when the expression does not match, substitutions are not
#	available for negated patterns.
# ACTIONS
# .ad
# .fi
#	Action names are case insensitive. They are shown in upper case
#	for consistency with other Postfix documentation.
# .IP "\fBDISCARD \fIoptional text...\fR
#	Claim successful delivery and silently discard the message.
#	Log the optional text if specified, otherwise log a generic
#	message.
# .sp
#	Note: this action disables further header or body_checks inspection
#	of the current message and affects all recipients.
# .IP \fBDUNNO\fR
#	Pretend that the input line did not match any pattern, and inspect the
#	next input line. This action can be used to shorten the table search.
# .sp
#	For backwards compatibility reasons, Postfix also accepts
#	\fBOK\fR but it is (and always has been) treated as \fBDUNNO\fR.
# .IP "\fBFILTER \fItransport:destination\fR"
#	Write a content filter request record to the queue file and
#	inspect the next input line.
#	After the complete message is received it will be sent through
#	the specified external content filter.  More information about
#	external content filters is in the Postfix FILTER_README file.
# .sp
#	Note: this action overrides the \fBmain.cf content_filter\fR setting,
#	and affects all recipients of the message. In the case that multiple
#	\fBFILTER\fR actions fire, only the last one is executed.
# .IP "\fBHOLD \fIoptional text...\fR"
#	Arrange for the message to be placed on the \fBhold\fR queue,
#	and inspect the next input line.  The message remains on \fBhold\fR
#	until someone either deletes it or releases it for delivery.
#	Log the optional text if specified, otherwise log a generic
#	message.
#
#	Mail that is placed on hold can be examined with the
#	\fBpostcat\fR(1) command, and can be destroyed or released with
#	the \fBpostsuper\fR(1) command.
# .sp
#	Note: this action affects all recipients of the message.
# .IP \fBIGNORE\fR
#	Delete the current line from the input and inspect
#	the next input line.
# .IP "\fBREDIRECT \fIuser@domain\fR"
#	Write a message redirection request to the queue file and
#	inspect the next input line. After the message is queued,
#	it will be sent to the specified address instead of the
#	intended recipient(s).
# .sp
#	Note: this action overrides the \fBFILTER\fR action, and affects
#	all recipients of the message. If multiple \fBREDIRECT\fR actions
#	fire, only the last one is executed.
# .IP "\fBREJECT \fIoptional text...\fR
#	Reject the entire message. Reply with \fIoptional text...\fR when
#	the optional text is specified, otherwise reply with a generic error
#	message.
# .sp
#	Note: this action disables further header or body_checks inspection
#	of the current message and affects all recipients.
# .IP "\fBWARN \fIoptional text...\fR
#	Log a warning with the \fIoptional text...\fR (or log a
#	generic message) and inspect the next input line. This
#	action is useful for debugging and for testing a pattern
#	before applying more drastic actions.
# BUGS
#	Many people overlook the main limitations of header and body_checks
#	rules.  These rules operate on one logical message header or one body
#	line at a time, and a decision made for one line is not carried over
#	to the next line.
#
#	Message headers added by the \fBcleanup\fR(8) daemon itself
#	are excluded from inspection. Examples of such message headers
#	are \fBFrom:\fR, \fBTo:\fR, \fBMessage-ID:\fR, \fBDate:\fR.
# CONFIGURATION PARAMETERS
# .ad
# .fi
# .IP \fBbody_checks\fR
#	Lookup tables with content filter rules for message body lines.
#	These filters see one physical line at a time, in chunks of
#	at most \fB$line_length_limit\fR bytes.
# .IP \fBbody_checks_size_limit\fP
#	The amount of content per message body segment (attachment) that is
#	subjected to \fB$body_checks\fR filtering.
# .IP \fBheader_checks\fR
# .IP "\fBmime_header_checks\fR (default: \fB$header_checks\fR)"
# .IP "\fBnested_header_checks\fR (default: \fB$header_checks\fR)"
#	Lookup tables with content filter rules for message header lines:
#	respectively, these are applied to the primary message headers
#	(not including MIME headers), to the MIME headers anywhere in
#	the message, and to the initial headers of attached messages.
# .sp
#	Note: these filters see one logical message header at a time, even
#	when a message header spans multiple lines. Message headers that
#	are longer than \fB$header_size_limit\fR characters are truncated.
# .IP \fBdisable_mime_input_processing\fR
#	While receiving mail, give no special treatment to MIME related
#	message headers; all text after the initial message headers is
#	considered to be part of the message body. This means that
#	\fBheader_checks\fR is applied to all the primary message headers,
#	and that \fBbody_checks\fR is applied to the remainder of the
#	message.
# .sp
#	Note: when used in this manner, \fBbody_checks\fR will process
#	a multi-line message header one line at a time.
# SEE ALSO
#	cleanup(8) canonicalize and enqueue Postfix message
#	pcre_table(5) format of PCRE tables
#	regexp_table(5) format of POSIX regular expression tables
#	postconf(1) Postfix configuration utility
#	postmap(1) Postfix lookup table management
#	postsuper(1) Postfix janitor
#	postcat(1) show Postfix queue file contents
# LICENSE
# .ad
# .fi
#	The Secure Mailer license must be distributed with this software.
# AUTHOR(S)
#	Wietse Venema
#	IBM T.J. Watson Research
#	P.O. Box 704
#	Yorktown Heights, NY 10598, USA
#--
