[SOLVED] Adding a disclaimer (footer)

[deugenin]

Add an virtual interface:
For example:

(if your eth0=192.168.0.2)

1) ifconfig eth0:0 192.168.0.3 netmask 255.255.255.0
(this can be done with /etc/sysconfig/network-scripts/ifcfg-eth0:0 file)

2) Modify toy /opt/zimbra/postfix/conf/master.cf file:
127.0.0.1:smtp inet n - n - - smtpd
192.168.0.3:smtp inet n - n - - smtpd
192.168.0.2:smtp inet n - n - - smtpd
-o content_filter=dfilt
dfilt unix - n n - - pipe
flags=Rq user=root argv=/etc/postfix/disclaimer -f ${sender} -- ${recipient}

3) restart zimbra mta

And don't forget modify four external firewall to redirect incoming port 25 to 192.168.0.3 instead.

[Dirk]

Thanks a lot for this.

I've added an IP address to the card, so it now has two addresses, and I made the changes as you show, the results were that no messages had the disclaimer added, inbound or outbound.

Looking at what you suggest, I think I understand it, postfix WAS looking at all smtp traffic and adding the disclaimer, now it's looking at smtp traffic from specific IP addresses and only adding the disclaimer if the IP right.

I changed the conf file to apply the disclaimer only to the local host 127.0.0.1 address and that works, the message is added to outbound mail and not to inbound. It is also added on internal mail which is unfortunate but acceptible.

Thing is, I dont think this was your intention, as I recon I could do this without adding the second IP address? So what gives, did I do something wrong?

Either way, I'm happy enough with this solution, I appreciate you taking the effort to help out.

[deugenin]

I'm really happy with your solution!, it's more easy than add a second IP address.

Could you add an wiki update to add a disclaimer only to outbound mail :-)

Regards

[Dirk]

I've added this to the wiki, it's actually the first time I've made a change to one, the interface is somewhat clumsy so it took me a while and if I've not done something in the 'correct' way then please feel free to change it tell me.

Glad you like this method, I dont know postfix at all really, so it's all guesswork to me, but if it works it works

This solution means that mail sent internally does get stamped with the disclaimer, now I currently dont know if that's a good or bad thing, but if it turns out to be a bad thing, does anyone have any idea on how to stop it happening?

[russgalleywood]

Hi Guys,

I am having trouble getting this to work.

I have got it working in its simple form, assigning the disclaimer to all mail in and out.
But I can't get it to work for just out-mail.

I have put this in my master.cf file;

192.168.0.28:smtp inet n - n - - smtpd
127.0.0.1:smtp inet n _ n _ _ smtpd
-o content_filter=dfilt:
dfilt unix - n n - - pipe
flags=Rq user=filter argv=/opt/zimbra/postfix/conf/disclaimer -f ${sender} -- ${recipient}

Can you see if I have done anything wrong? I just get an error when I try to send a mail and Postfix refuses to start.
From reading this forum and the Wiki I am assuming a second card or alias is not now needed yes?

Any help appreciated.

Russ

[deugenin]

Quote:

Originally Posted by russgalleywood

...

127.0.0.1:smtp inet n _ n _ _ smtpd
-o content_filter=dfilt:
...
Russ

Do you have "_" or "-" ???


An second card or alias is not now needed.

[russgalleywood]

Ah, good point Deugenin!

For some reason I do have _ by the 127.0.0.1 address instead of - !

I will change it and try again.

Thanks for such a quick reply and sorry about that!

Russ

[russgalleywood]

Right, I no longer get a complaint but get no disclaimer.

Here is my master.cf;

# Postfix master process configuration file. For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ================================================== ========================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ================================================== ========================
192.168.0.28:smtp inet n - n - - smtpd
127.0.0.1:smtp inet n - n - - smtpd
-o content_filter=dfilt:
#submission inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_client_restrictions=permit_sasl_authenticate d,reject
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
dfilt unix - n n - - pipe
flags=Rq user=filter argv=/opt/zimbra/postfix/conf/disclaimer -f ${sender} -- ${recipient}
#
# ================================================== ==================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ================================================== ==================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
# AMAVISD-NEW
#
smtp-amavis unix - - n - 10 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o virtual_mailbox_maps=
-o virtual_alias_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o mynetworks_style=host
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_ unknown_recipient_checks,no_address_mappings


I have a disclaimer script '750' permissions and owned by group 'filter' and a disclaimer.txt file. Tried this as both HTML or Text version. This set up works fine with the 'in-out' version of the master.cf I have but I get nothing with the 'out' only version.

Thanks

Russ

[scalper]

I have a multi-server environment.. namely smtp1 10.0.0.3 and smtp2 10.0.0.4 both listening on port 25 for in/out smtp messages. Mailbox is at 10.0.0.2.

To achieve this thing, only for outgoing.. I had to specify smtp1 only for outgoing msgs and smtp2 for incoming.

How can I make both of these servers to listen for in/out concurrently thus giving some redundancy/load balance to the system? Any idea?

Theoretically, I am thinking of the split NIC or the virtual NIC thing, so that i can specify [incoming ip]:smtp and [outgoing ip]:smtp for each servers ; but is this method really works? Anybody have done it? I am maintaining a production system so downtime is very limited. Need some expert/tested help/opinion on this.

Anyways, very appreciate what you guys been discussing on this thread! So cool... Thanks..

[jpcaldwell]

@Russgalleywood
I'm having the same problem, did you ever get yours resovled?