Posts

Reject insecure mail clients with Postfix

One simple way to force your users to upgrade their mail client in an otherwise unmanaged environment is to detect the X-mailer header via Postfix header checks and reject the message

make sure header checks are turned on in main.cf

header_checks = regexp:/etc/postfix/header_checks

and add this rule to block some old client – Eudora mailers in this example.

#/^X-Mailer:.*Eudora Version ([0-5]|6\.[0-1])\..*/ REJECT insecure version of eudora
#
#if /^Received: from.* ([129\.98\..*])/
# /^X-Mailer:.*Eudora Version ([0-5]|6\.[0-1])\..*/ REJECT insecure version of eudora
#endif
#
#/^X-Mailer:.*Eudora Version 3\.*/ REJECT
#/^X-Mailer:.*Eudora Version 4\.*/ REJECT
#/^X-Mailer:.*Eudora Version 5\.*/ REJECT
#/^X-Mailer:.*Eudora Version 6\.0\.*/ REJECT
#/^X-Mailer:.*Eudora Version 6\.1\.*/ REJECT