Step 5. Lets make the disclaimer filter script, that will be used by postfix to make altermime work it’s magic.
nano ./disclaimer
Much of this script is a custom version of a script for Debian I found elsewhere, edited to make it work better in a Virtualmin/CentOS environment. Credit goes to the original author - though I cannot recall who it was.
#!/bin/sh
Localize these.
INSPECT_DIR=/var/spool/filter
SENDMAIL=/usr/sbin/sendmail
####### Changed From Original Script #######
DISCLAIMER_ADDRESSES=/etc/postfix/disclaimer_addresses
DISCLAIMER_DOMAINS=/etc/postfix/disclaimer_domains
####### Changed From Original Script END #######
Exit codes from <sysexits.h>
EX_TEMPFAIL=75
EX_UNAVAILABLE=69
Clean up when done or when aborting.
trap “rm -f in.$$” 0 1 2 3 15
Start processing.
cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit
$EX_TEMPFAIL; }
cat >in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; }
####### Changed From Original Script #######
obtain From address
this line checks the address in the from header
from_address=grep -m 1 "From:" in.$$ | cut -d "<" -f 2 | cut -d "@" -f 1
and this one checks the domain.
from_domain=grep -m 1 "From:" in.$$ | cut -d "<" -f 2 | cut -d ">" -f 1 | cut -d "@" -f 2
if [ grep -wi ^${from_domain}$ ${DISCLAIMER_DOMAINS}
]; then
if [ grep -wi ^${from_address}$ ${DISCLAIMER_ADDRESSES}
]; then
/usr/bin/altermime --input=in.$$
–disclaimer=/etc/postfix/disclaimer_text.txt
–disclaimer-html=/etc/postfix/disclaimer_text.htm
–xheader=“X-Copyrighted-Material: Please visit http://www.mydomain.com/emailpolicy/” ||
{ echo Message content rejected; exit $EX_UNAVAILABLE; }
fi
fi
$SENDMAIL -oi “$@” <in.$$
exit $?
Step 6. Lets tell postfix to apply the filter to outgoing mail, shall we?
Open the postfix master config file
nano ./master.cf
</end code>
Find the line that looks like
smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes
And change it to…
smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o content_filter=dfilt:
Then add at the very base of the file…
dfilt unix - n n - - pipe
flags=Rq user=altermime argv=/etc/postfix/disclaimer -f ${sender} – ${recipient}
After a ‘service postfix restart’ you’ll find that Postfix now applies your filter to all outgoing mail!
Feel free to edit the disclaimer script to your liking… altermime is quite configurable. It is quite possible to have the filter apply to all addresses on a domain… or to filter more/less to your liking. Most of the hard work is in the two ‘grep’ lines.
There are a couple of additional notes here.
If you use SMTPS (SMTP over SSL on port 465 you’ll need to add the filter to the smtps line in master.cf too.
Find the one like
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictionns=permit_sasl_authenticated,reject
and add this to the end of it…
-o content_filter=dfilt:
Also, your mileage may vary depending on how you’ve setup the username.domain kind of syntax. These steps may need a bit of adjustment here or there. But hey, its a start, right?