1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "https://www.w3.org/TR/html4/loose.dtd"> 3<html> <head> 4<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 5<link rel='stylesheet' type='text/css' href='postfix-doc.css'> 6<title> Postfix manual - header_checks(5) </title> 7</head> <body> <pre> 8HEADER_CHECKS(5) HEADER_CHECKS(5) 9 10<b><a name="name">NAME</a></b> 11 <a href="postconf.5.html#header_checks">header_checks</a> - Postfix built-in content inspection 12 13<b><a name="synopsis">SYNOPSIS</a></b> 14 <b><a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks</b> 15 <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/mime_header_checks</b> 16 <b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/nested_header_checks</b> 17 <b><a href="postconf.5.html#body_checks">body_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/body_checks</b> 18 19 <b><a href="postconf.5.html#milter_header_checks">milter_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a></b> 20 21 <b><a href="postconf.5.html#smtp_header_checks">smtp_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_header_checks</b> 22 <b><a href="postconf.5.html#smtp_mime_header_checks">smtp_mime_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_mime_header_checks</b> 23 <b><a href="postconf.5.html#smtp_nested_header_checks">smtp_nested_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_nested_header_checks</b> 24 <b><a href="postconf.5.html#smtp_body_checks">smtp_body_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_body_checks</b> 25 26 <b>postmap -q "</b><i>string</i><b>" <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i> 27 <b>postmap -q - <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i> 28 29<b><a name="description">DESCRIPTION</a></b> 30 This document describes access control on the content of message head- 31 ers and message body lines; it is implemented by the Postfix <a href="cleanup.8.html"><b>cleanup</b>(8)</a> 32 server before mail is queued. See <a href="access.5.html"><b>access</b>(5)</a> for access control on 33 remote SMTP client information. 34 35 Each message header or message body line is compared against a list of 36 patterns. When a match is found the corresponding action is executed, 37 and the matching process is repeated for the next message header or 38 message body line. 39 40 Note: message headers are examined one logical header at a time, even 41 when a message header spans multiple lines. Body lines are always exam- 42 ined one line at a time. 43 44 For examples, see the EXAMPLES section at the end of this manual page. 45 46 Postfix header or <a href="postconf.5.html#body_checks">body_checks</a> are designed to stop a flood of mail from 47 worms or viruses; they do not decode attachments, and they do not unzip 48 archives. See the documents referenced below in the README FILES sec- 49 tion if you need more sophisticated content analysis. 50 51<b><a name="filters_while_receiving_mail">FILTERS WHILE RECEIVING MAIL</a></b> 52 Postfix implements the following four built-in content inspection 53 classes while receiving mail: 54 55 <b><a href="postconf.5.html#header_checks">header_checks</a></b> (default: empty) 56 These are applied to initial message headers (except for the 57 headers that are processed with <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b>). 58 59 <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>) 60 These are applied to MIME related message headers only. 61 62 This feature is available in Postfix 2.0 and later. 63 64 <b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>) 65 These are applied to message headers of attached email messages 66 (except for the headers that are processed with 67 <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b>). 68 69 This feature is available in Postfix 2.0 and later. 70 71 <b><a href="postconf.5.html#body_checks">body_checks</a></b> 72 These are applied to all other content, including multi-part 73 message boundaries. 74 75 With Postfix versions before 2.0, all content after the initial 76 message headers is treated as body content. 77 78<b><a name="filters_after_receiving_mail">FILTERS AFTER RECEIVING MAIL</a></b> 79 Postfix supports a subset of the built-in content inspection classes 80 after the message is received: 81 82 <b><a href="postconf.5.html#milter_header_checks">milter_header_checks</a></b> (default: empty) 83 These are applied to headers that are added with Milter applica- 84 tions. 85 86 This feature is available in Postfix 2.7 and later. 87 88<b><a name="filters_while_delivering_mail">FILTERS WHILE DELIVERING MAIL</a></b> 89 Postfix supports all four content inspection classes while delivering 90 mail via SMTP. 91 92 <b><a href="postconf.5.html#smtp_header_checks">smtp_header_checks</a></b> (default: empty) 93 94 <b><a href="postconf.5.html#smtp_mime_header_checks">smtp_mime_header_checks</a></b> (default: empty) 95 96 <b><a href="postconf.5.html#smtp_nested_header_checks">smtp_nested_header_checks</a></b> (default: empty) 97 98 <b><a href="postconf.5.html#smtp_body_checks">smtp_body_checks</a></b> (default: empty) 99 These features are available in Postfix 2.5 and later. 100 101<b><a name="compatibility">COMPATIBILITY</a></b> 102 With Postfix version 2.2 and earlier specify "<b>postmap -fq</b>" to query a 103 table that contains case sensitive patterns. By default, <a href="regexp_table.5.html">regexp</a>: and 104 <a href="pcre_table.5.html">pcre</a>: patterns are case insensitive. 105 106<b><a name="table_format">TABLE FORMAT</a></b> 107 This document assumes that header and <a href="postconf.5.html#body_checks">body_checks</a> rules are specified 108 in the form of Postfix regular expression lookup tables. Usually the 109 best performance is obtained with <b>pcre</b> (Perl Compatible Regular Expres- 110 sion) tables. The <b>regexp</b> (POSIX regular expressions) tables are usually 111 slower, but more widely available. Use the command "<b>postconf -m</b>" to 112 find out what lookup table types your Postfix system supports. 113 114 The general format of Postfix regular expression tables is given below. 115 For a discussion of specific pattern or flags syntax, see <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a> 116 or <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a>, respectively. 117 118 <b>/</b><i>pattern</i><b>/</b><i>flags action</i> 119 When /<i>pattern</i>/ matches the input string, execute the correspond- 120 ing <i>action</i>. See below for a list of possible actions. 121 122 <b>!/</b><i>pattern</i><b>/</b><i>flags action</i> 123 When /<i>pattern</i>/ does <b>not</b> match the input string, execute the cor- 124 responding <i>action</i>. 125 126 <b>if /</b><i>pattern</i><b>/</b><i>flags</i> 127 128 <b>endif</b> If the input string matches /<i>pattern</i>/, then match that input 129 string against the patterns between <b>if</b> and <b>endif</b>. The <b>if</b>..<b>endif</b> 130 can nest. 131 132 Note: do not prepend whitespace to patterns inside <b>if</b>..<b>endif</b>. 133 134 <b>if !/</b><i>pattern</i><b>/</b><i>flags</i> 135 136 <b>endif</b> If the input string does not match /<i>pattern</i>/, then match that 137 input string against the patterns between <b>if</b> and <b>endif</b>. The 138 <b>if</b>..<b>endif</b> can nest. 139 140 blank lines and comments 141 Empty lines and whitespace-only lines are ignored, as are lines 142 whose first non-whitespace character is a `#'. 143 144 multi-line text 145 A pattern/action line starts with non-whitespace text. A line 146 that starts with whitespace continues a logical line. 147 148<b><a name="table_search_order">TABLE SEARCH ORDER</a></b> 149 For each line of message input, the patterns are applied in the order 150 as specified in the table. When a pattern is found that matches the 151 input line, the corresponding action is executed and then the next 152 input line is inspected. 153 154<b><a name="text_substitution">TEXT SUBSTITUTION</a></b> 155 Substitution of substrings from the matched expression into the <i>action</i> 156 string is possible using the conventional Perl syntax (<b>$1</b>, <b>$2</b>, etc.). 157 The macros in the result string may need to be written as <b>${n}</b> or <b>$(n)</b> 158 if they aren't followed by whitespace. 159 160 Note: since negated patterns (those preceded by <b>!</b>) return a result when 161 the expression does not match, substitutions are not available for 162 negated patterns. 163 164<b><a name="actions">ACTIONS</a></b> 165 Action names are case insensitive. They are shown in upper case for 166 consistency with other Postfix documentation. 167 168 <b>BCC</b> <i>user@domain</i> 169 Add the specified address as a BCC recipient, and inspect the 170 next input line. The address must have a local part and domain 171 part. The number of BCC addresses that can be added is limited 172 only by the amount of available storage space. 173 174 Note 1: the BCC address is added as if it was specified with 175 NOTIFY=NONE. The sender will not be notified when the BCC 176 address is undeliverable, as long as all down-stream software 177 implements <a href="https://tools.ietf.org/html/rfc3461">RFC 3461</a>. 178 179 Note 2: this ignores duplicate addresses (with the same delivery 180 status notification options). 181 182 This feature is available in Postfix 3.0 and later. 183 184 This feature is not supported with smtp header/body checks. 185 186 <b>DISCARD</b> <i>optional text...</i> 187 Claim successful delivery and silently discard the message. Do 188 not inspect the remainder of the input message. Log the 189 optional text if specified, otherwise log a generic message. 190 191 Note: this action disables further header or <a href="postconf.5.html#body_checks">body_checks</a> inspec- 192 tion of the current message and affects all recipients. To dis- 193 card only one recipient without discarding the entire message, 194 use the <a href="transport.5.html">transport(5)</a> table to direct mail to the <a href="discard.8.html">discard(8)</a> ser- 195 vice. 196 197 This feature is available in Postfix 2.0 and later. 198 199 This feature is not supported with smtp header/body checks. 200 201 <b>DUNNO</b> Pretend that the input line did not match any pattern, and 202 inspect the next input line. This action can be used to shorten 203 the table search. 204 205 For backwards compatibility reasons, Postfix also accepts <b>OK</b> but 206 it is (and always has been) treated as <b>DUNNO</b>. 207 208 This feature is available in Postfix 2.1 and later. 209 210 <b>FILTER</b> <i>transport:destination</i> 211 Override the <a href="postconf.5.html#content_filter">content_filter</a> parameter setting, and inspect the 212 next input line. After the message is queued, send the entire 213 message through the specified external content filter. The 214 <i>transport</i> name specifies the first field of a mail delivery 215 agent definition in <a href="master.5.html">master.cf</a>; the syntax of the next-hop <i>desti-</i> 216 <i>nation</i> is described in the manual page of the corresponding 217 delivery agent. More information about external content filters 218 is in the Postfix <a href="FILTER_README.html">FILTER_README</a> file. 219 220 Note 1: do not use $<i>number</i> regular expression substitutions for 221 <i>transport</i> or <i>destination</i> unless you know that the information 222 has a trusted origin. 223 224 Note 2: this action overrides the <a href="postconf.5.html">main.cf</a> <b><a href="postconf.5.html#content_filter">content_filter</a></b> set- 225 ting, and affects all recipients of the message. In the case 226 that multiple <b>FILTER</b> actions fire, only the last one is exe- 227 cuted. 228 229 Note 3: the purpose of the FILTER command is to override message 230 routing. To override the recipient's <i>transport</i> but not the 231 next-hop <i>destination</i>, specify an empty filter <i>destination</i> (Post- 232 fix 2.7 and later), or specify a <i>transport:destination</i> that 233 delivers through a different Postfix instance (Postfix 2.6 and 234 earlier). Other options are using the recipient-dependent <b><a href="postconf.5.html#transport_maps">trans</a>-</b> 235 <b><a href="postconf.5.html#transport_maps">port_maps</a></b> or the sender-dependent <b><a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default-</b> 236 <b>_transport_maps</a></b> features. 237 238 This feature is available in Postfix 2.0 and later. 239 240 This feature is not supported with smtp header/body checks. 241 242 <b>HOLD</b> <i>optional text...</i> 243 Arrange for the message to be placed on the <b>hold</b> queue, and 244 inspect the next input line. The message remains on <b>hold</b> until 245 someone either deletes it or releases it for delivery. Log the 246 optional text if specified, otherwise log a generic message. 247 248 Mail that is placed on hold can be examined with the <a href="postcat.1.html"><b>postcat</b>(1)</a> 249 command, and can be destroyed or released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> 250 command. 251 252 Note: use "<b>postsuper -r</b>" to release mail that was kept on hold 253 for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a></b> or 254 <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>, or longer. Use "<b>postsuper -H</b>" only for 255 mail that will not expire within a few delivery attempts. 256 257 Note: this action affects all recipients of the message. 258 259 This feature is available in Postfix 2.0 and later. 260 261 This feature is not supported with smtp header/body checks. 262 263 <b>IGNORE</b> Delete the current line from the input, and inspect the next 264 input line. See <b>STRIP</b> for an alternative that logs the action. 265 266 <b>INFO</b> <i>optional text...</i> 267 Log an "info:" record with the <i>optional text...</i> (or log a 268 generic text), and inspect the next input line. This action is 269 useful for routine logging or for debugging. 270 271 This feature is available in Postfix 2.8 and later. 272 273 <b>PASS</b> <i>optional text...</i> 274 Log a "pass:" record with the <i>optional text...</i> (or log a generic 275 text), and turn off header, body, and Milter inspection for the 276 remainder of this message. 277 278 Note: this feature relies on trust in information that is easy 279 to forge. 280 281 This feature is available in Postfix 3.2 and later. 282 283 This feature is not supported with smtp header/body checks. 284 285 <b>PREPEND</b> <i>text...</i> 286 Prepend one line with the specified text, and inspect the next 287 input line. 288 289 Notes: 290 291 <b>o</b> The prepended text is output on a separate line, immedi- 292 ately before the input that triggered the <b>PREPEND</b> action. 293 294 <b>o</b> The prepended text is not considered part of the input 295 stream: it is not subject to header/body checks or 296 address rewriting, and it does not affect the way that 297 Postfix adds missing message headers. 298 299 <b>o</b> When prepending text before a message header line, the 300 prepended text must begin with a valid message header 301 label. 302 303 <b>o</b> This action cannot be used to prepend multi-line text. 304 305 This feature is available in Postfix 2.1 and later. 306 307 This feature is not supported with <a href="postconf.5.html#milter_header_checks">milter_header_checks</a>. 308 309 <b>REDIRECT</b> <i>user@domain</i> 310 Write a message redirection request to the queue file, and 311 inspect the next input line. After the message is queued, it 312 will be sent to the specified address instead of the intended 313 recipient(s). 314 315 Note 1: this action overrides the <b>FILTER</b> action, and affects all 316 recipients of the message. If multiple <b>REDIRECT</b> actions fire, 317 only the last one is executed. 318 319 Note 2: a REDIRECT address is subject to canonicalization (add 320 missing domain) but NOT subject to canonical, masquerade, bcc, 321 or virtual alias mapping. 322 323 This feature is available in Postfix 2.1 and later. 324 325 This feature is not supported with smtp header/body checks. 326 327 <b>REPLACE</b> <i>text...</i> 328 Replace the current line with the specified text, and inspect 329 the next input line. 330 331 This feature is available in Postfix 2.2 and later. The descrip- 332 tion below applies to Postfix 2.2.2 and later. 333 334 Notes: 335 336 <b>o</b> When replacing a message header line, the replacement 337 text must begin with a valid header label. 338 339 <b>o</b> The replaced text remains part of the input stream. 340 Unlike the result from the <b>PREPEND</b> action, a replaced 341 message header may be subject to address rewriting and 342 may affect the way that Postfix adds missing message 343 headers. 344 345 <b>REJECT</b> <i>optional text...</i> 346 Reject the entire message. Do not inspect the remainder of the 347 input message. Reply with <i>optional text...</i> when the optional 348 text is specified, otherwise reply with a generic error message. 349 350 Note: this action disables further header or <a href="postconf.5.html#body_checks">body_checks</a> inspec- 351 tion of the current message and affects all recipients. 352 353 Postfix version 2.3 and later support enhanced status codes. 354 When no code is specified at the beginning of <i>optional text...</i>, 355 Postfix inserts a default enhanced status code of "5.7.1". 356 357 This feature is not supported with smtp header/body checks. 358 359 <b>STRIP</b> <i>optional text...</i> 360 Log a "strip:" record with the <i>optional text...</i> (or log a 361 generic text), delete the input line from the input, and inspect 362 the next input line. See <b>IGNORE</b> for a silent alternative. 363 364 This feature is available in Postfix 3.2 and later. 365 366 <b>WARN</b> <i>optional text...</i> 367 Log a "warning:" record with the <i>optional text...</i> (or log a 368 generic text), and inspect the next input line. This action is 369 useful for debugging and for testing a pattern before applying 370 more drastic actions. 371 372<b><a name="bugs">BUGS</a></b> 373 Empty lines never match, because some map types mis-behave when given a 374 zero-length search string. This limitation may be removed for regular 375 expression tables in a future release. 376 377 Many people overlook the main limitations of header and <a href="postconf.5.html#body_checks">body_checks</a> 378 rules. 379 380 <b>o</b> These rules operate on one logical message header or one body 381 line at a time. A decision made for one line is not carried over 382 to the next line. 383 384 <b>o</b> If text in the message body is encoded (<a href="https://tools.ietf.org/html/rfc2045">RFC 2045</a>) then the rules 385 need to be specified for the encoded form. 386 387 <b>o</b> Likewise, when message headers are encoded (<a href="https://tools.ietf.org/html/rfc2047">RFC 2047</a>) then the 388 rules need to be specified for the encoded form. 389 390 Message headers added by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon itself are excluded from 391 inspection. Examples of such message headers are <b>From:</b>, <b>To:</b>, <b>Mes-</b> 392 <b>sage-ID:</b>, <b>Date:</b>. 393 394 Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be examined 395 before they are deleted. Examples are: <b>Bcc:</b>, <b>Content-Length:</b>, 396 <b>Return-Path:</b>. 397 398<b><a name="configuration_parameters">CONFIGURATION PARAMETERS</a></b> 399 <b><a href="postconf.5.html#body_checks">body_checks</a> (empty)</b> 400 Optional lookup tables for content inspection as specified in 401 the <a href="header_checks.5.html"><b>body_checks</b>(5)</a> manual page. 402 403 <b><a href="postconf.5.html#body_checks_size_limit">body_checks_size_limit</a> (51200)</b> 404 How much text in a message body segment (or attachment, if you 405 prefer to use that term) is subjected to <a href="postconf.5.html#body_checks">body_checks</a> inspection. 406 407 <b><a href="postconf.5.html#header_checks">header_checks</a> (empty)</b> 408 Optional lookup tables for content inspection of primary 409 non-MIME message headers, as specified in the <a href="header_checks.5.html"><b>header_checks</b>(5)</a> 410 manual page. 411 412 <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b> 413 Optional lookup tables for content inspection of MIME related 414 message headers, as described in the <a href="header_checks.5.html"><b>header_checks</b>(5)</a> manual 415 page. 416 417 <b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b> 418 Optional lookup tables for content inspection of non-MIME mes- 419 sage headers in attached messages, as described in the 420 <a href="header_checks.5.html"><b>header_checks</b>(5)</a> manual page. 421 422 <b><a href="postconf.5.html#disable_mime_input_processing">disable_mime_input_processing</a> (no)</b> 423 Turn off MIME processing while receiving mail. 424 425<b><a name="examples">EXAMPLES</a></b> 426 Header pattern to block attachments with bad file name extensions. For 427 convenience, the PCRE /x flag is specified, so that there is no need to 428 collapse the pattern into a single line of text. The purpose of the 429 [[:xdigit:]] sub-expressions is to recognize Windows CLSID strings. 430 431 /etc/postfix/<a href="postconf.5.html">main.cf</a>: 432 <a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks.pcre 433 434 /etc/postfix/header_checks.<a href="pcre_table.5.html">pcre</a>: 435 /^Content-(Disposition|Type).*name\s*=\s*"?([^;]*(\.|=2E)( 436 ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe| 437 hlp|ht[at]| 438 inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws| 439 \{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}| 440 ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf| 441 vb[esx]?|vxd|ws[cfh]))(\?=)?"?\s*(;|$)/x 442 REJECT Attachment name "$2" may not end with ".$4" 443 444 Body pattern to stop a specific HTML browser vulnerability exploit. 445 446 /etc/postfix/<a href="postconf.5.html">main.cf</a>: 447 <a href="postconf.5.html#body_checks">body_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/body_checks 448 449 /etc/postfix/body_checks: 450 /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/ 451 REJECT IFRAME vulnerability exploit 452 453<b><a name="see_also">SEE ALSO</a></b> 454 <a href="cleanup.8.html">cleanup(8)</a>, canonicalize and enqueue Postfix message 455 <a href="pcre_table.5.html">pcre_table(5)</a>, format of PCRE lookup tables 456 <a href="regexp_table.5.html">regexp_table(5)</a>, format of POSIX regular expression tables 457 <a href="postconf.1.html">postconf(1)</a>, Postfix configuration utility 458 <a href="postmap.1.html">postmap(1)</a>, Postfix lookup table management 459 <a href="postsuper.1.html">postsuper(1)</a>, Postfix janitor 460 <a href="postcat.1.html">postcat(1)</a>, show Postfix queue file contents 461 <a href="https://tools.ietf.org/html/rfc2045">RFC 2045</a>, base64 and quoted-printable encoding rules 462 <a href="https://tools.ietf.org/html/rfc2047">RFC 2047</a>, message header encoding for non-ASCII text 463 464<b><a name="readme_files">README FILES</a></b> 465 <a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview 466 <a href="CONTENT_INSPECTION_README.html">CONTENT_INSPECTION_README</a>, Postfix content inspection overview 467 <a href="BUILTIN_FILTER_README.html">BUILTIN_FILTER_README</a>, Postfix built-in content inspection 468 <a href="BACKSCATTER_README.html">BACKSCATTER_README</a>, blocking returned forged mail 469 470<b><a name="license">LICENSE</a></b> 471 The Secure Mailer license must be distributed with this software. 472 473<b>AUTHOR(S)</b> 474 Wietse Venema 475 IBM T.J. Watson Research 476 P.O. Box 704 477 Yorktown Heights, NY 10598, USA 478 479 Wietse Venema 480 Google, Inc. 481 111 8th Avenue 482 New York, NY 10011, USA 483 484 HEADER_CHECKS(5) 485</pre> </body> </html> 486