EDIT: I have since removed altermime after installing a MailScanner spam relay for our Zimbra server to use. Because, by default, MailScanner appends a default signature to all outbound email, it was very simple to modify the signature rules to accomodate our mandatory disclaimers for different domains.

I had the pleasure of applying mandatory disclaimers to all [outbound] emails at my workplace today… ~Joy~ … I had the assumption it’d be rather easy, but Altermime and Postfix were a bit finicky to work with. After editing the master.cf I ended up customizing my own ‘disclaimer’ shell script.





# Exit codes from



# Clean up when done or when aborting.

trap “rm -f in.$$” 0 1 2 3 15

# Start processing.

cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; }

cat > in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; }

# Verify this mail is not incoming or internal-only

# We don’t need disclaimers for either one of these cases.

# Debug:

#echo “output: $from_address” >> /tmp/tempoutput.txt

#Grab the from address:

from_address=`grep -m 1 “From:” in.$$ | cut -d “<” -f 2 | cut -d “>” -f 1`

#Verify whether your domain is in the from address.

#If it is, proceed to distinguish WHICH domain is sending outgoing mail and tag it appropriately:

#If not, then that would be incoming mail, so leave it alone:

#Additional (else if) conditional checks will be added to determine if the email is inner-office comm:

# to_address= `grep -m 1 “To:” in.$$ | cut -d “<” -f 2 | cut -d “>” -f 1`

# if [[ $from_address == *domain* && to_address == *domain* ]]; then ….


# This additional condition requires more debugging…

if [[ $from_address == *domain* ]]; then

# Debug:


#echo “FROM: $from_address” >> /tmp/tempoutput.txt

#echo “THIS GETS ALTERMIMED” >> /tmp/tempoutput.txt


#Check to see which domain is sending outgoing email,

#then tag it with the appropriate disclaimer:

if [[ $from_address == *subdomain.domain* ]]; then

# Debug echo “THIS GETS APDD” >> /tmp/tempoutput.txt

/usr/bin/altermime –input=in.$$



–xheader=“X-Public-Record:” || { echo Message content rejected; exit $EX_UNAVAILABLE; }


# Debug echo “THIS GETS COAD” >> /tmp/tempoutput.txt

/usr/bin/altermime –input=in.$$



–xheader=“X-Public-Record:” || { echo Message content rejected; exit $EX_UNAVAILABLE; }



# Might need to remove -i switch for truncation problems depending on your MTA version…

$SENDMAIL -i “$@” < in.$$

exit $?
