1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "http://www.w3.org/TR/html4/loose.dtd"> 3<html> <head> 4<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 5<link rel='stylesheet' type='text/css' href='postfix-doc.css'> 6<title> Postfix manual - header_checks(5) </title> 7</head> <body> <pre> 8HEADER_CHECKS(5) HEADER_CHECKS(5) 9 10<b>NAME</b> 11 <a href="postconf.5.html#header_checks">header_checks</a> - Postfix built-in content inspection 12 13<b>SYNOPSIS</b> 14 <b><a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks</b> 15 <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/mime_header_checks</b> 16 <b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/nested_header_checks</b> 17 <b><a href="postconf.5.html#body_checks">body_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/body_checks</b> 18 19 <b><a href="postconf.5.html#milter_header_checks">milter_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a></b> 20 21 <b><a href="postconf.5.html#smtp_header_checks">smtp_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_header_checks</b> 22 <b><a href="postconf.5.html#smtp_mime_header_checks">smtp_mime_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_mime_header_checks</b> 23 <b><a href="postconf.5.html#smtp_nested_header_checks">smtp_nested_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_nested_header_checks</b> 24 <b><a href="postconf.5.html#smtp_body_checks">smtp_body_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_body_checks</b> 25 26 <b>postmap -q "</b><i>string</i><b>" <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i> 27 <b>postmap -q - <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i> 28 29<b>DESCRIPTION</b> 30 This document describes access control on the content of message head- 31 ers and message body lines; it is implemented by the Postfix <a href="cleanup.8.html"><b>cleanup</b>(8)</a> 32 server before mail is queued. See <a href="access.5.html"><b>access</b>(5)</a> for access control on 33 remote SMTP client information. 34 35 Each message header or message body line is compared against a list of 36 patterns. When a match is found the corresponding action is executed, 37 and the matching process is repeated for the next message header or 38 message body line. 39 40 Note: message headers are examined one logical header at a time, even 41 when a message header spans multiple lines. Body lines are always exam- 42 ined one line at a time. 43 44 For examples, see the EXAMPLES section at the end of this manual page. 45 46 Postfix header or <a href="postconf.5.html#body_checks">body_checks</a> are designed to stop a flood of mail from 47 worms or viruses; they do not decode attachments, and they do not unzip 48 archives. See the documents referenced below in the README FILES sec- 49 tion if you need more sophisticated content analysis. 50 51<b>FILTERS WHILE RECEIVING MAIL</b> 52 Postfix implements the following four built-in content inspection 53 classes while receiving mail: 54 55 <b><a href="postconf.5.html#header_checks">header_checks</a></b> (default: empty) 56 These are applied to initial message headers (except for the 57 headers that are processed with <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b>). 58 59 <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>) 60 These are applied to MIME related message headers only. 61 62 This feature is available in Postfix 2.0 and later. 63 64 <b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>) 65 These are applied to message headers of attached email messages 66 (except for the headers that are processed with 67 <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b>). 68 69 This feature is available in Postfix 2.0 and later. 70 71 <b><a href="postconf.5.html#body_checks">body_checks</a></b> 72 These are applied to all other content, including multi-part 73 message boundaries. 74 75 With Postfix versions before 2.0, all content after the initial 76 message headers is treated as body content. 77 78<b>FILTERS AFTER RECEIVING MAIL</b> 79 Postfix supports a subset of the built-in content inspection classes 80 after the message is received: 81 82 <b><a href="postconf.5.html#milter_header_checks">milter_header_checks</a></b> (default: empty) 83 These are applied to headers that are added with Milter applica- 84 tions. 85 86 This feature is available in Postfix 2.7 and later. 87 88<b>FILTERS WHILE DELIVERING MAIL</b> 89 Postfix supports all four content inspection classes while delivering 90 mail via SMTP. 91 92 <b><a href="postconf.5.html#smtp_header_checks">smtp_header_checks</a></b> (default: empty) 93 94 <b><a href="postconf.5.html#smtp_mime_header_checks">smtp_mime_header_checks</a></b> (default: empty) 95 96 <b><a href="postconf.5.html#smtp_nested_header_checks">smtp_nested_header_checks</a></b> (default: empty) 97 98 <b><a href="postconf.5.html#smtp_body_checks">smtp_body_checks</a></b> (default: empty) 99 These features are available in Postfix 2.5 and later. 100 101<b>COMPATIBILITY</b> 102 With Postfix version 2.2 and earlier specify "<b>postmap -fq</b>" to query a 103 table that contains case sensitive patterns. By default, <a href="regexp_table.5.html">regexp</a>: and 104 <a href="pcre_table.5.html">pcre</a>: patterns are case insensitive. 105 106<b>TABLE FORMAT</b> 107 This document assumes that header and <a href="postconf.5.html#body_checks">body_checks</a> rules are specified 108 in the form of Postfix regular expression lookup tables. Usually the 109 best performance is obtained with <b>pcre</b> (Perl Compatible Regular Expres- 110 sion) tables. The <b>regexp</b> (POSIX regular expressions) tables are usually 111 slower, but more widely available. Use the command "<b>postconf -m</b>" to 112 find out what lookup table types your Postfix system supports. 113 114 The general format of Postfix regular expression tables is given below. 115 For a discussion of specific pattern or flags syntax, see <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a> 116 or <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a>, respectively. 117 118 <b>/</b><i>pattern</i><b>/</b><i>flags action</i> 119 When /<i>pattern</i>/ matches the input string, execute the correspond- 120 ing <i>action</i>. See below for a list of possible actions. 121 122 <b>!/</b><i>pattern</i><b>/</b><i>flags action</i> 123 When /<i>pattern</i>/ does <b>not</b> match the input string, execute the cor- 124 responding <i>action</i>. 125 126 <b>if /</b><i>pattern</i><b>/</b><i>flags</i> 127 128 <b>endif</b> If the input string matches /<i>pattern</i>/, then match that input 129 string against the patterns between <b>if</b> and <b>endif</b>. The <b>if</b>..<b>endif</b> 130 can nest. 131 132 Note: do not prepend whitespace to patterns inside <b>if</b>..<b>endif</b>. 133 134 <b>if !/</b><i>pattern</i><b>/</b><i>flags</i> 135 136 <b>endif</b> If the input string does not match /<i>pattern</i>/, then match that 137 input string against the patterns between <b>if</b> and <b>endif</b>. The 138 <b>if</b>..<b>endif</b> can nest. 139 140 blank lines and comments 141 Empty lines and whitespace-only lines are ignored, as are lines 142 whose first non-whitespace character is a `#'. 143 144 multi-line text 145 A pattern/action line starts with non-whitespace text. A line 146 that starts with whitespace continues a logical line. 147 148<b>TABLE SEARCH ORDER</b> 149 For each line of message input, the patterns are applied in the order 150 as specified in the table. When a pattern is found that matches the 151 input line, the corresponding action is executed and then the next 152 input line is inspected. 153 154<b>TEXT SUBSTITUTION</b> 155 Substitution of substrings from the matched expression into the <i>action</i> 156 string is possible using the conventional Perl syntax (<b>$1</b>, <b>$2</b>, etc.). 157 The macros in the result string may need to be written as <b>${n}</b> or <b>$(n)</b> 158 if they aren't followed by whitespace. 159 160 Note: since negated patterns (those preceded by <b>!</b>) return a result when 161 the expression does not match, substitutions are not available for 162 negated patterns. 163 164<b>ACTIONS</b> 165 Action names are case insensitive. They are shown in upper case for 166 consistency with other Postfix documentation. 167 168 <b>BCC</b> <i>user@domain</i> 169 Add the specified address as a BCC recipient, and inspect the 170 next input line. The address must have a local part and domain 171 part. The number of BCC addresses that can be added is limited 172 only by the amount of available storage space. 173 174 Note 1: the BCC address is added as if it was specified with 175 NOTIFY=NONE. The sender will not be notified when the BCC 176 address is undeliverable, as long as all down-stream software 177 implements <a href="https://tools.ietf.org/html/rfc3461">RFC 3461</a>. 178 179 Note 2: this ignores duplicate addresses (with the same delivery 180 status notification options). 181 182 This feature is available in Postfix 3.0 and later. 183 184 This feature is not supported with smtp header/body checks. 185 186 <b>DISCARD</b> <i>optional text...</i> 187 Claim successful delivery and silently discard the message. Do 188 not inspect the remainder of the input message. Log the 189 optional text if specified, otherwise log a generic message. 190 191 Note: this action disables further header or <a href="postconf.5.html#body_checks">body_checks</a> inspec- 192 tion of the current message and affects all recipients. To dis- 193 card only one recipient without discarding the entire message, 194 use the <a href="transport.5.html">transport(5)</a> table to direct mail to the <a href="discard.8.html">discard(8)</a> ser- 195 vice. 196 197 This feature is available in Postfix 2.0 and later. 198 199 This feature is not supported with smtp header/body checks. 200 201 <b>DUNNO</b> Pretend that the input line did not match any pattern, and 202 inspect the next input line. This action can be used to shorten 203 the table search. 204 205 For backwards compatibility reasons, Postfix also accepts <b>OK</b> but 206 it is (and always has been) treated as <b>DUNNO</b>. 207 208 This feature is available in Postfix 2.1 and later. 209 210 <b>FILTER</b> <i>transport:destination</i> 211 Override the <a href="postconf.5.html#content_filter">content_filter</a> parameter setting, and inspect the 212 next input line. After the message is queued, send the entire 213 message through the specified external content filter. The 214 <i>transport</i> name specifies the first field of a mail delivery 215 agent definition in <a href="master.5.html">master.cf</a>; the syntax of the next-hop <i>desti-</i> 216 <i>nation</i> is described in the manual page of the corresponding 217 delivery agent. More information about external content filters 218 is in the Postfix <a href="FILTER_README.html">FILTER_README</a> file. 219 220 Note 1: do not use $<i>number</i> regular expression substitutions for 221 <i>transport</i> or <i>destination</i> unless you know that the information 222 has a trusted origin. 223 224 Note 2: this action overrides the <a href="postconf.5.html">main.cf</a> <b><a href="postconf.5.html#content_filter">content_filter</a></b> set- 225 ting, and affects all recipients of the message. In the case 226 that multiple <b>FILTER</b> actions fire, only the last one is exe- 227 cuted. 228 229 Note 3: the purpose of the FILTER command is to override message 230 routing. To override the recipient's <i>transport</i> but not the 231 next-hop <i>destination</i>, specify an empty filter <i>destination</i> (Post- 232 fix 2.7 and later), or specify a <i>transport:destination</i> that 233 delivers through a different Postfix instance (Postfix 2.6 and 234 earlier). Other options are using the recipient-dependent <b><a href="postconf.5.html#transport_maps">trans</a>-</b> 235 <b><a href="postconf.5.html#transport_maps">port_maps</a></b> or the sender-dependent <b><a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default-</b> 236 <b>_transport_maps</a></b> features. 237 238 This feature is available in Postfix 2.0 and later. 239 240 This feature is not supported with smtp header/body checks. 241 242 <b>HOLD</b> <i>optional text...</i> 243 Arrange for the message to be placed on the <b>hold</b> queue, and 244 inspect the next input line. The message remains on <b>hold</b> until 245 someone either deletes it or releases it for delivery. Log the 246 optional text if specified, otherwise log a generic message. 247 248 Mail that is placed on hold can be examined with the <a href="postcat.1.html"><b>postcat</b>(1)</a> 249 command, and can be destroyed or released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> 250 command. 251 252 Note: use "<b>postsuper -r</b>" to release mail that was kept on hold 253 for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a></b> or 254 <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>, or longer. Use "<b>postsuper -H</b>" only for 255 mail that will not expire within a few delivery attempts. 256 257 Note: this action affects all recipients of the message. 258 259 This feature is available in Postfix 2.0 and later. 260 261 This feature is not supported with smtp header/body checks. 262 263 <b>IGNORE</b> Delete the current line from the input, and inspect the next 264 input line. See <b>STRIP</b> for an alternative that logs the action. 265 266 <b>INFO</b> <i>optional text...</i> 267 Log an "info:" record with the <i>optional text...</i> (or log a 268 generic text), and inspect the next input line. This action is 269 useful for routine logging or for debugging. 270 271 This feature is available in Postfix 2.8 and later. 272 273 <b>PASS</b> <i>optional text...</i> 274 Log a "pass:" record with the <i>optional text...</i> (or log a generic 275 text), and turn off header, body, and Milter inspection for the 276 remainder of this message. 277 278 Note: this feature relies on trust in information that is easy 279 to forge. 280 281 This feature is available in Postfix 3.2 and later. 282 283 This feature is not supported with smtp header/body checks. 284 285 <b>PREPEND</b> <i>text...</i> 286 Prepend one line with the specified text, and inspect the next 287 input line. 288 289 Notes: 290 291 <b>o</b> The prepended text is output on a separate line, immedi- 292 ately before the input that triggered the <b>PREPEND</b> action. 293 294 <b>o</b> The prepended text is not considered part of the input 295 stream: it is not subject to header/body checks or 296 address rewriting, and it does not affect the way that 297 Postfix adds missing message headers. 298 299 <b>o</b> When prepending text before a message header line, the 300 prepended text must begin with a valid message header 301 label. 302 303 <b>o</b> This action cannot be used to prepend multi-line text. 304 305 This feature is available in Postfix 2.1 and later. 306 307 This feature is not supported with <a href="postconf.5.html#milter_header_checks">milter_header_checks</a>. 308 309 <b>REDIRECT</b> <i>user@domain</i> 310 Write a message redirection request to the queue file, and 311 inspect the next input line. After the message is queued, it 312 will be sent to the specified address instead of the intended 313 recipient(s). 314 315 Note: this action overrides the <b>FILTER</b> action, and affects all 316 recipients of the message. If multiple <b>REDIRECT</b> actions fire, 317 only the last one is executed. 318 319 This feature is available in Postfix 2.1 and later. 320 321 This feature is not supported with smtp header/body checks. 322 323 <b>REPLACE</b> <i>text...</i> 324 Replace the current line with the specified text, and inspect 325 the next input line. 326 327 This feature is available in Postfix 2.2 and later. The descrip- 328 tion below applies to Postfix 2.2.2 and later. 329 330 Notes: 331 332 <b>o</b> When replacing a message header line, the replacement 333 text must begin with a valid header label. 334 335 <b>o</b> The replaced text remains part of the input stream. 336 Unlike the result from the <b>PREPEND</b> action, a replaced 337 message header may be subject to address rewriting and 338 may affect the way that Postfix adds missing message 339 headers. 340 341 <b>REJECT</b> <i>optional text...</i> 342 Reject the entire message. Do not inspect the remainder of the 343 input message. Reply with <i>optional text...</i> when the optional 344 text is specified, otherwise reply with a generic error message. 345 346 Note: this action disables further header or <a href="postconf.5.html#body_checks">body_checks</a> inspec- 347 tion of the current message and affects all recipients. 348 349 Postfix version 2.3 and later support enhanced status codes. 350 When no code is specified at the beginning of <i>optional text...</i>, 351 Postfix inserts a default enhanced status code of "5.7.1". 352 353 This feature is not supported with smtp header/body checks. 354 355 <b>STRIP</b> <i>optional text...</i> 356 Log a "strip:" record with the <i>optional text...</i> (or log a 357 generic text), delete the input line from the input, and inspect 358 the next input line. See <b>IGNORE</b> for a silent alternative. 359 360 This feature is available in Postfix 3.2 and later. 361 362 <b>WARN</b> <i>optional text...</i> 363 Log a "warning:" record with the <i>optional text...</i> (or log a 364 generic text), and inspect the next input line. This action is 365 useful for debugging and for testing a pattern before applying 366 more drastic actions. 367 368<b>BUGS</b> 369 Empty lines never match, because some map types mis-behave when given a 370 zero-length search string. This limitation may be removed for regular 371 expression tables in a future release. 372 373 Many people overlook the main limitations of header and <a href="postconf.5.html#body_checks">body_checks</a> 374 rules. 375 376 <b>o</b> These rules operate on one logical message header or one body 377 line at a time. A decision made for one line is not carried over 378 to the next line. 379 380 <b>o</b> If text in the message body is encoded (<a href="https://tools.ietf.org/html/rfc2045">RFC 2045</a>) then the rules 381 need to be specified for the encoded form. 382 383 <b>o</b> Likewise, when message headers are encoded (<a href="https://tools.ietf.org/html/rfc2047">RFC 2047</a>) then the 384 rules need to be specified for the encoded form. 385 386 Message headers added by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon itself are excluded from 387 inspection. Examples of such message headers are <b>From:</b>, <b>To:</b>, <b>Mes-</b> 388 <b>sage-ID:</b>, <b>Date:</b>. 389 390 Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be examined 391 before they are deleted. Examples are: <b>Bcc:</b>, <b>Content-Length:</b>, 392 <b>Return-Path:</b>. 393 394<b>CONFIGURATION PARAMETERS</b> 395 <b><a href="postconf.5.html#body_checks">body_checks</a></b> 396 Lookup tables with content filter rules for message body lines. 397 These filters see one physical line at a time, in chunks of at 398 most <b>$<a href="postconf.5.html#line_length_limit">line_length_limit</a></b> bytes. 399 400 <b><a href="postconf.5.html#body_checks_size_limit">body_checks_size_limit</a></b> 401 The amount of content per message body segment (attachment) that 402 is subjected to <b>$<a href="postconf.5.html#body_checks">body_checks</a></b> filtering. 403 404 <b><a href="postconf.5.html#header_checks">header_checks</a></b> 405 406 <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>) 407 408 <b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>) 409 Lookup tables with content filter rules for message header 410 lines: respectively, these are applied to the initial message 411 headers (not including MIME headers), to the MIME headers any- 412 where in the message, and to the initial headers of attached 413 messages. 414 415 Note: these filters see one logical message header at a time, 416 even when a message header spans multiple lines. Message headers 417 that are longer than <b>$<a href="postconf.5.html#header_size_limit">header_size_limit</a></b> characters are trun- 418 cated. 419 420 <b><a href="postconf.5.html#disable_mime_input_processing">disable_mime_input_processing</a></b> 421 While receiving mail, give no special treatment to MIME related 422 message headers; all text after the initial message headers is 423 considered to be part of the message body. This means that 424 <b><a href="postconf.5.html#header_checks">header_checks</a></b> is applied to all the initial message headers, and 425 that <b><a href="postconf.5.html#body_checks">body_checks</a></b> is applied to the remainder of the message. 426 427 Note: when used in this manner, <b><a href="postconf.5.html#body_checks">body_checks</a></b> will process a 428 multi-line message header one line at a time. 429 430<b>EXAMPLES</b> 431 Header pattern to block attachments with bad file name extensions. For 432 convenience, the PCRE /x flag is specified, so that there is no need to 433 collapse the pattern into a single line of text. The purpose of the 434 [[:xdigit:]] sub-expressions is to recognize Windows CLSID strings. 435 436 /etc/postfix/<a href="postconf.5.html">main.cf</a>: 437 <a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks.pcre 438 439 /etc/postfix/header_checks.<a href="pcre_table.5.html">pcre</a>: 440 /^Content-(Disposition|Type).*name\s*=\s*"?([^;]*(\.|=2E)( 441 ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe| 442 hlp|ht[at]| 443 inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws| 444 \{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}| 445 ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf| 446 vb[esx]?|vxd|ws[cfh]))(\?=)?"?\s*(;|$)/x 447 REJECT Attachment name "$2" may not end with ".$4" 448 449 Body pattern to stop a specific HTML browser vulnerability exploit. 450 451 /etc/postfix/<a href="postconf.5.html">main.cf</a>: 452 <a href="postconf.5.html#body_checks">body_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/body_checks 453 454 /etc/postfix/body_checks: 455 /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/ 456 REJECT IFRAME vulnerability exploit 457 458<b>SEE ALSO</b> 459 <a href="cleanup.8.html">cleanup(8)</a>, canonicalize and enqueue Postfix message 460 <a href="pcre_table.5.html">pcre_table(5)</a>, format of PCRE lookup tables 461 <a href="regexp_table.5.html">regexp_table(5)</a>, format of POSIX regular expression tables 462 <a href="postconf.1.html">postconf(1)</a>, Postfix configuration utility 463 <a href="postmap.1.html">postmap(1)</a>, Postfix lookup table management 464 <a href="postsuper.1.html">postsuper(1)</a>, Postfix janitor 465 <a href="postcat.1.html">postcat(1)</a>, show Postfix queue file contents 466 <a href="https://tools.ietf.org/html/rfc2045">RFC 2045</a>, base64 and quoted-printable encoding rules 467 <a href="https://tools.ietf.org/html/rfc2047">RFC 2047</a>, message header encoding for non-ASCII text 468 469<b>README FILES</b> 470 <a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview 471 <a href="CONTENT_INSPECTION_README.html">CONTENT_INSPECTION_README</a>, Postfix content inspection overview 472 <a href="BUILTIN_FILTER_README.html">BUILTIN_FILTER_README</a>, Postfix built-in content inspection 473 <a href="BACKSCATTER_README.html">BACKSCATTER_README</a>, blocking returned forged mail 474 475<b>LICENSE</b> 476 The Secure Mailer license must be distributed with this software. 477 478<b>AUTHOR(S)</b> 479 Wietse Venema 480 IBM T.J. Watson Research 481 P.O. Box 704 482 Yorktown Heights, NY 10598, USA 483 484 Wietse Venema 485 Google, Inc. 486 111 8th Avenue 487 New York, NY 10011, USA 488 489 HEADER_CHECKS(5) 490</pre> </body> </html> 491