# $NetBSD: sample-pcre-access.cf,v 1.2 2002/12/24 21:37:45 perry Exp $ # # # Sample pcre (PERL-compatible regular expression) map file for # SMTPD access control. See pcre_table(5) and access(5) for # syntax descriptions. # # The first field is a perl-like regular expression. The expression # delimiter can be any character except whitespace, or characters # that have special meaning to the regexp library (traditionally # the forward slash is used). The regular expression can contain # whitespace. # # By default, matching is case-INsensitive, although following # the second slash with an 'i' will reverse this. Other flags are # supported, but the only other useful one is 'U', which makes # matching ungreedy (see PCRE documentation and source for more # info). # # A block of table entries may be "enclosed" by a line with # `if /pattern/flags' and a line with `endif'. This causes # the block of table entries to be examined only when the # pattern produces a successful match. The `if..endif' may # be nested. There currently is no `else' operator. # # The second field is the "replacement" string - the text # returned by the match. When used for smtpd checks, this would # be a helpful message to misguided users (or an offensive # message to spammers), although it could also be a domain name # or other data for use as a transport, virtual, or other map. # # Substitution of sub-strings from the matched expression is # possible using the conventional perl syntax. The macros in the # replacement string may need to be protected with curly braces # if they aren't followed by whitespace (see the examples # below). # # Lines starting with whitespace are continuation lines - they are # appended to the previous line (there should be no whitespace # before your regular expression!) # # This code was originally developed for SPAM control. However # it seems that it can be used equally well for address rewriting # by virtual or canonical lookups. Using this for aliases might # be stretching things, though. # # Protect your outgoing majordomo exploders # /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead # Bounce friend@whatever, except when whatever is our domain (you would # be better just bouncing all friend@ mail - this is just an example). # /^friend@(?!my\.domain)/ 550 Stick this in your pipe $0 # A multi-line response # /^noddy@my\.domain$/ 550 This user is a funny one. You really don't want to send mail to them as it only makes their head spin.