218 lines
8.4 KiB
Plaintext
218 lines
8.4 KiB
Plaintext
# ACCESS(5) ACCESS(5)
|
|
#
|
|
# NAME
|
|
# access - format of Postfix access table
|
|
#
|
|
# SYNOPSIS
|
|
# postmap /etc/postfix/access
|
|
#
|
|
# postmap -q "string" /etc/postfix/access
|
|
#
|
|
# postmap -q - /etc/postfix/access <inputfile
|
|
#
|
|
# DESCRIPTION
|
|
# The optional access table directs the Postfix SMTP server
|
|
# to selectively reject or accept mail. Access can be
|
|
# allowed or denied for specific host names, domain names,
|
|
# networks, host network addresses or mail addresses.
|
|
#
|
|
# Normally, the access table is specified as a text file
|
|
# that serves as input to the postmap(1) command. The
|
|
# result, an indexed file in dbm or db format, is used for
|
|
# fast searching by the mail system. Execute the command
|
|
# postmap /etc/postfix/access in order to rebuild the
|
|
# indexed file after changing the access table.
|
|
#
|
|
# When the table is provided via other means such as NIS,
|
|
# LDAP or SQL, the same lookups are done as for ordinary
|
|
# indexed files.
|
|
#
|
|
# Alternatively, the table can be provided as a regular-
|
|
# expression map where patterns are given as regular expres-
|
|
# sions. In that case, the lookups are done in a slightly
|
|
# different way as described below.
|
|
#
|
|
# TABLE FORMAT
|
|
# The format of the access table is as follows:
|
|
#
|
|
# pattern action
|
|
# When pattern matches a mail address, domain or host
|
|
# address, perform the corresponding action.
|
|
#
|
|
# blank lines and comments
|
|
# Empty lines and whitespace-only lines are ignored,
|
|
# as are lines whose first non-whitespace character
|
|
# is a `#'.
|
|
#
|
|
# multi-line text
|
|
# A logical line starts with non-whitespace text. A
|
|
# line that starts with whitespace continues a logi-
|
|
# cal line.
|
|
#
|
|
# EMAIL ADDRESS PATTERNS
|
|
# With lookups from indexed files such as DB or DBM, or from
|
|
# networked tables such as NIS, LDAP or SQL, the following
|
|
# lookup patterns are examined in the order as listed:
|
|
#
|
|
# user@domain
|
|
# Matches the specified mail address.
|
|
#
|
|
# domain.tld
|
|
# Matches domain.tld as the domain part of an email
|
|
# address.
|
|
#
|
|
# The pattern domain.tld also matches subdomains, but
|
|
# only when the string smtpd_access_maps is listed in
|
|
# the Postfix parent_domain_matches_subdomains con-
|
|
# figuration setting. Otherwise, specify .domain.tld
|
|
# (note the initial dot) in order to match subdo-
|
|
# mains.
|
|
#
|
|
# user@ Matches all mail addresses with the specified user
|
|
# part.
|
|
#
|
|
# Note: lookup of the null sender address is not possible
|
|
# with some types of lookup table. By default, Postfix uses
|
|
# <> as the lookup key for such addresses. The value is
|
|
# specified with the smtpd_null_access_lookup_key parameter
|
|
# in the Postfix main.cf file.
|
|
#
|
|
# ADDRESS EXTENSION
|
|
# When a mail address localpart contains the optional recip-
|
|
# ient delimiter (e.g., user+foo@domain), the lookup order
|
|
# becomes: user+foo@domain, user@domain, domain, user+foo@,
|
|
# and user@.
|
|
#
|
|
# HOST NAME/ADDRESS PATTERNS
|
|
# With lookups from indexed files such as DB or DBM, or from
|
|
# networked tables such as NIS, LDAP or SQL, the following
|
|
# lookup patterns are examined in the order as listed:
|
|
#
|
|
# domain.tld
|
|
# Matches domain.tld.
|
|
#
|
|
# The pattern domain.tld also matches subdomains, but
|
|
# only when the string smtpd_access_maps is listed in
|
|
# the Postfix parent_domain_matches_subdomains con-
|
|
# figuration setting. Otherwise, specify .domain.tld
|
|
# (note the initial dot) in order to match subdo-
|
|
# mains.
|
|
#
|
|
# net.work.addr.ess
|
|
#
|
|
# net.work.addr
|
|
#
|
|
# net.work
|
|
#
|
|
# net Matches any host address in the specified network.
|
|
# A network address is a sequence of one or more
|
|
# octets separated by ".".
|
|
#
|
|
# ACTIONS
|
|
# [45]NN text
|
|
# Reject the address etc. that matches the pattern,
|
|
# and respond with the numerical code and text.
|
|
#
|
|
# REJECT
|
|
#
|
|
# REJECT optional text...
|
|
# Reject the address etc. that matches the pattern.
|
|
# Reply with $reject_code optional text... when the
|
|
# optional text is specified, otherwise reply with a
|
|
# generic error response message.
|
|
#
|
|
# OK Accept the address etc. that matches the pattern.
|
|
#
|
|
# all-numerical
|
|
# An all-numerical result is treated as OK. This for-
|
|
# mat is generated by address-based relay authoriza-
|
|
# tion schemes.
|
|
#
|
|
# DUNNO Pretend that the lookup key was not found in this
|
|
# table. This prevents Postfix from trying substrings
|
|
# of the lookup key (such as a subdomain name, or a
|
|
# network address subnetwork).
|
|
#
|
|
# HOLD
|
|
#
|
|
# HOLD optional text...
|
|
# Place the message on the hold queue, where it will
|
|
# sit until someone either deletes it or releases it
|
|
# for delivery. Log the optional text if specified,
|
|
# otherwise log a generic message.
|
|
#
|
|
# Mail that is placed on hold can be examined with
|
|
# the postcat(1) command, and can be destroyed or
|
|
# released with the postsuper(1) command.
|
|
#
|
|
# Note: this action currently affects all recipients
|
|
# of the message.
|
|
#
|
|
# DISCARD
|
|
#
|
|
# DISCARD optional text...
|
|
# Claim successful delivery and silently discard the
|
|
# message. Log the optional text if specified, oth-
|
|
# erwise log a generic message.
|
|
#
|
|
# Note: this action currently affects all recipients
|
|
# of the message.
|
|
#
|
|
# FILTER transport:destination
|
|
# After the message is queued, send the entire mes-
|
|
# sage through a content filter. More information
|
|
# about content filters is in the Postfix FIL-
|
|
# TER_README file.
|
|
#
|
|
# Note: this action overrides the main.cf con-
|
|
# tent_filter setting, and currently affects all
|
|
# recipients of the message.
|
|
#
|
|
# restriction...
|
|
# Apply the named UCE restriction(s) (permit, reject,
|
|
# reject_unauth_destination, and so on).
|
|
#
|
|
# REGULAR EXPRESSION TABLES
|
|
# This section describes how the table lookups change when
|
|
# the table is given in the form of regular expressions. For
|
|
# a description of regular expression lookup table syntax,
|
|
# see regexp_table(5) or pcre_table(5).
|
|
#
|
|
# Each pattern is a regular expression that is applied to
|
|
# the entire string being looked up. Depending on the appli-
|
|
# cation, that string is an entire client hostname, an
|
|
# entire client IP address, or an entire mail address. Thus,
|
|
# no parent domain or parent network search is done,
|
|
# user@domain mail addresses are not broken up into their
|
|
# user@ and domain constituent parts, nor is user+foo broken
|
|
# up into user and foo.
|
|
#
|
|
# Patterns are applied in the order as specified in the
|
|
# table, until a pattern is found that matches the search
|
|
# string.
|
|
#
|
|
# Actions are the same as with indexed file lookups, with
|
|
# the additional feature that parenthesized substrings from
|
|
# the pattern can be interpolated as $1, $2 and so on.
|
|
#
|
|
# BUGS
|
|
# The table format does not understand quoting conventions.
|
|
#
|
|
# SEE ALSO
|
|
# postmap(1) create mapping table
|
|
# smtpd(8) smtp server
|
|
# pcre_table(5) format of PCRE tables
|
|
# regexp_table(5) format of POSIX regular expression tables
|
|
#
|
|
# LICENSE
|
|
# The Secure Mailer license must be distributed with this
|
|
# software.
|
|
#
|
|
# AUTHOR(S)
|
|
# Wietse Venema
|
|
# IBM T.J. Watson Research
|
|
# P.O. Box 704
|
|
# Yorktown Heights, NY 10598, USA
|
|
#
|
|
# ACCESS(5)
|