147 lines
5.7 KiB
Plaintext
147 lines
5.7 KiB
Plaintext
#++
|
|
# NAME
|
|
# access 5
|
|
# SUMMARY
|
|
# format of Postfix access table
|
|
# SYNOPSIS
|
|
# \fBpostmap /etc/postfix/access\fR
|
|
# DESCRIPTION
|
|
# The optional \fBaccess\fR table directs the Postfix SMTP server
|
|
# to selectively reject or accept mail. Access can be allowed or
|
|
# denied for specific host names, domain names, networks, host
|
|
# network addresses or mail addresses.
|
|
#
|
|
# Normally, the \fBaccess\fR table is specified as a text file
|
|
# that serves as input to the \fBpostmap\fR(1) command.
|
|
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
|
|
# is used for fast searching by the mail system. Execute the command
|
|
# \fBpostmap /etc/postfix/access\fR in order to rebuild the indexed
|
|
# file after changing the access table.
|
|
#
|
|
# When the table is provided via other means such as NIS, LDAP
|
|
# or SQL, the same lookups are done as for ordinary indexed files.
|
|
#
|
|
# Alternatively, the table can be provided as a regular-expression
|
|
# map where patterns are given as regular expressions. In that case,
|
|
# the lookups are done in a slightly different way as described below.
|
|
# TABLE FORMAT
|
|
# .ad
|
|
# .fi
|
|
# The format of the access table is as follows:
|
|
# .IP "\fIpattern action\fR"
|
|
# When \fIpattern\fR matches a mail address, domain or host address,
|
|
# perform the corresponding \fIaction\fR.
|
|
# .IP "blank lines and comments"
|
|
# Empty lines and whitespace-only lines are ignored, as
|
|
# are lines whose first non-whitespace character is a `#'.
|
|
# .IP "multi-line text"
|
|
# A logical line starts with non-whitespace text. A line that
|
|
# starts with whitespace continues a logical line.
|
|
# EMAIL ADDRESS PATTERNS
|
|
# .ad
|
|
# .fi
|
|
# With lookups from indexed files such as DB or DBM, or from networked
|
|
# tables such as NIS, LDAP or SQL, the following lookup patterns are
|
|
# examined in the order as listed:
|
|
# .IP \fIuser\fR@\fIdomain\fR
|
|
# Matches the specified mail address.
|
|
# .IP \fIdomain.name\fR
|
|
# Matches \fIdomain.name\fR as the domain part of an email address.
|
|
# .sp
|
|
# The pattern \fIdomain.name\fR also matches subdomains, but only
|
|
# when the string \fBsmtpd_access_maps\fR is listed in the Postfix
|
|
# \fBparent_domain_matches_subdomains\fR configuration setting.
|
|
# Otherwise, specify \fI.domain.name\fR (note the initial dot) in
|
|
# order to match subdomains.
|
|
# .IP \fIuser\fR@
|
|
# Matches all mail addresses with the specified user part.
|
|
# .PP
|
|
# Note: lookup of the null sender address is not possible with
|
|
# some types of lookup table. By default, Postfix uses \fB<>\fR
|
|
# as the lookup key for such addresses. The value is specified with
|
|
# the workaround is to specify \fBsmtpd_null_access_lookup_key\fR
|
|
# parameter in the Postfix \fBmain.cf\fR file.
|
|
# ADDRESS EXTENSION
|
|
# .fi
|
|
# .ad
|
|
# When a mail address localpart contains the optional recipient delimiter
|
|
# (e.g., \fIuser+foo\fR@\fIdomain\fR), the lookup order becomes:
|
|
# \fIuser+foo\fR@\fIdomain\fR, \fIuser\fR@\fIdomain\fR, \fIdomain\fR,
|
|
# \fIuser+foo\fR@, and \fIuser\fR@.
|
|
# HOST NAME/ADDRESS PATTERNS
|
|
# .ad
|
|
# .fi
|
|
# With lookups from indexed files such as DB or DBM, or from networked
|
|
# tables such as NIS, LDAP or SQL, the following lookup patterns are
|
|
# examined in the order as listed:
|
|
# .IP \fIdomain.name\fR
|
|
# Matches \fIdomain.name\fR.
|
|
# .sp
|
|
# The pattern \fIdomain.name\fR also matches subdomains, but only
|
|
# when the string \fBsmtpd_access_maps\fR is listed in the Postfix
|
|
# \fBparent_domain_matches_subdomains\fR configuration setting.
|
|
# Otherwise, specify \fI.domain.name\fR (note the initial dot) in
|
|
# order to match subdomains.
|
|
# .IP \fInet.work.addr.ess\fR
|
|
# .IP \fInet.work.addr\fR
|
|
# .IP \fInet.work\fR
|
|
# .IP \fInet\fR
|
|
# Matches any host address in the specified network. A network
|
|
# address is a sequence of one or more octets separated by ".".
|
|
# ACTIONS
|
|
# .ad
|
|
# .fi
|
|
# .IP "[\fB45\fR]\fINN text\fR"
|
|
# Reject the address etc. that matches the pattern, and respond with
|
|
# the numerical code and text.
|
|
# .IP \fBREJECT\fR
|
|
# Reject the address etc. that matches the pattern. A generic
|
|
# error response message is generated.
|
|
# .IP \fBOK\fR
|
|
# Accept the address etc. that matches the pattern.
|
|
# .IP \fIall-numerical\fR
|
|
# An all-numerical result is treated as OK. This format is
|
|
# generated by address-based relay authorization schemes.
|
|
# .IP \fIrestriction...\fR
|
|
# Apply the named UCE restriction(s) (\fBpermit\fR, \fRreject\fR,
|
|
# \fBreject_unauth_destination\fR, and so on).
|
|
# REGULAR EXPRESSION TABLES
|
|
# .ad
|
|
# .fi
|
|
# This section describes how the table lookups change when the table
|
|
# is given in the form of regular expressions. For a description of
|
|
# regular expression lookup table syntax, see \fBregexp_table\fR(5)
|
|
# or \fBpcre_table\fR(5).
|
|
#
|
|
# Each pattern is a regular expression that is applied to the entire
|
|
# string being looked up. Depending on the application, that string
|
|
# is an entire client hostname, an entire client IP address, or an
|
|
# entire mail address. Thus, no parent domain or parent network search
|
|
# is done, \fIuser@domain\fR mail addresses are not broken up into
|
|
# their \fIuser@\fR and \fIdomain\fR constituent parts, nor is
|
|
# \fIuser+foo\fR broken up into \fIuser\fR and \fIfoo\fR.
|
|
#
|
|
# Patterns are applied in the order as specified in the table, until a
|
|
# pattern is found that matches the search string.
|
|
#
|
|
# Actions are the same as with indexed file lookups, with
|
|
# the additional feature that parenthesized substrings from the
|
|
# pattern can be interpolated as \fB$1\fR, \fB$2\fR and so on.
|
|
# BUGS
|
|
# The table format does not understand quoting conventions.
|
|
# SEE ALSO
|
|
# postmap(1) create mapping table
|
|
# smtpd(8) smtp server
|
|
# pcre_table(5) format of PCRE tables
|
|
# regexp_table(5) format of POSIX regular expression tables
|
|
# LICENSE
|
|
# .ad
|
|
# .fi
|
|
# The Secure Mailer license must be distributed with this software.
|
|
# AUTHOR(S)
|
|
# Wietse Venema
|
|
# IBM T.J. Watson Research
|
|
# P.O. Box 704
|
|
# Yorktown Heights, NY 10598, USA
|
|
#--
|