NetBSD/gnu/dist/postfix/html/access.5.html

<html> <head> </head> <body> <pre>



ACCESS(5)                                               ACCESS(5)


<b>NAME</b>
       access - format of Postfix access table

<b>SYNOPSIS</b>
       <b>postmap</b> <b>/etc/postfix/access</b>

<b>DESCRIPTION</b>
       The  optional <b>access</b> table directs the Postfix SMTP server
       to selectively reject or accept mail from or  to  specific
       hosts,   domains,   networks,   host   addresses  or  mail
       addresses.

       Normally, the <b>access</b> table is specified  as  a  text  file
       that  serves  as  input  to  the  <a href="postmap.1.html"><b>postmap</b>(1)</a> command.  The
       result, an indexed file in <b>dbm</b> or <b>db</b> format, is  used  for
       fast  searching  by  the  mail system. Execute the command
       <b>postmap</b>  <b>/etc/postfix/access</b>  in  order  to  rebuild   the
       indexed file after changing the access table.

       When  the  table  is provided via other means such as NIS,
       LDAP or SQL, the same lookups are  done  as  for  ordinary
       indexed files.

       Alternatively,  the  table  can  be provided as a regular-
       expression map where patterns are given as regular expres-
       sions.  In  that  case, the lookups are done in a slightly
       different way as described below.

<b>TABLE</b> <b>FORMAT</b>
       The format of the access table is as follows:

       blanks and comments
              Blank lines are ignored,  as  are  lines  beginning
              with `#'.

       leading whitespace
              Lines  that begin with whitespace continue the pre-
              vious line.

       <i>pattern</i> <i>action</i>
              When <i>pattern</i> matches a mail address, domain or host
              address, perform the corresponding <i>action</i>.

<b>PATTERNS</b>
       With lookups from indexed files such as DB or DBM, or from
       networked tables such as NIS, LDAP or  SQL,  patterns  are
       tried in the order as listed below:

       <i>user</i>@<i>domain</i>
              Matches the specified mail address.

       <i>domain.name</i>
              Matches  the  <i>domain.name</i>  itself and any subdomain
              thereof, either in hostnames or in mail  addresses.



                                                                1





ACCESS(5)                                               ACCESS(5)


              Top-level domains will never be matched.

       <i>user</i>@  Matches  all mail addresses with the specified user
              part.

       <i>net.work.addr.ess</i>

       <i>net.work.addr</i>

       <i>net.work</i>

       <i>net</i>    Matches any host address in the specified  network.
              A  network  address  is  a  sequence of one or more
              octets separated by ".".

<b>ACTIONS</b>
       [<b>45</b>]<i>NN</i> <i>text</i>
              Reject the address etc. that matches  the  pattern,
              and respond with the numerical code and text.

       <b>REJECT</b> Reject the address etc. that matches the pattern. A
              generic error response message is generated.

       <b>OK</b>     Accept the address etc. that matches the pattern.

       <i>restriction...</i>
              Apply the named UCE restriction(s) (<b>permit</b>, reject,
              <b>reject</b><i>_</i><b>unauth</b><i>_</i><b>destination</b>, and so on).

<b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
       This  section  describes how the table lookups change when
       the table is given in the form of regular expressions. For
       a  description  of regular expression lookup table syntax,
       see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.

       Each pattern is a regular expression that  is  applied  to
       the entire string being looked up. Depending on the appli-
       cation, that string  is  an  entire  client  hostname,  an
       entire client IP address, or an entire mail address. Thus,
       no parent domain or parent network  search  is  done,  and
       <i>user@domain</i>  mail  addresses  are not broken up into their
       <i>user@</i> and <i>domain</i> constituent parts.

       Patterns are applied in the  order  as  specified  in  the
       table,  until  a  pattern is found that matches the search
       string.

       Actions are the same as with normal indexed file  lookups,
       with  the additional feature that parenthesized substrings
       from the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so  on.

<b>BUGS</b>
       The  table format does not understand quoting conventions.




                                                                2





ACCESS(5)                                               ACCESS(5)


<b>SEE</b> <b>ALSO</b>
       <a href="postmap.1.html">postmap(1)</a> create mapping table
       <a href="smtpd.8.html">smtpd(8)</a> smtp server
       <a href="pcre_table.5.html">pcre_table(5)</a> format of PCRE tables
       <a href="regexp_table.5.html">regexp_table(5)</a> format of POSIX regular expression tables

<b>LICENSE</b>
       The Secure Mailer license must be  distributed  with  this
       software.

<b>AUTHOR(S)</b>
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA










































                                                                3


</pre> </body> </html>