NetBSD/gnu/dist/postfix/smtpd/smtpd_check.in

172 lines
4.5 KiB
Plaintext

#
# Initialize.
#
#! ../bin/postmap smtpd_check_access
#msg_verbose 1
smtpd_delay_reject 0
mynetworks 127.0.0.0/8,168.100.189.0/28
relay_domains porcupine.org
#
# Test the client restrictions.
#
client_restrictions permit_mynetworks,reject_unknown_client,hash:./smtpd_check_access
client unknown 131.155.210.17
client unknown 168.100.189.13
client random.bad.domain 123.123.123.123
client friend.bad.domain 123.123.123.123
client bad.domain 123.123.123.123
client wzv.win.tue.nl 131.155.210.17
client aa.win.tue.nl 131.155.210.18
client_restrictions permit_mynetworks
#
# Test the helo restrictions
#
helo_restrictions permit_mynetworks,reject_unknown_client,reject_invalid_hostname,reject_unknown_hostname,hash:./smtpd_check_access
client unknown 131.155.210.17
helo foo.
client foo 123.123.123.123
helo foo.
helo foo
helo spike.porcupine.org
helo_restrictions permit_mynetworks,reject_unknown_client,reject_invalid_hostname,hash:./smtpd_check_access
helo random.bad.domain
helo friend.bad.domain
helo_restrictions reject_invalid_hostname,reject_unknown_hostname
helo 123.123.123.123
helo_restrictions permit_naked_ip_address,reject_invalid_hostname,reject_unknown_hostname
helo 123.123.123.123
#
# Test the sender restrictions
#
sender_restrictions permit_mynetworks,reject_unknown_client
client unknown 131.155.210.17
mail foo@watson.ibm.com
client unknown 168.100.189.13
mail foo@watson.ibm.com
client foo 123.123.123.123
mail foo@watson.ibm.com
sender_restrictions reject_unknown_address
mail foo@watson.ibm.com
mail foo@bad.domain
sender_restrictions hash:./smtpd_check_access
mail bad-sender@any.domain
mail bad-sender@good.domain
mail reject@this.address
mail Reject@this.address
mail foo@bad.domain
mail foo@Bad.domain
mail foo@random.bad.domain
mail foo@friend.bad.domain
#
# Test the recipient restrictions
#
recipient_restrictions permit_mynetworks,reject_unknown_client,check_relay_domains
client unknown 131.155.210.17
rcpt foo@watson.ibm.com
client unknown 168.100.189.13
rcpt foo@watson.ibm.com
client foo 123.123.123.123
rcpt foo@watson.ibm.com
rcpt foo@porcupine.org
recipient_restrictions check_relay_domains
client foo.porcupine.org 168.100.189.13
rcpt foo@watson.ibm.com
rcpt foo@porcupine.org
client foo 123.123.123.123
rcpt foo@watson.ibm.com
rcpt foo@porcupine.org
recipient_restrictions hash:./smtpd_check_access
mail bad-sender@any.domain
mail bad-sender@good.domain
mail reject@this.address
mail foo@bad.domain
mail foo@random.bad.domain
mail foo@friend.bad.domain
#
# RBL
#
client_restrictions reject_maps_rbl
client spike.porcupine.org 168.100.189.2
client foo 127.0.0.2
#
# Hybrids
#
recipient_restrictions check_relay_domains
client foo 131.155.210.17
rcpt foo@watson.ibm.com
recipient_restrictions check_client_access,hash:./smtpd_check_access,check_relay_domains
client foo 131.155.210.17
rcpt foo@porcupine.org
helo_restrictions permit_mynetworks,reject_unknown_client,reject_invalid_hostname,hash:./smtpd_check_access
recipient_restrictions check_helo_access,hash:./smtpd_check_access,check_relay_domains
helo bad.domain
rcpt foo@porcupine.org
helo 131.155.210.17
rcpt foo@porcupine.org
recipient_restrictions check_sender_access,hash:./smtpd_check_access,check_relay_domains
mail foo@bad.domain
rcpt foo@porcupine.org
mail foo@friend.bad.domain
rcpt foo@porcupine.org
#
# MX backup
#
mydestination spike.porcupine.org,localhost.porcupine.org
inet_interfaces 168.100.189.2,127.0.0.1
recipient_restrictions permit_mx_backup,reject
rcpt wietse@wzv.win.tue.nl
rcpt wietse@trouble.org
rcpt wietse@porcupine.org
#
# Deferred restrictions
#
client_restrictions permit
helo_restrictions permit
sender_restrictions permit
recipient_restrictions check_helo_access,hash:./smtpd_check_access,check_sender_access,hash:./smtpd_check_access
helo bad.domain
mail foo@good.domain
rcpt foo@porcupine.org
helo good.domain
mail foo@bad.domain
rcpt foo@porcupine.org
#
# FQDN restrictions
#
helo_restrictions reject_non_fqdn_hostname
sender_restrictions reject_non_fqdn_sender
recipient_restrictions reject_non_fqdn_recipient
helo foo.bar.
helo foo.bar
helo foo
mail foo@foo.bar.
mail foo@foo.bar
mail foo@foo
mail foo
rcpt foo@foo.bar.
rcpt foo@foo.bar
rcpt foo@foo
rcpt foo
#
# Numerical HELO checks
#
helo_restrictions permit_naked_ip_address,reject_non_fqdn_hostname
helo [1.2.3.4]
helo [321.255.255.255]
helo [0.255.255.255]
helo [1.2.3.321]
helo [1.2.3]
helo [1.2.3.4.5]
helo [1..2.3.4]
helo [.1.2.3.4]
helo [1.2.3.4.5.]
helo 1.2.3.4
helo 321.255.255.255
helo 0.255.255.255
helo 1.2.3.321
helo 1.2.3
helo 1.2.3.4.5
helo 1..2.3.4
helo .1.2.3.4
helo 1.2.3.4.5.