Postfix Overview - Introduction - SCN Research
Postfix Overview - Introduction - SCN Research
Postfix Overview - Introduction - SCN Research
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Postfix</strong> Configuration - UCE Controls<br />
reject the message, and a IGNORE result means delete the header from the message.<br />
Page 2 of 10<br />
At present, specifying a header pattern with OK serves no useful purpose. A rule ending in OK affects<br />
only the header being matched. The next header may still result in a REJECT match, causing the mail<br />
still to be rejected.<br />
Examples (main.cf):<br />
header_checks = regexp:/etc/postfix/header_checks<br />
header_checks = pcre:/etc/postfix/header_checks<br />
Example (header_checks):<br />
/^to: *friend@public\.com$/ REJECT<br />
Client hostname/address restrictions<br />
The smtpd_client_restrictions parameter restricts what clients this system accepts SMTP connections from.<br />
Default:<br />
smtpd_client_restrictions =<br />
Allow SMTP connections from any client.<br />
Syntax:<br />
Specify a list of zero or more restrictions, separated by whitespace or commas. Restrictions are<br />
applied in the order as specified; the first restriction that matches wins.<br />
Examples:<br />
smtpd_client_restrictions = hash:/etc/postfix/access, reject_maps_rbl<br />
smtpd_client_restrictions = permit_mynetworks, reject_unknown_client<br />
Restrictions:<br />
reject_unknown_client<br />
Reject the request when the client IP address has no PTR record in the DNS. The<br />
unknown_client_reject_code parameter specifies the response code to rejected requests (default:<br />
450).<br />
permit_mynetworks<br />
Permit the request when the client IP address matches any network listed in $mynetworks.<br />
check_client_access maptype:mapname<br />
maptype:mapname<br />
Search the named access database for the client hostname, parent domains, client IP address,<br />
or networks obtained by stripping least significant octets. Reject the request if the result is<br />
REJECT or "[45]XX text". Permit the request if the result is OK or RELAY or all-numerical.<br />
Otherwise, treat the result as another list of UCE restrictions. The access_map_reject_code<br />
parameter specifies the response code for REJECT results (default: 554).<br />
reject_maps_rbl<br />
Reject the request when the reversed client network address is listed under any of the<br />
domains listed in $maps_rbl_domains. The maps_rbl_reject_code parameter specifies the<br />
response code for rejected requests (default: 554).<br />
http://www.porcupine.org/postfix-mirror/uce.html<br />
6/26/01