Postfix Overview - Introduction - SCN Research

More documents

Recommendations

Info

Postfix Configuration - UCE Controls reject the message, and a IGNORE result means delete the header from the message. Page 2 of 10 At present, specifying a header pattern with OK serves no useful purpose. A rule ending in OK affects only the header being matched. The next header may still result in a REJECT match, causing the mail still to be rejected. Examples (main.cf): header_checks = regexp:/etc/postfix/header_checks header_checks = pcre:/etc/postfix/header_checks Example (header_checks): /^to: *friend@public\.com$/ REJECT Client hostname/address restrictions The smtpd_client_restrictions parameter restricts what clients this system accepts SMTP connections from. Default: smtpd_client_restrictions = Allow SMTP connections from any client. Syntax: Specify a list of zero or more restrictions, separated by whitespace or commas. Restrictions are applied in the order as specified; the first restriction that matches wins. Examples: smtpd_client_restrictions = hash:/etc/postfix/access, reject_maps_rbl smtpd_client_restrictions = permit_mynetworks, reject_unknown_client Restrictions: reject_unknown_client Reject the request when the client IP address has no PTR record in the DNS. The unknown_client_reject_code parameter specifies the response code to rejected requests (default: 450). permit_mynetworks Permit the request when the client IP address matches any network listed in $mynetworks. check_client_access maptype:mapname maptype:mapname Search the named access database for the client hostname, parent domains, client IP address, or networks obtained by stripping least significant octets. Reject the request if the result is REJECT or "[45]XX text". Permit the request if the result is OK or RELAY or all-numerical. Otherwise, treat the result as another list of UCE restrictions. The access_map_reject_code parameter specifies the response code for REJECT results (default: 554). reject_maps_rbl Reject the request when the reversed client network address is listed under any of the domains listed in $maps_rbl_domains. The maps_rbl_reject_code parameter specifies the response code for rejected requests (default: 554). http://www.porcupine.org/postfix-mirror/uce.html 6/26/01
Postfix Configuration - UCE Controls permit reject reject_unauth_pipelining See generic restrictions. Page 3 of 10 Require HELO (EHLO) command The smtpd_helo_required parameter determines if clients must send a HELO (or EHLO) command at the beginning of an SMTP session. Requiring this will stop some UCE software. Default: smtpd_helo_required = no By default, the Postfix SMTP server does not require the use of HELO (EHLO). Syntax: Example: Specify yes or no. smtpd_helo_required = yes HELO (EHLO) hostname restrictions The smtpd_helo_restrictions parameter restricts what hostnames clients may send with the HELO (EHLO) command. Some UCE software can be stopped by being strict here. Default: smtpd_helo_restrictions = By default, the Postfix SMTP server accepts any garbage in the HELO (EHLO) command. There is a lot of broken or misconfigured software on the Internet. Syntax: Specify a list of zero or more restrictions, separated by whitespace or commas. Restrictions are applied in the order as specified; the first restriction that matches wins. In addition to restrictions that are specific to HELO (EHLO) command parameters, you can also specify restrictions based on the client hostname or network address. Example: smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname Restrictions: reject_invalid_hostname Reject the request when the client HELO or EHLO parameter has a bad hostname syntax. The invalid_hostname_reject_code specifies the response code to rejected requests (default: 501). permit_naked_ip_address Permit the request when the client HELO (EHLO) command contains a naked IP address without the enclosing [] brackets that the RFC requires. Unfortunately, some popular PC mail http://www.porcupine.org/postfix-mirror/uce.html 6/26/01
Page 1: Postfix Overview - Introduction Pag
Page 4 and 5: Postfix Overview - Goals and Featur
Page 6 and 7: Postfix Overview - Global Architect
Page 8 and 9: Postfix Overview - Queue Management
Page 10 and 11: Postfix Overview - Security assista
Page 12 and 13: Postfix Anatomy - Receiving Mail Pa
Page 14 and 15: Postfix Anatomy - Delivering Mail p
Page 16 and 17: Postfix Anatomy - Command-line Util
Page 18 and 19: Postfix Configuration - Basics What
Page 20 and 21: Postfix Configuration - Basics My o
Page 23: Postfix Configuration - UCE Control
Page 27 and 28: Postfix Configuration - UCE Control
Page 33 and 34: Postfix Rate Controls Page 1 of 4 P
Page 35 and 36: Postfix Rate Controls The defer_tra
Page 37 and 38: Postfix Configuration - Resource Co
Page 39: Postfix Configuration - Resource Co
Page 42 and 43: Postfix Configuration - Address Man
Page 44 and 45: Postfix Configuration - Address Man
Page 47 and 48: ACCESS(5) ACCESS(5) Page 1 of 3 NAM
Page 49: 1 Page 3 of 3 http://www.porcupine.
Page 52 and 53: ited to regular files. For example,
Page 54 and 55: BOUNCE(8) BOUNCE(8) Page 1 of 2 NAM
Page 56 and 57: CANONICAL(5) CANONICAL(5) Page 1 of
Page 58 and 59: canonical_maps List of canonical ma
Page 60 and 61: CONFIGURATION PARAMETERS The follow
Page 62 and 63: BOUNCE(8) BOUNCE(8) Page 1 of 2 NAM
Page 64 and 65: FLUSH(8) FLUSH(8) Page 1 of 3 NAME
Page 66 and 67: fast_flush_purge_time Remove an emp
Page 68 and 69: Problems and transactions are logge
Page 70 and 71: parameter. Page 4 of 5 Timeout cont
Page 72 and 73: LOCAL(8) LOCAL(8) Page 1 of 7 NAME
Page 74 and 75:
estricts delivery to external comma
Page 76 and 77:
details and for default values. Use
Page 78 and 79:
that is written to upon delivery).
Page 80 and 81:
Page 2 of 3 SIGTERM Upon receipt of
Page 82 and 83:
PCRE_TABLE(5) PCRE_TABLE(5) Page 1
Page 84 and 85:
PICKUP(8) PICKUP(8) Page 1 of 2 NAM
Page 86 and 87:
PIPE(8) PIPE(8) Page 1 of 5 NAME pi
Page 88 and 89:
This macro expands to the extension
Page 90 and 91:
ounce(8) non-delivery status report
Page 92 and 93:
-r When updating a table, do not wa
Page 94 and 95:
POSTCAT(1) POSTCAT(1) Page 1 of 1 N
Page 96 and 97:
POSTDROP(1) POSTDROP(1) Page 1 of 2
Page 98 and 99:
POSTFIX(1) POSTFIX(1) Page 1 of 2 N
Page 100 and 101:
POSTKICK(1) POSTKICK(1) Page 1 of 2
Page 102 and 103:
POSTLOCK(1) POSTLOCK(1) Page 1 of 2
Page 104 and 105:
POSTLOG(1) POSTLOG(1) Page 1 of 1 N
Page 106 and 107:
default, postmap creates a new data
Page 108 and 109:
POSTSUPER(1) POSTSUPER(1) Page 1 of
Page 110 and 111:
LICENSE The Secure Mailer license m
Page 112 and 113:
The queue manager implements a vari
Page 114 and 115:
This parameter also limits the size
Page 116 and 117:
REGEXP_TABLE(5) REGEXP_TABLE(5) Pag
Page 118 and 119:
RELOCATED(5) RELOCATED(5) Page 1 of
Page 120 and 121:
Yorktown Heights, NY 10598, USA Pag
Page 122 and 123:
Page 2 of 5 -C config_file (ignored
Page 124 and 125:
Page 4 of 5 DIAGNOSTICS Problems ar
Page 126 and 127:
SHOWQ(8) SHOWQ(8) Page 1 of 1 NAME
Page 128 and 129:
command after a configuration chang
Page 130 and 131:
Page 4 of 4 smtp_helo_timeout Timeo
Page 132 and 133:
Support older Microsoft clients tha
Page 134 and 135:
Page 4 of 5 smtpd_hard_error_limit
Page 136 and 137:
SPAWN(8) SPAWN(8) Page 1 of 2 NAME
Page 138 and 139:
TRANSPORT(5) TRANSPORT(5) Page 1 of
Page 140 and 141:
the entire domain being looked up.
Page 142 and 143:
details and for default values. Use
Page 144 and 145:
VIRTUAL(5) VIRTUAL(5) Page 1 of 4 N
Page 146 and 147:
site is equal to $myorigin, when si
Page 148 and 149:
VIRTUAL(8) VIRTUAL(8) Page 1 of 4 N
Page 150 and 151:
Specifies a minimum uid that will b
show all

Postfix Overview - Introduction - SCN Research

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?