postfix/postfix.txt@4a34d7a82eab (annotated)
postfix/postfix.txt
Tue, 29 Mar 2011 20:04:34 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 29 Mar 2011 20:04:34 +0200
- changeset 334
- 4a34d7a82eab
- parent 181
- 58360ee9c913
- child 495
- 01294b31a79e
- permissions
- -rw-r--r--
Rework package yet again, correcting and introducing new buildconf logic:
Conditionally disable bootstrap stage comparison correctly, correct
english grammar, better find system as(1) and ld(1), indotruce detailed
optimization option messages, more completely guess cpu types, allow
profiled bootstrapping without a preinstalled GCC because many other
compilers have long since implemented 64-bit arithmetic, instruct make
to build sequentially (not in sparallel) when building a profiled
bootstrap as GCC online documents recommend, and generally improve
comment blocks.
The single most important correction in this changeset relates to the
GCC changed optimization policy since at least GCC 4.5, in which -march
is always passed and not always correctly guessed. In the case of this
package, allowing GCC to guess the architecture leads to wild build
errors at various subcomponents (zlib, libgcc, libiberty...) and
bootstrap stages. It seems quite platform specific, and the safest
approach to correcting this seems to be explicitly always specifying the
-march argument when bootstrapping GCC. Because the best choice 'native'
is not available when bootstrapping using a foreign (non GCC) compiler,
a guess is made according to rpmmacros l_platform in that case.
It is questionable as to whether these recent optimization changes
on the part of GCC or this package are compatible with each other,
or if either are complete or correct at all. At least applying these
corrections allows this package to build again in most cases test.
| michael@146 | 1 | <file name="Makefile"> |
| michael@146 | 2 | ## |
| michael@146 | 3 | ## @l_prefix@/etc/postfix/Makefile -- maintainance procedures |
| michael@146 | 4 | ## |
| michael@146 | 5 | |
| michael@146 | 6 | # path configuration |
| michael@146 | 7 | PREFIX = @l_prefix@ |
| michael@146 | 8 | SBINDIR = $(PREFIX)/sbin |
| michael@146 | 9 | ETCDIR = $(PREFIX)/etc |
| michael@146 | 10 | |
| michael@146 | 11 | # program configuration |
| michael@146 | 12 | RC = $(ETCDIR)/rc |
| michael@146 | 13 | POSTALIAS = $(SBINDIR)/postalias |
| michael@146 | 14 | POSTMAP = $(SBINDIR)/postmap |
| michael@146 | 15 | POSTFIX = $(SBINDIR)/postfix |
| michael@146 | 16 | |
| michael@146 | 17 | # table filename configuration |
| michael@146 | 18 | T_ACCESS = access |
| michael@146 | 19 | T_CANONICAL = canonical |
| michael@146 | 20 | T_GENERIC = generic |
| michael@146 | 21 | T_VIRTUAL = virtual |
| michael@146 | 22 | T_RELOCATED = relocated |
| michael@146 | 23 | T_TRANSPORT = transport |
| michael@146 | 24 | T_ALIASES = aliases |
| michael@179 | 25 | T_CLIENTS = clients |
| michael@179 | 26 | T_SENDERS = senders |
| michael@181 | 27 | T_CLICRT = clicrt |
| michael@146 | 28 | |
| michael@146 | 29 | # dependency tracking |
| michael@146 | 30 | TIMESTAMP = .up-to-date |
| michael@146 | 31 | DEPENDENCIES = Makefile master.cf main.cf $(TABLES) |
| michael@146 | 32 | |
| michael@146 | 33 | # managed tables: |
| michael@146 | 34 | # - use extension ".db" for hash tables ("hash") |
| michael@146 | 35 | # - use no extension for regex tables ("pcre") |
| michael@146 | 36 | TABLES = \ |
| michael@146 | 37 | $(T_ACCESS).db \ |
| michael@146 | 38 | $(T_CANONICAL).db \ |
| michael@146 | 39 | $(T_GENERIC).db \ |
| michael@146 | 40 | $(T_VIRTUAL).db \ |
| michael@146 | 41 | $(T_RELOCATED).db \ |
| michael@146 | 42 | $(T_TRANSPORT).db \ |
| michael@179 | 43 | $(T_ALIASES).db \ |
| michael@179 | 44 | $(T_CLIENTS).db \ |
| michael@179 | 45 | $(T_SENDERS).db \ |
| michael@181 | 46 | $(T_CLICRT).db |
| michael@146 | 47 | |
| michael@146 | 48 | # default target |
| michael@146 | 49 | all: $(TABLES) $(TIMESTAMP) |
| michael@146 | 50 | |
| michael@146 | 51 | # implicit checking and reloading |
| michael@146 | 52 | $(TIMESTAMP): $(DEPENDENCIES) |
| michael@146 | 53 | $(POSTFIX) check |
| michael@146 | 54 | $(POSTFIX) reload >/dev/null 2>&1 || true |
| michael@146 | 55 | touch $(TIMESTAMP) && chmod 600 $(TIMESTAMP) |
| michael@146 | 56 | |
| michael@146 | 57 | # explicit checking |
| michael@146 | 58 | check: |
| michael@146 | 59 | $(POSTFIX) check |
| michael@146 | 60 | |
| michael@146 | 61 | # hash table update targets |
| michael@146 | 62 | $(T_ACCESS).db: $(T_ACCESS) $(MAKEFILE) |
| michael@146 | 63 | $(POSTMAP) hash:$(T_ACCESS) |
| michael@146 | 64 | $(T_CANONICAL).db: $(T_CANONICAL) $(MAKEFILE) |
| michael@146 | 65 | $(POSTMAP) hash:$(T_CANONICAL) |
| michael@146 | 66 | $(T_GENERIC).db: $(T_GENERIC) $(MAKEFILE) |
| michael@146 | 67 | $(POSTMAP) hash:$(T_GENERIC) |
| michael@146 | 68 | $(T_VIRTUAL).db: $(T_VIRTUAL) $(MAKEFILE) |
| michael@146 | 69 | $(POSTMAP) hash:$(T_VIRTUAL) |
| michael@146 | 70 | $(T_RELOCATED).db: $(T_RELOCATED) $(MAKEFILE) |
| michael@146 | 71 | $(POSTMAP) hash:$(T_RELOCATED) |
| michael@146 | 72 | $(T_TRANSPORT).db: $(T_TRANSPORT) $(MAKEFILE) |
| michael@146 | 73 | $(POSTMAP) hash:$(T_TRANSPORT) |
| michael@146 | 74 | $(T_ALIASES).db: $(T_ALIASES) $(MAKEFILE) |
| michael@146 | 75 | $(POSTALIAS) hash:$(T_ALIASES) |
| michael@179 | 76 | $(T_CLIENTS).db: $(T_CLIENTS) $(MAKEFILE) |
| michael@179 | 77 | $(POSTMAP) hash:$(T_CLIENTS) |
| michael@179 | 78 | $(T_SENDERS).db: $(T_SENDERS) $(MAKEFILE) |
| michael@179 | 79 | $(POSTMAP) hash:$(T_SENDERS) |
| michael@181 | 80 | $(T_CLICRT).db: $(T_CLICRT) $(MAKEFILE) |
| michael@181 | 81 | $(POSTMAP) hash:$(T_CLICRT) |
| michael@146 | 82 | |
| michael@146 | 83 | # cleanup target |
| michael@146 | 84 | clean: |
| michael@146 | 85 | -rm -f $(TABLES) |
| michael@146 | 86 | -rm -f $(TIMESTAMP) |
| michael@146 | 87 | |
| michael@146 | 88 | # process management |
| michael@146 | 89 | start: |
| michael@146 | 90 | $(RC) postfix start |
| michael@146 | 91 | reload: |
| michael@146 | 92 | $(RC) postfix reload |
| michael@146 | 93 | stop: |
| michael@146 | 94 | $(RC) postfix stop |
| michael@146 | 95 | |
| michael@146 | 96 | </file> |
| michael@146 | 97 | <file name="master.cf"> |
| michael@146 | 98 | ## |
| michael@146 | 99 | ## @l_prefix@/etc/postfix/master.cf -- Postfix master process table |
| michael@146 | 100 | ## |
| michael@146 | 101 | # ========================================================================== |
| michael@146 | 102 | # service type private unpriv chroot wakeup maxproc command + args |
| michael@146 | 103 | # (yes) (yes) (yes) (never) (100) |
| michael@146 | 104 | # ========================================================================== |
| michael@146 | 105 | smtp inet n - n - - smtpd |
| michael@190 | 106 | #smtp inet n - n - - smtpd -o content_filter=spamass |
| michael@146 | 107 | #628 inet n - n - - qmqpd |
| michael@146 | 108 | pickup fifo n - n 60 1 pickup |
| michael@146 | 109 | cleanup unix n - n - 0 cleanup |
| michael@146 | 110 | qmgr fifo n - n 300 1 qmgr |
| michael@146 | 111 | tlsmgr unix - - n 1000? 1 tlsmgr |
| michael@146 | 112 | rewrite unix - - n - - trivial-rewrite |
| michael@146 | 113 | bounce unix - - n - 0 bounce |
| michael@146 | 114 | defer unix - - n - 0 bounce |
| michael@146 | 115 | trace unix - - n - 0 bounce |
| michael@146 | 116 | verify unix - - n - 1 verify |
| michael@146 | 117 | flush unix n - n 1000? 0 flush |
| michael@146 | 118 | proxymap unix - - n - - proxymap |
| michael@146 | 119 | proxywrite unix - - n - - proxymap |
| michael@146 | 120 | smtp unix - - n - - smtp |
| michael@146 | 121 | relay unix - - n - - smtp -o fallback_relay= |
| michael@146 | 122 | showq unix n - n - - showq |
| michael@146 | 123 | error unix - - n - - error |
| michael@146 | 124 | retry unix - - n - - error |
| michael@146 | 125 | local unix - n n - - local |
| michael@146 | 126 | virtual unix - n n - - virtual |
| michael@146 | 127 | lmtp unix - - n - - lmtp |
| michael@146 | 128 | anvil unix - - n - 1 anvil |
| michael@146 | 129 | scache unix - - n - 1 scache |
| michael@146 | 130 | #maildrop unix - n n - - pipe flags=DRhu user=@l_nusr@ argv=@l_prefix@/bin/maildrop -d ${recipient} |
| michael@146 | 131 | #cyrus unix - n n - - pipe user=@l_nusr@ argv=@l_prefix@/bin/cyrdeliver -e -r ${sender} -m ${extension} ${user} |
| michael@190 | 132 | #dovecot unix - n n - - pipe flags=DR user=@l_rusr@ argv=@l_prefix@/libexec/dovecot/deliver -f ${sender} -d ${user} -n -m ${extension} |
| michael@190 | 133 | #spamass unix - n n - - pipe flags=R user=@l_rusr@ argv=@l_prefix@/bin/spamc -f -u ${user} -e @l_prefix@/sbin/sendmail -oi -f ${sender} ${recipient} |
| michael@146 | 134 | #uucp unix - n n - - pipe flags=Fqhu user=@l_nusr@ argv=@l_prefix@/bin/uux -r -n -z -a$sender - $nexthop!rmail ($recipient) |
| michael@146 | 135 | #ifmail unix - n n - - pipe flags=F user=@l_nusr@ argv=@l_prefix@/bin/ifmail -r $nexthop ($recipient) |
| michael@146 | 136 | #bsmtp unix - n n - - pipe flags=Fq. user=@l_nusr@ argv=@l_prefix@/bin/bsmtp -f $sender $nexthop $recipient |
| michael@146 | 137 | </file> |
| michael@146 | 138 | <file name="main.cf"> |
| michael@146 | 139 | ## |
| michael@146 | 140 | ## @l_prefix@/etc/postfix/main.cf -- Postfix main configuration |
| michael@146 | 141 | ## |
| michael@146 | 142 | ## Run "@l_prefix@/sbin/postconf -n" to see all parameters overriding |
| michael@146 | 143 | ## defaults, run "@l_prefix@/sbin/postconf -d" to see all possible |
| michael@146 | 144 | ## parameters and their defaults and read the following manual |
| michael@146 | 145 | ## pages for description of each parameter: bounce(8), cleanup(8), |
| michael@146 | 146 | ## defer(8), error(8), flush(8), lmtp(8), local(8), master(8), |
| michael@146 | 147 | ## pickup(8), pipe(8), qmgr(8), showq(8), smtp(8), smtpd(8), spawn(8), |
| michael@146 | 148 | ## trivial-rewrite(8). |
| michael@146 | 149 | ## |
| michael@146 | 150 | |
| michael@146 | 151 | # users |
| michael@146 | 152 | mail_owner = @l_musr@ |
| michael@146 | 153 | setgid_group = @l_rgrp@ |
| michael@146 | 154 | default_privs = @l_nusr@ |
| michael@146 | 155 | |
| michael@146 | 156 | # local host |
| michael@146 | 157 | myhostname = mail.example.com |
| michael@146 | 158 | mydomain = example.com |
| michael@146 | 159 | myorigin = $myhostname |
| michael@146 | 160 | |
| michael@146 | 161 | # smtp daemon |
| michael@146 | 162 | #smtpd_banner = $myhostname ESMTP $mail_name |
| michael@146 | 163 | inet_interfaces = 127.0.0.1 |
| michael@146 | 164 | |
| michael@146 | 165 | # smtp client |
| michael@146 | 166 | smtp_bind_address = 127.0.0.1 |
| michael@146 | 167 | |
| michael@146 | 168 | # relaying |
| michael@146 | 169 | mynetworks = 127.0.0.0/8 |
| michael@146 | 170 | #mydestination = $myhostname, localhost.$mydomain |
| michael@146 | 171 | #relay_domains = $mydestination, |
| michael@146 | 172 | # hash:@l_prefix@/etc/postfix/access |
| michael@181 | 173 | #relay_clientcerts = hash:@l_prefix@/etc//postfix/clicrt |
| michael@146 | 174 | #smtpd_recipient_restrictions = permit_mynetworks, |
| michael@146 | 175 | # check_client_access hash:@l_prefix@/etc/postfix/access, |
| michael@146 | 176 | # reject_unauth_destination |
| michael@146 | 177 | |
| michael@146 | 178 | # maps |
| michael@146 | 179 | #canonical_maps = hash:@l_prefix@/etc/postfix/canonical |
| michael@146 | 180 | #smtp_generic_maps = hash:@l_prefix@/etc/postfix/generic |
| michael@146 | 181 | #virtual_alias_maps = hash:@l_prefix@/etc/postfix/virtual |
| michael@146 | 182 | #relocated_maps = hash:@l_prefix@/etc/postfix/relocated |
| michael@146 | 183 | #transport_maps = hash:@l_prefix@/etc/postfix/transport |
| michael@146 | 184 | alias_maps = hash:@l_prefix@/etc/postfix/aliases |
| michael@146 | 185 | alias_database = hash:@l_prefix@/etc/postfix/aliases |
| michael@146 | 186 | |
| michael@146 | 187 | # local delivery |
| michael@146 | 188 | #local_recipient_maps = proxy:unix:passwd.byname $alias_maps |
| michael@146 | 189 | recipient_delimiter = + |
| michael@146 | 190 | mailbox_command = @l_prefix@/bin/procmail -a "$EXTENSION" |
| michael@146 | 191 | |
| michael@146 | 192 | </file> |
| michael@146 | 193 | <file name="access"> |
| michael@146 | 194 | ## |
| michael@146 | 195 | ## @l_prefix@/etc/postfix/access -- access control for relaying |
| michael@146 | 196 | ## |
| michael@146 | 197 | ## Searched for both the client (hostname, parent domains, IP address, |
| michael@146 | 198 | ## networks obtained by stripping least significant octets from IP |
| michael@146 | 199 | ## address) and destination address (resolved destination address, |
| michael@146 | 200 | ## parent domain, or localpart@) in order to allow relaying. Rejects |
| michael@146 | 201 | ## the request if the result is REJECT or "[45]XX text". Permits the |
| michael@146 | 202 | ## request if the result is OK or RELAY or all-numerical. |
| michael@146 | 203 | ## |
| michael@146 | 204 | |
| michael@146 | 205 | # Syntax (see access(5)): |
| michael@146 | 206 | # | user@domain action |
| michael@146 | 207 | # | domain action |
| michael@146 | 208 | # | user@ action |
| michael@146 | 209 | # | net.work.addr.ess action |
| michael@146 | 210 | # | net.work.addr action |
| michael@146 | 211 | # | net.work action |
| michael@146 | 212 | # | net action |
| michael@146 | 213 | # where "action" is one of: |
| michael@146 | 214 | # "[45]NN text", "REJECT", "OK", "restriction..." |
| michael@146 | 215 | # |
| michael@146 | 216 | # Examples: |
| michael@146 | 217 | # | mail.example.com OK |
| michael@146 | 218 | # | example.com REJECT |
| michael@146 | 219 | # | 192.168.0.1 OK |
| michael@146 | 220 | # | 192.168 REJECT |
| michael@146 | 221 | # | postmaster@ OK |
| michael@146 | 222 | |
| michael@146 | 223 | </file> |
| michael@146 | 224 | <file name="virtual"> |
| michael@146 | 225 | ## |
| michael@146 | 226 | ## @l_prefix@/etc/postfix/virtual -- virtual address translation |
| michael@146 | 227 | ## |
| michael@146 | 228 | ## Searched for virtual addresses user@domain, user and @domain |
| michael@146 | 229 | ## (in this order). It redirect mail for all recipients, local or |
| michael@146 | 230 | ## remote. The mapping affects only envelope recipients. |
| michael@146 | 231 | ## |
| michael@146 | 232 | |
| michael@146 | 233 | # Syntax (see virtual(5)): |
| michael@146 | 234 | # | user@domain address, address, ... |
| michael@146 | 235 | # | user address, address, ... |
| michael@146 | 236 | # | @domain address, address, ... |
| michael@146 | 237 | # |
| michael@146 | 238 | # Examples: |
| michael@146 | 239 | # | @example.com john@example.com |
| michael@146 | 240 | # | postmaster@example.com postmaster |
| michael@146 | 241 | # | john@example1.com john1 |
| michael@146 | 242 | # | john@example2.com john2 |
| michael@146 | 243 | |
| michael@146 | 244 | </file> |
| michael@146 | 245 | <file name="aliases"> |
| michael@146 | 246 | ## |
| michael@146 | 247 | ## @l_prefix@/etc/postfix/aliases -- local mailbox aliases |
| michael@146 | 248 | ## |
| michael@146 | 249 | ## Searched for virtual addresses user@domain, user and @domain |
| michael@146 | 250 | ## (in this order). It redirect mail for all recipients, local or |
| michael@146 | 251 | ## remote. The mapping affects only envelope recipients. |
| michael@146 | 252 | ## |
| michael@146 | 253 | |
| michael@146 | 254 | # Syntax (see aliases(5)): |
| michael@146 | 255 | # | name: value, value, ... |
| michael@146 | 256 | # where value is one of: |
| michael@146 | 257 | # "address", "/file/name", "|command", ":include:/file/name" |
| michael@146 | 258 | # |
| michael@146 | 259 | # Examples: |
| michael@146 | 260 | # | john.doe: john, doe |
| michael@146 | 261 | # | robot: |/path/to/robot |
| michael@146 | 262 | # | archive: /path/to/archive |
| michael@146 | 263 | # | users: :include:/path/to/users.list |
| michael@146 | 264 | # | owner-users: john.doe |
| michael@146 | 265 | |
| michael@146 | 266 | # standard mail targets |
| michael@146 | 267 | nobody: /dev/null |
| michael@146 | 268 | MAILER-DAEMON: postmaster |
| michael@146 | 269 | |
| michael@146 | 270 | # mailbox names for common services, roles and functions |
| michael@146 | 271 | # (see RFC2142 for more details and expanded list of names) |
| michael@146 | 272 | postmaster: root |
| michael@146 | 273 | hostmaster: root |
| michael@146 | 274 | security: root |
| michael@146 | 275 | abuse: root |
| michael@146 | 276 | |
| michael@146 | 277 | # save unprivileged user storage of careless admins |
| michael@146 | 278 | root: /dev/null |
| michael@146 | 279 | |
| michael@146 | 280 | </file> |
| michael@146 | 281 | <file name="canonical"> |
| michael@146 | 282 | ## |
| michael@146 | 283 | ## @l_prefix@/etc/postfix/canonical -- address canonification on mail receiving |
| michael@146 | 284 | ## |
| michael@146 | 285 | ## Searched for canonical addresses for user@domain, user and @domain |
| michael@146 | 286 | ## (in this order). |
| michael@146 | 287 | ## |
| michael@146 | 288 | |
| michael@146 | 289 | # Syntax (see canonical(5)): |
| michael@146 | 290 | # | user@domain address |
| michael@146 | 291 | # | user address |
| michael@146 | 292 | # | @domain address |
| michael@146 | 293 | # |
| michael@146 | 294 | # Examples: |
| michael@146 | 295 | # | postmaster@mail.example.com postmaster@example.com |
| michael@146 | 296 | # | john John.Doe |
| michael@146 | 297 | # | @example.com @example.com |
| michael@146 | 298 | |
| michael@146 | 299 | </file> |
| michael@146 | 300 | <file name="relocated"> |
| michael@146 | 301 | ## |
| michael@146 | 302 | ## @l_prefix@/etc/postfix/relocated -- relocate obsolete addresses |
| michael@146 | 303 | ## |
| michael@146 | 304 | ## Searched for relocated addresses user@domain, user and @domain |
| michael@146 | 305 | ## (in this order). It bounces mail for all recipients. |
| michael@146 | 306 | ## |
| michael@146 | 307 | |
| michael@146 | 308 | # Syntax (see relocated(5)): |
| michael@146 | 309 | # | user@domain address |
| michael@146 | 310 | # | user address |
| michael@146 | 311 | # | @domain address |
| michael@146 | 312 | # |
| michael@146 | 313 | # Examples: |
| michael@146 | 314 | # | john@invalid john@example.com |
| michael@146 | 315 | # | john john@example.com |
| michael@146 | 316 | # | @invalid john@example.com |
| michael@146 | 317 | |
| michael@146 | 318 | </file> |
| michael@146 | 319 | <file name="generic"> |
| michael@146 | 320 | ## |
| michael@146 | 321 | ## @l_prefix@/etc/postfix/generic -- address canonification on mail sending |
| michael@146 | 322 | ## |
| michael@146 | 323 | ## Searched for canonical addresses for user@domain, user and @domain |
| michael@146 | 324 | ## (in this order). |
| michael@146 | 325 | ## |
| michael@146 | 326 | |
| michael@146 | 327 | # Syntax (see generic(5)): |
| michael@146 | 328 | # | user@domain address |
| michael@146 | 329 | # | user address |
| michael@146 | 330 | # | @domain address |
| michael@146 | 331 | # |
| michael@146 | 332 | # Examples: |
| michael@146 | 333 | # | postmaster@mail.example.com postmaster@example.com |
| michael@146 | 334 | # | john John.Doe |
| michael@146 | 335 | # | @example.com @example.com |
| michael@146 | 336 | |
| michael@146 | 337 | </file> |
| michael@146 | 338 | <file name="transport"> |
| michael@146 | 339 | ## |
| michael@146 | 340 | ## @l_prefix@/etc/postfix/transport -- transport selection |
| michael@146 | 341 | ## |
| michael@146 | 342 | ## Searched for domain and .domain (in this order). It selects the |
| michael@146 | 343 | ## specified transport facility for delivery. |
| michael@146 | 344 | ## |
| michael@146 | 345 | |
| michael@146 | 346 | # Syntax (see transport(5)): |
| michael@146 | 347 | # | domain transport:nexthop |
| michael@146 | 348 | # | .domain transport:nexthop |
| michael@146 | 349 | # |
| michael@146 | 350 | # Examples: |
| michael@146 | 351 | # | me.example.com local: |
| michael@146 | 352 | # | you.example.com smtp:mail.example.com:2525 |
| michael@146 | 353 | # | example.com smtp:mail.example.com |
| michael@146 | 354 | # | .example.com smtp:mail.example.com |
| michael@146 | 355 | |
| michael@146 | 356 | </file> |
| michael@181 | 357 | <file name="clients"> |
| michael@179 | 358 | ## |
| michael@181 | 359 | ## @l_prefix@/etc/postfix/clients -- control for relaying clients |
| michael@181 | 360 | ## |
| michael@181 | 361 | ## Searched for both the client (hostname, parent domains, IP address, |
| michael@181 | 362 | ## networks obtained by stripping least significant octets from IP |
| michael@181 | 363 | ## address) and destination address (resolved destination address, |
| michael@181 | 364 | ## parent domain, or localpart@) in order to allow relaying. Rejects |
| michael@181 | 365 | ## the request if the result is REJECT or "[45]XX text". Permits the |
| michael@181 | 366 | ## request if the result is OK or RELAY or all-numerical. |
| michael@181 | 367 | ## |
| michael@181 | 368 | |
| michael@181 | 369 | # Syntax (see postmap(5)): |
| michael@181 | 370 | # | user@domain action |
| michael@181 | 371 | # | domain action |
| michael@181 | 372 | # | user@ action |
| michael@181 | 373 | # | net.work.addr.ess action |
| michael@181 | 374 | # | net.work.addr action |
| michael@181 | 375 | # | net.work action |
| michael@181 | 376 | # | net action |
| michael@181 | 377 | # where "action" is one of: |
| michael@181 | 378 | # "[45]NN text", "REJECT", "OK", "restriction..." |
| michael@181 | 379 | # |
| michael@181 | 380 | # Examples: |
| michael@181 | 381 | # | mail.example.com OK |
| michael@181 | 382 | # | example.com REJECT |
| michael@181 | 383 | # | 192.168.0.1 OK |
| michael@181 | 384 | # | 192.168 REJECT |
| michael@181 | 385 | # | postmaster@ OK |
| michael@181 | 386 | |
| michael@181 | 387 | </file> |
| michael@181 | 388 | <file name="senders"> |
| michael@181 | 389 | ## |
| michael@181 | 390 | ## @l_prefix@/etc/postfix/senders -- control for relaying senders |
| michael@181 | 391 | ## |
| michael@181 | 392 | ## Searched for both the client (hostname, parent domains, IP address, |
| michael@181 | 393 | ## networks obtained by stripping least significant octets from IP |
| michael@181 | 394 | ## address) and destination address (resolved destination address, |
| michael@181 | 395 | ## parent domain, or localpart@) in order to allow relaying. Rejects |
| michael@181 | 396 | ## the request if the result is REJECT or "[45]XX text". Permits the |
| michael@181 | 397 | ## request if the result is OK or RELAY or all-numerical. |
| michael@181 | 398 | ## |
| michael@181 | 399 | |
| michael@181 | 400 | # Syntax (see access(5)): |
| michael@181 | 401 | # | user@domain action |
| michael@181 | 402 | # | domain action |
| michael@181 | 403 | # | user@ action |
| michael@181 | 404 | # | net.work.addr.ess action |
| michael@181 | 405 | # | net.work.addr action |
| michael@181 | 406 | # | net.work action |
| michael@181 | 407 | # | net action |
| michael@181 | 408 | # where "action" is one of: |
| michael@181 | 409 | # "[45]NN text", "REJECT", "OK", "restriction..." |
| michael@181 | 410 | # |
| michael@181 | 411 | # Examples: |
| michael@181 | 412 | # | mail.example.com OK |
| michael@181 | 413 | # | example.com REJECT |
| michael@181 | 414 | # | 192.168.0.1 OK |
| michael@181 | 415 | # | 192.168 REJECT |
| michael@181 | 416 | # | postmaster@ OK |
| michael@181 | 417 | |
| michael@181 | 418 | </file> |
| michael@181 | 419 | <file name="clicrt"> |
| michael@181 | 420 | ## |
| michael@181 | 421 | ## @l_prefix@/etc/postfix/clicrt -- user identity verification |
| michael@179 | 422 | ## |
| michael@179 | 423 | ## Searched for user names matching TLS certificate fingerprints |
| michael@179 | 424 | ## when a client responding to the MTA's client certificate request |
| michael@179 | 425 | ## presents a valid (signed from proper CA) certificate. |
| michael@179 | 426 | ## |
| michael@179 | 427 | ## To find such fingerprints given a valid client certificate: |
| michael@179 | 428 | ## @l_prefix@/bin/openssl x509 -noout -fingerprint -sha1 -in certfile.pem |
| michael@179 | 429 | ## |
| michael@179 | 430 | |
| michael@181 | 431 | # Syntax (fingerprint according to smtpd_tls_fingerprint_digest): |
| michael@181 | 432 | # | fingerprint arbitrary-value |
| michael@181 | 433 | # |
| michael@179 | 434 | # Examples: |
| michael@181 | 435 | # | B8:B8:A8:AE:B8:2A:2B:74:EC:43:FF:4F:B2:B2:AC:1E:B4:CE:26:1D user1 |
| michael@181 | 436 | # | 18:81:F5:22:18:BA:EB:15:FF:40:30:00:EA:C0:B4:2E:EC:AE:86:8E user2 |
| michael@179 | 437 | |
| michael@179 | 438 | </file> |
