comparison: postfix/postfix.txt
postfix/postfix.txt
- changeset 181
- 58360ee9c913
- parent 179
- 6539a982f682
- child 190
- 35b9f699911a
equal
deleted
inserted
replaced
| 1:80a0719f7789 | 2:34dab05da2da |
|---|---|
| 22 T_RELOCATED = relocated | 22 T_RELOCATED = relocated |
| 23 T_TRANSPORT = transport | 23 T_TRANSPORT = transport |
| 24 T_ALIASES = aliases | 24 T_ALIASES = aliases |
| 25 T_CLIENTS = clients | 25 T_CLIENTS = clients |
| 26 T_SENDERS = senders | 26 T_SENDERS = senders |
| 27 T_FINGERP = fingerprints | 27 T_CLICRT = clicrt |
| 28 | 28 |
| 29 # dependency tracking | 29 # dependency tracking |
| 30 TIMESTAMP = .up-to-date | 30 TIMESTAMP = .up-to-date |
| 31 DEPENDENCIES = Makefile master.cf main.cf $(TABLES) | 31 DEPENDENCIES = Makefile master.cf main.cf $(TABLES) |
| 32 | 32 |
| 41 $(T_RELOCATED).db \ | 41 $(T_RELOCATED).db \ |
| 42 $(T_TRANSPORT).db \ | 42 $(T_TRANSPORT).db \ |
| 43 $(T_ALIASES).db \ | 43 $(T_ALIASES).db \ |
| 44 $(T_CLIENTS).db \ | 44 $(T_CLIENTS).db \ |
| 45 $(T_SENDERS).db \ | 45 $(T_SENDERS).db \ |
| 46 $(T_FINGERP).db | 46 $(T_CLICRT).db |
| 47 | 47 |
| 48 # default target | 48 # default target |
| 49 all: $(TABLES) $(TIMESTAMP) | 49 all: $(TABLES) $(TIMESTAMP) |
| 50 | 50 |
| 51 # implicit checking and reloading | 51 # implicit checking and reloading |
| 75 $(POSTALIAS) hash:$(T_ALIASES) | 75 $(POSTALIAS) hash:$(T_ALIASES) |
| 76 $(T_CLIENTS).db: $(T_CLIENTS) $(MAKEFILE) | 76 $(T_CLIENTS).db: $(T_CLIENTS) $(MAKEFILE) |
| 77 $(POSTMAP) hash:$(T_CLIENTS) | 77 $(POSTMAP) hash:$(T_CLIENTS) |
| 78 $(T_SENDERS).db: $(T_SENDERS) $(MAKEFILE) | 78 $(T_SENDERS).db: $(T_SENDERS) $(MAKEFILE) |
| 79 $(POSTMAP) hash:$(T_SENDERS) | 79 $(POSTMAP) hash:$(T_SENDERS) |
| 80 $(T_FINGERP).db: $(T_FINGERP) $(MAKEFILE) | 80 $(T_CLICRT).db: $(T_CLICRT) $(MAKEFILE) |
| 81 $(POSTMAP) hash:$(T_FINGERP) | 81 $(POSTMAP) hash:$(T_CLICRT) |
| 82 | 82 |
| 83 # cleanup target | 83 # cleanup target |
| 84 clean: | 84 clean: |
| 85 -rm -f $(TABLES) | 85 -rm -f $(TABLES) |
| 86 -rm -f $(TIMESTAMP) | 86 -rm -f $(TIMESTAMP) |
| 166 # relaying | 166 # relaying |
| 167 mynetworks = 127.0.0.0/8 | 167 mynetworks = 127.0.0.0/8 |
| 168 #mydestination = $myhostname, localhost.$mydomain | 168 #mydestination = $myhostname, localhost.$mydomain |
| 169 #relay_domains = $mydestination, | 169 #relay_domains = $mydestination, |
| 170 # hash:@l_prefix@/etc/postfix/access | 170 # hash:@l_prefix@/etc/postfix/access |
| 171 #relay_clientcerts = hash:@l_prefix@/etc//postfix/clicrt | |
| 171 #smtpd_recipient_restrictions = permit_mynetworks, | 172 #smtpd_recipient_restrictions = permit_mynetworks, |
| 172 # check_client_access hash:@l_prefix@/etc/postfix/access, | 173 # check_client_access hash:@l_prefix@/etc/postfix/access, |
| 173 # reject_unauth_destination | 174 # reject_unauth_destination |
| 174 | 175 |
| 175 # maps | 176 # maps |
| 349 # | you.example.com smtp:mail.example.com:2525 | 350 # | you.example.com smtp:mail.example.com:2525 |
| 350 # | example.com smtp:mail.example.com | 351 # | example.com smtp:mail.example.com |
| 351 # | .example.com smtp:mail.example.com | 352 # | .example.com smtp:mail.example.com |
| 352 | 353 |
| 353 </file> | 354 </file> |
| 354 <file name="fingerprints"> | 355 <file name="clients"> |
| 355 ## | 356 ## |
| 356 ## @l_prefix@/etc/postfix/fingerprints -- user identity verification | 357 ## @l_prefix@/etc/postfix/clients -- control for relaying clients |
| 358 ## | |
| 359 ## Searched for both the client (hostname, parent domains, IP address, | |
| 360 ## networks obtained by stripping least significant octets from IP | |
| 361 ## address) and destination address (resolved destination address, | |
| 362 ## parent domain, or localpart@) in order to allow relaying. Rejects | |
| 363 ## the request if the result is REJECT or "[45]XX text". Permits the | |
| 364 ## request if the result is OK or RELAY or all-numerical. | |
| 365 ## | |
| 366 | |
| 367 # Syntax (see postmap(5)): | |
| 368 # | user@domain action | |
| 369 # | domain action | |
| 370 # | user@ action | |
| 371 # | net.work.addr.ess action | |
| 372 # | net.work.addr action | |
| 373 # | net.work action | |
| 374 # | net action | |
| 375 # where "action" is one of: | |
| 376 # "[45]NN text", "REJECT", "OK", "restriction..." | |
| 377 # | |
| 378 # Examples: | |
| 379 # | mail.example.com OK | |
| 380 # | example.com REJECT | |
| 381 # | 192.168.0.1 OK | |
| 382 # | 192.168 REJECT | |
| 383 # | postmaster@ OK | |
| 384 | |
| 385 </file> | |
| 386 <file name="senders"> | |
| 387 ## | |
| 388 ## @l_prefix@/etc/postfix/senders -- control for relaying senders | |
| 389 ## | |
| 390 ## Searched for both the client (hostname, parent domains, IP address, | |
| 391 ## networks obtained by stripping least significant octets from IP | |
| 392 ## address) and destination address (resolved destination address, | |
| 393 ## parent domain, or localpart@) in order to allow relaying. Rejects | |
| 394 ## the request if the result is REJECT or "[45]XX text". Permits the | |
| 395 ## request if the result is OK or RELAY or all-numerical. | |
| 396 ## | |
| 397 | |
| 398 # Syntax (see access(5)): | |
| 399 # | user@domain action | |
| 400 # | domain action | |
| 401 # | user@ action | |
| 402 # | net.work.addr.ess action | |
| 403 # | net.work.addr action | |
| 404 # | net.work action | |
| 405 # | net action | |
| 406 # where "action" is one of: | |
| 407 # "[45]NN text", "REJECT", "OK", "restriction..." | |
| 408 # | |
| 409 # Examples: | |
| 410 # | mail.example.com OK | |
| 411 # | example.com REJECT | |
| 412 # | 192.168.0.1 OK | |
| 413 # | 192.168 REJECT | |
| 414 # | postmaster@ OK | |
| 415 | |
| 416 </file> | |
| 417 <file name="clicrt"> | |
| 418 ## | |
| 419 ## @l_prefix@/etc/postfix/clicrt -- user identity verification | |
| 357 ## | 420 ## |
| 358 ## Searched for user names matching TLS certificate fingerprints | 421 ## Searched for user names matching TLS certificate fingerprints |
| 359 ## when a client responding to the MTA's client certificate request | 422 ## when a client responding to the MTA's client certificate request |
| 360 ## presents a valid (signed from proper CA) certificate. | 423 ## presents a valid (signed from proper CA) certificate. |
| 361 ## | 424 ## |
| 362 ## To find such fingerprints given a valid client certificate: | 425 ## To find such fingerprints given a valid client certificate: |
| 363 ## @l_prefix@/bin/openssl x509 -noout -fingerprint -sha1 -in certfile.pem | 426 ## @l_prefix@/bin/openssl x509 -noout -fingerprint -sha1 -in certfile.pem |
| 364 ## | 427 ## |
| 365 | 428 |
| 366 # Examples: | 429 # Syntax (fingerprint according to smtpd_tls_fingerprint_digest): |
| 367 # | B8:B8:A8:AE:B8:2A:2B:74:EC:43:FF:4F:B2:B2:AC:1E:B4:CE:26:1D | 430 # | fingerprint arbitrary-value |
| 368 # | 18:81:F5:22:18:BA:EB:15:FF:40:30:00:EA:C0:B4:2E:EC:AE:86:8E | 431 # |
| 369 | 432 # Examples: |
| 370 </file> | 433 # | B8:B8:A8:AE:B8:2A:2B:74:EC:43:FF:4F:B2:B2:AC:1E:B4:CE:26:1D user1 |
| 434 # | 18:81:F5:22:18:BA:EB:15:FF:40:30:00:EA:C0:B4:2E:EC:AE:86:8E user2 | |
| 435 | |
| 436 </file> |
