OpenPKG Specs / changeset

changeset

Add missing files to runtime configuration and adjust buildconf.

Mon, 20 Apr 2009 20:16:01 +0200

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Mon, 20 Apr 2009 20:16:01 +0200
changeset 181
58360ee9c913
parent 180
4c723152d46f
child 182
42a8c8d745e6

Add missing files to runtime configuration and adjust buildconf.

postfix/postfix.txt file | annotate | diff | comparison | revisions 
     1.1 --- a/postfix/postfix.txt	Mon Apr 20 19:27:54 2009 +0200
     1.2 +++ b/postfix/postfix.txt	Mon Apr 20 20:16:01 2009 +0200
     1.3 @@ -24,7 +24,7 @@
     1.4  T_ALIASES    = aliases
     1.5  T_CLIENTS    = clients
     1.6  T_SENDERS    = senders
     1.7 -T_FINGERP    = fingerprints
     1.8 +T_CLICRT     = clicrt
     1.9  
    1.10  #   dependency tracking
    1.11  TIMESTAMP    = .up-to-date
    1.12 @@ -43,7 +43,7 @@
    1.13      $(T_ALIASES).db \
    1.14      $(T_CLIENTS).db \
    1.15      $(T_SENDERS).db \
    1.16 -    $(T_FINGERP).db
    1.17 +    $(T_CLICRT).db
    1.18  
    1.19  #   default target
    1.20  all: $(TABLES) $(TIMESTAMP)
    1.21 @@ -77,8 +77,8 @@
    1.22  	$(POSTMAP) hash:$(T_CLIENTS)
    1.23  $(T_SENDERS).db: $(T_SENDERS) $(MAKEFILE)
    1.24  	$(POSTMAP) hash:$(T_SENDERS)
    1.25 -$(T_FINGERP).db: $(T_FINGERP) $(MAKEFILE)
    1.26 -	$(POSTMAP) hash:$(T_FINGERP)
    1.27 +$(T_CLICRT).db: $(T_CLICRT) $(MAKEFILE)
    1.28 +	$(POSTMAP) hash:$(T_CLICRT)
    1.29  
    1.30  #   cleanup target
    1.31  clean: 
    1.32 @@ -168,6 +168,7 @@
    1.33  #mydestination                = $myhostname, localhost.$mydomain
    1.34  #relay_domains                = $mydestination, 
    1.35  #                               hash:@l_prefix@/etc/postfix/access
    1.36 +#relay_clientcerts            = hash:@l_prefix@/etc//postfix/clicrt
    1.37  #smtpd_recipient_restrictions = permit_mynetworks, 
    1.38  #                               check_client_access hash:@l_prefix@/etc/postfix/access,
    1.39  #                               reject_unauth_destination
    1.40 @@ -351,9 +352,71 @@
    1.41  #   | .example.com               smtp:mail.example.com
    1.42  
    1.43  </file>
    1.44 -<file name="fingerprints">
    1.45 +<file name="clients">
    1.46  ##
    1.47 -##  @l_prefix@/etc/postfix/fingerprints -- user identity verification
    1.48 +##  @l_prefix@/etc/postfix/clients -- control for relaying clients
    1.49 +##
    1.50 +##  Searched for both the client (hostname, parent domains, IP address,
    1.51 +##  networks obtained by stripping least significant octets from IP
    1.52 +##  address) and destination address (resolved destination address,
    1.53 +##  parent domain, or localpart@) in order to allow relaying. Rejects
    1.54 +##  the request if the result is REJECT or "[45]XX text". Permits the
    1.55 +##  request if the result is OK or RELAY or all-numerical.
    1.56 +##
    1.57 +
    1.58 +#   Syntax (see postmap(5)):
    1.59 +#   | user@domain        action
    1.60 +#   | domain             action
    1.61 +#   | user@              action
    1.62 +#   | net.work.addr.ess  action
    1.63 +#   | net.work.addr      action
    1.64 +#   | net.work           action
    1.65 +#   | net                action
    1.66 +#   where "action" is one of:
    1.67 +#   "[45]NN text", "REJECT", "OK", "restriction..."
    1.68 +#
    1.69 +#   Examples:
    1.70 +#   | mail.example.com OK
    1.71 +#   | example.com      REJECT
    1.72 +#   | 192.168.0.1      OK
    1.73 +#   | 192.168          REJECT
    1.74 +#   | postmaster@      OK
    1.75 +
    1.76 +</file>
    1.77 +<file name="senders">
    1.78 +##
    1.79 +##  @l_prefix@/etc/postfix/senders -- control for relaying senders
    1.80 +##
    1.81 +##  Searched for both the client (hostname, parent domains, IP address,
    1.82 +##  networks obtained by stripping least significant octets from IP
    1.83 +##  address) and destination address (resolved destination address,
    1.84 +##  parent domain, or localpart@) in order to allow relaying. Rejects
    1.85 +##  the request if the result is REJECT or "[45]XX text". Permits the
    1.86 +##  request if the result is OK or RELAY or all-numerical.
    1.87 +##
    1.88 +
    1.89 +#   Syntax (see access(5)):
    1.90 +#   | user@domain        action
    1.91 +#   | domain             action
    1.92 +#   | user@              action
    1.93 +#   | net.work.addr.ess  action
    1.94 +#   | net.work.addr      action
    1.95 +#   | net.work           action
    1.96 +#   | net                action
    1.97 +#   where "action" is one of:
    1.98 +#   "[45]NN text", "REJECT", "OK", "restriction..."
    1.99 +#
   1.100 +#   Examples:
   1.101 +#   | mail.example.com OK
   1.102 +#   | example.com      REJECT
   1.103 +#   | 192.168.0.1      OK
   1.104 +#   | 192.168          REJECT
   1.105 +#   | postmaster@      OK
   1.106 +
   1.107 +</file>
   1.108 +<file name="clicrt">
   1.109 +##
   1.110 +##  @l_prefix@/etc/postfix/clicrt -- user identity verification
   1.111  ##
   1.112  ##  Searched for user names matching TLS certificate fingerprints
   1.113  ##  when a client responding to the MTA's client certificate request
   1.114 @@ -363,8 +426,11 @@
   1.115  ##    @l_prefix@/bin/openssl x509 -noout -fingerprint -sha1 -in certfile.pem
   1.116  ##
   1.117  
   1.118 +#   Syntax (fingerprint according to smtpd_tls_fingerprint_digest):
   1.119 +#   | fingerprint arbitrary-value
   1.120 +#
   1.121  #   Examples:
   1.122 -#   | B8:B8:A8:AE:B8:2A:2B:74:EC:43:FF:4F:B2:B2:AC:1E:B4:CE:26:1D
   1.123 -#   | 18:81:F5:22:18:BA:EB:15:FF:40:30:00:EA:C0:B4:2E:EC:AE:86:8E
   1.124 +#   | B8:B8:A8:AE:B8:2A:2B:74:EC:43:FF:4F:B2:B2:AC:1E:B4:CE:26:1D user1
   1.125 +#   | 18:81:F5:22:18:BA:EB:15:FF:40:30:00:EA:C0:B4:2E:EC:AE:86:8E user2
   1.126  
   1.127  </file>

Mercurial Repository: OpenPKG Specs

Europalab SCM Repository Server

mercurial