summaryrefslogtreecommitdiff
path: root/man/qmail-mfrules.9
diff options
context:
space:
mode:
authorJannis Hoffmann <jannis@fehcom.de>2024-07-03 15:48:04 +0200
committerJannis Hoffmann <jannis@fehcom.de>2024-07-03 15:48:04 +0200
commit89b7b67a13ebb7965cc7f13ad0595e2194a2d34c (patch)
tree25efd77a90ae87236e6730d8ea3846bbe0fd126f /man/qmail-mfrules.9
add sqmail-4.2.29asqmail-4.2
Diffstat (limited to 'man/qmail-mfrules.9')
-rw-r--r--man/qmail-mfrules.9108
1 files changed, 108 insertions, 0 deletions
diff --git a/man/qmail-mfrules.9 b/man/qmail-mfrules.9
new file mode 100644
index 0000000..17d575f
--- /dev/null
+++ b/man/qmail-mfrules.9
@@ -0,0 +1,108 @@
+.TH s/qmail: qmail-mfrules 8
+.SH "NAME"
+qmail-mfrules \- prepare mfrules for qmail-smtpd
+.SH SYNOPSIS
+.B qmail-mfrules
+
+.SH "DESCRIPTION"
+.B qmail-mfrules
+reads the addresses provided in
+.BR SQMAIL/control/mailfromrules ,
+converts them into lowercase, and writes them into
+.B SQMAIL/control/mailfromrules.cdb
+in a binary format suited
+for quick access by
+.BR qmail-smtpd .
+
+If there is a problem with
+.BR control/mailfromrules ,
+.B qmail-mfrules
+complains and leaves
+.B control/mailfromrules.cdb
+alone.
+
+.B qmail-mfrules
+ensures that
+.B control/mailfromrules.cdb
+is updated atomically,
+so
+.B qmail-smtpd
+never has to wait for
+.B qmail-mfrules
+to finish.
+However,
+.B qmail-mfrules
+makes no attempt to protect against two simultaneous updates of
+.BR control/mailfromrules.cdb .
+
+The binary
+.B control/mailfromrules.cdb
+format is portable across machines.
+
+.SH "RULE FORMAT"
+A rule is one line. A file containing rules may also contain comments: lines
+beginning with # are ignored. All addresses are evaluated case-insensitive.
+
+Each rule contains an address, an ampersend sign '&', and a list of strings separated by
+commas to be used for 'Mail From: Address Verification' (MAV). When
+.BR qmail-smtpd (8)
+receives a connection from that address, it checks whether the received
+envelope sender address correspondes with a MAV string (from the right
+to the left).
+The MAV string for an address may be NULL in order to allow any envelope
+sender address. NULLSENDER envelope addresses are not subject of the MAV.
+
+.SH "RULE BASE"
+.BR qmail-smtpd (8)
+looks for rules with various addresses in the following order:
+.IP 1
+$TCPREMOTEINFO, if $TCPREMOTEINFO is set (e.g. by SMTP Authentication);
+.IP 2.
+$TCPREMOTEINFO@$TCPREMOTEIP, if $TCPREMOTEINFO is set;
+.IP 3.
+$TCPREMOTEINFO@=$TCPREMOTEHOST, if $TCPREMOTEINFO is set and $TCPREMOTEHOST is
+set;
+.IP 4.
+the dotted decimal $TCPREMOTEIP address;
+.IP 5.
+the compactified $TCPREMOTEIP6 address;
+.IP 6.
+=$TCPREMOTEHOST, if $TCPREMOTEHOST is set;
+.IP 7.
+shorter and shorter prefixes of $TCPREMOTEIP ending with a dot;
+.IP 8.
+shorter and shorter values of $TCPREMOTEIP6 ending with a colon;
+.IP 9.
+shorter and shorter suffixes of $TCPREMOTEHOST starting with a dot, preceded
+by =, if $TCPREMOTEHOST is set; and finally
+.IP 10.
+=, if $TCPREMOTEHOST is set.
+.P
+.B qmail-smtpd
+employes the first matching rule for the MAV check. You should use the
+.B -p
+option to
+.BR sslserver
+if you rely on $TCPREMOTEHOST here.
+
+For example, here are some rules:
+
+.EX
+ jsmith@virtualdomain.com&john.smith@virtualdomain.com
+ joe@18.23.0.32&joe@example.com
+ 18.23&@example.com
+ =.heaven.mil&God@heaven.mil,st.peter@heaven.mil,-angles@heaven.mil
+ fe80:&user@myhost.local
+ 2001::feh:abc9:&me@fehnet.com
+.EE
+
+.SH "IP-ADDRESSES"
+.B qmail-mfrules
+recognizes the dotted-decimal IPv4 and the compactified
+IPv6 addresses tokenized by the 'dot' or the 'colon' character
+and compares the respective parts from right to left.
+However, the CIDR address format is not supported (yet).
+
+
+.SH "SEE ALSO"
+qmail-smtpd(8)