diff options
Diffstat (limited to 'man/qmail-mfrules.9')
| -rw-r--r-- | man/qmail-mfrules.9 | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/man/qmail-mfrules.9 b/man/qmail-mfrules.9 new file mode 100644 index 0000000..17d575f --- /dev/null +++ b/man/qmail-mfrules.9 @@ -0,0 +1,108 @@ +.TH s/qmail: qmail-mfrules 8 +.SH "NAME" +qmail-mfrules \- prepare mfrules for qmail-smtpd +.SH SYNOPSIS +.B qmail-mfrules + +.SH "DESCRIPTION" +.B qmail-mfrules +reads the addresses provided in +.BR SQMAIL/control/mailfromrules , +converts them into lowercase, and writes them into +.B SQMAIL/control/mailfromrules.cdb +in a binary format suited +for quick access by +.BR qmail-smtpd . + +If there is a problem with +.BR control/mailfromrules , +.B qmail-mfrules +complains and leaves +.B control/mailfromrules.cdb +alone. + +.B qmail-mfrules +ensures that +.B control/mailfromrules.cdb +is updated atomically, +so +.B qmail-smtpd +never has to wait for +.B qmail-mfrules +to finish. +However, +.B qmail-mfrules +makes no attempt to protect against two simultaneous updates of +.BR control/mailfromrules.cdb . + +The binary +.B control/mailfromrules.cdb +format is portable across machines. + +.SH "RULE FORMAT" +A rule is one line. A file containing rules may also contain comments: lines +beginning with # are ignored. All addresses are evaluated case-insensitive. + +Each rule contains an address, an ampersend sign '&', and a list of strings separated by +commas to be used for 'Mail From: Address Verification' (MAV). When +.BR qmail-smtpd (8) +receives a connection from that address, it checks whether the received +envelope sender address correspondes with a MAV string (from the right +to the left). +The MAV string for an address may be NULL in order to allow any envelope +sender address. NULLSENDER envelope addresses are not subject of the MAV. + +.SH "RULE BASE" +.BR qmail-smtpd (8) +looks for rules with various addresses in the following order: +.IP 1 +$TCPREMOTEINFO, if $TCPREMOTEINFO is set (e.g. by SMTP Authentication); +.IP 2. +$TCPREMOTEINFO@$TCPREMOTEIP, if $TCPREMOTEINFO is set; +.IP 3. +$TCPREMOTEINFO@=$TCPREMOTEHOST, if $TCPREMOTEINFO is set and $TCPREMOTEHOST is +set; +.IP 4. +the dotted decimal $TCPREMOTEIP address; +.IP 5. +the compactified $TCPREMOTEIP6 address; +.IP 6. +=$TCPREMOTEHOST, if $TCPREMOTEHOST is set; +.IP 7. +shorter and shorter prefixes of $TCPREMOTEIP ending with a dot; +.IP 8. +shorter and shorter values of $TCPREMOTEIP6 ending with a colon; +.IP 9. +shorter and shorter suffixes of $TCPREMOTEHOST starting with a dot, preceded +by =, if $TCPREMOTEHOST is set; and finally +.IP 10. +=, if $TCPREMOTEHOST is set. +.P +.B qmail-smtpd +employes the first matching rule for the MAV check. You should use the +.B -p +option to +.BR sslserver +if you rely on $TCPREMOTEHOST here. + +For example, here are some rules: + +.EX + jsmith@virtualdomain.com&john.smith@virtualdomain.com + joe@18.23.0.32&joe@example.com + 18.23&@example.com + =.heaven.mil&God@heaven.mil,st.peter@heaven.mil,-angles@heaven.mil + fe80:&user@myhost.local + 2001::feh:abc9:&me@fehnet.com +.EE + +.SH "IP-ADDRESSES" +.B qmail-mfrules +recognizes the dotted-decimal IPv4 and the compactified +IPv6 addresses tokenized by the 'dot' or the 'colon' character +and compares the respective parts from right to left. +However, the CIDR address format is not supported (yet). + + +.SH "SEE ALSO" +qmail-smtpd(8) |