-
(default: empty)
-
Optional restrictions that the Postfix SMTP server applies in the
context of the MAIL FROM command.
The default is to permit everything.
Specify a list of restrictions, separated by commas and/or whitespace.
Continue long lines by starting the next line with whitespace.
Restrictions are applied in the order as specified; the first
restriction that matches wins.
The following restrictions are specific to the sender address
received with the MAIL FROM command.
-
- Search the specified database for the MAIL FROM
address, domain, parent domains, or localpart@, and execute the
corresponding action.
-
- Search the specified database for the MX hosts for
the MAIL FROM address, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later.
-
- Search the specified database for the DNS servers
for the MAIL FROM address, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later.
- Enforces the restriction for
authenticated clients only. This feature is available in
Postfix version 2.1 and later.
- Reject the request when the MAIL FROM address is not in
fully-qualified domain form, as required by the RFC.
The
parameter specifies the response code to
rejected requests (default: 504). - Reject the request when the MAIL FROM domain is listed with
the A record "d.d.d.d" under rbl_domain (Postfix
version 2.1 and later only). If no "=d.d.d.d" is specified,
reject the request when the reversed client network address is
listed with any A record under rbl_domain.
The
parameter specifies the response code for
rejected requests (default: 554); the parameter
specifies the default server reply; and the parameter
specifies tables with server replies indexed by rbl_domain.
This feature is available in Postfix 2.0 and later. - Reject the request when $ specifies an
owner for the MAIL FROM address, but the client is not (SASL) logged
in as that MAIL FROM address owner; or when the client is (SASL)
logged in, but the client login name doesn't own the MAIL FROM
address according to $.
- Enforces the restriction for
unauthenticated clients only. This feature is available in
Postfix version 2.1 and later.
- Reject the request when Postfix is not final destination for
the sender address, and the MAIL FROM address has no DNS A or MX
record, or when it has a malformed MX record such as a record with
a zero-length MX hostname (Postfix version 2.3 and later).
The
parameter specifies the response code
for rejected requests (default: 450). The response is always 450
in case of a temporary DNS error. - Reject the request when the MAIL FROM address is not listed in
the list of valid recipients for its domain class. See the
parameter description for details.
This feature is available in Postfix 2.1 and later.
- Reject the request when mail to the MAIL FROM address is known to
bounce, or when the sender address destination is not reachable.
Address verification information is managed by the server;
see the file for details.
The
parameter specifies the response when
an address is known to bounce (default: 450, change into 550 when
you are confident that it is safe to do so). Postfix replies with
450 when an address probe failed due to a temporary problem. This
feature is available in Postfix 2.1 and later.
Other restrictions that are valid in this context:
- restrictions that can be used
in any SMTP command context, described under .
- SMTP command specific restrictions described under
and .
- SMTP command specific restrictions described under
. When recipient restrictions are listed
under , they have effect only with
" = yes", so that $ is
evaluated at the time of the RCPT TO command.
Examples:
=
= ,
hash:/etc/postfix/access
阅读(3301) | 评论(1) | 转发(0) |