[people/pmueller/ipfire-2.x.git] / config / postfix / access

# ACCESS(5)                                                            ACCESS(5)
# 
# NAME
#        access - Postfix access table format
# 
# SYNOPSIS
#        postmap /etc/postfix/access
# 
#        postmap -q "string" /etc/postfix/access
# 
#        postmap -q - /etc/postfix/access <inputfile
# 
# DESCRIPTION
#        The  optional  access(5)  table  directs  the Postfix SMTP
#        server to selectively reject or accept mail. Access can be
#        allowed  or  denied for specific host names, domain names,
#        networks, host addresses or mail addresses.
# 
#        For an example, see the EXAMPLE section at the end of this
#        manual page.
# 
#        Normally,  the access(5) table is specified as a text file
#        that serves as  input  to  the  postmap(1)  command.   The
#        result,  an  indexed file in dbm or db format, is used for
#        fast searching by the mail  system.  Execute  the  command
#        "postmap  /etc/postfix/access"  in  order  to  rebuild the
#        indexed file after changing the access table.
# 
#        When the table is provided via other means  such  as  NIS,
#        LDAP  or  SQL,  the  same lookups are done as for ordinary
#        indexed files.
# 
#        Alternatively, the table can be  provided  as  a  regular-
#        expression map where patterns are given as regular expres-
#        sions, or lookups can be directed to TCP-based server.  In
#        that  case,  the  lookups are done in a slightly different
#        way as described below under "REGULAR  EXPRESSION  TABLES"
#        and "TCP-BASED TABLES".
# 
# TABLE FORMAT
#        The input format for the postmap(1) command is as follows:
# 
#        pattern action
#               When pattern matches a mail address, domain or host
#               address, perform the corresponding action.
# 
#        blank lines and comments
#               Empty  lines and whitespace-only lines are ignored,
#               as are lines whose first  non-whitespace  character
#               is a `#'.
# 
#        multi-line text
#               A  logical  line starts with non-whitespace text. A
#               line that starts with whitespace continues a  logi-
#               cal line.
# 
# EMAIL ADDRESS PATTERNS
#        With lookups from indexed files such as DB or DBM, or from
#        networked tables such as NIS, LDAP or  SQL,  patterns  are
#        tried in the order as listed below:
# 
#        user@domain
#               Matches the specified mail address.
# 
#        domain.tld
#               Matches  domain.tld  as the domain part of an email
#               address.
# 
#               The pattern domain.tld also matches subdomains, but
#               only when the string smtpd_access_maps is listed in
#               the Postfix  parent_domain_matches_subdomains  con-
#               figuration  setting  (note that this is the default
#               for some versions of Postfix).  Otherwise,  specify
#               .domain.tld  (note  the  initial  dot)  in order to
#               match subdomains.
# 
#        user@  Matches all mail addresses with the specified  user
#               part.
# 
#        Note:  lookup  of  the null sender address is not possible
#        with some types of lookup table. By default, Postfix  uses
#        <>  as  the  lookup  key  for such addresses. The value is
#        specified with the smtpd_null_access_lookup_key  parameter
#        in the Postfix main.cf file.
# 
# EMAIL ADDRESS EXTENSION
#        When a mail address localpart contains the optional recip-
#        ient delimiter (e.g., user+foo@domain), the  lookup  order
#        becomes:  user+foo@domain, user@domain, domain, user+foo@,
#        and user@.
# 
# HOST NAME/ADDRESS PATTERNS
#        With lookups from indexed files such as DB or DBM, or from
#        networked  tables  such as NIS, LDAP or SQL, the following
#        lookup patterns are examined in the order as listed:
# 
#        domain.tld
#               Matches domain.tld.
# 
#               The pattern domain.tld also matches subdomains, but
#               only when the string smtpd_access_maps is listed in
#               the Postfix  parent_domain_matches_subdomains  con-
#               figuration setting.  Otherwise, specify .domain.tld
#               (note the initial dot) in  order  to  match  subdo-
#               mains.
# 
#        net.work.addr.ess
# 
#        net.work.addr
# 
#        net.work
# 
#        net    Matches  the specified IPv4 host address or subnet-
#               work. An IPv4 host address is a  sequence  of  four
#               decimal octets separated by ".".
# 
#               Subnetworks  are  matched  by repeatedly truncating
#               the last ".octet" from the remote IPv4 host address
#               string  until a match is found in the access table,
#               or until further truncation is not possible.
# 
#               NOTE 1: The information in the access map should be
#               in canonical form, with unnecessary null characters
#               eliminated.   Address  information  must   not   be
#               enclosed with "[]" characters.
# 
#               NOTE  2:  use the cidr lookup table type to specify
#               network/netmask  patterns.  See  cidr_table(5)  for
#               details.
# 
#        net:work:addr:ess
# 
#        net:work:addr
# 
#        net:work
# 
#        net    Matches  the specified IPv6 host address or subnet-
#               work. An IPv6 host address is a sequence  of  three
#               to  eight hexadecimal octet pairs separated by ":".
# 
#               Subnetworks are matched  by  repeatedly  truncating
#               the  last  ":octetpair"  from  the remote IPv6 host
#               address string until a match is found in the access
#               table, or until further truncation is not possible.
# 
#               NOTE 1: the truncation and comparison are done with
#               the string representation of the IPv6 host address.
#               Thus, not all the ":" subnetworks will be tried.
# 
#               NOTE 2: The information in the access map should be
#               in canonical form, with unnecessary null characters
#               eliminated.   Address  information  must   not   be
#               enclosed with "[]" characters.
# 
#               NOTE  3:  use the cidr lookup table type to specify
#               network/netmask  patterns.  See  cidr_table(5)  for
#               details.
# 
#               IPv6 support is available in Postfix 2.2 and later.
# 
# ACCEPT ACTIONS
#        OK     Accept the address etc. that matches the pattern.
# 
#        all-numerical
#               An all-numerical result is treated as OK. This for-
#               mat  is generated by address-based relay authoriza-
#               tion schemes.
# 
# REJECT ACTIONS
#        4NN text
# 
#        5NN text
#               Reject the address etc. that matches  the  pattern,
#               and respond with the numerical three-digit code and
#               text. 4NN means "try again later", while 5NN  means
#               "do not try again".
# 
#        REJECT optional text...
#               Reject  the  address etc. that matches the pattern.
#               Reply with $reject_code optional text...  when  the
#               optional  text is specified, otherwise reply with a
#               generic error response message.
# 
#        DEFER_IF_REJECT optional text...
#               Defer the request if some later  restriction  would
#               result in a REJECT action. Reply with "450 optional
#               text... when the optional text is specified, other-
#               wise reply with a generic error response message.
# 
#               This feature is available in Postfix 2.1 and later.
# 
#        DEFER_IF_PERMIT optional text...
#               Defer the request if some later  restriction  would
#               result  in a an explicit or implicit PERMIT action.
#               Reply with "450 optional text... when the  optional
#               text  is  specified, otherwise reply with a generic
#               error response message.
# 
#               This feature is available in Postfix 2.1 and later.
# 
# OTHER ACTIONS
#        restriction...
#               Apply the named UCE restriction(s) (permit, reject,
#               reject_unauth_destination, and so on).
# 
#        DISCARD optional text...
#               Claim successful delivery and silently discard  the
#               message.   Log the optional text if specified, oth-
#               erwise log a generic message.
# 
#               Note: this action currently affects all  recipients
#               of the message.
# 
#               This feature is available in Postfix 2.0 and later.
# 
#        DUNNO  Pretend that the lookup key  was  not  found.  This
#               prevents  Postfix  from  trying  substrings  of the
#               lookup key (such as a subdomain name, or a  network
#               address subnetwork).
# 
#               This feature is available in Postfix 2.0 and later.
# 
#        FILTER transport:destination
#               After the message is queued, send the  entire  mes-
#               sage through the specified external content filter.
#               The transport:destination syntax  is  described  in
#               the  transport(5)  manual  page.   More information
#               about external content filters is  in  the  Postfix
#               FILTER_README file.
# 
#               Note:   this  action  overrides  the  main.cf  con-
#               tent_filter  setting,  and  currently  affects  all
#               recipients of the message.
# 
#               This feature is available in Postfix 2.0 and later.
# 
#        HOLD optional text...
#               Place the message on the hold queue, where it  will
#               sit  until someone either deletes it or releases it
#               for delivery.  Log the optional text if  specified,
#               otherwise log a generic message.
# 
#               Mail  that  is  placed on hold can be examined with
#               the postcat(1) command, and  can  be  destroyed  or
#               released with the postsuper(1) command.
# 
#               Note:  use  "postsuper -r" to release mail that was
#               kept on hold for a significant fraction  of  $maxi-
#               mal_queue_lifetime  or  $bounce_queue_lifetime,  or
#               longer.
# 
#               Note: this action currently affects all  recipients
#               of the message.
# 
#               This feature is available in Postfix 2.0 and later.
# 
#        PREPEND headername: headervalue
#               Prepend the specified message header  to  the  mes-
#               sage.  When this action is used multiple times, the
#               first prepended header appears  before  the  second
#               etc. prepended header.
# 
#               Note:  this action does not support multi-line mes-
#               sage headers.
# 
#               Note: this action must be used before  the  message
#               content   is   received;   it  cannot  be  used  in
#               smtpd_end_of_data_restrictions.
# 
#               This feature is available in Postfix 2.1 and later.
# 
#        REDIRECT user@domain
#               After  the  message  is queued, send the message to
#               the  specified  address  instead  of  the  intended
#               recipient(s).
# 
#               Note:  this action overrides the FILTER action, and
#               currently affects all recipients of the message.
# 
#               This feature is available in Postfix 2.1 and later.
# 
#        WARN optional text...
#               Log a warning with the optional text, together with
#               client information and  if  available,  with  helo,
#               sender, recipient and protocol information.
# 
#               This feature is available in Postfix 2.1 and later.
# 
# REGULAR EXPRESSION TABLES
#        This section describes how the table lookups  change  when
#        the table is given in the form of regular expressions. For
#        a description of regular expression lookup  table  syntax,
#        see regexp_table(5) or pcre_table(5).
# 
#        Each  pattern  is  a regular expression that is applied to
#        the entire string being looked up. Depending on the appli-
#        cation,  that  string  is  an  entire  client hostname, an
#        entire client IP address, or an entire mail address. Thus,
#        no  parent  domain  or  parent  network  search  is  done,
#        user@domain mail addresses are not broken  up  into  their
#        user@ and domain constituent parts, nor is user+foo broken
#        up into user and foo.
# 
#        Patterns are applied in the order as specified in the  ta-
#        ble,  until  a  pattern  is  found that matches the search
#        string.
# 
#        Actions are the same as with indexed  file  lookups,  with
#        the  additional feature that parenthesized substrings from
#        the pattern can be interpolated as $1, $2 and so on.
# 
# TCP-BASED TABLES
#        This section describes how the table lookups  change  when
#        lookups are directed to a TCP-based server. For a descrip-
#        tion of the TCP client/server lookup protocol, see tcp_ta-
#        ble(5).  This feature is not available up to and including
#        Postfix version 2.2.
# 
#        Each lookup operation uses the entire query  string  once.
#        Depending  on  the  application,  that string is an entire
#        client hostname, an entire client IP address, or an entire
#        mail  address.   Thus,  no parent domain or parent network
#        search is done, user@domain mail addresses are not  broken
#        up  into  their user@ and domain constituent parts, nor is
#        user+foo broken up into user and foo.
# 
#        Actions are the same as with indexed file lookups.
# 
# EXAMPLE
#        The following example uses an indexed file,  so  that  the
#        order  of  table entries does not matter. The example per-
#        mits access by the client at address 1.2.3.4  but  rejects
#        all  other  clients  in 1.2.3.0/24. Instead of hash lookup
#        tables, some systems use dbm.  Use the  command  "postconf
#        -m"  to  find  out  what lookup tables Postfix supports on
#        your system.
# 
#        /etc/postfix/main.cf:
#            smtpd_client_restrictions =
#                check_client_access hash:/etc/postfix/access
# 
#        /etc/postfix/access:
#            1.2.3   REJECT
#            1.2.3.4 OK
# 
#        Execute the command "postmap /etc/postfix/access" after
#        editing the file.
# 
# BUGS
#        The table format does not understand quoting  conventions.
# 
# SEE ALSO
#        postmap(1), Postfix lookup table manager
#        smtpd(8), SMTP server
#        postconf(5), configuration parameters
#        transport(5), transport:nexthop syntax
# 
# README FILES
#        Use  "postconf  readme_directory" or "postconf html_direc-
#        tory" to locate this information.
#        SMTPD_ACCESS_README, built-in SMTP server access control
#        DATABASE_README, Postfix lookup table overview
# 
# LICENSE
#        The Secure Mailer license must be  distributed  with  this
#        software.
# 
# AUTHOR(S)
#        Wietse Venema
#        IBM T.J. Watson Research
#        P.O. Box 704
#        Yorktown Heights, NY 10598, USA
# 
#                                                                      ACCESS(5)
Commit	Line	Data
3796e3d5 MT	1	# ACCESS(5) ACCESS(5)
	2	#
	3	# NAME
	4	# access - Postfix access table format
	5	#
	6	# SYNOPSIS
	7	# postmap /etc/postfix/access
	8	#
	9	# postmap -q "string" /etc/postfix/access
	10	#
	11	# postmap -q - /etc/postfix/access <inputfile
	12	#
	13	# DESCRIPTION
	14	# The optional access(5) table directs the Postfix SMTP
	15	# server to selectively reject or accept mail. Access can be
	16	# allowed or denied for specific host names, domain names,
	17	# networks, host addresses or mail addresses.
	18	#
	19	# For an example, see the EXAMPLE section at the end of this
	20	# manual page.
	21	#
	22	# Normally, the access(5) table is specified as a text file
	23	# that serves as input to the postmap(1) command. The
	24	# result, an indexed file in dbm or db format, is used for
	25	# fast searching by the mail system. Execute the command
	26	# "postmap /etc/postfix/access" in order to rebuild the
	27	# indexed file after changing the access table.
	28	#
	29	# When the table is provided via other means such as NIS,
	30	# LDAP or SQL, the same lookups are done as for ordinary
	31	# indexed files.
	32	#
	33	# Alternatively, the table can be provided as a regular-
	34	# expression map where patterns are given as regular expres-
	35	# sions, or lookups can be directed to TCP-based server. In
	36	# that case, the lookups are done in a slightly different
	37	# way as described below under "REGULAR EXPRESSION TABLES"
	38	# and "TCP-BASED TABLES".
	39	#
	40	# TABLE FORMAT
	41	# The input format for the postmap(1) command is as follows:
	42	#
	43	# pattern action
	44	# When pattern matches a mail address, domain or host
	45	# address, perform the corresponding action.
	46	#
	47	# blank lines and comments
	48	# Empty lines and whitespace-only lines are ignored,
	49	# as are lines whose first non-whitespace character
	50	# is a `#'.
	51	#
	52	# multi-line text
	53	# A logical line starts with non-whitespace text. A
	54	# line that starts with whitespace continues a logi-
	55	# cal line.
	56	#
	57	# EMAIL ADDRESS PATTERNS
	58	# With lookups from indexed files such as DB or DBM, or from
	59	# networked tables such as NIS, LDAP or SQL, patterns are
	60	# tried in the order as listed below:
	61	#
	62	# user@domain
	63	# Matches the specified mail address.
	64	#
65	# domain.tld
66	# Matches domain.tld as the domain part of an email
67	# address.
68	#
69	# The pattern domain.tld also matches subdomains, but
70	# only when the string smtpd_access_maps is listed in
71	# the Postfix parent_domain_matches_subdomains con-
72	# figuration setting (note that this is the default
73	# for some versions of Postfix). Otherwise, specify
74	# .domain.tld (note the initial dot) in order to
75	# match subdomains.
76	#
77	# user@ Matches all mail addresses with the specified user
78	# part.
79	#
80	# Note: lookup of the null sender address is not possible
81	# with some types of lookup table. By default, Postfix uses
82	# <> as the lookup key for such addresses. The value is
83	# specified with the smtpd_null_access_lookup_key parameter
84	# in the Postfix main.cf file.
85	#
86	# EMAIL ADDRESS EXTENSION
87	# When a mail address localpart contains the optional recip-
88	# ient delimiter (e.g., user+foo@domain), the lookup order
89	# becomes: user+foo@domain, user@domain, domain, user+foo@,
90	# and user@.
91	#
92	# HOST NAME/ADDRESS PATTERNS
93	# With lookups from indexed files such as DB or DBM, or from
94	# networked tables such as NIS, LDAP or SQL, the following
95	# lookup patterns are examined in the order as listed:
96	#
97	# domain.tld
98	# Matches domain.tld.
99	#
100	# The pattern domain.tld also matches subdomains, but
101	# only when the string smtpd_access_maps is listed in
102	# the Postfix parent_domain_matches_subdomains con-
103	# figuration setting. Otherwise, specify .domain.tld
104	# (note the initial dot) in order to match subdo-
105	# mains.
106	#
107	# net.work.addr.ess
108	#
109	# net.work.addr
110	#
111	# net.work
112	#
113	# net Matches the specified IPv4 host address or subnet-
114	# work. An IPv4 host address is a sequence of four
115	# decimal octets separated by ".".
116	#
117	# Subnetworks are matched by repeatedly truncating
118	# the last ".octet" from the remote IPv4 host address
119	# string until a match is found in the access table,
120	# or until further truncation is not possible.
121	#
122	# NOTE 1: The information in the access map should be
123	# in canonical form, with unnecessary null characters
124	# eliminated. Address information must not be
125	# enclosed with "[]" characters.
126	#
127	# NOTE 2: use the cidr lookup table type to specify
128	# network/netmask patterns. See cidr_table(5) for
129	# details.
130	#
131	# net:work:addr:ess
132	#
133	# net:work:addr
134	#
135	# net:work
136	#
137	# net Matches the specified IPv6 host address or subnet-
138	# work. An IPv6 host address is a sequence of three
139	# to eight hexadecimal octet pairs separated by ":".
140	#
141	# Subnetworks are matched by repeatedly truncating
142	# the last ":octetpair" from the remote IPv6 host
143	# address string until a match is found in the access
144	# table, or until further truncation is not possible.
145	#
146	# NOTE 1: the truncation and comparison are done with
147	# the string representation of the IPv6 host address.
148	# Thus, not all the ":" subnetworks will be tried.
149	#
150	# NOTE 2: The information in the access map should be
151	# in canonical form, with unnecessary null characters
152	# eliminated. Address information must not be
153	# enclosed with "[]" characters.
154	#
155	# NOTE 3: use the cidr lookup table type to specify
156	# network/netmask patterns. See cidr_table(5) for
157	# details.
158	#
159	# IPv6 support is available in Postfix 2.2 and later.
160	#
161	# ACCEPT ACTIONS
162	# OK Accept the address etc. that matches the pattern.
163	#
164	# all-numerical
165	# An all-numerical result is treated as OK. This for-
166	# mat is generated by address-based relay authoriza-
167	# tion schemes.
168	#
169	# REJECT ACTIONS
170	# 4NN text
171	#
172	# 5NN text
173	# Reject the address etc. that matches the pattern,
174	# and respond with the numerical three-digit code and
175	# text. 4NN means "try again later", while 5NN means
176	# "do not try again".
177	#
178	# REJECT optional text...
179	# Reject the address etc. that matches the pattern.
180	# Reply with $reject_code optional text... when the
181	# optional text is specified, otherwise reply with a
182	# generic error response message.
183	#
184	# DEFER_IF_REJECT optional text...
185	# Defer the request if some later restriction would
186	# result in a REJECT action. Reply with "450 optional
187	# text... when the optional text is specified, other-
188	# wise reply with a generic error response message.
189	#
190	# This feature is available in Postfix 2.1 and later.
191	#
192	# DEFER_IF_PERMIT optional text...
193	# Defer the request if some later restriction would
194	# result in a an explicit or implicit PERMIT action.
195	# Reply with "450 optional text... when the optional
196	# text is specified, otherwise reply with a generic
197	# error response message.
198	#
199	# This feature is available in Postfix 2.1 and later.
200	#
201	# OTHER ACTIONS
202	# restriction...
203	# Apply the named UCE restriction(s) (permit, reject,
204	# reject_unauth_destination, and so on).
205	#
206	# DISCARD optional text...
207	# Claim successful delivery and silently discard the
208	# message. Log the optional text if specified, oth-
209	# erwise log a generic message.
210	#
211	# Note: this action currently affects all recipients
212	# of the message.
213	#
214	# This feature is available in Postfix 2.0 and later.
215	#
216	# DUNNO Pretend that the lookup key was not found. This
217	# prevents Postfix from trying substrings of the
218	# lookup key (such as a subdomain name, or a network
219	# address subnetwork).
220	#
221	# This feature is available in Postfix 2.0 and later.
222	#
223	# FILTER transport:destination
224	# After the message is queued, send the entire mes-
225	# sage through the specified external content filter.
226	# The transport:destination syntax is described in
227	# the transport(5) manual page. More information
228	# about external content filters is in the Postfix
229	# FILTER_README file.
230	#
231	# Note: this action overrides the main.cf con-
232	# tent_filter setting, and currently affects all
233	# recipients of the message.
234	#
235	# This feature is available in Postfix 2.0 and later.
236	#
237	# HOLD optional text...
238	# Place the message on the hold queue, where it will
239	# sit until someone either deletes it or releases it
240	# for delivery. Log the optional text if specified,
241	# otherwise log a generic message.
242	#
243	# Mail that is placed on hold can be examined with
244	# the postcat(1) command, and can be destroyed or
245	# released with the postsuper(1) command.
246	#
247	# Note: use "postsuper -r" to release mail that was
248	# kept on hold for a significant fraction of $maxi-
249	# mal_queue_lifetime or $bounce_queue_lifetime, or
250	# longer.
251	#
252	# Note: this action currently affects all recipients
253	# of the message.
254	#
255	# This feature is available in Postfix 2.0 and later.
256	#
257	# PREPEND headername: headervalue
258	# Prepend the specified message header to the mes-
259	# sage. When this action is used multiple times, the
260	# first prepended header appears before the second
261	# etc. prepended header.
262	#
263	# Note: this action does not support multi-line mes-
264	# sage headers.
265	#
266	# Note: this action must be used before the message
267	# content is received; it cannot be used in
268	# smtpd_end_of_data_restrictions.
269	#
270	# This feature is available in Postfix 2.1 and later.
271	#
272	# REDIRECT user@domain
273	# After the message is queued, send the message to
274	# the specified address instead of the intended
275	# recipient(s).
276	#
277	# Note: this action overrides the FILTER action, and
278	# currently affects all recipients of the message.
279	#
280	# This feature is available in Postfix 2.1 and later.
281	#
282	# WARN optional text...
283	# Log a warning with the optional text, together with
284	# client information and if available, with helo,
285	# sender, recipient and protocol information.
286	#
287	# This feature is available in Postfix 2.1 and later.
288	#
289	# REGULAR EXPRESSION TABLES
290	# This section describes how the table lookups change when
291	# the table is given in the form of regular expressions. For
292	# a description of regular expression lookup table syntax,
293	# see regexp_table(5) or pcre_table(5).
294	#
295	# Each pattern is a regular expression that is applied to
296	# the entire string being looked up. Depending on the appli-
297	# cation, that string is an entire client hostname, an
298	# entire client IP address, or an entire mail address. Thus,
299	# no parent domain or parent network search is done,
300	# user@domain mail addresses are not broken up into their
301	# user@ and domain constituent parts, nor is user+foo broken
302	# up into user and foo.
303	#
304	# Patterns are applied in the order as specified in the ta-
305	# ble, until a pattern is found that matches the search
306	# string.
307	#
308	# Actions are the same as with indexed file lookups, with
309	# the additional feature that parenthesized substrings from
310	# the pattern can be interpolated as $1, $2 and so on.
311	#
312	# TCP-BASED TABLES
313	# This section describes how the table lookups change when
314	# lookups are directed to a TCP-based server. For a descrip-
315	# tion of the TCP client/server lookup protocol, see tcp_ta-
316	# ble(5). This feature is not available up to and including
317	# Postfix version 2.2.
318	#
319	# Each lookup operation uses the entire query string once.
320	# Depending on the application, that string is an entire
321	# client hostname, an entire client IP address, or an entire
322	# mail address. Thus, no parent domain or parent network
323	# search is done, user@domain mail addresses are not broken
324	# up into their user@ and domain constituent parts, nor is
325	# user+foo broken up into user and foo.
326	#
327	# Actions are the same as with indexed file lookups.
328	#
329	# EXAMPLE
330	# The following example uses an indexed file, so that the
331	# order of table entries does not matter. The example per-
332	# mits access by the client at address 1.2.3.4 but rejects
333	# all other clients in 1.2.3.0/24. Instead of hash lookup
334	# tables, some systems use dbm. Use the command "postconf
335	# -m" to find out what lookup tables Postfix supports on
336	# your system.
337	#
338	# /etc/postfix/main.cf:
339	# smtpd_client_restrictions =
340	# check_client_access hash:/etc/postfix/access
341	#
342	# /etc/postfix/access:
343	# 1.2.3 REJECT
344	# 1.2.3.4 OK
345	#
346	# Execute the command "postmap /etc/postfix/access" after
347	# editing the file.
348	#
349	# BUGS
350	# The table format does not understand quoting conventions.
351	#
352	# SEE ALSO
353	# postmap(1), Postfix lookup table manager
354	# smtpd(8), SMTP server
355	# postconf(5), configuration parameters
356	# transport(5), transport:nexthop syntax
357	#
358	# README FILES
359	# Use "postconf readme_directory" or "postconf html_direc-
360	# tory" to locate this information.
361	# SMTPD_ACCESS_README, built-in SMTP server access control
362	# DATABASE_README, Postfix lookup table overview
363	#
364	# LICENSE
365	# The Secure Mailer license must be distributed with this
366	# software.
367	#
368	# AUTHOR(S)
369	# Wietse Venema
370	# IBM T.J. Watson Research
371	# P.O. Box 704
372	# Yorktown Heights, NY 10598, USA
373	#
374	# ACCESS(5)