Tema: Re: Postfix/Amavis/MySQL ir whitelist
Autorius: Nerijus Kislauskas
Data: 2011-10-24 17:23:17
On 10/20/2011 05:18 PM, Nerijus Kislauskas wrote:
> c) *Koks nors man dar nežinomas būdas.*
c) įdarbinti "MYNETS" ir/arba "MYUSERS" built-in policy bankus
two policy names are hard-wired:
MYNETS: client IP address matches @mynetworks (XFORWARD)
MYUSERS: sender matches @local_domains_maps
--MYNETS--
@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
!192.168.1.1 192.168.1.0/24 );
$policy_bank{'MYNETS'} = { # clients in @mynetworks
....
bypass_spam_checks_maps => [1], # don't spam-check internal mail
....
};
Tinka kai klientai yra žinomuose IP rėžiuose, netinka kai IP dinaminiai.
--MYUSERS--
@*_maps are lists of references to lookup tables:
@local_domains_maps = (); # empty list
@local_domains_maps = ( 1 ); # one element list of const
@local_domains_maps = ( [".$mydomain"] ); # one element list,
acl
@local_domains_maps =
( [qw( .example.com !host.sub.example.net .sub.example.net )] ) ;
@local_domains_maps = ( new_RE( qr'[@.]example\.com$'i ) ) ;
@local_domains_maps = (read_hash("$MYHOME/local_domains"));
$policy_bank{'MYUSERS'} = {
....
originating => 1,
bypass_spam_checks_maps => [1], # don't spam-check internal mail
....
};
a policy bank name 'MYUSERS' now has a special semantics: this policy
bank gets loaded whenever the sender matches @local_domains_maps. This
only makes sense if local sender addresses can be trusted -- for example
by requiring authentication before letting users send with their local
address; the feature requested and a patch provided by Steffen Hansen;
(a note from future: starting with 2.6.0 an additional requirement for
loading a policy bank 'MYUSERS' is that 'originating' flag is on, which
typically means that mail is coming from internal networks or
authenticated roaming users);
Tinka kai pasitikima siuntėjo domenu.
--
Pagarbiai