X-Git-Url: http://git.madism.org/?a=blobdiff_plain;f=example%2Fpostlicyd.conf;h=e41ac813050a5f46bfa4af6cb562007a737c2a37;hb=fc34c421f18b6bd6a28b3740ae85efdbbd0460ea;hp=075d82a984cbed4c12818db9267a34fc2e0ff218;hpb=bb7b60d0431952e250109275b59eb70fb05df378;p=apps%2Fpfixtools.git diff --git a/example/postlicyd.conf b/example/postlicyd.conf index 075d82a..e41ac81 100644 --- a/example/postlicyd.conf +++ b/example/postlicyd.conf @@ -40,6 +40,18 @@ # - a list of type-specific parameters # - a list of hooks (on_hookname) # +# Format: +# A filter look likes that: +# +# filter_name { +# type = type_name; +# param1 = parameter value 1; +# ... +# on_hook1 = action1; +# on_hook2 = action2; +# ... +# } +# # Hooks: # A filter can returns different values. Each return value is given a name. The # configuration associates an action to run to a return value name. @@ -68,7 +80,25 @@ # - If the score is strictly greater >= than hard_threshold, returns hard_match # - If the score is strictly greater >= than soft_threshold, returns soft_match # - Else, returns fail -# + +# Lookup in a rbl +spamhaus_and_abuseat { + type = iplist; + + # configuration + file = lock:10:/var/spool/postlicyd/rbl.spamhaus.org; + file = lock:1:/var/spool/postlicyd/cbl.abuseat.org; + soft_threshold = 1; + hard_threshold = 11; + + # hooks + on_soft_match = greylist; + on_hard_match = postfix:REJECT optional text; + on_fail = postfix:OK; + on_error = postfix:DUNNO; +} + + # - strlist: match strings from the query against a list of list. # Parameters: # - file: (non)?lock:(pre|suf)fix:weight:filename @@ -103,7 +133,21 @@ # (smtpd_sender_restrictions) # - to match recipient, you must on RCPT state (stmpd_recipient_restrictions) # - client_name and reverse_client_name are always available -# + +# Whitelist some clients +client_whitelist { + type = strlist; + + # configuration + file = lock:1:/var/spool/postlicyd/client_whitelist; + fields = client_name; + + # hooks + on_hard_match = postfix:OK; + on_fail = spamhaus_and_abuseat; +} + + # - greylist: greylister # Paramters: # - path: /my/path/ (required) @@ -126,17 +170,6 @@ # State: # this filter is a recipient filter and works in RCPT state only # (smtpd_recipient_restrictions). -# -# Format: -# A filter look likes that: -# -# filter_name { -# type = type_name; -# param1 = parameter value 1; -# ... -# on_action1 = action; -# } - # Perform greylisting greylist { @@ -152,35 +185,44 @@ greylist { } -# Lookup in a rbl -spamhaus_and_abuseat { - type = iplist; - - # configuration - file = lock:10:/var/spool/postlicyd/rbl.spamhaus.org; - file = lock:1:/var/spool/postlicyd/cbl.abuseat.org; - soft_threshold = 1; - hard_threshold = 11; - - # hooks - on_soft_match = greylist; - on_hard_match = postfix:REJECT optional text; - on_fail = postfix:OK; - on_error = postfix:DUNNO; -} - +# - match: direct matching against the query fields +# Parameters: +# - match_all: boolean +# if true, the filter won't match until all conditions +# are verified. If false, the filter match on the first +# verified condition. +# - condition: field_name OP (value) +# * the field_name is one of the field name of the query +# emitted by postfix. This list with description of each +# field is available at: +# http://www.postfix.org/SMTPD_POLICY_README.html +# * OP is an operator. Available operators are: +# == field_name is strictly equal to value +# =i field_name is case insensitively equal to value +# != field_name is not equal to value +# !i field_name is not case insensitively equal to value +# >= field_name contains value +# >i field_name contains case insensitively value +# <= field_name is contained by value +# = debian.org; + condition = recipient #=; - # hooks - on_hard_match = postfix:OK; - on_fail = spamhaus_and_abuseat; + # hook + on_match = postfix:OK; + on_fail = greylist; }