Header Ads Widget

[MAN] access

코드도사 11월 21, 2022
Content-type: text/html; charset=UTF-8 Man page of ACCESS

ACCESS

Section: Linux Programmer's Manual (2)
Updated: 2016-03-15
Index Return to Main Contents
 

NAME

access, faccessat - check user's permissions for a file  

SYNOPSIS

#include <unistd.h>

int access(const char *pathname, int mode);

#include <fcntl.h>           /* Definition of AT_* constants */
#include <unistd.h>

int faccessat(int dirfd, const char *pathname, int mode, int flags);

Feature Test Macro Requirements for glibc (see feature_test_macros(7)):

faccessat():

Since glibc 2.10:
_POSIX_C_SOURCE >= 200809L
Before glibc 2.10:
_ATFILE_SOURCE
 

DESCRIPTION

access() checks whether the calling process can access the file pathname. If pathname is a symbolic link, it is dereferenced.

The mode specifies the accessibility check(s) to be performed, and is either the value F_OK, or a mask consisting of the bitwise OR of one or more of R_OK, W_OK, and X_OK. F_OK tests for the existence of the file. R_OK, W_OK, and X_OK test whether the file exists and grants read, write, and execute permissions, respectively.

The check is done using the calling process's real UID and GID, rather than the effective IDs as is done when actually attempting an operation (e.g., open(2)) on the file. Similarly, for the root user, the check uses the set of permitted capabilities rather than the set of effective capabilities; and for non-root users, the check uses an empty set of capabilities.

This allows set-user-ID programs and capability-endowed programs to easily determine the invoking user's authority. In other words, access() does not answer the "can I read/write/execute this file?" question. It answers a slightly different question: "(assuming I'm a setuid binary) can the user who invoked me read/write/execute this file?", which gives set-user-ID programs the possibility to prevent malicious users from causing them to read files which users shouldn't be able to read.

If the calling process is privileged (i.e., its real UID is zero), then an X_OK check is successful for a regular file if execute permission is enabled for any of the file owner, group, or other.  

faccessat()

The faccessat() system call operates in exactly the same way as access(), except for the differences described here.

If the pathname given in pathname is relative, then it is interpreted relative to the directory referred to by the file descriptor dirfd (rather than relative to the current working directory of the calling process, as is done by access() for a relative pathname).

If pathname is relative and dirfd is the special value AT_FDCWD, then pathname is interpreted relative to the current working directory of the calling process (like access()).

If pathname is absolute, then dirfd is ignored.

flags is constructed by ORing together zero or more of the following values:

AT_EACCESS
Perform access checks using the effective user and group IDs. By default, faccessat() uses the real IDs (like access()).
AT_SYMLINK_NOFOLLOW
If pathname is a symbolic link, do not dereference it: instead return information about the link itself.

See openat(2) for an explanation of the need for faccessat().  

RETURN VALUE

On success (all requested permissions granted, or mode is F_OK and the file exists), zero is returned. On error (at least one bit in mode asked for a permission that is denied, or mode is F_OK and the file does not exist, or some other error occurred), -1 is returned, and errno is set appropriately.  

ERRORS

access() and faccessat() shall fail if:
EACCES
The requested access would be denied to the file, or search permission is denied for one of the directories in the path prefix of pathname. (See also path_resolution(7).)
ELOOP
Too many symbolic links were encountered in resolving pathname.
ENAMETOOLONG
pathname is too long.
ENOENT
A component of pathname does not exist or is a dangling symbolic link.
ENOTDIR
A component used as a directory in pathname is not, in fact, a directory.
EROFS
Write permission was requested for a file on a read-only filesystem.

access() and faccessat() may fail if:

EFAULT
pathname points outside your accessible address space.
EINVAL
mode was incorrectly specified.
EIO
An I/O error occurred.
ENOMEM
Insufficient kernel memory was available.
ETXTBSY
Write access was requested to an executable which is being executed.

The following additional errors can occur for faccessat():

EBADF
dirfd is not a valid file descriptor.
EINVAL
Invalid flag specified in flags.
ENOTDIR
pathname is relative and dirfd is a file descriptor referring to a file other than a directory.
 

VERSIONS

faccessat() was added to Linux in kernel 2.6.16; library support was added to glibc in version 2.4.  

CONFORMING TO

access(): SVr4, 4.3BSD, POSIX.1-2001, POSIX.1-2008.

faccessat(): POSIX.1-2008.  

NOTES

Warning: Using these calls to check if a user is authorized to, for example, open a file before actually doing so using open(2) creates a security hole, because the user might exploit the short time interval between checking and opening the file to manipulate it. For this reason, the use of this system call should be avoided. (In the example just described, a safer alternative would be to temporarily switch the process's effective user ID to the real ID and then call open(2).)

access() always dereferences symbolic links. If you need to check the permissions on a symbolic link, use faccessat() with the flag AT_SYMLINK_NOFOLLOW.

These calls return an error if any of the access types in mode is denied, even if some of the other access types in mode are permitted.

If the calling process has appropriate privileges (i.e., is superuser), POSIX.1-2001 permits an implementation to indicate success for an X_OK check even if none of the execute file permission bits are set. Linux does not do this.

A file is accessible only if the permissions on each of the directories in the path prefix of pathname grant search (i.e., execute) access. If any directory is inaccessible, then the access() call fails, regardless of the permissions on the file itself.

Only access bits are checked, not the file type or contents. Therefore, if a directory is found to be writable, it probably means that files can be created in the directory, and not that the directory can be written as a file. Similarly, a DOS file may be found to be "executable," but the execve(2) call will still fail.

These calls may not work correctly on NFSv2 filesystems with UID mapping enabled, because UID mapping is done on the server and hidden from the client, which checks permissions. (NFS versions 3 and higher perform the check on the server.) Similar problems can occur to FUSE mounts.  

C library/kernel differences

The raw faccessat() system call takes only the first three arguments. The AT_EACCESS and AT_SYMLINK_NOFOLLOW flags are actually implemented within the glibc wrapper function for faccessat(). If either of these flags is specified, then the wrapper function employs fstatat(2) to determine access permissions.  

Glibc notes

On older kernels where faccessat() is unavailable (and when the AT_EACCESS and AT_SYMLINK_NOFOLLOW flags are not specified), the glibc wrapper function falls back to the use of access(). When pathname is a relative pathname, glibc constructs a pathname based on the symbolic link in /proc/self/fd that corresponds to the dirfd argument.  

BUGS

In kernel 2.4 (and earlier) there is some strangeness in the handling of X_OK tests for superuser. If all categories of execute permission are disabled for a nondirectory file, then the only access() test that returns -1 is when mode is specified as just X_OK; if R_OK or W_OK is also specified in mode, then access() returns 0 for such files. Early 2.6 kernels (up to and including 2.6.3) also behaved in the same way as kernel 2.4.

In kernels before 2.6.20, these calls ignored the effect of the MS_NOEXEC flag if it was used to mount(2) the underlying filesystem. Since kernel 2.6.20, the MS_NOEXEC flag is honored.  

SEE ALSO

chmod(2), chown(2), open(2), setgid(2), setuid(2), stat(2), euidaccess(3), credentials(7), path_resolution(7), symlink(7)  

COLOPHON

This page is part of release 4.15 of the Linux man-pages project. A description of the project, information about reporting bugs, and the latest version of this page, can be found at https://www.kernel.org/doc/man-pages/.

 

Index

NAME
SYNOPSIS
DESCRIPTION
faccessat()
RETURN VALUE
ERRORS
VERSIONS
CONFORMING TO
NOTES
C library/kernel differences
Glibc notes
BUGS
SEE ALSO
COLOPHON
This document was created by man2html, using the manual pages.
Time: 04:45:33 GMT, September 16, 2022 Content-type: text/html; charset=UTF-8 Man page of ACCESS.CONF

ACCESS.CONF

Section: Linux-PAM Manual (5)
Updated: 09/19/2013
Index Return to Main Contents
 

NAME

access.conf - the login access control table file  

DESCRIPTION

The /etc/security/access.conf file specifies (user/group, host), (user/group, network/netmask) or (user/group, tty) combinations for which a login will be either accepted or refused.

When someone logs in, the file access.conf is scanned for the first entry that matches the (user/group, host) or (user/group, network/netmask) combination, or, in case of non-networked logins, the first entry that matches the (user/group, tty) combination. The permissions field of that table entry determines whether the login will be accepted or refused.

Each line of the login access control table has three fields separated by a ":" character (colon):

permission:users/groups:origins

The first field, the permission field, can be either a "+" character (plus) for access granted or a "-" character (minus) for access denied.

The second field, the users/group field, should be a list of one or more login names, group names, or ALL (which always matches). To differentiate user entries from group entries, group entries should be written with brackets, e.g. (group).

The third field, the origins field, should be a list of one or more tty names (for non-networked logins), host names, domain names (begin with "."), host addresses, internet network numbers (end with "."), internet network addresses with network mask (where network mask can be a decimal number or an internet address also), ALL (which always matches) or LOCAL. LOCAL keyword matches if and only if the PAM_RHOST is not set and <origin> field is thus set from PAM_TTY or PAM_SERVICE". If supported by the system you can use @netgroupname in host or user patterns. The @@netgroupname syntax is supported in the user pattern only and it makes the local system hostname to be passed to the netgroup match call in addition to the user name. This might not work correctly on some libc implementations causing the match to always fail.

The EXCEPT operator makes it possible to write very compact rules.

If the nodefgroup is not set, the group file is searched when a name does not match that of the logged-in user. Only groups are matched in which users are explicitly listed. However the PAM module does not look at the primary group id of a user.

The "#" character at start of line (no space at front) can be used to mark this line as a comment line.  

EXAMPLES

These are some example lines which might be specified in /etc/security/access.conf.

User root should be allowed to get access via cron, X11 terminal :0, tty1, ..., tty5, tty6.

+ : root : crond :0 tty1 tty2 tty3 tty4 tty5 tty6

User root should be allowed to get access from hosts which own the IPv4 addresses. This does not mean that the connection have to be a IPv4 one, a IPv6 connection from a host with one of this IPv4 addresses does work, too.

+ : root : 192.168.200.1 192.168.200.4 192.168.200.9

+ : root : 127.0.0.1

User root should get access from network 192.168.201. where the term will be evaluated by string matching. But it might be better to use network/netmask instead. The same meaning of 192.168.201. is 192.168.201.0/24 or 192.168.201.0/255.255.255.0.

+ : root : 192.168.201.

User root should be able to have access from hosts foo1.bar.org and foo2.bar.org (uses string matching also).

+ : root : foo1.bar.org foo2.bar.org

User root should be able to have access from domain foo.bar.org (uses string matching also).

+ : root : .foo.bar.org

User root should be denied to get access from all other sources.

- : root : ALL

User foo and members of netgroup admins should be allowed to get access from all sources. This will only work if netgroup service is available.

+ : @admins foo : ALL

User john and foo should get access from IPv6 host address.

+ : john foo : 2001:db8:0:101::1

User john should get access from IPv6 net/mask.

+ : john : 2001:db8:0:101::/64

Disallow console logins to all but the shutdown, sync and all other accounts, which are a member of the wheel group.

-:ALL EXCEPT (wheel) shutdown sync:LOCAL

All other users should be denied to get access from all sources.

- : ALL : ALL  

SEE ALSO

pam_access(8), pam.d(5), pam(7)  

AUTHORS

Original login.access(5) manual was provided by Guido van Rooij which was renamed to access.conf(5) to reflect relation to default config file.

Network address / netmask description and example text was introduced by Mike Becher <mike.becher@lrz-muenchen.de>.

 

Index

NAME
DESCRIPTION
EXAMPLES
SEE ALSO
AUTHORS
This document was created by man2html, using the manual pages.
Time: 04:45:55 GMT, September 16, 2022 Content-type: text/html; charset=UTF-8 Man page of ACCESS

ACCESS

Section: File Formats (5)
Index Return to Main Contents
 

NAME

access - Postfix SMTP server access table  

SYNOPSIS

postmap /etc/postfix/access

postmap -q "string" /etc/postfix/access

postmap -q - /etc/postfix/access <inputfile
 

DESCRIPTION

This document describes access control on remote SMTP client information: host names, network addresses, and envelope sender or recipient addresses; it is implemented by the Postfix SMTP server. See header_checks(5) or body_checks(5) for access control on the content of email messages.

Normally, the access(5) table is specified as a text file that serves as input to the postmap(1) command. The result, an indexed file in dbm or db format, is used for fast searching by the mail system. Execute the command "postmap /etc/postfix/access" to rebuild an indexed file after changing the corresponding text file.

When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary indexed files.

Alternatively, the table can be provided as a regular-expression map where patterns are given as regular expressions, or lookups can be directed to TCP-based server. In those cases, the lookups are done in a slightly different way as described below under "REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".  

CASE FOLDING



The search string is folded to lowercase before database
lookup. As of Postfix 2.3, the search string is not case
folded with database types such as regexp: or pcre: whose
lookup fields can match both upper and lower case.
 

TABLE FORMAT






The input format for the postmap(1) command is as follows:



pattern action

When pattern matches a mail address, domain or host address,
perform the corresponding action.

blank lines and comments

Empty lines and whitespace-only lines are ignored, as
are lines whose first non-whitespace character is a `#'.

multi-line text

A logical line starts with non-whitespace text. A line that
starts with whitespace continues a logical line.


 

EMAIL ADDRESS PATTERNS






With lookups from indexed files such as DB or DBM, or from networked
tables such as NIS, LDAP or SQL, patterns are tried in the order as
listed below:



user@domain

Matches the specified mail address.

domain.tld

Matches domain.tld as the domain part of an email address.


The pattern domain.tld also matches subdomains, but only
when the string smtpd_access_maps is listed in the Postfix
parent_domain_matches_subdomains configuration setting.

.domain.tld

Matches subdomains of domain.tld, but only when the
string smtpd_access_maps is not listed in the Postfix
parent_domain_matches_subdomains configuration setting.

user@

Matches all mail addresses with the specified user part.





Note: lookup of the null sender address is not possible with
some types of lookup table. By default, Postfix uses <>
as the lookup key for such addresses. The value is specified with
the smtpd_null_access_lookup_key parameter in the Postfix
main.cf file.
 

EMAIL ADDRESS EXTENSION







When a mail address localpart contains the optional recipient delimiter
(e.g., user+foo@domain), the lookup order becomes:
user+foo@domain, user@domain, domain,
user+foo@, and user@.
 

HOST NAME/ADDRESS PATTERNS






With lookups from indexed files such as DB or DBM, or from networked
tables such as NIS, LDAP or SQL, the following lookup patterns are
examined in the order as listed:



domain.tld

Matches domain.tld.


The pattern domain.tld also matches subdomains, but only
when the string smtpd_access_maps is listed in the Postfix
parent_domain_matches_subdomains configuration setting.

.domain.tld

Matches subdomains of domain.tld, but only when the
string smtpd_access_maps is not listed in the Postfix
parent_domain_matches_subdomains configuration setting.

net.work.addr.ess


net.work.addr


net.work


net

Matches the specified IPv4 host address or subnetwork. An
IPv4 host address is a sequence of four decimal octets
separated by ".".


Subnetworks are matched by repeatedly truncating the last
".octet" from the remote IPv4 host address string until a
match is found in the access table, or until further
truncation is not possible.


NOTE 1: The access map lookup key must be in canonical form:
do not specify unnecessary null characters, and do not
enclose network address information with "[]" characters.


NOTE 2: use the cidr lookup table type to specify
network/netmask patterns. See cidr_table(5) for details.

net:work:addr:ess


net:work:addr


net:work


net

Matches the specified IPv6 host address or subnetwork. An
IPv6 host address is a sequence of three to eight hexadecimal
octet pairs separated by ":".


Subnetworks are matched by repeatedly truncating the last
":octetpair" from the remote IPv6 host address string until
a match is found in the access table, or until further
truncation is not possible.


NOTE 1: the truncation and comparison are done with the
string representation of the IPv6 host address. Thus, not
all the ":" subnetworks will be tried.


NOTE 2: The access map lookup key must be in canonical form:
do not specify unnecessary null characters, and do not
enclose network address information with "[]" characters.


NOTE 3: use the cidr lookup table type to specify
network/netmask patterns. See cidr_table(5) for details.


IPv6 support is available in Postfix 2.2 and later.


 

ACCEPT ACTIONS









OK

Accept the address etc. that matches the pattern.

all-numerical

An all-numerical result is treated as OK. This format is
generated by address-based relay authorization schemes
such as pop-before-smtp.





For other accept actions, see "OTHER ACTIONS" below.
 

REJECT ACTIONS






Postfix version 2.3 and later support enhanced status codes
as defined in RFC 3463.
When no code is specified at the beginning of the text
below, Postfix inserts a default enhanced status code of "5.7.1"
in the case of reject actions, and "4.7.1" in the case of
defer actions. See "ENHANCED STATUS CODES" below.



4NN text


5NN text

Reject the address etc. that matches the pattern, and respond with
the numerical three-digit code and text. 4NN means "try
again later", while 5NN means "do not try again".


The following responses have special meaning for the Postfix
SMTP server:





421 text (Postfix 2.3 and later)


521 text (Postfix 2.6 and later)

After responding with the numerical three-digit code and
text, disconnect immediately from the SMTP client.  This
frees up SMTP server resources so that they can be made
available to another SMTP client.


Note: The "521" response should be used only with botnets
and other malware where interoperability is of no concern.
The "send 521 and disconnect" behavior is NOT defined in
the SMTP standard.






REJECT optional text...

Reject the address etc. that matches the pattern. Reply with
"$access_map_reject_code optional text..." when the
optional text is
specified, otherwise reply with a generic error response message.

DEFER optional text...

Reject the address etc. that matches the pattern. Reply with
"$access_map_defer_code optional text..." when the
optional text is
specified, otherwise reply with a generic error response message.


This feature is available in Postfix 2.6 and later.

DEFER_IF_REJECT optional text...

Defer the request if some later restriction would result in a
REJECT action. Reply with "$access_map_defer_code 4.7.1
optional text..." when the
optional text is specified, otherwise reply with a generic error
response message.


Prior to Postfix 2.6, the SMTP reply code is 450.


This feature is available in Postfix 2.1 and later.

DEFER_IF_PERMIT optional text...

Defer the request if some later restriction would result in a
an explicit or implicit PERMIT action.
Reply with "$access_map_defer_code 4.7.1  optional
text..." when the
optional text is specified, otherwise reply with a generic error
response message.


Prior to Postfix 2.6, the SMTP reply code is 450.


This feature is available in Postfix 2.1 and later.





For other reject actions, see "OTHER ACTIONS" below.
 

OTHER ACTIONS









restriction...

Apply the named UCE restriction(s) (permit, reject,
reject_unauth_destination, and so on).

BCC user@domain

Send one copy of the message to the specified recipient.


If multiple BCC actions are specified within the same SMTP
MAIL transaction, with Postfix 3.0 only the last action
will be used.


This feature is available in Postfix 3.0 and later.

DISCARD optional text...

Claim successful delivery and silently discard the message.
Log the optional text if specified, otherwise log a generic
message.


Note: this action currently affects all recipients of the message.
To discard only one recipient without discarding the entire message,
use the transport(5) table to direct mail to the discard(8) service.


This feature is available in Postfix 2.0 and later.

DUNNO

Pretend that the lookup key was not found. This
prevents Postfix from trying substrings of the lookup key
(such as a subdomain name, or a network address subnetwork).


This feature is available in Postfix 2.0 and later.

FILTER transport:destination

After the message is queued, send the entire message through
the specified external content filter. The transport
name specifies the first field of a mail delivery agent
definition in master.cf; the syntax of the next-hop
destination is described in the manual page of the
corresponding delivery agent.  More information about
external content filters is in the Postfix FILTER_README
file.


Note 1: do not use $number regular expression
substitutions for transport or destination
unless you know that the information has a trusted origin.


Note 2: this action overrides the main.cf content_filter
setting, and affects all recipients of the message. In the
case that multiple FILTER actions fire, only the last
one is executed.


Note 3: the purpose of the FILTER command is to override
message routing.  To override the recipient's transport
but not the next-hop destination, specify an empty
filter destination (Postfix 2.7 and later), or specify
a transport:destination that delivers through a
different Postfix instance (Postfix 2.6 and earlier). Other
options are using the recipient-dependent transport_maps
or the sender-dependent
sender_dependent_default_transport_maps
features.


This feature is available in Postfix 2.0 and later.

HOLD optional text...

Place the message on the hold queue, where it will
sit until someone either deletes it or releases it for
delivery.
Log the optional text if specified, otherwise log a generic
message.


Mail that is placed on hold can be examined with the
postcat(1) command, and can be destroyed or released with
the postsuper(1) command.


Note: use "postsuper -r" to release mail that was kept on
hold for a significant fraction of $maximal_queue_lifetime
or $bounce_queue_lifetime, or longer. Use "postsuper -H"
only for mail that will not expire within a few delivery attempts.


Note: this action currently affects all recipients of the message.


This feature is available in Postfix 2.0 and later.

PREPEND headername: headervalue

Prepend the specified message header to the message.
When more than one PREPEND action executes, the first
prepended header appears before the second etc. prepended
header.


Note: this action must execute before the message content
is received; it cannot execute in the context of
smtpd_end_of_data_restrictions.


This feature is available in Postfix 2.1 and later.

REDIRECT user@domain

After the message is queued, send the message to the specified
address instead of the intended recipient(s).  When multiple
REDIRECT actions fire, only the last one takes effect.


Note: this action overrides the FILTER action, and currently
overrides all recipients of the message.


This feature is available in Postfix 2.1 and later.

INFO optional text...

Log an informational record with the optional text, together
with client information and if available, with helo, sender,
recipient and protocol information.


This feature is available in Postfix 3.0 and later.

WARN optional text...

Log a warning with the optional text, together with client information
and if available, with helo, sender, recipient and protocol information.


This feature is available in Postfix 2.1 and later.


 

ENHANCED STATUS CODES






Postfix version 2.3 and later support enhanced status codes
as defined in RFC 3463.
When an enhanced status code is specified in an access
table, it is subject to modification. The following
transformations are needed when the same access table is
used for client, helo, sender, or recipient access restrictions;
they happen regardless of whether Postfix replies to a MAIL
FROM, RCPT TO or other SMTP command.




When a sender address matches a REJECT action, the Postfix
SMTP server will transform a recipient DSN status (e.g.,
4.1.1-4.1.6) into the corresponding sender DSN status, and
vice versa.


When non-address information matches a REJECT action (such
as the HELO command argument or the client hostname/address),
the Postfix SMTP server will transform a sender or recipient
DSN status into a generic non-address DSN status (e.g.,
4.0.0).


 

REGULAR EXPRESSION TABLES






This section describes how the table lookups change when the table
is given in the form of regular expressions. For a description of
regular expression lookup table syntax, see regexp_table(5)
or pcre_table(5).


Each pattern is a regular expression that is applied to the entire
string being looked up. Depending on the application, that string
is an entire client hostname, an entire client IP address, or an
entire mail address. Thus, no parent domain or parent network search
is done, user@domain mail addresses are not broken up into
their user@ and domain constituent parts, nor is
user+foo broken up into user and foo.


Patterns are applied in the order as specified in the table, until a
pattern is found that matches the search string.


Actions are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from the
pattern can be interpolated as $1, $2 and so on.
 

TCP-BASED TABLES






This section describes how the table lookups change when lookups
are directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see tcp_table(5).
This feature is not available up to and including Postfix version 2.4.


Each lookup operation uses the entire query string once.
Depending on the application, that string is an entire client
hostname, an entire client IP address, or an entire mail address.
Thus, no parent domain or parent network search is done,
user@domain mail addresses are not broken up into
their user@ and domain constituent parts, nor is
user+foo broken up into user and foo.


Actions are the same as with indexed file lookups.
 

EXAMPLE






The following example uses an indexed file, so that the
order of table entries does not matter. The example permits
access by the client at address 1.2.3.4 but rejects all
other clients in 1.2.3.0/24. Instead of hash lookup
tables, some systems use dbm.  Use the command
"postconf -m" to find out what lookup tables Postfix
supports on your system.



/etc/postfix/main.cf:
    smtpd_client_restrictions =
        check_client_access hash:/etc/postfix/access

/etc/postfix/access:
    1.2.3   REJECT
    1.2.3.4 OK






Execute the command "postmap /etc/postfix/access" after
editing the file.
 

BUGS




The table format does not understand quoting conventions.
 

SEE ALSO




postmap(1), Postfix lookup table manager
smtpd(8), SMTP server
postconf(5), configuration parameters
transport(5), transport:nexthop syntax

 

README FILES






Use "postconf readme_directory" or
"postconf html_directory" to locate this information.


SMTPD_ACCESS_README, built-in SMTP server access control
DATABASE_README, Postfix lookup table overview

 

LICENSE






The Secure Mailer license must be distributed with this software.
 

AUTHOR(S)




Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA

Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA





 
Index




NAME


SYNOPSIS


DESCRIPTION


CASE FOLDING


TABLE FORMAT


EMAIL ADDRESS PATTERNS


EMAIL ADDRESS EXTENSION


HOST NAME/ADDRESS PATTERNS


ACCEPT ACTIONS


REJECT ACTIONS


OTHER ACTIONS


ENHANCED STATUS CODES


REGULAR EXPRESSION TABLES


TCP-BASED TABLES


EXAMPLE


BUGS


SEE ALSO


README FILES


LICENSE


AUTHOR(S)





This document was created by
man2html,
using the manual pages.

Time: 04:45:55 GMT, September 16, 2022








Tags:


























댓글 쓰기







0
댓글