# For documentation of ACLs and the usage of this file, # visit: http://www.apolicy.org # The ACLs 'sender', 'recipient', 'client_name', 'helo_name', 'sasl_username', 'sasl_method', # 'sasl_sender', 'reverse_client_name' use regular expressions as values. All their values # are strings. # # acl rule1 recipient a@b.com # acl rule2 sender b@b.com # acl rule2 sender @foo.com # acl rule3 helo_name ^.*\.spammer\.com$ # acl dyn_host client_name (.dynamic.|.dhcp.) # # Protocol state requirements: # 'sender': smtpd_sender_restrictions # 'recipient': smtpd_recipient_restrictions # 'helo_name': smtpd_helo_restrictions # 'sasl_username': smtpd_sender_restrictions # 'sasl_method': smtpd_sender_restrictions # 'sasl_sender': smtpd_sender_restrictions # 'client_name': no requirement # 'client_reverse_name': no requirement # 'client_address' # acl machine client_address 192.168.0.10 # acl net1 client_address 192.168.1.0/24 # acl net2 client_address 192.168.2.0/255.255.255.0 # acl net3 client_address 192.168.3.0-192.168.3.255 # # Protocol state requirement: no requirement # 'day' # m - Monday # t - Tuesday # w - Wednesday # h - Thursday # f - Friday # a - Saturday # s - Sunday # # acl weekend day sm # # Protocol state requirement: no requirement # 'time' # # acl work time 08:00-17:00 # # Protocol state requirement: no requirement # 'rbl' # # acl rbl1 rbl dynablock.njabl.org # acl rbl2 rbl dul.dnsbl.sorbs.net # # Protocol state requirement: no requirement # 'size' # # acl 10mb size 10240000 # acl 20mb size 20480000 # # Protocol state requirement: smtpd_end_of_data_restrictions # 'spf' # # acl restrict_spf spf softfail=reject,neutral=reject # # Protocol state requirement: smtpd_recipient_restrictions # 'greylisting' # # acl grey_all greylisting time=5,lifetime=1440,backend=memory # # Protocol state requirement: smtpd_recipient_restrictions # 'country' # # api_url is alternative URL to retrieving country of an ip. The %s is replaced with client ip address # http_proxy is proxy setting for connecting to api_url # timeout is seconds of timeout for connection # # acl china country CN timeout=2 # acl sud_america country PE,PY,UY,BR # acl italy IT api_url=http://www.bertera.it/country.php?ip=%s,http_proxy=http://user:password@192.168.10.20:8080 # # Protocol state requirement: no requirement # Actions # # The actions supported by apolicy are all actions that exist # in Postfix, so there is nothing new if you are familiar with Postfix. # # For all actions that can be returned to Postfix, reading the Access(5) # table manual page is mandatory. # # http://www.postfix.org/access.5.html # General examples # Example A # acl support recipient support@domain.com # acl shift_one time 06:00-11:59 # acl shift_two time 12:00-18:00 # # action to_worker_one REDIRECT worker1@domain.com # action to_worker_two REDIRECT worker2@domain.com # # access support shift_one to_worker_one # access support shift_two to_worker_two # Example B # acl requests recipient requests@domain.com # acl weekends day as # action no_requests REJECT Sorry, no request can be accepted on weekends. # # access requests weekends no_requests # Example C # acl list recipient sales@domain.com # acl list recipient contact@domain.com # acl list recipient webmaster@domain.com # action destination_foo REDIRECT foo@domain.com # access list destination_foo