From the course: Linux System Engineer: Mail Systems Using Postfix
The access file
From the course: Linux System Engineer: Mail Systems Using Postfix
The access file
- [Instructor] In this chapter, we'll look at the various Postfix configuration files. We'll start by looking at the Access file. We can find this in the etc Postfix directory with the other configuration files. In a terminal, type in less /etc/postfix/access and hit enter. Surprisingly, the entire Postfix Access command page is included in the configuration file, commented out. Let's zip down to the Email section by typing in /EMAIL in uppercase. Here, we see the format of specifying access rules by email addresses. We can use patterns, as well, specifying just the TLD or the domain. Now, let's take a look at the Host section by typing in /HOST in uppercase. Here we see a similar section outlining the patterns for host names, which is a bit more complex because we can also match an IP address as insider networks. Now, let's go to the Accept Actions section. Type /ACCEPT in uppercase. There's only one result for Accept: OK, as it should be. Just below this, we have the Reject section. We can reject with different codes and messages here. Just below that, we have the Other Actions section, which includes Discard, which is interesting. It rejects the message, but tells the sending server it accepted it. We can also use regular expressions to match. Let's go there by typing in /REGULAR in uppercase. This section explains how to use regular expressions, which we won't go into any further. Just know it's here. Now, let's look at some examples. Type in /EXAMPLE in uppercase. The two examples allow mail from the host at IP address 1.2.3.4, but denies all other hosts on that network. This could also be example.com OK for Accept, or example.com REJECT. Also, know that, before anything in this file is used, you need to convert it to a Postfix Database file using the Postmap command. If you don't, your access control won't take effect. Press Q to quit Less. Now type in sudo postmap /etc/postfix/access and hit enter. Type in your password if prompted. If it's successful, there will be no message. We can, however, verify by typing in ls /etc/postfix and hit enter. We see that we have an access.db file now. This is the file we just created.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.