Difference between revisions of "Qpsmtpd:hosts allow"
(Created page with "<span id="_top">Qpsmtpd#Plugins</span> = NAME = hosts_allow - decide if a host is allowed to connect = DESCRIPTION = The '''hosts_allow''' modul...") |
(No difference)
|
Latest revision as of 14:07, 8 April 2019
NAME
hosts_allow - decide if a host is allowed to connect
DESCRIPTION
The hosts_allow module decides before the SMTP-Greeting if a host is allowed to connect. It checks for too many (running) connections from one host (see -m/--max-from-ip options in qpsmtpd-forkserver) and the config file hosts_allow.
The plugin takes no config/plugin arguments.
This plugin only works with the forkserver and prefork deployment models. It does not work with the tcpserver deployment model. See SEE ALSO below.
CONFIG
The hosts_allow config file contains lines with two or three items. The first is an IP address or a network/mask pair. The second is a (valid) return code from Qpsmtpd::Constants. The last is a comment which will be returned to the connecting client if the return code is DENY or DENYSOFT (and of course DENY_DISCONNECT and DENYSOFT_DISCONNECT).
Example:
192.168.3.4 DECLINED 192.168.3.0/24 DENY Sorry, known spam only source
This would exclude 192.168.3.4 from the DENY of 192.168.3.0/24.
SEE ALSO
To get similar functionality for the tcpserver deployment model, use tcpserver's -x feature. Create a tcp.smtp file with entries like this:
70.65.227.235:deny 183.7.90.207:deny :allow
compile the tcp.smtp file like this:
/usr/local/bin/tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp
and add the file to the chain of arguments to tcpserver in your run file.
See also: http://cr.yp.to/ucspi-tcp.html