Provided by: courier-mta_1.0.16-3build3_amd64
makesmtpaccess - Build ESMTP server access file
makesmtpaccess rebuilds the contents of the /etc/courier/smtpaccess.dat database from the contents of the files in the /etc/courier/smtpaccess directory. When the esmtpd script starts couriertcpd, the script specifies /etc/courier/smtpaccess.dat file to control access to the Courier mail server's ESMTP daemon. The makesmtpaccess script must be run before any changes in the /etc/courier/smtpaccess directory take effect. The couriertcpd(8) manual page describes the general format of access files. The default Courier mail server configuration uses the same access file, /etc/courier/smtpaccess.dat for both the regular ESMTP server, and the message submission server on port 587 (RFC 2476). It is possible to use different access files. To do so, create a different access file, edit /etc/courier/esmtpd-msa, and set ACCESSFILE to the filename of the access file directory (the directory containing the plain text files, not the .dat file). Then, use makesmtpaccess-msa instead of makesmtpaccess to build the .dat file. The smtpaccess configuration file The couriertcpd(8) manual page describes the generic format of the access file. The access file specifies what should be done with connections from defined IP address ranges. The basic choices are to accept or reject the connection. Also, the generic format of the access file allows arbitrary environment variables to be set based on the connection's remote IP address. The Courier mail server's ESMTPD server understands the following environment variables, which may be set in the access file: BLOCK If this variable is set to a non-empty value, all mail will be rejected for this connection. The contents of the environment variable will be used as the error message. This is not the same as the couriertcpd access file setting that immediately drops the connection. The incoming connection is accepted, but every message will be rejected. FAXRELAYCLIENT Allow the client to send faxes via the courierfax(8) module. Note When ESMTP authentication is enabled, a successful authentication automatically sets FAXRELAYCLIENT. RELAYCLIENT Allow the client to relay mail. Note When ESMTP authentication is enabled, a successful authentication automatically sets RELAYCLIENT. The following options are typically set globally in the esmtpd configuration file, but may be overriden in the smtpaccess configuration file: BOFHCHECKDNS Do not check the return address's domain in DNS if this environment variable is set to 0. The default value of BOFHCHECKDNS is 1. Note Turning off the DNS check disables a number of options in the bofh configuration file. See courier(8) for more information. BOFHCHECKHELO Set this variable to 1 to check the hostname argument to the ESMTP HELO/EHLO command, as follows: • A hostname that's actually an IP address, and is the same as the connecting ESMTP client's IP address, is valid. • Otherwise hostname should be a valid DNS name with MX and/or A records, with at least one record matching the connecting ESMTP client's IP address. • An ESMTP client with relaying privileges (either due to RELAYCLIENT explicitly set, or if it succesfully authenticates) may use anything for an EHLO/HELO. The EHLO/HELO argument coming from an authenticated/relaying client is not checked. BOFHNOEXPN Disable the EXPN command if this environment variable is set to 1. BOFHNOVRFY Disable the VRFY command if this environment variable is set to 1. Other useful environment variables are listed in the submit(8) manual page.
esmtpd(8), couriertcpd(8), submit(8).
Sam Varshavchik Author
1. couriertcpd(8) http://www.courier-mta.org/couriertcpd.html 2. RFC 2476 http://www.rfc-editor.org/rfc/rfc2476.txt 3. courierfax(8) http://www.courier-mta.org/courierfax.html 4. courier(8) http://www.courier-mta.org/courier.html 5. submit(8) http://www.courier-mta.org/submit.html 6. esmtpd(8) http://www.courier-mta.org/esmtpd.html