Imported Upstream version 1.20

man/man8/postfwd.8

@@ -129,7 +129,7 @@
 .\" ========================================================================
 .\"
 .IX Title "POSTFWD 1"
-.TH POSTFWD 1 "2009-09-03" "perl v5.8.5" "User Contributed Perl Documentation"
+.TH POSTFWD 1 "2010-11-14" "perl v5.8.5" "User Contributed Perl Documentation"
 .SH "NAME"
 postfwd \- postfix firewall daemon
 .SH "SYNOPSIS"
@@ -147,7 +147,7 @@ postfwd [\s-1OPTIONS\s0] [\s-1SOURCE1\s0, \s-1SOURCE2\s0, ...]
 \&        -s, --scores <v>=<r>        returns <r> when score exceeds <v>
 .Ve
 .PP
-.Vb 11
+.Vb 12
 \&        Networking:
 \&        -d, --daemon                run postfwd as daemon
 \&        -i, --interface <dev>       listen on interface <dev>
@@ -155,6 +155,7 @@ postfwd [\s-1OPTIONS\s0] [\s-1SOURCE1\s0, \s-1SOURCE2\s0, ...]
 \&            --proto <proto>         socket type (tcp or unix)
 \&        -u, --user <name>           set uid to user <name>
 \&        -g, --group <name>          set gid to group <name>
+\&            --umask <mask>          set umask for file permissions
 \&        -R, --chroot <path>         chroot the daemon to <path>
 \&            --pidfile <path>        create pidfile under <path>
 \&        -l, --logname <label>       label for syslog messages
@@ -674,15 +675,16 @@ postfwd actions control the behaviour of the program. Currently you can specify
 \&        by "," characters.
 .Ve
 .PP
-.Vb 8
+.Vb 9
 \&        rate (<item>/<max>/<time>/<action>)
 \&        this command creates a counter for the given <item>, which will be increased any time a request
 \&        containing it arrives. if it exceeds <max> within <time> seconds it will return <action> to postfix.
 \&        rate counters are very fast as they are executed before the ruleset is parsed.
+\&        please note that <action> is currently limited to postfix actions (no postfwd actions)!
 \&            # no more than 3 requests per 5 minutes
 \&            # from the same "unknown" client
 \&            id=RATE01 ;  client_name==unknown ; \e
-\&               action==rate($$client_address/3/300/450 4.7.1 sorry, max 3 requests per 5 minutes)
+\&               action==rate(client_address/3/300/450 4.7.1 sorry, max 3 requests per 5 minutes)
 .Ve
 .PP
 .Vb 7
@@ -692,7 +694,7 @@ postfwd actions control the behaviour of the program. Currently you can specify
 \&        smtpd_end_of_data_restrictions. if you want to be sure, you could check it within the ruleset:
 \&           # size limit 1.5mb per hour per client
 \&           id=SIZE01 ;  state==END_OF_DATA ;  client_address==!!(10.1.1.1); \e
-\&              action==size($$client_address/1572864/3600/450 4.7.1 sorry, max 1.5mb per hour)
+\&              action==size(client_address/1572864/3600/450 4.7.1 sorry, max 1.5mb per hour)
 .Ve
 .PP
 .Vb 8
@@ -703,7 +705,7 @@ postfwd actions control the behaviour of the program. Currently you can specify
 \&        check it within the ruleset:
 \&           # recipient count limit 3 per hour per client
 \&           id=RCPT01 ;  state==END_OF_DATA ;  client_address==!!(10.1.1.1); \e
-\&              action==rcpt($$client_address/3/3600/450 4.7.1 sorry, max 3 recipients per hour)
+\&              action==rcpt(client_address/3/3600/450 4.7.1 sorry, max 3 recipients per hour)
 .Ve
 .PP
 .Vb 9
@@ -911,6 +913,13 @@ The following arguments will control it's behaviour in this case.
 \&        Changes real and effective group to <name>.
 .Ve
 .PP
+.Vb 4
+\&        --umask <mask>
+\&        Changes the umask for filepermissions (unix domain sockets, pidfiles).
+\&        Attention: This is umask, not chmod - you have to specify the bits that
+\&        should NOT apply. E.g.: umask 077 equals to chmod 700.
+.Ve
+.PP
 .Vb 3
 \&        -R, --chroot <path>
 \&        Chroot the process to the specified path.
@@ -1179,14 +1188,15 @@ the '\-I' switch to have your configuration refreshed for every request postfwd
 \&        id=RBL04 ; action=REJECT combined RBL+RHSBL check       ; rbl=bl.spamcop.net ; rhsbl=rhsbl.ahbl.org, rhsbl.sorbs.net
 .Ve
 .PP
-.Vb 7
+.Vb 8
 \&        ## Message size (requires message_size_limit to be set to 30000000)
 \&        # 1. 30MB for systems in *.customer1.tld
 \&        # 2. 20MB for SASL user joejob
 \&        # 3. 10MB default
-\&        id=SZ001; state==END-OF-MESSAGE; action=REJECT message too large; size=30000000 ; client_name=\e.customer1.tld$
-\&        id=SZ002; state==END-OF-MESSAGE; action=REJECT message too large; size=20000000 ; sasl_username==joejob
-\&        id=SZ003; state==END-OF-MESSAGE; action=REJECT message too large; size=10000000
+\&        id=SZ001; state==END-OF-MESSAGE; action=DUNNO; size<=30000000 ; client_name=\e.customer1.tld$
+\&        id=SZ002; state==END-OF-MESSAGE; action=DUNNO; size<=20000000 ; sasl_username==joejob
+\&        id=SZ002; state==END-OF-MESSAGE; action=DUNNO; size<=10000000
+\&        id=SZ100; state==END-OF-MESSAGE; action=REJECT message too large
 .Ve
 .PP
 .Vb 7
@@ -1245,9 +1255,9 @@ the '\-I' switch to have your configuration refreshed for every request postfwd
 \&        # 1. exceeded 30 requests per hour or
 \&        # 2. tried to send more than 1.5mb within 10 minutes
 \&        id=RATE01 ;  client_name==unknown ;  state==RCPT ; \e
-\&                action==rate($$client_address/30/3600/450 4.7.1 sorry, max 30 requests per hour)
+\&                action==rate(client_address/30/3600/450 4.7.1 sorry, max 30 requests per hour)
 \&        id=SIZE01 ;  client_name==unknown ;  state==END_OF_DATA ; \e
-\&                action==size($$client_address/1572864/600/450 4.7.1 sorry, max 1.5mb per 10 minutes)
+\&                action==size(client_address/1572864/600/450 4.7.1 sorry, max 1.5mb per 10 minutes)
 .Ve
 .PP
 .Vb 8