Access control refers to plain and simple access control you can perform on email, this includes holding, rejecting, discarding (dropping), filtering or redirecting. Configuration can be specified in the following manner:
Type: HOLD Parameter: optional_log_message
This will put the message on hold. This verdict pertains to all recipients of the message. The optional log message is added in the logs in the following position... "<test@example.com>: Recipient address optional_log_message;".
Type: REJECT Parameter: message_to_reject_with
This will reject the mesage with the message specified. A blank message will reject the message with the builtin default.
Type: DISCARD Parameter: optional_log_message
Discard the message. ie. Delete it. The optional log message is added in the logs in the following position… ": Recipient address optional_log_message;".
Type: FILTER Parameter: content_filter
Send message to the specified content filter.
Type: REDIRECT Parameter: user@domain
Redirect the message to another user.
Type: OK Parameter: optional_log_message
Return OK back to MTA, in the case of Postfix this will allow the message and not process further postfix rules.
Configuration for this module is done in the [AccessControl] section in the configuration file.
Set to 1 if you wish to enable this module. Default 0 (disabled).
enable=1
Taking the policies described in the other feature document, we can reject all outbound email:
Reject all outbound email Policy: Default Outbound Policy Verdict: REJECT Data: "No outbound mail allowed"