Access Control

Access control refers to plain and simple access control you can perform on email, this includes holding, rejecting, discarding (dropping), filtering or redirecting. Configuration can be specified in the following manner:

Type: HOLD
Parameter: optional_log_message

This will put the message on hold. This verdict pertains to all recipients of the message. The optional log message is added in the logs in the following position... "<>: Recipient address optional_log_message;".

Parameter: message_to_reject_with

This will reject the mesage with the message specified. A blank message will reject the message with the builtin default.

Parameter: optional_log_message

Discard the message. ie. Delete it. The optional log message is added in the logs in the following position… ": Recipient address optional_log_message;".

Parameter: content_filter

Send message to the specified content filter.

Parameter: user@domain

Redirect the message to another user.

Type: OK 
Parameter: optional_log_message
  • present in r387+, v2.0.8 and v2.1.x

Return OK back to MTA, in the case of Postfix this will allow the message and not process further postfix rules.

Configuration for this module is done in the [AccessControl] section in the configuration file.

Set to 1 if you wish to enable this module. Default 0 (disabled).


Taking the policies described in the other feature document, we can reject all outbound email:

Reject all outbound email
Policy: Default Outbound Policy
Verdict: REJECT
Data: "No outbound mail allowed"