Access control refers to plain and simple access control you can perform on email, this includes holding, rejecting, discarding (dropping), filtering or redirecting. Configuration can be specified in the below manner

Type: HOLD
Parameter: optional_log_message

This will put the message on hold. This verdict pertains to all recipients of the message. The optional log message is added in the logs in the following position… "test@example.com: Recipient address optional_log_message;".

Type: REJECT 
Parameter: message_to_reject_with

This will reject the mesage with the message specified. A blank message will reject the message with the builtin default.

Type: DISCARD
Parameter: optional_log_message

Discard the message. ie. Delete it. The optional log message is added in the logs in the following position… ": Recipient address optional_log_message;".

Type: FILTER
Parameter: content_filter

Send message to the specified content filter

Type: REDIRECT
Parameter: user@domain

Redirect the message to another user

Type: OK 
Parameter: optional_log_message

• present in r387+, v2.0.8 and v2.1.x

Return OK back to MTA, in the case of Postfix this will allow the message and not process further postfix rules

Configuration for this module is done in the [AccessControl] section in the configuration file.

Set to 1 if you wish to enable this module. Default 0 (disabled).

enable=1

Complete Example

Taking the policies described in the other feature document, we can reject all outbound email

Reject all outbound email
Policy: Default Outbound Policy
Verdict: REJECT
Data: "No outbound mail allowed"