mgrpMsgRejectAction
|
(LDAP_REJECT_ACTION) Single valued attribute that controls
what happens if any of the subsequent access checks fail. Only one value is defined: TOMODERATOR, which if set instructs the MTA to redirect any access failures
to the moderator specified by the mgrpModerator attribute. The default (and any other
value of this attribute) causes an error to be reported and the message rejected.
|
mailRejectText
|
(LDAP_REJECT_TEXT) The first line of text stored in
the first value of this attribute is saved. This text will be returned if any of the
following authentication attributes cause the message to be rejected. This means the
text can appear in SMTP responses so value has to be limited to US-ASCII to comply
with current messaging standards.
|
mgrpBroadcasterPolicy
|
(LDAP_AUTH_POLICY) Specifies level of authentication
needed to send to the group. Possible tokens are SMTP_AUTH_REQUIRED or AUTH_REQ, both of which mean that the SMTP AUTH command must be used to
identify the sender in order to send to the group; PASSWORD_REQUIRED, PASSWD_REQUIRED, or PASSWD_REQ, all of which mean the
password to the list specified by the mgrpAuthPassword attribute must appear in an
Approved: header field in the message; OR, which changes the OR_CLAUSES MTA
option setting to 1 for this list; AND, which changes the OR_CLAUSES MTA
option setting to 0 for this list; and NO_REQUIREMENTS, which is
a no-op. Multiple values are allowed and each value can consist of a comma-separated
list of tokens.
If SMTP AUTH is called for it also implies that any subsequent authorization
checks will be done against the email address provided by the SASL layer rather than
the MAIL FROM address.
|
mgrpAllowedDomain
|
(LDAP_AUTH_DOMAIN) Domains allowed to submit messages
to this group. A match failure with the OR_CLAUSES MTA option set to 0 (the default) means
access checking has failed and all subsequent tests are bypassed. A match failure
with the OR_CLAUSES MTA option set to 1 sets a “failure pending”
flag; some other access check must succeed in order for access checking to succeed.
This check is bypassed if the submitter has already matched an LDAP_AUTH_URL. Can be multivalued and glob-style wildcards are allowed.
|
mgrpDisallowedDomain
|
(LDAP_CANT_DOMAIN) Domains not allowed to submit messages
to this group. A match means access checking has failed and all subsequent checks
are bypassed. This check is bypassed if the submitter has already matched an LDAP_AUTH_URL. Can be multivalued and glob-style wildcards are allowed.
|
mgrpAllowedBroadcaster
|
(LDAP_AUTH_URL) URL identifying mail addresses allowed
to send mail to this group. Can be multivalued. Each URL is expanded into a list of
addresses and each address is checked against the current envelope from: address.
A match failure with the OR_CLAUSES MTA option set to 0 (the default)
means access checking has failed and all subsequent tests are bypassed. A match failure
with the OR_CLAUSES MTA option set to 1 sets a “failure pending”
flag; some other allowed access check must succeed in order for access checking to
succeed. A match also disables subsequent domain access checks. The expansion that
is performed is similar to an SMTP EXPN with all access control
checks disabled.
|
mgrpDisallowedBroadcaster
|
(LDAP_CANT_URL) URL identifying mail addresses not allowed
to send mail to this group. Can be multivalued. Each URL is expanded into a list of
addresses and each address is checked against the current envelope from: address.
A match means access checking has failed and all subsequent checks are bypassed. The
expansion that is performed is similar to an SMTP EXPN with all
access control checks disabled.
|
mgrpMsgMaxSize
|
(LDAP_ATTR_MAXIMUM_MESSAGE_SIZE) Maximum message size
in bytes that can be sent to the group. This attribute is obsolete but still supported
for backwards compatibility; the new mailMsgMaxBlocks attribute
should be used instead.
|
mgrpAuthPassword
|
(LDAP_AUTH_PASSWORD) Specifies a password needed to
post to the list. The presence of a mgrpAuthPassword attribute
forces a reprocessing pass. As the message is enqueued to the reprocessing channel,
the password is taken from the header and placed in the envelope. Then, while reprocessing,
the password is taken from the envelope and checked against this attribute. Additionally,
only passwords that actually are used are removed from the header field.
The OR_CLAUSES MTA option acts on this attribute in the same way it acts on
the other access check attributes.
|
mgrpModerator
|
(LDAP_MODERATOR_URL) The list of URLs given by this
attribute to be expanded into a series of addresses. The interpretation of this address
list depends on the setting of the LDAP_REJECT_ACTION MTA option.
If LDAP_REJECT_ACTION is set to TOMODERATOR,
this attribute specifies the moderator address(es) the message is to be sent to should
any of the access checks fail. If LDAP_REJECT_ACTION is missing
or has any other value, the address list is compared with the envelope from address.
Processing continues if there is a match. If there is no match, the message is again
sent to all of the addresses specified by this attribute. Expansion of this attribute
is implemented by making the value of this attribute the list of URLs for the group.
Any list of RFC822 addresses or DNs associated with the group is cleared, and the
delivery options for the group are set to members. Finally, subsequent
group attributes listed in this table are ignored.
|
mgrpDeliverTo
|
(LDAP_GROUP_URL1) List of URLs which, when expanded,
provides a list of mailing list member addresses.
|
memberURL
|
(LDAP_GROUP_URL2) Another list of URLs which, when expanded,
provides another list of mailing list member addresses.
|
uniqueMember
|
(LDAP_GROUP_DN) List of DNs of group members. DNs may
specify an entire subtree. Unique member DNs are expanded by embedding them in an
LDAP URL. The exact URL to use is specified by the GROUP_DN_TEMPLATE MTA
option. The default value for this option is: ldap:///$A?mail?sub?(mail=*)
$A specified the point where the uniqueMember DN
is inserted.
|
mgrpRFC822MailMember
|
(LDAP_GROUP_RFC822) Mail addresses of members of this
list.
|
rfc822MailMember
|
(LDAP_GROUP_RFC822) rfc822MailMember is supported for backwards
compatibility. Either rfc822MailMember or mgrpRFC822MailMember, but not both, can be used in any given group.
|
mgrpErrorsTo
|
(LDAP_ERRORS_TO) Sets the envelope originator (MAIL
FROM) address to whatever the attribute specifies.
|
mgrpAddHeader
|
(LDAP_ADD_HEADER) Turns the headers specified in the
attribute into header trimming ADD options.
|
mgrpRemoveHeader
|
(LDAP_REMOVE_HEADER) Turns the headers specified into
header trimming MAXLINES=-1 options.
|
mgrpMsgPrefixText
|
(LDAP_PREFIX_TEXT) Adds the specified text to the beginning
of the message text, if any.
|
mgrpMsgSuffixText
|
(LDAP_SUFFIX_TEXT) Adds the specified text to the ending
of the message text, if any.
|
No Default
|
(LDAP_ADD_TAG) Checks the subject for the specified text; if it isn’t
present the text is added at the beginning of the subject field.
|