Mapping Table Overview (Sun Java Communications Suite 5 Deployment Planning Guide)

Sun Java Communications Suite 5 Deployment Planning Guide

Mapping Table Overview

You can control access to your mail services by configuring certain mapping tables. Many components of the MTA employ table lookup-oriented information. This type of table is used to transform, that is, map, an input string into an output string. Mapping tables are usually presented as two columns. The first (left-hand) column provides possible input strings against which to match (pattern), and the second (right-hand) column gives the resulting output string for which the input string is mapped (template).

The following table describes these mapping tables, which enable you to control who can or cannot send mail, receive mail, or both. See the Sun Java System Messaging Server 6.3 Administration Guide for more information.

Table 13–2 Access Control Mapping Tables


Mapping Table	Description
`SEND_ACCESS`	Used to block incoming connections based on envelope `From:` address, envelope `To:` address, source and destination channels. The `To:` address is checked after rewriting, alias expansion, and so on, have been performed.
`ORIG_SEND_ACCESS`	Used to block incoming connections based on envelope `From:` address, envelope `To:` address, source and destination channels. The `To:` address is checked after rewriting but before alias expansion.
`MAIL_ACCESS`	Used to block incoming connections based on combined information found in `SEND_ACCESS` and `PORT_ACCESS` tables: that is, the channel and address information found in `SEND_ACCESS` combined with the IP address and port number information found in `PORT_ACCESS`.
`ORIG_MAIL_ACCESS`	Used to block incoming connections based on combined information found in `ORIG_SEND_ACCESS` and `PORT_ACCESS` tables: that is, the channel and address information found in `ORIG_SEND_ACCESS` combined with the IP address and port number information found in `PORT_ACCESS`.
`FROM_ACCESS`	Used to filter mail based on envelope `From:` addresses. Use this table if the `To:` address is irrelevant.
`PORT_ACCESS`	Used to block incoming connections based on IP number.

Figure 13–1 illustrates where mapping tables are activated in the mail acceptance process.

Figure 13–1 Mapping Tables and the Mail Acceptance Process

This diagram shows how pre-SMTP accept filtering is activated
in the mail acceptance process.

For all the network ports controlled by the MTA service dispatcher, a PORT_ACCESS rejection response, if warranted, takes place at the initial connection from a remote host. A FROM_ACCESS rejection occurs in response to the MAIL FROM: command, before the sending side can send the recipient information or the message data. A SEND_ACCESS or MAIL_ACCESS rejection occurs in response to a RCPT TO: command, before the sending side gets to send the message data. If an SMTP message is rejected, your Messaging Server never accepts or sees the message data, thus minimizing the overhead of performing such rejections. If multiple access control mapping tables exist, Messaging Server checks them all.

Note –

If the message is accepted, it can still be filtered by way of conversion channels and user defined filters.