postfix/man/man5/pcre_table.5

.TH PCRE_TABLE 5 
.ad
.fi
.SH NAME
pcre_table
\-
format of Postfix PCRE tables
.SH "SYNOPSIS"
.na
.nf
\fBpostmap \-q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR

\fBpostmap \-q \- pcre:/etc/postfix/\fIfilename\fB <\fIinputfile\fR

\fBpostmap \-hmq \- pcre:/etc/postfix/\fIfilename\fB <\fIinputfile\fR

\fBpostmap \-bmq \- pcre:/etc/postfix/\fIfilename\fB <\fIinputfile\fR
.SH DESCRIPTION
.ad
.fi
The Postfix mail system uses optional tables for address
rewriting, mail routing, or access control. These tables
are usually in \fBdbm\fR or \fBdb\fR format.

Alternatively, lookup tables can be specified in Perl Compatible
Regular Expression form. In this case, each input is compared
against a list of patterns. When a match is found, the
corresponding result is returned and the search is terminated.

To find out what types of lookup tables your Postfix system
supports use the "\fBpostconf \-m\fR" command.

To test lookup tables, use the "\fBpostmap \-q\fR" command
as described in the SYNOPSIS above. Use "\fBpostmap \-hmq
\-\fR <\fIfile\fR" for header_checks(5) patterns, and
"\fBpostmap \-bmq \-\fR <\fIfile\fR" for body_checks(5)
(Postfix 2.6 and later).

This driver can be built with the pcre2 library (Postfix
3.7 and later), or with the legacy pcre library (all Postfix
versions).
.SH "COMPATIBILITY"
.na
.nf
.ad
.fi
With Postfix version 2.2 and earlier specify "\fBpostmap
\-fq\fR" to query a table that contains case sensitive
patterns. Patterns are case insensitive by default.
.SH "TABLE FORMAT"
.na
.nf
.ad
.fi
The general form of a PCRE table is:
.IP "\fB/\fIpattern\fB/\fIflags result\fR"
When \fIpattern\fR matches the input string, use
the corresponding \fIresult\fR value.
.IP "\fB!/\fIpattern\fB/\fIflags result\fR"
When \fIpattern\fR does \fBnot\fR match the input string, use
the corresponding \fIresult\fR value.
.IP "\fBif /\fIpattern\fB/\fIflags\fR"
.IP "\fBendif\fR"
If the input string matches /\fIpattern\fR/, then match that
input string against the patterns between \fBif\fR and
\fBendif\fR.  The \fBif\fR..\fBendif\fR can nest.
.sp
Note: do not prepend whitespace to patterns inside
\fBif\fR..\fBendif\fR.
.sp
This feature is available in Postfix 2.1 and later.
.IP "\fBif !/\fIpattern\fB/\fIflags\fR"
.IP "\fBendif\fR"
If the input string does not match /\fIpattern\fR/, then
match that input string against the patterns between \fBif\fR
and \fBendif\fR. The \fBif\fR..\fBendif\fR can nest.
.sp
Note: do not prepend whitespace to patterns inside
\fBif\fR..\fBendif\fR.
.sp
This feature is available in Postfix 2.1 and later.
.IP "blank lines and comments"
Empty lines and whitespace\-only lines are ignored, as
are lines whose first non\-whitespace character is a `#'.
.IP "multi\-line text"
A logical line starts with non\-whitespace text. A line that
starts with whitespace continues a logical line.
.PP
Each pattern is a perl\-like regular expression. The expression
delimiter can be any non\-alphanumeric character, except
whitespace or characters
that have special meaning (traditionally the forward slash is used).
The regular expression can contain whitespace.

By default, matching is case\-insensitive, and newlines are not
treated as special characters. The behavior is controlled by flags,
which are toggled by appending one or more of the following
characters after the pattern:
.IP "\fBi\fR (default: on)"
Toggles the case sensitivity flag. By default, matching is case
insensitive.
.IP "\fBm\fR (default: off)"
Toggles the pcre MULTILINE flag. When this flag is on, the \fB^\fR
and \fB$\fR metacharacters match immediately after and immediately
before a newline character, respectively, in addition to
matching at the start and end of the subject string.
.IP "\fBs\fR (default: on)"
Toggles the pcre DOTALL flag. When this flag is on, the \fB.\fR
metacharacter matches the newline character. With
Postfix versions prior to 2.0, the flag is off by
default, which is inconvenient for multi\-line message header
matching.
.IP "\fBx\fR (default: off)"
Toggles the pcre extended flag. When this flag is on, whitespace
characters in the pattern (other than in a character class)
are ignored.  To include a whitespace character as part of
the pattern, escape it with backslash.
.sp
Note: do not use \fB#\fIcomment\fR after patterns.
.IP "\fBA\fR (default: off)"
Toggles the pcre ANCHORED flag.  When this flag is on,
the pattern is forced to be "anchored", that is, it is
constrained to match only at the start of the string which
is being searched (the "subject string"). This effect can
also be achieved by appropriate constructs in the pattern
itself.
.IP "\fBE\fR (default: off)"
Toggles the pcre DOLLAR_ENDONLY flag. When this flag is on,
a \fB$\fR metacharacter in the pattern matches only at the
end of the subject string. Without this flag, a dollar also
matches immediately before the final character if it is a
newline character (but not before any other newline
characters). This flag is ignored if the pcre MULTILINE
flag is set.
.IP "\fBU\fR (default: off)"
Toggles the pcre UNGREEDY flag.  When this flag is on,
the pattern matching engine inverts the "greediness" of
the quantifiers so that they are not greedy by default,
but become greedy if followed by "?".  This flag can also
set by a (?U) modifier within the pattern.
.IP "\fBX\fR (default: off)"
Toggles the pcre EXTRA flag.
When this flag is on, any backslash in a pattern that is
followed by a letter that has no special meaning causes an
error, thus reserving these combinations for future expansion.

This feature is not supported with PCRE2.
.SH "SEARCH ORDER"
.na
.nf
.ad
.fi
Patterns are applied in the order as specified in the table, until a
pattern is found that matches the input string.

Each pattern is applied to the entire input string.
Depending on the application, that string is an entire client
hostname, an entire client IP address, or an entire mail address.
Thus, no parent domain or parent network search is done, and
\fIuser@domain\fR mail addresses are not broken up into their
\fIuser\fR and \fIdomain\fR constituent parts, nor is \fIuser+foo\fR
broken up into \fIuser\fR and \fIfoo\fR.
.SH "TEXT SUBSTITUTION"
.na
.nf
.ad
.fi
Substitution of substrings (text that matches patterns
inside "()") from the matched expression into the result
string is requested with $1, $2, etc.; specify $$ to produce
a $ character as output.
The macros in the result string may need to be written as
${n} or $(n) if they aren't followed by whitespace.
This feature does not support pcre2 substring names.

Note: since negated patterns (those preceded by \fB!\fR) return a
result when the expression does not match, substitutions are not
available for negated patterns.
.SH "INLINE SPECIFICATION"
.na
.nf
.ad
.fi
The contents of a table may be specified in the table name
(Postfix 3.7 and later).
The basic syntax is:

.nf
main.cf:
    \fIparameter\fR \fB= .. pcre:{ { \fIrule\-1\fB }, { \fIrule\-2\fB } .. } ..\fR

master.cf:
    \fB.. \-o { \fIparameter\fR \fB= .. pcre:{ { \fIrule\-1\fB }, { \fIrule\-2\fB } .. } .. } ..\fR
.fi

Postfix recursively expands any \fI$parametername\fR instances
in the above parameter value, ignores whitespace after '{'
and before '}', and writes each \fIrule\fR as one text line to
an in\-memory file:

.nf
in\-memory file:
    rule\-1
    rule\-2
    ..
.fi

Postfix parses the result as if it is a file in /etc/postfix.
.SH "INLINE SPECIFICATION CAVEATS"
.na
.nf
.ad
.fi
.IP \(bu
When using \fI$parametername\fR inside an inlined pattern,
use \eQ\fI$parametername\fR\eE to disable metacharacters such as
\&'.' in the \fI$parametername\fR expansion. Otherwise, the pattern
may have unexpected matches.
.IP \(bu
When an inlined rule must contain \fB$\fR, specify \fB$$\fR
to keep Postfix from trying to do \fI$name\fR expansion as
it evaluates a parameter value. To check an inline configuration,
use the "\fBpostconf \-x\fR" option as shown below:
.RS
.IP \(bu
When a main.cf "\fIparametername = \fI value\fR" setting contains
an inline pcre: table, use the command "\fBpostconf \-x
\fIparametername\fR". Verify that there are no "undefined
parameter" warnings, and that the output has the syntax that
one would use in a non\-inlined Postfix pcre: file.
.IP \(bu
When a master.cf "\fB\-o { \fIparametername = value\fB }\fR"
override contains an inline pcre: table, use the command
"\fBpostconf \-Px '*/*/\fIparametername\fB' \fR". Verify that there
are no "undefined parameter" warnings, and that the output has
the syntax that one would use in a non\-inlined Postfix pcre: file.
.RE
.SH "EXAMPLE SMTPD ACCESS MAP"
.na
.nf
# Protect your outgoing majordomo exploders
/^(?!owner\-)(.*)\-outgoing@(.*)/ 550 Use ${1}@${2} instead

# Bounce friend@whatever, except when whatever is our domain (you would
# be better just bouncing all friend@ mail \- this is just an example).
/^(friend@(?!my\\.domain$).*)$/  550 Stick this in your pipe $1

# A multi\-line entry. The text is sent as one line.
#
/^noddy@my\\.domain$/
\ 550 This user is a funny one. You really don't want to send mail to
\ them as it only makes their head spin.
.SH "EXAMPLE HEADER FILTER MAP"
.na
.nf
/^Subject: make money fast/     REJECT
/^To: friend@public\\.com/       REJECT
.SH "EXAMPLE BODY FILTER MAP"
.na
.nf
# First skip over base 64 encoded text to save CPU cycles.
# Requires PCRE version 3.
~^[[:alnum:]+/]{60,}$~          OK

# Put your own body patterns here.
.SH "SEE ALSO"
.na
.nf
postmap(1), Postfix lookup table manager
postconf(5), configuration parameters
regexp_table(5), format of POSIX regular expression tables
.SH "README FILES"
.na
.nf
.ad
.fi
Use "\fBpostconf readme_directory\fR" or
"\fBpostconf html_directory\fR" to locate this information.
.na
.nf
DATABASE_README, Postfix lookup table overview
.SH "AUTHOR(S)"
.na
.nf
The PCRE table lookup code was originally written by:
Andrew McNamara
andrewm@connect.com.au
connect.com.au Pty. Ltd.
Level 3, 213 Miller St
North Sydney, NSW, Australia

Adopted and adapted by:
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA

Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA