jack:
> Hi,
>
> In the online documentation for access tables
> (http://www.postfix.org/access.5.html), it says:
>
> Subnetworks are matched by repeatedly truncating
> the last ".octet" from the remote IPv4 host address
> string until a match is found in the access table, or
> until further truncation is not possible.
>
> This is supposedly subject only to the restriction that the table is an
> indexed file "such as DB or DBM".
Postfix will query hash (btreem, dbm, lmdb, ldap, etc.) table
multiple times, first with the full IP address and then with prefixes
of the IP address. With your example of 5.188.9.2 the queries would
be:
5.188.9.2
5.188.9
There would be more queries if there is no match.
(with cidr, pcre, and regexp tables there would be only one lookup).
> I have the following client_access table:
> 5.188.9 REJECT WebShield Network trying to hack Dovecot
> 2018-05-10 - test
> 5.188.9.1 REJECT WebShield Network trying to hack Dovecot 2018-05-10
>
> I compile the table to create client_access.db:
> # postmap client_access
>
> I then try:
> # postmap -q 5.188.9.2 client_access
> [no output]
The postmap command does not make all the queries that I described
above. You will have to do that instead.
Wietse
