Match

This object takes care of matching a triplet. The simplest type is all which matches any triplet. The match object together with the policy object decide what happens with a triplet - whether it is rejected or let through.
A typical greylist setup uses an allmatch together with a greylist policy object after checking the triplet against whitelists. But it is also possible to greylist selectively by combining a selective match (pattern or exact) with the greylist policy object.
It is important to remember that defining a match only makes sense when it is used by a policy object.

[match]
name=mymatch
type=all
name
user defined name for this match. This is what other objects use to refer to this match.
type
the following match types are availabe:all, exact match, cached exact match, pattern match, cached pattern match. The exact match types match a triplet or part of it against a particular column in a datsource - e.g. this is useful for whitelisting a list of recipient addresses. The pattern types can be used for more complex matching - e.g. whitelisting a particluar sender -> recipient pair.
The cached versions load the complete database table (or more precisely the datasource) into a local cache and use the cache for subsequent lookups. This reduces the number of database queries and greatly improves performance.
[match]
name=recipient match
type=cached exact match
lookup=address
match=recipient
return=comment
datasource=recipientds
lookup
the column in the datasource to match against. This depends on the structure of the database.
match
the part of the triplet to match against. The following parts are available:
client_address
1.2.3.4 - the IP address of the client.
sender
sender's email address.
recipient
recipient's email address.
reverse_client_name
the reverse client name.
short_reverse_client_name
shortened version of the reverse client name.
client_name
verfied client name.
short_client_name
shortened version of the verified client name.
triplet_string
complex representation of all parts of this triplet - mainly used for pattern matching (see below).
network
1.2.3 - shortened version of the client address.
return
the column in the datasource that is reported in the logs. For instance, a whitelisted triplet will be logged as .. wl recipient match: (sender) -> (recipient): (comment).
datasource
the user defined name of the datasource this match uses - e.g. the table in the database.

Complex pattern matching:

[match]
name=recipient match
type=cached pattern match
lookup=expression
match=triplet_string
return=comment
datasource=recipientds

The triplet_string is identical to the pattern matching in the old greylist service. The triplet is represented as

s=<a href="mailto:someuser@yahoo.com" rel="nofollow">someuser@yahoo.com</a>
r=<a href="mailto:someuser@mydomain.org" rel="nofollow">someuser@mydomain.org</a>
c=216.145.54.171
h=mrout1.yahoo.com

In the above example the IP address resolves to one of Yahoo's servers. This pattern uses reverse name lookup and matches the example:

> insert into pattern values(".+^h=.*yahoo\.com.+$","yahoo");

Another example: this whitelists one of your mail domains completely

> insert into pattern values(".+^r=.*@someorg\.org.+$","someorg want all spam");

A more complex example for a common situation. A user has problems with receiving mail from someone particular. In this example we even know the sender's mail server's IP address -- well at least the first byte:

^s=user.+^r=<a href="mailto:myuser@mydomain" rel="nofollow">myuser@mydomain</a>.+^c=210

If you wanted to specify the users full address it would look like this

^s=user.+^r=<a href="mailto:myuser@mydomain" rel="nofollow">myuser@mydomain</a>\.org.+^c=210

Note: the .+ after the org in the example is still required!

Since s=user is at the beginning do not use the leading .+ before the anchor ^

^s=<a href="mailto:sender@example" rel="nofollow">sender@example</a>\.com.+$