PMDF System Manager's Guide


Previous Next Contents Index

16.1.4 When Access Controls are Applied

PMDF checks access control mappings as early as possible. Exactly when this happens depends upon the e-mail protocol in use---when the information that must be checked becomes available. But for instance in the case of the SMTP protocol, where addresses are presented in the initial part of the attempted message handover, well before the message data itself would be handed over, note that a FROM_ACCESS rejection will occur in response to the MAIL FROM: command, before the sending side ever gets to send the recipient information let alone the message data, while a SEND_ACCESS or MAIL_ACCESS sort of rejection will occur in response to the RCPT TO: command, before the sending side ever gets to send the message data. If an SMTP message is rejected, PMDF never even accepts or sees the message data, thus minimizing the overhead of performing such rejections.

If multiple access control mapping tables exist, PMDF will check them all; that is, a FROM_ACCESS, a SEND_ACCESS mapping table, an ORIG_SEND_ACCESS mappings table, a MAIL_ACCESS mapping table, and an ORIG_MAIL_ACCESS mapping table can all be in effect.


Previous Next Contents Index