docs: Improve authorize_sender documentation

Add prepare_email description. Expand user_to_email description. See foxcpp#565.
9mmtylenol · Feb 5, 2023 · 6453363 · 6453363
1 parent 9a87d73
commit 6453363
Showing 1 changed file with 33 additions and 6 deletions.
diff --git a/docs/reference/checks/authorize_sender.md b/docs/reference/checks/authorize_sender.md
@@ -31,10 +31,33 @@ check {
 **Syntax:** user\_to\_email _table_ <br>
 **Default:** identity
 
-Table to use for lookups. Result of the lookup should contain either the
-domain name, the full email address or "*" string. If it is just domain - user
-will be allowed to use any mailbox within a domain as a sender address.
-If result contains "*" - user will be allowed to use any address.
+Table that maps authorization username to the list of sender emails
+the user is allowed to use.
+
+In additional to email addresses, the table can contain domain names or
+special string "\*" as a value. If the value is a domain - user
+will be allowed to use any mailbox within it as a sender address.
+If it is "\*" - user will be allowed to use any address.
+
+By default, table.identity is used, meaning that username should
+be equal to the sender email.
+
+Before username is looked up via the table, normalization algorithm
+defined by auth_normalize is applied to it.
+
+**Syntax:** prepare\_email _table_ <br>
+**Default:** identity
+
+Table that is used to translate email addresses before they
+are matched against user_to_email values.
+
+Typically used to allow users to use their aliases as sender
+addresses - prepare_email in this case should translate
+aliases to "canonical" addresses. This is how it is
+done in default configuration.
+
+If table does not contain any mapping for the used sender
+address, it will be used as is.
 
 **Syntax:** check\_header _boolean_ <br>
 **Default:** yes
@@ -71,13 +94,17 @@ Normalization function to apply to authorization username before
 further processing.
 
 Available options:
-- precis\_casefold\_email   PRECIS UsernameCaseMapped profile + U-labels form for domain
+- precis\_casefold\_email   PRECIS UsernameCaseMapped profile + Unicode form for domain
 - precis\_casefold         PRECIS UsernameCaseMapped profile for the entire string
-- precis\_email            PRECIS UsernameCasePreserved profile + U-labels form for domain
+- precis\_email            PRECIS UsernameCasePreserved profile + Unicode form for domain
 - precis                  PRECIS UsernameCasePreserved profile for the entire string
 - casefold                Convert to lower case
 - noop                    Nothing
 
+PRECIS profiles are defined by RFC 8265. In short, they make sure
+that Unicode strings that look the same will be compared as if they were
+the same. CaseMapped profiles also convert strings to lower case.
+
 **Syntax:** from\_normalize _action_ <br>
 **Default:** precis\_casefold\_email