Home Man
Search
Today's Posts
Register

Linux & Unix Commands - Search Man Pages

RedHat 9 (Linux i386) - man page for smtpd (redhat section 8)

SMTPD(8)				       System Manager's Manual					     SMTPD(8)

NAME
smtpd - Postfix SMTP server
SYNOPSIS
smtpd [generic Postfix daemon options]
DESCRIPTION
The SMTP server accepts network connection requests and performs zero or more SMTP transactions per connec- tion. Each received message is piped through the cleanup(8) daemon, and is placed into the incoming queue as one single queue file. For this mode of operation, the program expects to be run from the master(8) process manager. Alternatively, the SMTP server takes an established connection on standard input and deposits messages directly into the maildrop queue. In this so-called stand-alone mode, the SMTP server can accept mail even while the mail system is not running. The SMTP server implements a variety of policies for connection requests, and for parameters given to HELO, ETRN, MAIL FROM, VRFY and RCPT TO commands. They are detailed below and in the main.cf configuration file.
SECURITY
The SMTP server is moderately security-sensitive. It talks to SMTP clients and to DNS servers on the network. The SMTP server can be run chrooted at fixed low privilege.
STANDARDS
RFC 821 (SMTP protocol) RFC 1123 (Host requirements) RFC 1652 (8bit-MIME transport) RFC 1869 (SMTP service extensions) RFC 1854 (SMTP Pipelining) RFC 1870 (Message Size Declaration) RFC 1985 (ETRN command) RFC 2554 (AUTH command) RFC 2821 (SMTP protocol)
DIAGNOSTICS
Problems and transactions are logged to syslogd(8). Depending on the setting of the notify_classes parameter, the postmaster is notified of bounces, protocol problems, policy violations, and of other trouble.
CONFIGURATION PARAMETERS
The following main.cf parameters are especially relevant to this program. See the Postfix main.cf file for syntax details and for default values. Use the postfix reload command after a configuration change. Compatibility controls strict_rfc821_envelopes Disallow non-RFC 821 style addresses in SMTP commands. For example, the RFC822-style address forms with comments that Sendmail allows. broken_sasl_auth_clients Support older Microsoft clients that mis-implement the AUTH protocol, and that expect an EHLO response of "250 AUTH=list" instead of "250 AUTH list". smtpd_noop_commands List of commands that are treated as NOOP (no operation) commands, without any parameter syntax check- ing and without any state change. This list overrides built-in command definitions. Content inspection controls content_filter The name of a mail delivery transport that filters mail and that either bounces mail or re-injects the result back into Postfix. This parameter uses the same syntax as the right-hand side of a Postfix transport table. Authentication controls enable_sasl_authentication Enable per-session authentication as per RFC 2554 (SASL). This functionality is available only when explicitly selected at program build time and explicitly enabled at runtime. smtpd_sasl_local_domain The name of the local authentication realm. smtpd_sasl_security_options Zero or more of the following. noplaintext Disallow authentication methods that use plaintext passwords. noactive Disallow authentication methods that are vulnerable to non-dictionary active attacks. nodictionary Disallow authentication methods that are vulnerable to passive dictionary attack. noanonymous Disallow anonymous logins. smtpd_sender_login_maps Maps that specify the SASL login name that owns a MAIL FROM sender address. Used by the reject_sender_login_mismatch sender anti-spoofing restriction. Miscellaneous always_bcc Address to send a copy of each message that enters the system. command_directory Location of Postfix support commands (default: $program_directory). debug_peer_level Increment in verbose logging level when a remote host matches a pattern in the debug_peer_list parame- ter. debug_peer_list List of domain or network patterns. When a remote host matches a pattern, increase the verbose logging level by the amount specified in the debug_peer_level parameter. default_verp_delimiters The default VERP delimiter characters that are used when the XVERP command is specified without explicit delimiters. error_notice_recipient Recipient of protocol/policy/resource/software error notices. hopcount_limit Limit the number of Received: message headers. local_recipient_maps List of maps with user names that are local to $myorigin or $inet_interfaces. If this parameter is defined, then the SMTP server rejects mail for unknown local users. notify_classes List of error classes. Of special interest are: policy When a client violates any policy, mail a transcript of the entire SMTP session to the postmas- ter. protocol When a client violates the SMTP protocol or issues an unimplemented command, mail a transcript of the entire SMTP session to the postmaster. smtpd_banner Text that follows the 220 status code in the SMTP greeting banner. smtpd_recipient_limit Restrict the number of recipients that the SMTP server accepts per message delivery. smtpd_timeout Limit the time to send a server response and to receive a client request. soft_bounce Change hard (5xx) reject responses into soft (4xx) reject responses. This can be useful for testing purposes. verp_delimiter_filter The characters that Postfix accepts as VERP delimiter characters. Resource controls line_length_limit Limit the amount of memory in bytes used for the handling of partial input lines. message_size_limit Limit the total size in bytes of a message, including on-disk storage for envelope information. queue_minfree Minimal amount of free space in bytes in the queue file system for the SMTP server to accept any mail at all. smtpd_history_flush_threshold Flush the command history to postmaster after receipt of RSET etc. only if the number of history lines exceeds the given threshold. Tarpitting smtpd_error_sleep_time Time to wait in seconds before sending a 4xx or 5xx server error response. smtpd_soft_error_limit When an SMTP client has made this number of errors, wait error_count seconds before responding to any client request. smtpd_hard_error_limit Disconnect after a client has made this number of errors. smtpd_junk_command_limit Limit the number of times a client can issue a junk command such as NOOP, VRFY, ETRN or RSET in one SMTP session before it is penalized with tarpit delays. UCE control restrictions parent_domain_matches_subdomains List of Postfix features that use domain.tld patterns to match sub.domain.tld (as opposed to requiring .domain.tld patterns). smtpd_client_restrictions Restrict what clients may connect to this mail system. smtpd_helo_required Require that clients introduce themselves at the beginning of an SMTP session. smtpd_helo_restrictions Restrict what client hostnames are allowed in HELO and EHLO commands. smtpd_sender_restrictions Restrict what sender addresses are allowed in MAIL FROM commands. smtpd_recipient_restrictions Restrict what recipient addresses are allowed in RCPT TO commands. smtpd_etrn_restrictions Restrict what domain names can be used in ETRN commands, and what clients may issue ETRN commands. allow_untrusted_routing Allow untrusted clients to specify addresses with sender-specified routing. Enabling this opens up nasty relay loopholes involving trusted backup MX hosts. smtpd_restriction_classes Declares the name of zero or more parameters that contain a list of UCE restrictions. The names of these parameters can then be used instead of the restriction lists that they represent. smtpd_null_access_lookup_key The lookup key to be used in SMTPD access tables instead of the null sender address. A null sender address cannot be looked up. maps_rbl_domains List of DNS domains that publish the addresses of blacklisted hosts. permit_mx_backup_networks Only domains whose primary MX hosts match the listed networks are eligible for the permit_mx_backup feature. relay_domains Restrict what domains or networks this mail system will relay mail from or to. UCE control responses access_map_reject_code Server response when a client violates an access database restriction. invalid_hostname_reject_code Server response when a client violates the reject_invalid_hostname restriction. maps_rbl_reject_code Server response when a client violates the maps_rbl_domains restriction. reject_code Response code when the client matches a reject restriction. relay_domains_reject_code Server response when a client attempts to violate the mail relay policy. unknown_address_reject_code Server response when a client violates the reject_unknown_address restriction. unknown_client_reject_code Server response when a client without address to name mapping violates the reject_unknown_clients restriction. unknown_hostname_reject_code Server response when a client violates the reject_unknown_hostname restriction.
SEE ALSO
cleanup(8) message canonicalization master(8) process manager syslogd(8) system logging
LICENSE
The Secure Mailer license must be distributed with this software. AUTHOR(S) Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Heights, NY 10598, USA SMTPD(8)


All times are GMT -4. The time now is 11:36 PM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
UNIX.COM Login
Username:
Password:  
Show Password