SMTPD(8) SMTPD(8)
NAME
smtpd - Postfix SMTP server
SYNOPSIS
smtpd [generic Postfix daemon options]
DESCRIPTION
The SMTP server accepts network connection requests and
performs zero or more SMTP transactions per connection.
Each received message is piped through the cleanup(8) dae-
mon, and is placed into the incoming queue as one single
queue file. For this mode of operation, the program
expects to be run from the master(8) process manager.
Alternatively, the SMTP server takes an established con-
nection on standard input and deposits messages directly
into the maildrop queue. In this so-called stand-alone
mode, the SMTP server can accept mail even while the mail
system is not running.
The SMTP server implements a variety of policies for con-
nection requests, and for parameters given to HELO, ETRN,
MAIL FROM, VRFY and RCPT TO commands. They are detailed
below and in the main.cf configuration file.
SECURITY
The SMTP server is moderately security-sensitive. It talks
to SMTP clients and to DNS servers on the network. The
SMTP server can be run chrooted at fixed low privilege.
STANDARDS
RFC 821 (SMTP protocol)
RFC 1123 (Host requirements)
RFC 1652 (8bit-MIME transport)
RFC 1869 (SMTP service extensions)
RFC 1870 (Message Size Declaration)
RFC 1985 (ETRN command)
RFC 2554 (AUTH command)
RFC 2821 (SMTP protocol)
RFC 2920 (SMTP Pipelining)
DIAGNOSTICS
Problems and transactions are logged to syslogd(8).
Depending on the setting of the notify_classes parameter,
the postmaster is notified of bounces, protocol problems,
policy violations, and of other trouble.
CONFIGURATION PARAMETERS
The following main.cf parameters are especially relevant
to this program. See the Postfix main.cf file for syntax
details and for default values. Use the postfix reload
command after a configuration change.
Compatibility controls
strict_rfc821_envelopes
Disallow non-RFC 821 style addresses in SMTP com-
mands. For example, the RFC822-style address forms
with comments that Sendmail allows.
broken_sasl_auth_clients
Support older Microsoft clients that mis-implement
the AUTH protocol, and that expect an EHLO response
of "250 AUTH=list" instead of "250 AUTH list".
smtpd_noop_commands
List of commands that are treated as NOOP (no oper-
ation) commands, without any parameter syntax
checking and without any state change. This list
overrides built-in command definitions.
Content inspection controls
content_filter
The name of a mail delivery transport that filters
mail and that either bounces mail or re-injects the
result back into Postfix. This parameter uses the
same syntax as the right-hand side of a Postfix
transport table.
Authentication controls
enable_sasl_authentication
Enable per-session authentication as per RFC 2554
(SASL). This functionality is available only when
explicitly selected at program build time and
explicitly enabled at runtime.
smtpd_sasl_local_domain
The name of the local authentication realm.
smtpd_sasl_security_options
Zero or more of the following.
noplaintext
Disallow authentication methods that use
plaintext passwords.
noactive
Disallow authentication methods that are
vulnerable to non-dictionary active attacks.
nodictionary
Disallow authentication methods that are
vulnerable to passive dictionary attack.
noanonymous
Disallow anonymous logins.
smtpd_sender_login_maps
Maps that specify the SASL login name that owns a
MAIL FROM sender address. Used by the
reject_sender_login_mismatch sender anti-spoofing
restriction.
Miscellaneous
always_bcc
Address to send a copy of each message that enters
the system.
authorized_verp_clients
Hostnames, domain names and/or addresses of clients
that are authorized to use the XVERP extension.
debug_peer_level
Increment in verbose logging level when a remote
host matches a pattern in the debug_peer_list
parameter.
debug_peer_list
List of domain or network patterns. When a remote
host matches a pattern, increase the verbose log-
ging level by the amount specified in the
debug_peer_level parameter.
default_verp_delimiters
The default VERP delimiter characters that are used
when the XVERP command is specified without
explicit delimiters.
error_notice_recipient
Recipient of protocol/policy/resource/software
error notices.
hopcount_limit
Limit the number of Received: message headers.
notify_classes
List of error classes. Of special interest are:
policy When a client violates any policy, mail a
transcript of the entire SMTP session to the
postmaster.
protocol
When a client violates the SMTP protocol or
issues an unimplemented command, mail a
transcript of the entire SMTP session to the
postmaster.
smtpd_banner
Text that follows the 220 status code in the SMTP
greeting banner.
smtpd_expansion_filter
Controls what characters are allowed in $name
expansion of rbl template responses and other text.
smtpd_recipient_limit
Restrict the number of recipients that the SMTP
server accepts per message delivery.
smtpd_timeout
Limit the time to send a server response and to
receive a client request.
soft_bounce
Change hard (5xx) reject responses into soft (4xx)
reject responses. This can be useful for testing
purposes.
verp_delimiter_filter
The characters that Postfix accepts as VERP delim-
iter characters.
Known versus unknown recipients
show_user_unknown_table_name
Whether or not to reveal the table name in the
"User unknown" responses. The extra detail makes
trouble shooting easier but also reveals informa-
tion that is nobody elses business.
unknown_local_recipient_reject_code
The response code when a client specifies a recipi-
ent whose domain matches $mydestination or
$inet_interfaces, while $local_recipient_maps is
non-empty and does not list the recipient address
or address local-part.
unknown_relay_recipient_reject_code
The response code when a client specifies a recipi-
ent whose domain matches $relay_domains, while
$relay_recipient_maps is non-empty and does not
list the recipient address.
unknown_virtual_alias_reject_code
The response code when a client specifies a recipi-
ent whose domain matches $virtual_alias_domains,
while the recipient is not listed in $vir-
tual_alias_maps.
unknown_virtual_mailbox_reject_code
The response code when a client specifies a recipi-
ent whose domain matches $virtual_mailbox_domains,
while the recipient is not listed in $virtual_mail-
box_maps.
Resource controls
line_length_limit
Limit the amount of memory in bytes used for the
handling of partial input lines.
message_size_limit
Limit the total size in bytes of a message, includ-
ing on-disk storage for envelope information.
queue_minfree
Minimal amount of free space in bytes in the queue
file system for the SMTP server to accept any mail
at all.
smtpd_history_flush_threshold
Flush the command history to postmaster after
receipt of RSET etc. only if the number of history
lines exceeds the given threshold.
Tarpitting
smtpd_error_sleep_time
Time to wait in seconds before sending a 4xx or 5xx
server error response.
smtpd_soft_error_limit
When an SMTP client has made this number of errors,
wait error_count seconds before responding to any
client request.
smtpd_hard_error_limit
Disconnect after a client has made this number of
errors.
smtpd_junk_command_limit
Limit the number of times a client can issue a junk
command such as NOOP, VRFY, ETRN or RSET in one
SMTP session before it is penalized with tarpit
delays.
UCE control restrictions
parent_domain_matches_subdomains
List of Postfix features that use domain.tld pat-
terns to match sub.domain.tld (as opposed to
requiring .domain.tld patterns).
smtpd_client_restrictions
Restrict what clients may connect to this mail sys-
tem.
smtpd_helo_required
Require that clients introduce themselves at the
beginning of an SMTP session.
smtpd_helo_restrictions
Restrict what client hostnames are allowed in HELO
and EHLO commands.
smtpd_sender_restrictions
Restrict what sender addresses are allowed in MAIL
FROM commands.
smtpd_recipient_restrictions
Restrict what recipient addresses are allowed in
RCPT TO commands.
smtpd_etrn_restrictions
Restrict what domain names can be used in ETRN com-
mands, and what clients may issue ETRN commands.
smtpd_data_restrictions
Restrictions on the DATA command. Currently, the
only restriction that makes sense here is
reject_unauth_pipelining.
allow_untrusted_routing
Allow untrusted clients to specify addresses with
sender-specified routing. Enabling this opens up
nasty relay loopholes involving trusted backup MX
hosts.
smtpd_restriction_classes
Declares the name of zero or more parameters that
contain a list of UCE restrictions. The names of
these parameters can then be used instead of the
restriction lists that they represent.
smtpd_null_access_lookup_key
The lookup key to be used in SMTPD access tables
instead of the null sender address. A null sender
address cannot be looked up.
maps_rbl_domains (deprecated)
List of DNS domains that publish the addresses of
blacklisted hosts. This is used with the deprecated
reject_maps_rbl restriction.
permit_mx_backup_networks
Only domains whose primary MX hosts match the
listed networks are eligible for the per-
mit_mx_backup feature.
relay_domains
Restrict what domains this mail system will relay
mail to. The domains are routed to the delivery
agent specified with the relay_transport setting.
UCE control responses
access_map_reject_code
Response code when a client violates an access
database restriction.
default_rbl_reply
Default template reply when a request is RBL black-
listed. This template is used by the reject_rbl_*
and reject_rhsbl_* restrictions. See also:
rbl_reply_maps and smtpd_expansion_filter.
defer_code
Response code when a client request is rejected by
the defer restriction.
invalid_hostname_reject_code
Response code when a client violates the
reject_invalid_hostname restriction.
maps_rbl_reject_code
Response code when a request is RBL blacklisted.
rbl_reply_maps
Table with template responses for RBL blacklisted
requests, indexed by RBL domain name. These tem-
plates are used by the reject_rbl_* and
reject_rhsbl_* restrictions. See also:
default_rbl_reply and smtpd_expansion_filter.
reject_code
Response code when the client matches a reject
restriction.
relay_domains_reject_code
Response code when a client attempts to violate the
mail relay policy.
unknown_address_reject_code
Response code when a client violates the
reject_unknown_address restriction.
unknown_client_reject_code
Response code when a client without address to name
mapping violates the reject_unknown_client restric-
tion.
unknown_hostname_reject_code
Response code when a client violates the
reject_unknown_hostname restriction.
SEE ALSO
trivial-rewrite(8) address resolver
cleanup(8) message canonicalization
master(8) process manager
syslogd(8) system logging
LICENSE
The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
SMTPD(8)