Полезная информация




SMTPD(8)                                                 SMTPD(8)


NAME
       smtpd - Postfix SMTP server

SYNOPSIS
       smtpd [generic Postfix daemon options]

DESCRIPTION
       The  SMTP  server  accepts network connection requests and
       performs zero or more SMTP  transactions  per  connection.
       Each received message is piped through the cleanup(8) dae-
       mon, and is placed into the incoming queue as  one  single
       queue  file.   For  this  mode  of  operation, the program
       expects to be run from the master(8) process manager.

       Alternatively, the SMTP server takes an  established  con-
       nection  on  standard input and deposits messages directly
       into the maildrop queue.  In  this  so-called  stand-alone
       mode,  the SMTP server can accept mail even while the mail
       system is not running.

       The SMTP server implements a variety of policies for  con-
       nection  requests, and for parameters given to HELO, ETRN,
       MAIL FROM, VRFY and RCPT TO commands.  They  are  detailed
       below and in the main.cf configuration file.

SECURITY
       The SMTP server is moderately security-sensitive. It talks
       to SMTP clients and to DNS servers  on  the  network.  The
       SMTP server can be run chrooted at fixed low privilege.

STANDARDS
       RFC 821 (SMTP protocol)
       RFC 1123 (Host requirements)
       RFC 1651 (SMTP service extensions)
       RFC 1652 (8bit-MIME transport)
       RFC 1854 (SMTP Pipelining)
       RFC 1870 (Message Size Declaration)
       RFC 1985 (ETRN command)
       RFC 2554 (AUTH command)

DIAGNOSTICS
       Problems and transactions are logged to syslogd(8).

       Depending  on the setting of the notify_classes parameter,
       the postmaster is notified of bounces, protocol  problems,
       policy violations, and of other trouble.

CONFIGURATION PARAMETERS
       The  following  main.cf parameters are especially relevant
       to this program. See the Postfix main.cf file  for  syntax
       details  and  for  default  values. Use the postfix reload
       command after a configuration change.





                                                                1





SMTPD(8)                                                 SMTPD(8)


Compatibility controls
       strict_rfc821_envelopes
              Disallow non-RFC 821 style addresses in  envelopes.
              For  example, allow RFC822-style address forms with
              comments, like Sendmail does.

Content inspection controls
       content_filter
              The name of a mail delivery transport that  filters
              mail and that either bounces mail or re-injects the
              result back into Postfix.  This parameter uses  the
              same  syntax  as  the  right-hand side of a Postfix
              transport table.

Authenication controls
       enable_sasl_authentication
              Enable per-session authentication as per  RFC  2554
              (SASL).   This functionality is available only when
              explicitly  selected  at  program  build  time  and
              explicitly enabled at runtime.

       smtpd_sasl_security_options
              Zero or more of the following.

              noplaintext
                     Disallow  authentication  methods  that  use
                     plaintext passwords.

              noactive
                     Disallow  authentication  methods  that  are
                     vulnerable to non-dictionary active attacks.

              nodictionary
                     Disallow  authentication  methods  that  are
                     vulnerable to passive dictionary attack.

              noanonymous
                     Disallow anonymous logins.

Miscellaneous
       always_bcc
              Address  to send a copy of each message that enters
              the system.

       command_directory
              Location  of  Postfix  support  commands  (default:
              $program_directory).

       debug_peer_level
              Increment  in  verbose  logging level when a remote
              host  matches  a  pattern  in  the  debug_peer_list
              parameter.





                                                                2





SMTPD(8)                                                 SMTPD(8)


       debug_peer_list
              List  of  domain or network patterns. When a remote
              host matches a pattern, increase the  verbose  log-
              ging   level   by   the  amount  specified  in  the
              debug_peer_level parameter.

       error_notice_recipient
              Recipient   of    protocol/policy/resource/software
              error notices.

       hopcount_limit
              Limit the number of Received: message headers.

       local_recipient_maps
              List  of  maps  with  user  names that are local to
              $myorigin or $inet_interfaces. If this parameter is
              defined,  then  the  SMTP  server  rejects mail for
              unknown local users.

       notify_classes
              List of error classes. Of special interest are:

              policy When a client violates any  policy,  mail  a
                     transcript of the entire SMTP session to the
                     postmaster.

              protocol
                     When a client violates the SMTP protocol  or
                     issues  an  unimplemented  command,  mail  a
                     transcript of the entire SMTP session to the
                     postmaster.

       smtpd_banner
              Text  that  follows the 220 status code in the SMTP
              greeting banner.

       smtpd_recipient_limit
              Restrict the number of  recipients  that  the  SMTP
              server accepts per message delivery.

       smtpd_timeout
              Limit  the  time  to  send a server response and to
              receive a client request.

Resource controls
       line_length_limit
              Limit the amount of memory in bytes  used  for  the
              handling of partial input lines.

       message_size_limit
              Limit the total size in bytes of a message, includ-
              ing on-disk storage for envelope information.





                                                                3





SMTPD(8)                                                 SMTPD(8)


       queue_minfree
              Minimal amount of free space in bytes in the  queue
              file  system for the SMTP server to accept any mail
              at all.

Tarpitting
       smtpd_error_sleep_time
              Time to wait in seconds before sending a 4xx or 5xx
              server error response.

       smtpd_soft_error_limit
              When an SMTP client has made this number of errors,
              wait error_count seconds before responding  to  any
              client request.

       smtpd_hard_error_limit
              Disconnect  after  a client has made this number of
              errors.

       smtpd_junk_command_limit
              Limit the number of times a client can issue a junk
              command  such  as  NOOP,  VRFY, ETRN or RSET in one
              SMTP session before it  is  penalized  with  tarpit
              delays.

UCE control restrictions
       smtpd_client_restrictions
              Restrict what clients may connect to this mail sys-
              tem.

       smtpd_helo_required
              Require that clients introduce  themselves  at  the
              beginning of an SMTP session.

       smtpd_helo_restrictions
              Restrict  what client hostnames are allowed in HELO
              and EHLO commands.

       smtpd_sender_restrictions
              Restrict what sender addresses are allowed in  MAIL
              FROM commands.

       smtpd_recipient_restrictions
              Restrict  what  recipient  addresses are allowed in
              RCPT TO commands.

       smtpd_etrn_restrictions
              Restrict what domain names can be used in ETRN com-
              mands, and what clients may issue ETRN commands.

       allow_untrusted_routing
              Allow  untrusted  clients to specify addresses with
              sender-specified routing.  Enabling this  opens  up
              nasty  relay  loopholes involving trusted backup MX



                                                                4





SMTPD(8)                                                 SMTPD(8)


              hosts.

       restriction_classes
              Declares the name of zero or more  parameters  that
              contain  a  list  of UCE restrictions. The names of
              these parameters can then be used  instead  of  the
              restriction lists that they represent.

       maps_rbl_domains
              List  of  DNS domains that publish the addresses of
              blacklisted hosts.

       relay_domains
              Restrict what domains or networks this mail  system
              will relay mail from or to.

UCE control responses
       access_map_reject_code
              Server  response  when  a client violates an access
              database restriction.

       invalid_hostname_reject_code
              Server  response  when  a   client   violates   the
              reject_invalid_hostname restriction.

       maps_rbl_reject_code
              Server   response   when   a  client  violates  the
              maps_rbl_domains restriction.

       reject_code
              Response code when  the  client  matches  a  reject
              restriction.

       relay_domains_reject_code
              Server  response  when a client attempts to violate
              the mail relay policy.

       unknown_address_reject_code
              Server  response  when  a   client   violates   the
              reject_unknown_address restriction.

       unknown_client_reject_code
              Server  response  when  a client without address to
              name mapping  violates  the  reject_unknown_clients
              restriction.

       unknown_hostname_reject_code
              Server   response   when   a  client  violates  the
              reject_unknown_hostname restriction.

SEE ALSO
       cleanup(8) message canonicalization
       master(8) process manager
       syslogd(8) system logging



                                                                5





SMTPD(8)                                                 SMTPD(8)


LICENSE
       The Secure Mailer license must be  distributed  with  this
       software.

AUTHOR(S)
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA
















































                                                                6