| Current File : //var/qmail/man/cat8/qmail-smtpd.0 |
Maintenance Procedures qmail-smtpd(8)
N�N�N�NA�A�A�AM�M�M�ME�E�E�E
qmail-smtpd - receive mail via SMTP
S�S�S�SY�Y�Y�YN�N�N�NO�O�O�OP�P�P�PS�S�S�SI�I�I�IS�S�S�S
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d
D�D�D�DE�E�E�ES�S�S�SC�C�C�CR�R�R�RI�I�I�IP�P�P�PT�T�T�TI�I�I�IO�O�O�ON�N�N�N
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d receives mail messages via the Simple Mail
Transfer Protocol (SMTP) and invokes q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-q�q�q�qu�u�u�ue�e�e�eu�u�u�ue�e�e�e to deposit
them into the outgoing queue. q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d must be supplied
several environment variables; see t�t�t�tc�c�c�cp�p�p�p-�-�-�-e�e�e�en�n�n�nv�v�v�vi�i�i�ir�r�r�ro�o�o�on�n�n�n(�(�(�(5�5�5�5)�)�)�).
If the environment variable S�S�S�SM�M�M�MT�T�T�TP�P�P�PS�S�S�S is non-empty, q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d
starts a TLS session (to support the deprecated SMTPS proto-
col, normally on port 465). Otherwise, q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d offers
the STARTTLS extension to ESMTP.
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d is responsible for counting hops. It rejects
any message with 100 or more R�R�R�Re�e�e�ec�c�c�ce�e�e�ei�i�i�iv�v�v�ve�e�e�ed�d�d�d or D�D�D�De�e�e�el�l�l�li�i�i�iv�v�v�ve�e�e�er�r�r�re�e�e�ed�d�d�d-�-�-�-T�T�T�To�o�o�o header
fields.
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d supports ESMTP, including the 8BITMIME, DATA,
PIPELINING, SIZE, and AUTH options. q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d includes a
'MAIL FROM:' parameter parser and obeys 'Auth' and 'Size'
advertisements. q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d can accept LOGIN, PLAIN, and
CRAM-MD5 AUTH types. It invokes _�c_�h_�e_�c_�k_�p_�r_�o_�g_�r_�a_�m, which reads on
file descriptor 3 the username, a 0 byte, the password or
CRAM-MD5 digest/response derived from the SMTP client,
another 0 byte, a CRAM-MD5 challenge (if applicable to the
AUTH type), and a final 0 byte. _�c_�h_�e_�c_�k_�p_�r_�o_�g_�r_�a_�m invokes _�s_�u_�b_�-
_�p_�r_�o_�g_�r_�a_�m upon successful authentication, which should in turn
return 0 to q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d, effectively setting the environment
variables $RELAYCLIENT and $TCPREMOTEINFO (any supplied
value replaced with the authenticated username). q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-
s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d will reject the authentication attempt if it receives
a nonzero return value from _�c_�h_�e_�c_�k_�p_�r_�o_�g_�r_�a_�m or _�s_�u_�b_�p_�r_�o_�g_�r_�a_�m.
T�T�T�TR�R�R�RA�A�A�AN�N�N�NS�S�S�SP�P�P�PA�A�A�AR�R�R�RE�E�E�EN�N�N�NC�C�C�CY�Y�Y�Y
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d converts the SMTP newline convention into the
UNIX newline convention by converting CR LF into LF. It
returns a temporary error and drops the connection on bare
LFs; see h�h�h�ht�t�t�tt�t�t�tp�p�p�p:�:�:�:/�/�/�//�/�/�/p�p�p�po�o�o�ob�b�b�bo�o�o�ox�x�x�x.�.�.�.c�c�c�co�o�o�om�m�m�m/�/�/�/~�~�~�~d�d�d�dj�j�j�jb�b�b�b/�/�/�/d�d�d�do�o�o�oc�c�c�cs�s�s�s/�/�/�/s�s�s�sm�m�m�mt�t�t�tp�p�p�pl�l�l�lf�f�f�f.�.�.�.h�h�h�ht�t�t�tm�m�m�ml�l�l�l.
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d accepts messages that contain long lines or
non-ASCII characters, even though such messages violate the
SMTP protocol.
C�C�C�CO�O�O�ON�N�N�NT�T�T�TR�R�R�RO�O�O�OL�L�L�L F�F�F�FI�I�I�IL�L�L�LE�E�E�ES�S�S�S
_�b_�a_�d_�h_�e_�l_�o
Unacceptable HELO/EHLO host names. q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d will
reject every recipient address for a message if the
SunOS 5.11 Last change: 1
Maintenance Procedures qmail-smtpd(8)
host name is listed in, or matches a POSIX regular
expression pattern listed in, _�b_�a_�d_�h_�e_�l_�o. If the
N�N�N�NO�O�O�OB�B�B�BA�A�A�AD�D�D�DH�H�H�HE�E�E�EL�L�L�LO�O�O�O environment variable is set, then the con-
tents of _�b_�a_�d_�h_�e_�l_�o will be ignored. For more informa-
tion, please have a look at doc/README.qregex.
_�b_�a_�d_�m_�a_�i_�l_�f_�r_�o_�m
Unacceptable envelope sender addresses. q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d
will reject every recipient address for a message if
the envelope sender address is listed in, or matches a
POSIX regular expression pattern listed in, _�b_�a_�d_�m_�a_�i_�l_�-
_�f_�r_�o_�m. A line in _�b_�a_�d_�m_�a_�i_�l_�f_�r_�o_�m may be of the form @�@�@�@_�h_�o_�s_�t,
meaning every address at _�h_�o_�s_�t. For more information,
please have a look at doc/README.qregex.
_�b_�a_�d_�m_�a_�i_�l_�f_�r_�o_�m_�n_�o_�r_�e_�l_�a_�y
Functions the same as the _�b_�a_�d_�m_�a_�i_�l_�f_�r_�o_�m control file but
is read only if the R�R�R�RE�E�E�EL�L�L�LA�A�A�AY�Y�Y�YC�C�C�CL�L�L�LI�I�I�IE�E�E�EN�N�N�NT�T�T�T environment variable is
not set. For more information, please have a look at
doc/README.qregex.
_�b_�a_�d_�m_�a_�i_�l_�t_�o
Unacceptable envelope recipient addresses. q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d
will reject every recipient address for a message if
the recipient address is listed in, or matches a POSIX
regular expression pattern listed in, _�b_�a_�d_�m_�a_�i_�l_�t_�o. For
more information, please have a look at
doc/README.qregex.
_�b_�a_�d_�m_�a_�i_�l_�t_�o_�n_�o_�r_�e_�l_�a_�y
Functions the same as the _�b_�a_�d_�m_�a_�i_�l_�t_�o control file but is
read only if the R�R�R�RE�E�E�EL�L�L�LA�A�A�AY�Y�Y�YC�C�C�CL�L�L�LI�I�I�IE�E�E�EN�N�N�NT�T�T�T environment variable is
not set. For more information, please have a look at
doc/README.qregex.
_�c_�l_�i_�e_�n_�t_�c_�a._�p_�e_�m
A list of Certifying Authority (CA) certificates that
are used to verify the client-presented certificates
during a TLS-encrypted session.
_�c_�l_�i_�e_�n_�t_�c_�r_�l._�p_�e_�m
A list of Certificate Revocation Lists (CRLs). If
present it should contain the CRLs of the CAs in
_�c_�l_�i_�e_�n_�t_�c_�a._�p_�e_�m and client certs will be checked for revo-
cation.
_�d_�a_�t_�a_�b_�y_�t_�e_�s
Maximum number of bytes allowed in a message, or 0 for
no limit. Default: 0. If a message exceeds this
SunOS 5.11 Last change: 2
Maintenance Procedures qmail-smtpd(8)
limit, q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d returns a permanent error code to
the client; in contrast, if the disk is full or q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-
s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d hits a resource limit, q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d returns a tem-
porary error code.
_�d_�a_�t_�a_�b_�y_�t_�e_�s counts bytes as stored on disk, not as
transmitted through the network. It does not count the
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d Received line, the q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-q�q�q�qu�u�u�ue�e�e�eu�u�u�ue�e�e�e Received
line, or the envelope.
If the environment variable D�D�D�DA�A�A�AT�T�T�TA�A�A�AB�B�B�BY�Y�Y�YT�T�T�TE�E�E�ES�S�S�S is set, it over-
rides _�d_�a_�t_�a_�b_�y_�t_�e_�s.
_�d_�h_�1_�0_�2_�4._�p_�e_�m
If these 1024 bit DH parameters are provided, q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-
s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d will use them for TLS sessions instead of gen-
erating one on-the-fly (which is very timeconsuming).
_�d_�h_�5_�1_�2._�p_�e_�m
512 bit counterpart for d�d�d�dh�h�h�h1�1�1�10�0�0�02�2�2�24�4�4�4.�.�.�.p�p�p�pe�e�e�em�m�m�m.�.�.�.
_�l_�o_�c_�a_�l_�i_�p_�h_�o_�s_�t
Replacement host name for local IP addresses. Default:
_�m_�e, if that is supplied. q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d is responsible
for recognizing dotted-decimal addresses for the
current host. When it sees a recipient address of the
form _�b_�o_�x@[_�d._�d._�d._�d], where _�d._�d._�d._�d is a local IP
address, it replaces [_�d._�d._�d._�d] with _�l_�o_�c_�a_�l_�i_�p_�h_�o_�s_�t. This
is done before _�r_�c_�p_�t_�h_�o_�s_�t_�s.
_�m_�o_�r_�e_�r_�c_�p_�t_�h_�o_�s_�t_�s
Extra allowed RCPT domains. If _�r_�c_�p_�t_�h_�o_�s_�t_�s and
_�m_�o_�r_�e_�r_�c_�p_�t_�h_�o_�s_�t_�s both exist, _�m_�o_�r_�e_�r_�c_�p_�t_�h_�o_�s_�t_�s is effectively
appended to _�r_�c_�p_�t_�h_�o_�s_�t_�s.
You must run q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-n�n�n�ne�e�e�ew�w�w�wm�m�m�mr�r�r�rh�h�h�h whenever _�m_�o_�r_�e_�r_�c_�p_�t_�h_�o_�s_�t_�s
changes.
Rule of thumb for large sites: Put your 50 most com-
monly used domains into _�r_�c_�p_�t_�h_�o_�s_�t_�s, and the rest into
_�m_�o_�r_�e_�r_�c_�p_�t_�h_�o_�s_�t_�s.
_�r_�c_�p_�t_�h_�o_�s_�t_�s
Allowed RCPT domains. If _�r_�c_�p_�t_�h_�o_�s_�t_�s is supplied,
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d will reject any envelope recipient address
with a domain not listed in _�r_�c_�p_�t_�h_�o_�s_�t_�s.
Exception: If the environment variable R�R�R�RE�E�E�EL�L�L�LA�A�A�AY�Y�Y�YC�C�C�CL�L�L�LI�I�I�IE�E�E�EN�N�N�NT�T�T�T is
set, q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d will ignore _�r_�c_�p_�t_�h_�o_�s_�t_�s, and will append
the value of R�R�R�RE�E�E�EL�L�L�LA�A�A�AY�Y�Y�YC�C�C�CL�L�L�LI�I�I�IE�E�E�EN�N�N�NT�T�T�T to each incoming recipient
SunOS 5.11 Last change: 3
Maintenance Procedures qmail-smtpd(8)
address.
_�r_�c_�p_�t_�h_�o_�s_�t_�s may include wildcards:
heaven.af.mil
.heaven.af.mil
Envelope recipient addresses without @ signs are always
allowed through.
_�r_�s_�a_�5_�1_�2._�p_�e_�m
If this 512 bit RSA key is provided, q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d will
use it for TLS sessions instead of generating one on-
the-fly.
_�s_�e_�r_�v_�e_�r_�c_�e_�r_�t._�p_�e_�m
SSL certificate to be presented to clients in TLS-
encrypted sessions. Should contain both the certificate
and the private key. Certifying Authority (CA) and
intermediate certificates can be added at the end of
the file.
_�s_�m_�t_�p_�g_�r_�e_�e_�t_�i_�n_�g
SMTP greeting message. Default: _�m_�e, if that is sup-
plied; otherwise q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d will refuse to run. The
first word of _�s_�m_�t_�p_�g_�r_�e_�e_�t_�i_�n_�g should be the current host's
name.
_�t_�i_�m_�e_�o_�u_�t_�s_�m_�t_�p_�d
Number of seconds q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d will wait for each new
buffer of data from the remote SMTP client. Default:
1200.
_�s_�p_�f_�b_�e_�h_�a_�v_�i_�o_�r
Set to a value between 1 and 6 to enable SPF checks; 0
to disable. 1 selects 'annotate-only' mode, where
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d will annotate incoming email with
R�R�R�Re�e�e�ec�c�c�ce�e�e�ei�i�i�iv�v�v�ve�e�e�ed�d�d�d-�-�-�-S�S�S�SP�P�P�PF�F�F�F fields, but will not reject any messages.
2 will produce temporary failures on DNS lookup prob-
lems so you can make sure you always have meaningful
Received-SPF headers. 3 selects 'reject' mode, where
incoming mail will be rejected if the SPF record says
'fail'. 4 selects a more stricter rejection mode,
which is like 'reject' mode, except that incoming mail
will also be rejected when the SPF record says 'soft-
fail'. 5 will also reject when the SPF record says
'neutral', and 6 if no SPF records are available at all
(or a syntax error was encountered). The contents of
this file are overridden by the value of the
SunOS 5.11 Last change: 4
Maintenance Procedures qmail-smtpd(8)
S�S�S�SP�P�P�PF�F�F�FB�B�B�BE�E�E�EH�H�H�HA�A�A�AV�V�V�VI�I�I�IO�O�O�OR�R�R�R environment variable, if set. Default: 0.
_�s_�p_�f_�e_�x_�p
You can add a line with a an SPF explanation that will
be shown to the sender in case of a reject. It will
override the default one. You can use SPF macro expan-
sion.
_�s_�p_�f_�g_�u_�e_�s_�s
You can add a line with SPF rules that will be checked
if a sender domain doesn't have a SPF record. The local
rules will also be used in this case.
_�s_�p_�f_�r_�u_�l_�e_�s
You can add a line with SPF rules that will be checked
before other SPF rules would fail. This can be used to
always allow certain machines to send certain mails.
_�s_�p_�a_�m_�t
The spam throttle parameters file. See q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-n�n�n�ne�e�e�ew�w�w�ws�s�s�st�t�t�t(8)
and q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sp�p�p�pa�a�a�am�m�m�mt�t�t�t(5) for details.
_�t_�l_�s_�c_�l_�i_�e_�n_�t_�s
A list of email addresses. When relay rules would
reject an incoming message, q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-s�s�s�sm�m�m�mt�t�t�tp�p�p�pd�d�d�d can allow it if
the client presents a certificate that can be verified
against the CA list in _�c_�l_�i_�e_�n_�t_�c_�a._�p_�e_�m and the certificate
email address is in _�t_�l_�s_�c_�l_�i_�e_�n_�t_�s.
_�t_�l_�s_�s_�e_�r_�v_�e_�r_�c_�i_�p_�h_�e_�r_�s
A set of OpenSSL cipher strings. Multiple ciphers con-
tained in a string should be separated by a colon. If
the environment variable T�T�T�TL�L�L�LS�S�S�SC�C�C�CI�I�I�IP�P�P�PH�H�H�HE�E�E�ER�R�R�RS�S�S�S is set to such a
string, it takes precedence.
S�S�S�SE�E�E�EE�E�E�E A�A�A�AL�L�L�LS�S�S�SO�O�O�O
tcp-env(1), tcp-environ(5), qmail-control(5), qmail-
spamt(5), qmail-spamthrottle(5) qmail-inject(8), qmail-
newmrh(8), qmail-newst(8), qmail-queue(8), qmail-remote(8)
SunOS 5.11 Last change: 5