1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "http://www.w3.org/TR/html4/loose.dtd"> 3<html> <head> 4<meta http-equiv="Content-Type" content="text/html; charset=us-ascii"> 5<title> Postfix manual - smtpd(8) </title> 6</head> <body> <pre> 7SMTPD(8) SMTPD(8) 8 9<b>NAME</b> 10 smtpd - Postfix SMTP server 11 12<b>SYNOPSIS</b> 13 <b>smtpd</b> [generic Postfix daemon options] 14 15 <b>sendmail -bs</b> 16 17<b>DESCRIPTION</b> 18 The SMTP server accepts network connection requests and performs zero 19 or more SMTP transactions per connection. Each received message is 20 piped through the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon, and is placed into the <b>incoming</b> 21 queue as one single queue file. For this mode of operation, the pro- 22 gram expects to be run from the <a href="master.8.html"><b>master</b>(8)</a> process manager. 23 24 Alternatively, the SMTP server be can run in stand-alone mode; this is 25 traditionally obtained with "<b>sendmail -bs</b>". When the SMTP server runs 26 stand-alone with non $<b><a href="postconf.5.html#mail_owner">mail_owner</a></b> privileges, it receives mail even 27 while the mail system is not running, deposits messages directly into 28 the <b>maildrop</b> queue, and disables the SMTP server's access policies. As 29 of Postfix version 2.3, the SMTP server refuses to receive mail from 30 the network when it runs with non $<b><a href="postconf.5.html#mail_owner">mail_owner</a></b> privileges. 31 32 The SMTP server implements a variety of policies for connection 33 requests, and for parameters given to <b>HELO, ETRN, MAIL FROM, VRFY</b> and 34 <b>RCPT TO</b> commands. They are detailed below and in the <a href="postconf.5.html"><b>main.cf</b></a> configura- 35 tion file. 36 37<b>SECURITY</b> 38 The SMTP server is moderately security-sensitive. It talks to SMTP 39 clients and to DNS servers on the network. The SMTP server can be run 40 chrooted at fixed low privilege. 41 42<b>STANDARDS</b> 43 <a href="http://tools.ietf.org/html/rfc821">RFC 821</a> (SMTP protocol) 44 <a href="http://tools.ietf.org/html/rfc1123">RFC 1123</a> (Host requirements) 45 <a href="http://tools.ietf.org/html/rfc1652">RFC 1652</a> (8bit-MIME transport) 46 <a href="http://tools.ietf.org/html/rfc1869">RFC 1869</a> (SMTP service extensions) 47 <a href="http://tools.ietf.org/html/rfc1870">RFC 1870</a> (Message size declaration) 48 <a href="http://tools.ietf.org/html/rfc1985">RFC 1985</a> (ETRN command) 49 <a href="http://tools.ietf.org/html/rfc2034">RFC 2034</a> (SMTP enhanced status codes) 50 <a href="http://tools.ietf.org/html/rfc2554">RFC 2554</a> (AUTH command) 51 <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a> (SMTP protocol) 52 <a href="http://tools.ietf.org/html/rfc2920">RFC 2920</a> (SMTP pipelining) 53 <a href="http://tools.ietf.org/html/rfc3207">RFC 3207</a> (STARTTLS command) 54 <a href="http://tools.ietf.org/html/rfc3461">RFC 3461</a> (SMTP DSN extension) 55 <a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a> (Enhanced status codes) 56 <a href="http://tools.ietf.org/html/rfc3848">RFC 3848</a> (ESMTP transmission types) 57 <a href="http://tools.ietf.org/html/rfc4409">RFC 4409</a> (Message submission) 58 <a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH command) 59 <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a> (SMTP protocol) 60 61<b>DIAGNOSTICS</b> 62 Problems and transactions are logged to <b>syslogd</b>(8). 63 64 Depending on the setting of the <b><a href="postconf.5.html#notify_classes">notify_classes</a></b> parameter, the postmas- 65 ter is notified of bounces, protocol problems, policy violations, and 66 of other trouble. 67 68<b>CONFIGURATION PARAMETERS</b> 69 Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as <a href="smtpd.8.html"><b>smtpd</b>(8)</a> processes 70 run for only a limited amount of time. Use the command "<b>postfix reload</b>" 71 to speed up a change. 72 73 The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for 74 more details including examples. 75 76<b>COMPATIBILITY CONTROLS</b> 77 The following parameters work around implementation errors in other 78 software, and/or allow you to override standards in order to prevent 79 undesirable use. 80 81 <b><a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> (no)</b> 82 Enable inter-operability with remote SMTP clients that implement 83 an obsolete version of the AUTH command (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>). 84 85 <b><a href="postconf.5.html#disable_vrfy_command">disable_vrfy_command</a> (no)</b> 86 Disable the SMTP VRFY command. 87 88 <b><a href="postconf.5.html#smtpd_noop_commands">smtpd_noop_commands</a> (empty)</b> 89 List of commands that the Postfix SMTP server replies to with 90 "250 Ok", without doing any syntax checks and without changing 91 state. 92 93 <b><a href="postconf.5.html#strict_rfc821_envelopes">strict_rfc821_envelopes</a> (no)</b> 94 Require that addresses received in SMTP MAIL FROM and RCPT TO 95 commands are enclosed with <>, and that those addresses do not 96 contain <a href="http://tools.ietf.org/html/rfc822">RFC 822</a> style comments or phrases. 97 98 Available in Postfix version 2.1 and later: 99 100 <b><a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> (no)</b> 101 Request that the Postfix SMTP server rejects mail from unknown 102 sender addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> 103 access restriction is specified. 104 105 <b><a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> (empty)</b> 106 What remote SMTP clients the Postfix SMTP server will not offer 107 AUTH support to. 108 109 Available in Postfix version 2.2 and later: 110 111 <b><a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a> (empty)</b> 112 Lookup tables, indexed by the remote SMTP client address, with 113 case insensitive lists of EHLO keywords (pipelining, starttls, 114 auth, etc.) that the Postfix SMTP server will not send in the 115 EHLO response to a remote SMTP client. 116 117 <b><a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a> (empty)</b> 118 A case insensitive list of EHLO keywords (pipelining, starttls, 119 auth, etc.) that the Postfix SMTP server will not send in the 120 EHLO response to a remote SMTP client. 121 122 <b><a href="postconf.5.html#smtpd_delay_open_until_valid_rcpt">smtpd_delay_open_until_valid_rcpt</a> (yes)</b> 123 Postpone the start of an SMTP mail transaction until a valid 124 RCPT TO command is received. 125 126 Available in Postfix version 2.3 and later: 127 128 <b><a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> (yes)</b> 129 Force the Postfix SMTP server to issue a TLS session id, even 130 when TLS session caching is turned off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_ses</a>- 131 <a href="postconf.5.html#smtpd_tls_session_cache_database">sion_cache_database</a> is empty). 132 133 Available in Postfix version 2.6 and later: 134 135 <b><a href="postconf.5.html#tcp_windowsize">tcp_windowsize</a> (0)</b> 136 An optional workaround for routers that break TCP window scal- 137 ing. 138 139 Available in Postfix version 2.7 and later: 140 141 <b><a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a> (empty)</b> 142 A mechanism to transform commands from remote SMTP clients. 143 144 Available in Postfix version 2.9 and later: 145 146 <b><a href="postconf.5.html#smtpd_per_record_deadline">smtpd_per_record_deadline</a> (normal: no, overload: yes)</b> 147 Change the behavior of the <a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> and <a href="postconf.5.html#smtpd_starttls_timeout">smtpd_start</a>- 148 <a href="postconf.5.html#smtpd_starttls_timeout">tls_timeout</a> time limits, from a time limit per read or write 149 system call, to a time limit to send or receive a complete 150 record (an SMTP command line, SMTP response line, SMTP message 151 content line, or TLS protocol message). 152 153<b>ADDRESS REWRITING CONTROLS</b> 154 See the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> document for a detailed discussion of 155 Postfix address rewriting. 156 157 <b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b> 158 Enable or disable recipient validation, built-in content filter- 159 ing, or address mapping. 160 161 Available in Postfix version 2.2 and later: 162 163 <b><a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> (<a href="postconf.5.html#permit_inet_interfaces">permit_inet_interfaces</a>)</b> 164 Rewrite message header addresses in mail from these clients and 165 update incomplete addresses with the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or 166 $<a href="postconf.5.html#mydomain">mydomain</a>; either don't rewrite message headers from other 167 clients at all, or rewrite message headers and update incomplete 168 addresses with the domain specified in the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_re</a>- 169 <a href="postconf.5.html#remote_header_rewrite_domain">write_domain</a> parameter. 170 171<b>BEFORE-SMTPD PROXY AGENT</b> 172 Available in Postfix version 2.10 and later: 173 174 <b><a href="postconf.5.html#smtpd_upstream_proxy_protocol">smtpd_upstream_proxy_protocol</a> (empty)</b> 175 The name of the proxy protocol used by an optional before-smtpd 176 proxy agent. 177 178 <b><a href="postconf.5.html#smtpd_upstream_proxy_timeout">smtpd_upstream_proxy_timeout</a> (5s)</b> 179 The time limit for the proxy protocol specified with the 180 <a href="postconf.5.html#smtpd_upstream_proxy_protocol">smtpd_upstream_proxy_protocol</a> parameter. 181 182<b>AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b> 183 As of version 1.0, Postfix can be configured to send new mail to an 184 external content filter AFTER the mail is queued. This content filter 185 is expected to inject mail back into a (Postfix or other) MTA for fur- 186 ther delivery. See the <a href="FILTER_README.html">FILTER_README</a> document for details. 187 188 <b><a href="postconf.5.html#content_filter">content_filter</a> (empty)</b> 189 After the message is queued, send the entire message to the 190 specified <i>transport:destination</i>. 191 192<b>BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b> 193 As of version 2.1, the Postfix SMTP server can be configured to send 194 incoming mail to a real-time SMTP-based content filter BEFORE mail is 195 queued. This content filter is expected to inject mail back into Post- 196 fix. See the <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document for details on how to config- 197 ure and operate this feature. 198 199 <b><a href="postconf.5.html#smtpd_proxy_filter">smtpd_proxy_filter</a> (empty)</b> 200 The hostname and TCP port of the mail filtering proxy server. 201 202 <b><a href="postconf.5.html#smtpd_proxy_ehlo">smtpd_proxy_ehlo</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b> 203 How the Postfix SMTP server announces itself to the proxy fil- 204 ter. 205 206 <b><a href="postconf.5.html#smtpd_proxy_options">smtpd_proxy_options</a> (empty)</b> 207 List of options that control how the Postfix SMTP server commu- 208 nicates with a before-queue content filter. 209 210 <b><a href="postconf.5.html#smtpd_proxy_timeout">smtpd_proxy_timeout</a> (100s)</b> 211 The time limit for connecting to a proxy filter and for sending 212 or receiving information. 213 214<b>BEFORE QUEUE MILTER CONTROLS</b> 215 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail 216 filter) protocol. These content filters run outside Postfix. They can 217 inspect the SMTP command stream and the message content, and can 218 request modifications before mail is queued. For details see the <a href="MILTER_README.html">MIL</a>- 219 <a href="MILTER_README.html">TER_README</a> document. 220 221 <b><a href="postconf.5.html#smtpd_milters">smtpd_milters</a> (empty)</b> 222 A list of Milter (mail filter) applications for new mail that 223 arrives via the Postfix <a href="smtpd.8.html"><b>smtpd</b>(8)</a> server. 224 225 <b><a href="postconf.5.html#milter_protocol">milter_protocol</a> (6)</b> 226 The mail filter protocol version and optional protocol exten- 227 sions for communication with a Milter application; prior to 228 Postfix 2.6 the default protocol is 2. 229 230 <b><a href="postconf.5.html#milter_default_action">milter_default_action</a> (tempfail)</b> 231 The default action when a Milter (mail filter) application is 232 unavailable or mis-configured. 233 234 <b><a href="postconf.5.html#milter_macro_daemon_name">milter_macro_daemon_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b> 235 The {daemon_name} macro value for Milter (mail filter) applica- 236 tions. 237 238 <b><a href="postconf.5.html#milter_macro_v">milter_macro_v</a> ($<a href="postconf.5.html#mail_name">mail_name</a> $<a href="postconf.5.html#mail_version">mail_version</a>)</b> 239 The {v} macro value for Milter (mail filter) applications. 240 241 <b><a href="postconf.5.html#milter_connect_timeout">milter_connect_timeout</a> (30s)</b> 242 The time limit for connecting to a Milter (mail filter) applica- 243 tion, and for negotiating protocol options. 244 245 <b><a href="postconf.5.html#milter_command_timeout">milter_command_timeout</a> (30s)</b> 246 The time limit for sending an SMTP command to a Milter (mail 247 filter) application, and for receiving the response. 248 249 <b><a href="postconf.5.html#milter_content_timeout">milter_content_timeout</a> (300s)</b> 250 The time limit for sending message content to a Milter (mail 251 filter) application, and for receiving the response. 252 253 <b><a href="postconf.5.html#milter_connect_macros">milter_connect_macros</a> (see 'postconf -d' output)</b> 254 The macros that are sent to Milter (mail filter) applications 255 after completion of an SMTP connection. 256 257 <b><a href="postconf.5.html#milter_helo_macros">milter_helo_macros</a> (see 'postconf -d' output)</b> 258 The macros that are sent to Milter (mail filter) applications 259 after the SMTP HELO or EHLO command. 260 261 <b><a href="postconf.5.html#milter_mail_macros">milter_mail_macros</a> (see 'postconf -d' output)</b> 262 The macros that are sent to Milter (mail filter) applications 263 after the SMTP MAIL FROM command. 264 265 <b><a href="postconf.5.html#milter_rcpt_macros">milter_rcpt_macros</a> (see 'postconf -d' output)</b> 266 The macros that are sent to Milter (mail filter) applications 267 after the SMTP RCPT TO command. 268 269 <b><a href="postconf.5.html#milter_data_macros">milter_data_macros</a> (see 'postconf -d' output)</b> 270 The macros that are sent to version 4 or higher Milter (mail 271 filter) applications after the SMTP DATA command. 272 273 <b><a href="postconf.5.html#milter_unknown_command_macros">milter_unknown_command_macros</a> (see 'postconf -d' output)</b> 274 The macros that are sent to version 3 or higher Milter (mail 275 filter) applications after an unknown SMTP command. 276 277 <b><a href="postconf.5.html#milter_end_of_header_macros">milter_end_of_header_macros</a> (see 'postconf -d' output)</b> 278 The macros that are sent to Milter (mail filter) applications 279 after the end of the message header. 280 281 <b><a href="postconf.5.html#milter_end_of_data_macros">milter_end_of_data_macros</a> (see 'postconf -d' output)</b> 282 The macros that are sent to Milter (mail filter) applications 283 after the message end-of-data. 284 285<b>GENERAL CONTENT INSPECTION CONTROLS</b> 286 The following parameters are applicable for both built-in and external 287 content filters. 288 289 Available in Postfix version 2.1 and later: 290 291 <b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b> 292 Enable or disable recipient validation, built-in content filter- 293 ing, or address mapping. 294 295<b>EXTERNAL CONTENT INSPECTION CONTROLS</b> 296 The following parameters are applicable for both before-queue and 297 after-queue content filtering. 298 299 Available in Postfix version 2.1 and later: 300 301 <b><a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> (empty)</b> 302 What remote SMTP clients are allowed to use the XFORWARD fea- 303 ture. 304 305<b>SASL AUTHENTICATION CONTROLS</b> 306 Postfix SASL support (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>) can be used to authenticate remote SMTP 307 clients to the Postfix SMTP server, and to authenticate the Postfix 308 SMTP client to a remote SMTP server. See the <a href="SASL_README.html">SASL_README</a> document for 309 details. 310 311 <b><a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> (no)</b> 312 Enable inter-operability with remote SMTP clients that implement 313 an obsolete version of the AUTH command (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>). 314 315 <b><a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a> (no)</b> 316 Enable SASL authentication in the Postfix SMTP server. 317 318 <b><a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> (empty)</b> 319 The name of the Postfix SMTP server's local SASL authentication 320 realm. 321 322 <b><a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a> (noanonymous)</b> 323 Postfix SMTP server SASL security options; as of Postfix 2.3 the 324 list of available features depends on the SASL server implemen- 325 tation that is selected with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>. 326 327 <b><a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> (empty)</b> 328 Optional lookup table with the SASL login names that own sender 329 (MAIL FROM) addresses. 330 331 Available in Postfix version 2.1 and later: 332 333 <b><a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> (empty)</b> 334 What remote SMTP clients the Postfix SMTP server will not offer 335 AUTH support to. 336 337 Available in Postfix version 2.1 and 2.2: 338 339 <b><a href="postconf.5.html#smtpd_sasl_application_name">smtpd_sasl_application_name</a> (smtpd)</b> 340 The application name that the Postfix SMTP server uses for SASL 341 server initialization. 342 343 Available in Postfix version 2.3 and later: 344 345 <b><a href="postconf.5.html#smtpd_sasl_authenticated_header">smtpd_sasl_authenticated_header</a> (no)</b> 346 Report the SASL authenticated user name in the <a href="smtpd.8.html"><b>smtpd</b>(8)</a> Received 347 message header. 348 349 <b><a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a> (smtpd)</b> 350 Implementation-specific information that the Postfix SMTP server 351 passes through to the SASL plug-in implementation that is 352 selected with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>. 353 354 <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a> (cyrus)</b> 355 The SASL plug-in type that the Postfix SMTP server should use 356 for authentication. 357 358 Available in Postfix version 2.5 and later: 359 360 <b><a href="postconf.5.html#cyrus_sasl_config_path">cyrus_sasl_config_path</a> (empty)</b> 361 Search path for Cyrus SASL application configuration files, cur- 362 rently used only to locate the $<a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a>.conf file. 363 364 Available in Postfix version 2.11 and later: 365 366 <b>smtpd_sasl_service (smtp)</b> 367 The service name that is passed to the SASL plug-in that is 368 selected with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b> and <b><a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a></b>. 369 370<b>STARTTLS SUPPORT CONTROLS</b> 371 Detailed information about STARTTLS configuration may be found in the 372 <a href="TLS_README.html">TLS_README</a> document. 373 374 <b><a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> (empty)</b> 375 The SMTP TLS security level for the Postfix SMTP server; when a 376 non-empty value is specified, this overrides the obsolete param- 377 eters <a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> and <a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>. 378 379 <b><a href="postconf.5.html#smtpd_sasl_tls_security_options">smtpd_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a>)</b> 380 The SASL authentication security options that the Postfix SMTP 381 server uses for TLS encrypted SMTP sessions. 382 383 <b><a href="postconf.5.html#smtpd_starttls_timeout">smtpd_starttls_timeout</a> (see 'postconf -d' output)</b> 384 The time limit for Postfix SMTP server write and read operations 385 during TLS startup and shutdown handshake procedures. 386 387 <b><a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> (empty)</b> 388 A file containing (PEM format) CA certificates of root CAs 389 trusted to sign either remote SMTP client certificates or inter- 390 mediate CA certificates. 391 392 <b><a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> (empty)</b> 393 A directory containing (PEM format) CA certificates of root CAs 394 trusted to sign either remote SMTP client certificates or inter- 395 mediate CA certificates. 396 397 <b><a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> (yes)</b> 398 Force the Postfix SMTP server to issue a TLS session id, even 399 when TLS session caching is turned off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_ses</a>- 400 <a href="postconf.5.html#smtpd_tls_session_cache_database">sion_cache_database</a> is empty). 401 402 <b><a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a> (no)</b> 403 Ask a remote SMTP client for a client certificate. 404 405 <b><a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> (no)</b> 406 When TLS encryption is optional in the Postfix SMTP server, do 407 not announce or accept SASL authentication over unencrypted con- 408 nections. 409 410 <b><a href="postconf.5.html#smtpd_tls_ccert_verifydepth">smtpd_tls_ccert_verifydepth</a> (9)</b> 411 The verification depth for remote SMTP client certificates. 412 413 <b><a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> (empty)</b> 414 File with the Postfix SMTP server RSA certificate in PEM format. 415 416 <b><a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> (empty)</b> 417 List of ciphers or cipher types to exclude from the SMTP server 418 cipher list at all TLS security levels. 419 420 <b><a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a> (empty)</b> 421 File with the Postfix SMTP server DSA certificate in PEM format. 422 423 <b><a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a> (empty)</b> 424 File with DH parameters that the Postfix SMTP server should use 425 with non-export EDH ciphers. 426 427 <b><a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a> (empty)</b> 428 File with DH parameters that the Postfix SMTP server should use 429 with export-grade EDH ciphers. 430 431 <b><a href="postconf.5.html#smtpd_tls_dkey_file">smtpd_tls_dkey_file</a> ($<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>)</b> 432 File with the Postfix SMTP server DSA private key in PEM format. 433 434 <b><a href="postconf.5.html#smtpd_tls_key_file">smtpd_tls_key_file</a> ($<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>)</b> 435 File with the Postfix SMTP server RSA private key in PEM format. 436 437 <b><a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a> (0)</b> 438 Enable additional Postfix SMTP server logging of TLS activity. 439 440 <b><a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> (medium)</b> 441 The minimum TLS cipher grade that the Postfix SMTP server will 442 use with mandatory TLS encryption. 443 444 <b><a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> (empty)</b> 445 Additional list of ciphers or cipher types to exclude from the 446 Postfix SMTP server cipher list at mandatory TLS security lev- 447 els. 448 449 <b><a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> (!SSLv2, !SSLv3)</b> 450 The SSL/TLS protocols accepted by the Postfix SMTP server with 451 mandatory TLS encryption. 452 453 <b><a href="postconf.5.html#smtpd_tls_received_header">smtpd_tls_received_header</a> (no)</b> 454 Request that the Postfix SMTP server produces Received: message 455 headers that include information about the protocol and cipher 456 used, as well as the remote SMTP client CommonName and client 457 certificate issuer CommonName. 458 459 <b><a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a> (no)</b> 460 With mandatory TLS encryption, require a trusted remote SMTP 461 client certificate in order to allow TLS connections to proceed. 462 463 <b><a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a> (no)</b> 464 Run the Postfix SMTP server in the non-standard "wrapper" mode, 465 instead of using the STARTTLS command. 466 467 <b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b> 468 The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a> 469 process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> server in order to seed its 470 internal pseudo random number generator (PRNG). 471 472 <b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b> 473 The OpenSSL cipherlist for "HIGH" grade ciphers. 474 475 <b><a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)</b> 476 The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers. 477 478 <b><a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> (ALL:!EXPORT:+RC4:@STRENGTH)</b> 479 The OpenSSL cipherlist for "LOW" or higher grade ciphers. 480 481 <b><a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> (ALL:+RC4:@STRENGTH)</b> 482 The OpenSSL cipherlist for "EXPORT" or higher grade ciphers. 483 484 <b><a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> (eNULL:!aNULL)</b> 485 The OpenSSL cipherlist for "NULL" grade ciphers that provide 486 authentication without encryption. 487 488 Available in Postfix version 2.5 and later: 489 490 <b><a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> (md5)</b> 491 The message digest algorithm to construct remote SMTP client- 492 certificate fingerprints or public key fingerprints (Postfix 2.9 493 and later) for <b><a href="postconf.5.html#check_ccert_access">check_ccert_access</a></b> and <b><a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a></b>. 494 495 Available in Postfix version 2.6 and later: 496 497 <b><a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> (!SSLv2, !SSLv3)</b> 498 List of TLS protocols that the Postfix SMTP server will exclude 499 or include with opportunistic TLS encryption. 500 501 <b><a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a> (medium)</b> 502 The minimum TLS cipher grade that the Postfix SMTP server will 503 use with opportunistic TLS encryption. 504 505 <b><a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a> (empty)</b> 506 File with the Postfix SMTP server ECDSA certificate in PEM for- 507 mat. 508 509 <b><a href="postconf.5.html#smtpd_tls_eckey_file">smtpd_tls_eckey_file</a> ($<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>)</b> 510 File with the Postfix SMTP server ECDSA private key in PEM for- 511 mat. 512 513 <b><a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> (see 'postconf -d' output)</b> 514 The Postfix SMTP server security grade for ephemeral elliptic- 515 curve Diffie-Hellman (EECDH) key exchange. 516 517 <b><a href="postconf.5.html#tls_eecdh_strong_curve">tls_eecdh_strong_curve</a> (prime256v1)</b> 518 The elliptic curve used by the Postfix SMTP server for sensibly 519 strong ephemeral ECDH key exchange. 520 521 <b><a href="postconf.5.html#tls_eecdh_ultra_curve">tls_eecdh_ultra_curve</a> (secp384r1)</b> 522 The elliptic curve used by the Postfix SMTP server for maximally 523 strong ephemeral ECDH key exchange. 524 525 Available in Postfix version 2.8 and later: 526 527 <b><a href="postconf.5.html#tls_preempt_cipherlist">tls_preempt_cipherlist</a> (no)</b> 528 With SSLv3 and later, use the Postfix SMTP server's cipher pref- 529 erence order instead of the remote client's cipher preference 530 order. 531 532 <b><a href="postconf.5.html#tls_disable_workarounds">tls_disable_workarounds</a> (see 'postconf -d' output)</b> 533 List or bit-mask of OpenSSL bug work-arounds to disable. 534 535 Available in Postfix version 2.11 and later: 536 537 <b><a href="postconf.5.html#tlsmgr_service_name">tlsmgr_service_name</a> (tlsmgr)</b> 538 The name of the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> service entry in <a href="master.5.html">master.cf</a>. 539 540<b>OBSOLETE STARTTLS CONTROLS</b> 541 The following configuration parameters exist for compatibility with 542 Postfix versions before 2.3. Support for these will be removed in a 543 future release. 544 545 <b><a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> (no)</b> 546 Opportunistic TLS: announce STARTTLS support to remote SMTP 547 clients, but do not require that clients use TLS encryption. 548 549 <b><a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> (no)</b> 550 Mandatory TLS: announce STARTTLS support to remote SMTP clients, 551 and require that clients use TLS encryption. 552 553 <b><a href="postconf.5.html#smtpd_tls_cipherlist">smtpd_tls_cipherlist</a> (empty)</b> 554 Obsolete Postfix < 2.3 control for the Postfix SMTP server TLS 555 cipher list. 556 557<b>VERP SUPPORT CONTROLS</b> 558 With VERP style delivery, each recipient of a message receives a cus- 559 tomized copy of the message with his/her own recipient address encoded 560 in the envelope sender address. The <a href="VERP_README.html">VERP_README</a> file describes config- 561 uration and operation details of Postfix support for variable envelope 562 return path addresses. VERP style delivery is requested with the SMTP 563 XVERP command or with the "sendmail -V" command-line option and is 564 available in Postfix version 1.1 and later. 565 566 <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b> 567 The two default VERP delimiter characters. 568 569 <b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b> 570 The characters Postfix accepts as VERP delimiter characters on 571 the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line and in SMTP commands. 572 573 Available in Postfix version 1.1 and 2.0: 574 575 <b><a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b> 576 What remote SMTP clients are allowed to specify the XVERP com- 577 mand. 578 579 Available in Postfix version 2.1 and later: 580 581 <b><a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> ($<a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a>)</b> 582 What remote SMTP clients are allowed to specify the XVERP com- 583 mand. 584 585<b>TROUBLE SHOOTING CONTROLS</b> 586 The <a href="DEBUG_README.html">DEBUG_README</a> document describes how to debug parts of the Postfix 587 mail system. The methods vary from making the software log a lot of 588 detail, to running some daemon processes under control of a call tracer 589 or debugger. 590 591 <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b> 592 The increment in verbose logging level when a remote client or 593 server matches a pattern in the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter. 594 595 <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b> 596 Optional list of remote client or server hostname or network 597 address patterns that cause the verbose logging level to 598 increase by the amount specified in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>. 599 600 <b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b> 601 The recipient of postmaster notifications about mail delivery 602 problems that are caused by policy, resource, software or proto- 603 col errors. 604 605 <b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b> 606 What categories of Postfix-generated mail are subject to before- 607 queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a> and 608 <a href="postconf.5.html#body_checks">body_checks</a>. 609 610 <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b> 611 The list of error classes that are reported to the postmaster. 612 613 <b><a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a> (empty)</b> 614 Optional information that is appended after each Postfix SMTP 615 server 4XX or 5XX response. 616 617 <b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b> 618 Safety net to keep mail queued that would otherwise be returned 619 to the sender. 620 621 Available in Postfix version 2.1 and later: 622 623 <b><a href="postconf.5.html#smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a> (empty)</b> 624 What remote SMTP clients are allowed to use the XCLIENT feature. 625 626 Available in Postfix version 2.10 and later: 627 628 <b><a href="postconf.5.html#smtpd_log_access_permit_actions">smtpd_log_access_permit_actions</a> (empty)</b> 629 Enable logging of the named "permit" actions in SMTP server 630 access lists (by default, the SMTP server logs "reject" actions 631 but not "permit" actions). 632 633<b>KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS</b> 634 As of Postfix version 2.0, the SMTP server rejects mail for unknown 635 recipients. This prevents the mail queue from clogging up with undeliv- 636 erable MAILER-DAEMON messages. Additional information on this topic is 637 in the <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> and <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> documents. 638 639 <b><a href="postconf.5.html#show_user_unknown_table_name">show_user_unknown_table_name</a> (yes)</b> 640 Display the name of the recipient table in the "User unknown" 641 responses. 642 643 <b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b> 644 Optional address mapping lookup tables for message headers and 645 envelopes. 646 647 <b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b> 648 Optional address mapping lookup tables for envelope and header 649 recipient addresses. 650 651 Parameters concerning known/unknown local recipients: 652 653 <b><a href="postconf.5.html#mydestination">mydestination</a> ($<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, localhost)</b> 654 The list of domains that are delivered via the $<a href="postconf.5.html#local_transport">local_transport</a> 655 mail delivery transport. 656 657 <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b> 658 The network interface addresses that this mail system receives 659 mail on. 660 661 <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b> 662 The network interface addresses that this mail system receives 663 mail on by way of a proxy or network address translation unit. 664 665 <b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (all)</b> 666 The Internet protocols Postfix will attempt to use when making 667 or accepting connections. 668 669 <b><a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> (<a href="proxymap.8.html">proxy</a>:unix:passwd.byname $<a href="postconf.5.html#alias_maps">alias_maps</a>)</b> 670 Lookup tables with all names or addresses of local recipients: a 671 recipient address is local when its domain matches $<a href="postconf.5.html#mydestination">mydestina</a>- 672 <a href="postconf.5.html#mydestination">tion</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. 673 674 <b><a href="postconf.5.html#unknown_local_recipient_reject_code">unknown_local_recipient_reject_code</a> (550)</b> 675 The numerical Postfix SMTP server response code when a recipient 676 address is local, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a list of 677 lookup tables that does not match the recipient. 678 679 Parameters concerning known/unknown recipients of relay destinations: 680 681 <b><a href="postconf.5.html#relay_domains">relay_domains</a> ($<a href="postconf.5.html#mydestination">mydestination</a>)</b> 682 What destination domains (and subdomains thereof) this system 683 will relay mail to. 684 685 <b><a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> (empty)</b> 686 Optional lookup tables with all valid addresses in the domains 687 that match $<a href="postconf.5.html#relay_domains">relay_domains</a>. 688 689 <b><a href="postconf.5.html#unknown_relay_recipient_reject_code">unknown_relay_recipient_reject_code</a> (550)</b> 690 The numerical Postfix SMTP server reply code when a recipient 691 address matches $<a href="postconf.5.html#relay_domains">relay_domains</a>, and <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> speci- 692 fies a list of lookup tables that does not match the recipient 693 address. 694 695 Parameters concerning known/unknown recipients in virtual alias 696 domains: 697 698 <b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> ($<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b> 699 Postfix is final destination for the specified list of virtual 700 alias domains, that is, domains for which all addresses are 701 aliased to addresses in other local or remote domains. 702 703 <b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b> 704 Optional lookup tables that alias specific mail addresses or 705 domains to other local or remote address. 706 707 <b><a href="postconf.5.html#unknown_virtual_alias_reject_code">unknown_virtual_alias_reject_code</a> (550)</b> 708 The Postfix SMTP server reply code when a recipient address 709 matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> speci- 710 fies a list of lookup tables that does not match the recipient 711 address. 712 713 Parameters concerning known/unknown recipients in virtual mailbox 714 domains: 715 716 <b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> ($<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b> 717 Postfix is final destination for the specified list of domains; 718 mail is delivered via the $<a href="postconf.5.html#virtual_transport">virtual_transport</a> mail delivery 719 transport. 720 721 <b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> (empty)</b> 722 Optional lookup tables with all valid addresses in the domains 723 that match $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>. 724 725 <b><a href="postconf.5.html#unknown_virtual_mailbox_reject_code">unknown_virtual_mailbox_reject_code</a> (550)</b> 726 The Postfix SMTP server reply code when a recipient address 727 matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> 728 specifies a list of lookup tables that does not match the recip- 729 ient address. 730 731<b>RESOURCE AND RATE CONTROLS</b> 732 The following parameters limit resource usage by the SMTP server and/or 733 control client request rates. 734 735 <b><a href="postconf.5.html#line_length_limit">line_length_limit</a> (2048)</b> 736 Upon input, long lines are chopped up into pieces of at most 737 this length; upon delivery, long lines are reconstructed. 738 739 <b><a href="postconf.5.html#queue_minfree">queue_minfree</a> (0)</b> 740 The minimal amount of free space in bytes in the queue file sys- 741 tem that is needed to receive mail. 742 743 <b><a href="postconf.5.html#message_size_limit">message_size_limit</a> (10240000)</b> 744 The maximal size in bytes of a message, including envelope 745 information. 746 747 <b><a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a> (1000)</b> 748 The maximal number of recipients that the Postfix SMTP server 749 accepts per message delivery request. 750 751 <b><a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> (normal: 300s, overload: 10s)</b> 752 The time limit for sending a Postfix SMTP server response and 753 for receiving a remote SMTP client request. 754 755 <b><a href="postconf.5.html#smtpd_history_flush_threshold">smtpd_history_flush_threshold</a> (100)</b> 756 The maximal number of lines in the Postfix SMTP server command 757 history before it is flushed upon receipt of EHLO, RSET, or end 758 of DATA. 759 760 Available in Postfix version 2.3 and later: 761 762 <b><a href="postconf.5.html#smtpd_peername_lookup">smtpd_peername_lookup</a> (yes)</b> 763 Attempt to look up the remote SMTP client hostname, and verify 764 that the name matches the client IP address. 765 766 The per SMTP client connection count and request rate limits are imple- 767 mented in co-operation with the <a href="anvil.8.html"><b>anvil</b>(8)</a> service, and are available in 768 Postfix version 2.2 and later. 769 770 <b><a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a> (50)</b> 771 How many simultaneous connections any client is allowed to make 772 to this service. 773 774 <b><a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a> (0)</b> 775 The maximal number of connection attempts any client is allowed 776 to make to this service per time unit. 777 778 <b><a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a> (0)</b> 779 The maximal number of message delivery requests that any client 780 is allowed to make to this service per time unit, regardless of 781 whether or not Postfix actually accepts those messages. 782 783 <b><a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a> (0)</b> 784 The maximal number of recipient addresses that any client is 785 allowed to send to this service per time unit, regardless of 786 whether or not Postfix actually accepts those recipients. 787 788 <b><a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b> 789 Clients that are excluded from smtpd_client_*_count/rate_limit 790 restrictions. 791 792 Available in Postfix version 2.3 and later: 793 794 <b><a href="postconf.5.html#smtpd_client_new_tls_session_rate_limit">smtpd_client_new_tls_session_rate_limit</a> (0)</b> 795 The maximal number of new (i.e., uncached) TLS sessions that a 796 remote SMTP client is allowed to negotiate with this service per 797 time unit. 798 799 Available in Postfix version 2.9 and later: 800 801 <b><a href="postconf.5.html#smtpd_per_record_deadline">smtpd_per_record_deadline</a> (normal: no, overload: yes)</b> 802 Change the behavior of the <a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> and <a href="postconf.5.html#smtpd_starttls_timeout">smtpd_start</a>- 803 <a href="postconf.5.html#smtpd_starttls_timeout">tls_timeout</a> time limits, from a time limit per read or write 804 system call, to a time limit to send or receive a complete 805 record (an SMTP command line, SMTP response line, SMTP message 806 content line, or TLS protocol message). 807 808<b>TARPIT CONTROLS</b> 809 When a remote SMTP client makes errors, the Postfix SMTP server can 810 insert delays before responding. This can help to slow down run-away 811 software. The behavior is controlled by an error counter that counts 812 the number of errors within an SMTP session that a client makes without 813 delivering mail. 814 815 <b><a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> (1s)</b> 816 With Postfix version 2.1 and later: the SMTP server response 817 delay after a client has made more than $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> 818 errors, and fewer than $<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without 819 delivering mail. 820 821 <b><a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> (10)</b> 822 The number of errors a remote SMTP client is allowed to make 823 without delivering mail before the Postfix SMTP server slows 824 down all its responses. 825 826 <b><a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> (normal: 20, overload: 1)</b> 827 The maximal number of errors a remote SMTP client is allowed to 828 make without delivering mail. 829 830 <b><a href="postconf.5.html#smtpd_junk_command_limit">smtpd_junk_command_limit</a> (normal: 100, overload: 1)</b> 831 The number of junk commands (NOOP, VRFY, ETRN or RSET) that a 832 remote SMTP client can send before the Postfix SMTP server 833 starts to increment the error counter with each junk command. 834 835 Available in Postfix version 2.1 and later: 836 837 <b><a href="postconf.5.html#smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a> (1000)</b> 838 The number of recipients that a remote SMTP client can send in 839 excess of the limit specified with $<a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a>, 840 before the Postfix SMTP server increments the per-session error 841 count for each excess recipient. 842 843<b>ACCESS POLICY DELEGATION CONTROLS</b> 844 As of version 2.1, Postfix can be configured to delegate access policy 845 decisions to an external server that runs outside Postfix. See the 846 file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for more information. 847 848 <b><a href="postconf.5.html#smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a> (300s)</b> 849 The time after which an idle SMTPD policy service connection is 850 closed. 851 852 <b><a href="postconf.5.html#smtpd_policy_service_max_ttl">smtpd_policy_service_max_ttl</a> (1000s)</b> 853 The time after which an active SMTPD policy service connection 854 is closed. 855 856 <b><a href="postconf.5.html#smtpd_policy_service_timeout">smtpd_policy_service_timeout</a> (100s)</b> 857 The time limit for connecting to, writing to or receiving from a 858 delegated SMTPD policy server. 859 860<b>ACCESS CONTROLS</b> 861 The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to all the SMTP 862 server access control features. 863 864 <b><a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> (yes)</b> 865 Wait until the RCPT TO command before evaluating 866 $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> and 867 $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until the ETRN command 868 before evaluating $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and 869 $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>. 870 871 <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf -d' output)</b> 872 What Postfix features match subdomains of "domain.tld" automati- 873 cally, instead of requiring an explicit ".domain.tld" pattern. 874 875 <b><a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> (empty)</b> 876 Optional restrictions that the Postfix SMTP server applies in 877 the context of a client connection request. 878 879 <b><a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> (no)</b> 880 Require that a remote SMTP client introduces itself with the 881 HELO or EHLO command before sending the MAIL command or other 882 commands that require EHLO negotiation. 883 884 <b><a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> (empty)</b> 885 Optional restrictions that the Postfix SMTP server applies in 886 the context of a client HELO command. 887 888 <b><a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> (empty)</b> 889 Optional restrictions that the Postfix SMTP server applies in 890 the context of a client MAIL FROM command. 891 892 <b><a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> (see 'postconf -d' output)</b> 893 Optional restrictions that the Postfix SMTP server applies in 894 the context of a client RCPT TO command, after 895 <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a>. 896 897 <b><a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> (empty)</b> 898 Optional restrictions that the Postfix SMTP server applies in 899 the context of a client ETRN command. 900 901 <b><a href="postconf.5.html#allow_untrusted_routing">allow_untrusted_routing</a> (no)</b> 902 Forward mail with sender-specified routing 903 (user[@%!]remote[@%!]site) from untrusted clients to destina- 904 tions matching $<a href="postconf.5.html#relay_domains">relay_domains</a>. 905 906 <b><a href="postconf.5.html#smtpd_restriction_classes">smtpd_restriction_classes</a> (empty)</b> 907 User-defined aliases for groups of access restrictions. 908 909 <b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a> (</b><><b>)</b> 910 The lookup key to be used in SMTP <a href="access.5.html"><b>access</b>(5)</a> tables instead of 911 the null sender address. 912 913 <b><a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> (empty)</b> 914 Restrict the use of the <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> SMTP access feature to 915 only domains whose primary MX hosts match the listed networks. 916 917 Available in Postfix version 2.0 and later: 918 919 <b><a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> (empty)</b> 920 Optional access restrictions that the Postfix SMTP server 921 applies in the context of the SMTP DATA command. 922 923 <b><a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> (see 'postconf -d' output)</b> 924 What characters are allowed in $name expansions of RBL reply 925 templates. 926 927 Available in Postfix version 2.1 and later: 928 929 <b><a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> (no)</b> 930 Request that the Postfix SMTP server rejects mail from unknown 931 sender addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> 932 access restriction is specified. 933 934 <b><a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> (yes)</b> 935 Request that the Postfix SMTP server rejects mail for unknown 936 recipient addresses, even when no explicit 937 <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access restriction is specified. 938 939 Available in Postfix version 2.2 and later: 940 941 <b><a href="postconf.5.html#smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a> (empty)</b> 942 Optional access restrictions that the Postfix SMTP server 943 applies in the context of the SMTP END-OF-DATA command. 944 945 Available in Postfix version 2.10 and later: 946 947 <b><a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> (<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>,</b> 948 <b><a href="postconf.5.html#defer_unauth_destination">defer_unauth_destination</a>)</b> 949 Access restrictions for mail relay control that the Postfix SMTP 950 server applies in the context of the RCPT TO command, before 951 <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>. 952 953<b>SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS</b> 954 Postfix version 2.1 introduces sender and recipient address verifica- 955 tion. This feature is implemented by sending probe email messages that 956 are not actually delivered. This feature is requested via the 957 <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access 958 restrictions. The status of verification probes is maintained by the 959 <a href="verify.8.html"><b>verify</b>(8)</a> server. See the file <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> for infor- 960 mation about how to configure and operate the Postfix sender/recipient 961 address verification service. 962 963 <b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (normal: 3, overload: 1)</b> 964 How many times to query the <a href="verify.8.html"><b>verify</b>(8)</a> service for the completion 965 of an address verification request in progress. 966 967 <b><a href="postconf.5.html#address_verify_poll_delay">address_verify_poll_delay</a> (3s)</b> 968 The delay between queries for the completion of an address veri- 969 fication request in progress. 970 971 <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> ($<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b> 972 The sender address to use in address verification probes; prior 973 to Postfix 2.5 the default was "postmaster". 974 975 <b><a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> (450)</b> 976 The numerical Postfix SMTP server response code when a recipient 977 address is rejected by the <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> restriction. 978 979 <b><a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> (450)</b> 980 The numerical Postfix SMTP server response when a recipient 981 address is rejected by the <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> restric- 982 tion. 983 984 Available in Postfix version 2.6 and later: 985 986 <b><a href="postconf.5.html#unverified_sender_defer_code">unverified_sender_defer_code</a> (450)</b> 987 The numerical Postfix SMTP server response code when a sender 988 address probe fails due to a temporary error condition. 989 990 <b><a href="postconf.5.html#unverified_recipient_defer_code">unverified_recipient_defer_code</a> (450)</b> 991 The numerical Postfix SMTP server response when a recipient 992 address probe fails due to a temporary error condition. 993 994 <b><a href="postconf.5.html#unverified_sender_reject_reason">unverified_sender_reject_reason</a> (empty)</b> 995 The Postfix SMTP server's reply when rejecting mail with 996 <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a>. 997 998 <b><a href="postconf.5.html#unverified_recipient_reject_reason">unverified_recipient_reject_reason</a> (empty)</b> 999 The Postfix SMTP server's reply when rejecting mail with 1000 <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>. 1001 1002 <b><a href="postconf.5.html#unverified_sender_tempfail_action">unverified_sender_tempfail_action</a> ($<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b> 1003 The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> 1004 fails due to a temporary error condition. 1005 1006 <b><a href="postconf.5.html#unverified_recipient_tempfail_action">unverified_recipient_tempfail_action</a> ($<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b> 1007 The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipi</a>- 1008 <a href="postconf.5.html#reject_unverified_recipient">ent</a> fails due to a temporary error condition. 1009 1010 Available with Postfix 2.9 and later: 1011 1012 <b><a href="postconf.5.html#address_verify_sender_ttl">address_verify_sender_ttl</a> (0s)</b> 1013 The time between changes in the time-dependent portion of 1014 address verification probe sender addresses. 1015 1016<b>ACCESS CONTROL RESPONSES</b> 1017 The following parameters control numerical SMTP reply codes and/or text 1018 responses. 1019 1020 <b><a href="postconf.5.html#access_map_reject_code">access_map_reject_code</a> (554)</b> 1021 The numerical Postfix SMTP server response code for an <a href="access.5.html"><b>access</b>(5)</a> 1022 map "reject" action. 1023 1024 <b><a href="postconf.5.html#defer_code">defer_code</a> (450)</b> 1025 The numerical Postfix SMTP server response code when a remote 1026 SMTP client request is rejected by the "defer" restriction. 1027 1028 <b><a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> (501)</b> 1029 The numerical Postfix SMTP server response code when the client 1030 HELO or EHLO command parameter is rejected by the 1031 <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a> restriction. 1032 1033 <b><a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> (554)</b> 1034 The numerical Postfix SMTP server response code when a remote 1035 SMTP client request is blocked by the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>, 1036 <a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>, <a href="postconf.5.html#reject_rhsbl_reverse_client">reject_rhsbl_reverse_client</a>, 1037 <a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or <a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a> restriction. 1038 1039 <b><a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> (504)</b> 1040 The numerical Postfix SMTP server reply code when a client 1041 request is rejected by the <a href="postconf.5.html#reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a>, 1042 <a href="postconf.5.html#reject_non_fqdn_sender">reject_non_fqdn_sender</a> or <a href="postconf.5.html#reject_non_fqdn_recipient">reject_non_fqdn_recipient</a> restriction. 1043 1044 <b><a href="postconf.5.html#plaintext_reject_code">plaintext_reject_code</a> (450)</b> 1045 The numerical Postfix SMTP server response code when a request 1046 is rejected by the <b><a href="postconf.5.html#reject_plaintext_session">reject_plaintext_session</a></b> restriction. 1047 1048 <b><a href="postconf.5.html#reject_code">reject_code</a> (554)</b> 1049 The numerical Postfix SMTP server response code when a remote 1050 SMTP client request is rejected by the "reject" restriction. 1051 1052 <b><a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> (554)</b> 1053 The numerical Postfix SMTP server response code when a client 1054 request is rejected by the <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient 1055 restriction. 1056 1057 <b><a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> (450)</b> 1058 The numerical Postfix SMTP server response code when a sender or 1059 recipient address is rejected by the 1060 <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> or <a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a> 1061 restriction. 1062 1063 <b><a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> (450)</b> 1064 The numerical Postfix SMTP server response code when a client 1065 without valid address <=> name mapping is rejected by the 1066 <a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a> restriction. 1067 1068 <b><a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> (450)</b> 1069 The numerical Postfix SMTP server response code when the host- 1070 name specified with the HELO or EHLO command is rejected by the 1071 <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a> restriction. 1072 1073 Available in Postfix version 2.0 and later: 1074 1075 <b><a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> (see 'postconf -d' output)</b> 1076 The default Postfix SMTP server response template for a request 1077 that is rejected by an RBL-based restriction. 1078 1079 <b><a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> (550)</b> 1080 The numerical Postfix SMTP server response code when a remote 1081 SMTP client request is blocked by the <a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipi</a>- 1082 <a href="postconf.5.html#reject_multi_recipient_bounce">ent_bounce</a> restriction. 1083 1084 <b><a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> (empty)</b> 1085 Optional lookup tables with RBL response templates. 1086 1087 Available in Postfix version 2.6 and later: 1088 1089 <b><a href="postconf.5.html#access_map_defer_code">access_map_defer_code</a> (450)</b> 1090 The numerical Postfix SMTP server response code for an <a href="access.5.html"><b>access</b>(5)</a> 1091 map "defer" action, including "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" or 1092 "<a href="postconf.5.html#defer_if_reject">defer_if_reject</a>". 1093 1094 <b><a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a> (<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>)</b> 1095 The Postfix SMTP server's action when a reject-type restriction 1096 fails due to a temporary error condition. 1097 1098 <b><a href="postconf.5.html#unknown_helo_hostname_tempfail_action">unknown_helo_hostname_tempfail_action</a> ($<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b> 1099 The Postfix SMTP server's action when <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_host</a>- 1100 <a href="postconf.5.html#reject_unknown_helo_hostname">name</a> fails due to an temporary error condition. 1101 1102 <b><a href="postconf.5.html#unknown_address_tempfail_action">unknown_address_tempfail_action</a> ($<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b> 1103 The Postfix SMTP server's action when 1104 <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> or <a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a> 1105 fail due to a temporary error condition. 1106 1107<b>MISCELLANEOUS CONTROLS</b> 1108 <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> 1109 The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con- 1110 figuration files. 1111 1112 <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b> 1113 How much time a Postfix daemon process may take to handle a 1114 request before it is terminated by a built-in watchdog timer. 1115 1116 <b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b> 1117 The location of all postfix administrative commands. 1118 1119 <b><a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a> (double-bounce)</b> 1120 The sender address of postmaster notifications that are gener- 1121 ated by the mail system. 1122 1123 <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b> 1124 The time limit for sending or receiving information over an 1125 internal communication channel. 1126 1127 <b><a href="postconf.5.html#mail_name">mail_name</a> (Postfix)</b> 1128 The mail system name that is displayed in Received: headers, in 1129 the SMTP greeting banner, and in bounced mail. 1130 1131 <b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b> 1132 The UNIX system account that owns the Postfix queue and most 1133 Postfix daemon processes. 1134 1135 <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b> 1136 The maximum amount of time that an idle Postfix daemon process 1137 waits for an incoming connection before terminating voluntarily. 1138 1139 <b><a href="postconf.5.html#max_use">max_use</a> (100)</b> 1140 The maximal number of incoming connections that a Postfix daemon 1141 process will service before terminating voluntarily. 1142 1143 <b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b> 1144 The internet hostname of this mail system. 1145 1146 <b><a href="postconf.5.html#mynetworks">mynetworks</a> (see 'postconf -d' output)</b> 1147 The list of "trusted" remote SMTP clients that have more privi- 1148 leges than "strangers". 1149 1150 <b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b> 1151 The domain name that locally-posted mail appears to come from, 1152 and that locally posted mail is delivered to. 1153 1154 <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b> 1155 The process ID of a Postfix command or daemon process. 1156 1157 <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b> 1158 The process name of a Postfix command or daemon process. 1159 1160 <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b> 1161 The location of the Postfix top-level queue directory. 1162 1163 <b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b> 1164 The set of characters that can separate a user name from its 1165 extension (example: user+foo), or a .forward file name from its 1166 extension (example: .forward+foo). 1167 1168 <b><a href="postconf.5.html#smtpd_banner">smtpd_banner</a> ($<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b> 1169 The text that follows the 220 status code in the SMTP greeting 1170 banner. 1171 1172 <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b> 1173 The syslog facility of Postfix logging. 1174 1175 <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b> 1176 The mail system name that is prepended to the process name in 1177 syslog records, so that "smtpd" becomes, for example, "post- 1178 fix/smtpd". 1179 1180 Available in Postfix version 2.2 and later: 1181 1182 <b><a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a> (CONNECT, GET, POST)</b> 1183 List of commands that cause the Postfix SMTP server to immedi- 1184 ately terminate the session with a 221 code. 1185 1186 Available in Postfix version 2.5 and later: 1187 1188 <b><a href="postconf.5.html#smtpd_client_port_logging">smtpd_client_port_logging</a> (no)</b> 1189 Enable logging of the remote SMTP client port in addition to the 1190 hostname and IP address. 1191 1192<b>SEE ALSO</b> 1193 <a href="anvil.8.html">anvil(8)</a>, connection/rate limiting 1194 <a href="cleanup.8.html">cleanup(8)</a>, message canonicalization 1195 <a href="tlsmgr.8.html">tlsmgr(8)</a>, TLS session and PRNG management 1196 <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>, address resolver 1197 <a href="verify.8.html">verify(8)</a>, address verification service 1198 <a href="postconf.5.html">postconf(5)</a>, configuration parameters 1199 <a href="master.5.html">master(5)</a>, generic daemon options 1200 <a href="master.8.html">master(8)</a>, process manager 1201 syslogd(8), system logging 1202 1203<b>README FILES</b> 1204 <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a>, blocking unknown hosted or relay recipients 1205 <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> Postfix address manipulation 1206 <a href="FILTER_README.html">FILTER_README</a>, external after-queue content filter 1207 <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a>, blocking unknown local recipients 1208 <a href="MILTER_README.html">MILTER_README</a>, before-queue mail filter applications 1209 <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, built-in access policies 1210 <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a>, external policy server 1211 <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a>, external before-queue content filter 1212 <a href="SASL_README.html">SASL_README</a>, Postfix SASL howto 1213 <a href="TLS_README.html">TLS_README</a>, Postfix STARTTLS howto 1214 <a href="VERP_README.html">VERP_README</a>, Postfix XVERP extension 1215 <a href="XCLIENT_README.html">XCLIENT_README</a>, Postfix XCLIENT extension 1216 <a href="XFORWARD_README.html">XFORWARD_README</a>, Postfix XFORWARD extension 1217 1218<b>LICENSE</b> 1219 The Secure Mailer license must be distributed with this software. 1220 1221<b>AUTHOR(S)</b> 1222 Wietse Venema 1223 IBM T.J. Watson Research 1224 P.O. Box 704 1225 Yorktown Heights, NY 10598, USA 1226 1227 SASL support originally by: 1228 Till Franke 1229 SuSE Rhein/Main AG 1230 65760 Eschborn, Germany 1231 1232 TLS support originally by: 1233 Lutz Jaenicke 1234 BTU Cottbus 1235 Allgemeine Elektrotechnik 1236 Universitaetsplatz 3-4 1237 D-03044 Cottbus, Germany 1238 1239 Revised TLS support by: 1240 Victor Duchovni 1241 Morgan Stanley 1242 1243 SMTPD(8) 1244</pre> </body> </html> 1245