1 /* $NetBSD: smtp.c,v 1.12 2022/10/08 16:12:49 christos Exp $ */ 2 3 /*++ 4 /* NAME 5 /* smtp 8 6 /* SUMMARY 7 /* Postfix SMTP+LMTP client 8 /* SYNOPSIS 9 /* \fBsmtp\fR [generic Postfix daemon options] [flags=DORX] 10 /* DESCRIPTION 11 /* The Postfix SMTP+LMTP client implements the SMTP and LMTP mail 12 /* delivery protocols. It processes message delivery requests from 13 /* the queue manager. Each request specifies a queue file, a sender 14 /* address, a domain or host to deliver to, and recipient information. 15 /* This program expects to be run from the \fBmaster\fR(8) process 16 /* manager. 17 /* 18 /* The SMTP+LMTP client updates the queue file and marks recipients 19 /* as finished, or it informs the queue manager that delivery should 20 /* be tried again at a later time. Delivery status reports are sent 21 /* to the \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemon as 22 /* appropriate. 23 /* 24 /* The SMTP+LMTP client looks up a list of mail exchanger addresses for 25 /* the destination host, sorts the list by preference, and connects 26 /* to each listed address until it finds a server that responds. 27 /* 28 /* When a server is not reachable, or when mail delivery fails due 29 /* to a recoverable error condition, the SMTP+LMTP client will try to 30 /* deliver the mail to an alternate host. 31 /* 32 /* After a successful mail transaction, a connection may be saved 33 /* to the \fBscache\fR(8) connection cache server, so that it 34 /* may be used by any SMTP+LMTP client for a subsequent transaction. 35 /* 36 /* By default, connection caching is enabled temporarily for 37 /* destinations that have a high volume of mail in the active 38 /* queue. Connection caching can be enabled permanently for 39 /* specific destinations. 40 /* SMTP DESTINATION SYNTAX 41 /* .ad 42 /* .fi 43 /* The Postfix SMTP+LMTP client supports multiple destinations 44 /* separated by comma or whitespace (Postfix 3.5 and later). 45 /* SMTP destinations have the following form: 46 /* .IP \fIdomainname\fR 47 /* .IP \fIdomainname\fR:\fIport\fR 48 /* Look up the mail exchangers for the specified domain, and 49 /* connect to the specified port (default: \fBsmtp\fR). 50 /* .IP [\fIhostname\fR] 51 /* .IP [\fIhostname\fR]:\fIport\fR 52 /* Look up the address(es) of the specified host, and connect to 53 /* the specified port (default: \fBsmtp\fR). 54 /* .IP [\fIaddress\fR] 55 /* .IP [\fIaddress\fR]:\fIport\fR 56 /* Connect to the host at the specified address, and connect 57 /* to the specified port (default: \fBsmtp\fR). An IPv6 address 58 /* must be formatted as [\fBipv6\fR:\fIaddress\fR]. 59 /* LMTP DESTINATION SYNTAX 60 /* .ad 61 /* .fi 62 /* The Postfix SMTP+LMTP client supports multiple destinations 63 /* separated by comma or whitespace (Postfix 3.5 and later). 64 /* LMTP destinations have the following form: 65 /* .IP \fBunix\fR:\fIpathname\fR 66 /* Connect to the local UNIX-domain server that is bound to the specified 67 /* \fIpathname\fR. If the process runs chrooted, an absolute pathname 68 /* is interpreted relative to the Postfix queue directory. 69 /* .IP \fBinet\fR:\fIhostname\fR 70 /* .IP \fBinet\fR:\fIhostname\fR:\fIport\fR 71 /* .IP \fBinet\fR:[\fIaddress\fR] 72 /* .IP \fBinet\fR:[\fIaddress\fR]:\fIport\fR 73 /* Connect to the specified TCP port on the specified local or 74 /* remote host. If no port is specified, connect to the port defined as 75 /* \fBlmtp\fR in \fBservices\fR(4). 76 /* If no such service is found, the \fBlmtp_tcp_port\fR configuration 77 /* parameter (default value of 24) will be used. 78 /* An IPv6 address must be formatted as [\fBipv6\fR:\fIaddress\fR]. 79 /* SINGLE-RECIPIENT DELIVERY 80 /* .ad 81 /* .fi 82 /* By default, the Postfix SMTP+LMTP client delivers mail to 83 /* multiple recipients per delivery request. This is undesirable 84 /* when prepending a \fBDelivered-to:\fR or \fBX-Original-To:\fR 85 /* message header. To prevent Postfix from sending multiple 86 /* recipients per delivery request, specify 87 /* .sp 88 /* .nf 89 /* \fItransport\fB_destination_recipient_limit = 1\fR 90 /* .fi 91 /* 92 /* in the Postfix \fBmain.cf\fR file, where \fItransport\fR 93 /* is the name in the first column of the Postfix \fBmaster.cf\fR 94 /* entry for this mail delivery service. 95 /* COMMAND ATTRIBUTE SYNTAX 96 /* .ad 97 /* .fi 98 /* .IP "\fBflags=DORX\fR (optional)" 99 /* Optional message processing flags. 100 /* .RS 101 /* .IP \fBD\fR 102 /* Prepend a "\fBDelivered-To: \fIrecipient\fR" message header 103 /* with the envelope recipient address. Note: for this to work, 104 /* the \fItransport\fB_destination_recipient_limit\fR must be 105 /* 1 (see SINGLE-RECIPIENT DELIVERY above for details). 106 /* .sp 107 /* The \fBD\fR flag also enforces loop detection: if a message 108 /* already contains a \fBDelivered-To:\fR header with the same 109 /* recipient address, then the message is returned as 110 /* undeliverable. The address comparison is case insensitive. 111 /* .sp 112 /* This feature is available as of Postfix 3.5. 113 /* .IP \fBO\fR 114 /* Prepend an "\fBX-Original-To: \fIrecipient\fR" message 115 /* header with the recipient address as given to Postfix. Note: 116 /* for this to work, the 117 /* \fItransport\fB_destination_recipient_limit\fR must be 1 118 /* (see SINGLE-RECIPIENT DELIVERY above for details). 119 /* .sp 120 /* This feature is available as of Postfix 3.5. 121 /* .IP \fBR\fR 122 /* Prepend a "\fBReturn-Path: <\fIsender\fB>\fR" message header 123 /* with the envelope sender address. 124 /* .sp 125 /* This feature is available as of Postfix 3.5. 126 /* .IP \fBX\fR 127 /* Indicates that the delivery is final. This flag affects 128 /* the status reported in "success" DSN (delivery status 129 /* notification) messages, and changes it from "relayed" into 130 /* "delivered". 131 /* .sp 132 /* This feature is available as of Postfix 3.5. 133 /* .RE 134 /* SECURITY 135 /* The SMTP+LMTP client is moderately security-sensitive. It 136 /* talks to SMTP or LMTP servers and to DNS servers on the 137 /* network. The SMTP+LMTP client can be run chrooted at fixed 138 /* low privilege. 139 /* STANDARDS 140 /* RFC 821 (SMTP protocol) 141 /* RFC 822 (ARPA Internet Text Messages) 142 /* RFC 1651 (SMTP service extensions) 143 /* RFC 1652 (8bit-MIME transport) 144 /* RFC 1870 (Message Size Declaration) 145 /* RFC 2033 (LMTP protocol) 146 /* RFC 2034 (SMTP Enhanced Error Codes) 147 /* RFC 2045 (MIME: Format of Internet Message Bodies) 148 /* RFC 2046 (MIME: Media Types) 149 /* RFC 2554 (AUTH command) 150 /* RFC 2821 (SMTP protocol) 151 /* RFC 2920 (SMTP Pipelining) 152 /* RFC 3207 (STARTTLS command) 153 /* RFC 3461 (SMTP DSN Extension) 154 /* RFC 3463 (Enhanced Status Codes) 155 /* RFC 4954 (AUTH command) 156 /* RFC 5321 (SMTP protocol) 157 /* RFC 6531 (Internationalized SMTP) 158 /* RFC 6533 (Internationalized Delivery Status Notifications) 159 /* RFC 7672 (SMTP security via opportunistic DANE TLS) 160 /* DIAGNOSTICS 161 /* Problems and transactions are logged to \fBsyslogd\fR(8) 162 /* or \fBpostlogd\fR(8). 163 /* Corrupted message files are marked so that the queue manager can 164 /* move them to the \fBcorrupt\fR queue for further inspection. 165 /* 166 /* Depending on the setting of the \fBnotify_classes\fR parameter, 167 /* the postmaster is notified of bounces, protocol problems, and of 168 /* other trouble. 169 /* BUGS 170 /* SMTP and LMTP connection reuse for TLS (without closing the 171 /* SMTP or LMTP connection) is not supported before Postfix 3.4. 172 /* 173 /* SMTP and LMTP connection reuse assumes that SASL credentials 174 /* are valid for all destinations that map onto the same IP 175 /* address and TCP port. 176 /* CONFIGURATION PARAMETERS 177 /* .ad 178 /* .fi 179 /* Before Postfix version 2.3, the LMTP client is a separate 180 /* program that implements only a subset of the functionality 181 /* available with SMTP: there is no support for TLS, and 182 /* connections are cached in-process, making it ineffective 183 /* when the client is used for multiple domains. 184 /* 185 /* Most smtp_\fIxxx\fR configuration parameters have an 186 /* lmtp_\fIxxx\fR "mirror" parameter for the equivalent LMTP 187 /* feature. This document describes only those LMTP-related 188 /* parameters that aren't simply "mirror" parameters. 189 /* 190 /* Changes to \fBmain.cf\fR are picked up automatically, as \fBsmtp\fR(8) 191 /* processes run for only a limited amount of time. Use the command 192 /* "\fBpostfix reload\fR" to speed up a change. 193 /* 194 /* The text below provides only a parameter summary. See 195 /* \fBpostconf\fR(5) for more details including examples. 196 /* COMPATIBILITY CONTROLS 197 /* .ad 198 /* .fi 199 /* .IP "\fBignore_mx_lookup_error (no)\fR" 200 /* Ignore DNS MX lookups that produce no response. 201 /* .IP "\fBsmtp_always_send_ehlo (yes)\fR" 202 /* Always send EHLO at the start of an SMTP session. 203 /* .IP "\fBsmtp_never_send_ehlo (no)\fR" 204 /* Never send EHLO at the start of an SMTP session. 205 /* .IP "\fBsmtp_defer_if_no_mx_address_found (no)\fR" 206 /* Defer mail delivery when no MX record resolves to an IP address. 207 /* .IP "\fBsmtp_line_length_limit (998)\fR" 208 /* The maximal length of message header and body lines that Postfix 209 /* will send via SMTP. 210 /* .IP "\fBsmtp_pix_workaround_delay_time (10s)\fR" 211 /* How long the Postfix SMTP client pauses before sending 212 /* ".<CR><LF>" in order to work around the PIX firewall 213 /* "<CR><LF>.<CR><LF>" bug. 214 /* .IP "\fBsmtp_pix_workaround_threshold_time (500s)\fR" 215 /* How long a message must be queued before the Postfix SMTP client 216 /* turns on the PIX firewall "<CR><LF>.<CR><LF>" 217 /* bug workaround for delivery through firewalls with "smtp fixup" 218 /* mode turned on. 219 /* .IP "\fBsmtp_pix_workarounds (disable_esmtp, delay_dotcrlf)\fR" 220 /* A list that specifies zero or more workarounds for CISCO PIX 221 /* firewall bugs. 222 /* .IP "\fBsmtp_pix_workaround_maps (empty)\fR" 223 /* Lookup tables, indexed by the remote SMTP server address, with 224 /* per-destination workarounds for CISCO PIX firewall bugs. 225 /* .IP "\fBsmtp_quote_rfc821_envelope (yes)\fR" 226 /* Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands 227 /* as required 228 /* by RFC 5321. 229 /* .IP "\fBsmtp_reply_filter (empty)\fR" 230 /* A mechanism to transform replies from remote SMTP servers one 231 /* line at a time. 232 /* .IP "\fBsmtp_skip_5xx_greeting (yes)\fR" 233 /* Skip remote SMTP servers that greet with a 5XX status code. 234 /* .IP "\fBsmtp_skip_quit_response (yes)\fR" 235 /* Do not wait for the response to the SMTP QUIT command. 236 /* .PP 237 /* Available in Postfix version 2.0 and earlier: 238 /* .IP "\fBsmtp_skip_4xx_greeting (yes)\fR" 239 /* Skip SMTP servers that greet with a 4XX status code (go away, try 240 /* again later). 241 /* .PP 242 /* Available in Postfix version 2.2 and later: 243 /* .IP "\fBsmtp_discard_ehlo_keyword_address_maps (empty)\fR" 244 /* Lookup tables, indexed by the remote SMTP server address, with 245 /* case insensitive lists of EHLO keywords (pipelining, starttls, auth, 246 /* etc.) that the Postfix SMTP client will ignore in the EHLO response from a 247 /* remote SMTP server. 248 /* .IP "\fBsmtp_discard_ehlo_keywords (empty)\fR" 249 /* A case insensitive list of EHLO keywords (pipelining, starttls, 250 /* auth, etc.) that the Postfix SMTP client will ignore in the EHLO 251 /* response from a remote SMTP server. 252 /* .IP "\fBsmtp_generic_maps (empty)\fR" 253 /* Optional lookup tables that perform address rewriting in the 254 /* Postfix SMTP client, typically to transform a locally valid address into 255 /* a globally valid address when sending mail across the Internet. 256 /* .PP 257 /* Available in Postfix version 2.2.9 and later: 258 /* .IP "\fBsmtp_cname_overrides_servername (version dependent)\fR" 259 /* When the remote SMTP servername is a DNS CNAME, replace the 260 /* servername with the result from CNAME expansion for the purpose of 261 /* logging, SASL password lookup, TLS 262 /* policy decisions, or TLS certificate verification. 263 /* .PP 264 /* Available in Postfix version 2.3 and later: 265 /* .IP "\fBlmtp_discard_lhlo_keyword_address_maps (empty)\fR" 266 /* Lookup tables, indexed by the remote LMTP server address, with 267 /* case insensitive lists of LHLO keywords (pipelining, starttls, 268 /* auth, etc.) that the Postfix LMTP client will ignore in the LHLO 269 /* response 270 /* from a remote LMTP server. 271 /* .IP "\fBlmtp_discard_lhlo_keywords (empty)\fR" 272 /* A case insensitive list of LHLO keywords (pipelining, starttls, 273 /* auth, etc.) that the Postfix LMTP client will ignore in the LHLO 274 /* response 275 /* from a remote LMTP server. 276 /* .PP 277 /* Available in Postfix version 2.4.4 and later: 278 /* .IP "\fBsend_cyrus_sasl_authzid (no)\fR" 279 /* When authenticating to a remote SMTP or LMTP server with the 280 /* default setting "no", send no SASL authoriZation ID (authzid); send 281 /* only the SASL authentiCation ID (authcid) plus the authcid's password. 282 /* .PP 283 /* Available in Postfix version 2.5 and later: 284 /* .IP "\fBsmtp_header_checks (empty)\fR" 285 /* Restricted \fBheader_checks\fR(5) tables for the Postfix SMTP client. 286 /* .IP "\fBsmtp_mime_header_checks (empty)\fR" 287 /* Restricted \fBmime_header_checks\fR(5) tables for the Postfix SMTP 288 /* client. 289 /* .IP "\fBsmtp_nested_header_checks (empty)\fR" 290 /* Restricted \fBnested_header_checks\fR(5) tables for the Postfix SMTP 291 /* client. 292 /* .IP "\fBsmtp_body_checks (empty)\fR" 293 /* Restricted \fBbody_checks\fR(5) tables for the Postfix SMTP client. 294 /* .PP 295 /* Available in Postfix version 2.6 and later: 296 /* .IP "\fBtcp_windowsize (0)\fR" 297 /* An optional workaround for routers that break TCP window scaling. 298 /* .PP 299 /* Available in Postfix version 2.8 and later: 300 /* .IP "\fBsmtp_dns_resolver_options (empty)\fR" 301 /* DNS Resolver options for the Postfix SMTP client. 302 /* .PP 303 /* Available in Postfix version 2.9 - 3.6: 304 /* .IP "\fBsmtp_per_record_deadline (no)\fR" 305 /* Change the behavior of the smtp_*_timeout time limits, from a 306 /* time limit per read or write system call, to a time limit to send 307 /* or receive a complete record (an SMTP command line, SMTP response 308 /* line, SMTP message content line, or TLS protocol message). 309 /* .PP 310 /* Available in Postfix version 2.9 and later: 311 /* .IP "\fBsmtp_send_dummy_mail_auth (no)\fR" 312 /* Whether or not to append the "AUTH=<>" option to the MAIL 313 /* FROM command in SASL-authenticated SMTP sessions. 314 /* .PP 315 /* Available in Postfix version 2.11 and later: 316 /* .IP "\fBsmtp_dns_support_level (empty)\fR" 317 /* Level of DNS support in the Postfix SMTP client. 318 /* .PP 319 /* Available in Postfix version 3.0 and later: 320 /* .IP "\fBsmtp_delivery_status_filter ($default_delivery_status_filter)\fR" 321 /* Optional filter for the \fBsmtp\fR(8) delivery agent to change the 322 /* delivery status code or explanatory text of successful or unsuccessful 323 /* deliveries. 324 /* .IP "\fBsmtp_dns_reply_filter (empty)\fR" 325 /* Optional filter for Postfix SMTP client DNS lookup results. 326 /* .PP 327 /* Available in Postfix version 3.3 and later: 328 /* .IP "\fBsmtp_balance_inet_protocols (yes)\fR" 329 /* When a remote destination resolves to a combination of IPv4 and 330 /* IPv6 addresses, ensure that the Postfix SMTP client can try both 331 /* address types before it runs into the smtp_mx_address_limit. 332 /* .PP 333 /* Available in Postfix 3.5 and later: 334 /* .IP "\fBinfo_log_address_format (external)\fR" 335 /* The email address form that will be used in non-debug logging 336 /* (info, warning, etc.). 337 /* .PP 338 /* Available in Postfix 3.6 and later: 339 /* .IP "\fBdnssec_probe (ns:.)\fR" 340 /* The DNS query type (default: "ns") and DNS query name (default: 341 /* ".") that Postfix may use to determine whether DNSSEC validation 342 /* is available. 343 /* .IP "\fBknown_tcp_ports (lmtp=24, smtp=25, smtps=submissions=465, submission=587)\fR" 344 /* Optional setting that avoids lookups in the \fBservices\fR(5) database. 345 /* .PP 346 /* Available in Postfix version 3.7 and later: 347 /* .IP "\fBsmtp_per_request_deadline (no)\fR" 348 /* Change the behavior of the smtp_*_timeout time limits, from a 349 /* time limit per plaintext or TLS read or write call, to a combined 350 /* time limit for sending a complete SMTP request and for receiving a 351 /* complete SMTP response. 352 /* .IP "\fBsmtp_min_data_rate (500)\fR" 353 /* The minimum plaintext data transfer rate in bytes/second for 354 /* DATA requests, when deadlines are enabled with smtp_per_request_deadline. 355 /* .IP "\fBheader_from_format (standard)\fR" 356 /* The format of the Postfix-generated \fBFrom:\fR header. 357 /* MIME PROCESSING CONTROLS 358 /* .ad 359 /* .fi 360 /* Available in Postfix version 2.0 and later: 361 /* .IP "\fBdisable_mime_output_conversion (no)\fR" 362 /* Disable the conversion of 8BITMIME format to 7BIT format. 363 /* .IP "\fBmime_boundary_length_limit (2048)\fR" 364 /* The maximal length of MIME multipart boundary strings. 365 /* .IP "\fBmime_nesting_limit (100)\fR" 366 /* The maximal recursion level that the MIME processor will handle. 367 /* EXTERNAL CONTENT INSPECTION CONTROLS 368 /* .ad 369 /* .fi 370 /* Available in Postfix version 2.1 and later: 371 /* .IP "\fBsmtp_send_xforward_command (no)\fR" 372 /* Send the non-standard XFORWARD command when the Postfix SMTP server 373 /* EHLO response announces XFORWARD support. 374 /* SASL AUTHENTICATION CONTROLS 375 /* .ad 376 /* .fi 377 /* .IP "\fBsmtp_sasl_auth_enable (no)\fR" 378 /* Enable SASL authentication in the Postfix SMTP client. 379 /* .IP "\fBsmtp_sasl_password_maps (empty)\fR" 380 /* Optional Postfix SMTP client lookup tables with one username:password 381 /* entry per sender, remote hostname or next-hop domain. 382 /* .IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR" 383 /* Postfix SMTP client SASL security options; as of Postfix 2.3 384 /* the list of available 385 /* features depends on the SASL client implementation that is selected 386 /* with \fBsmtp_sasl_type\fR. 387 /* .PP 388 /* Available in Postfix version 2.2 and later: 389 /* .IP "\fBsmtp_sasl_mechanism_filter (empty)\fR" 390 /* If non-empty, a Postfix SMTP client filter for the remote SMTP 391 /* server's list of offered SASL mechanisms. 392 /* .PP 393 /* Available in Postfix version 2.3 and later: 394 /* .IP "\fBsmtp_sender_dependent_authentication (no)\fR" 395 /* Enable sender-dependent authentication in the Postfix SMTP client; this is 396 /* available only with SASL authentication, and disables SMTP connection 397 /* caching to ensure that mail from different senders will use the 398 /* appropriate credentials. 399 /* .IP "\fBsmtp_sasl_path (empty)\fR" 400 /* Implementation-specific information that the Postfix SMTP client 401 /* passes through to 402 /* the SASL plug-in implementation that is selected with 403 /* \fBsmtp_sasl_type\fR. 404 /* .IP "\fBsmtp_sasl_type (cyrus)\fR" 405 /* The SASL plug-in type that the Postfix SMTP client should use 406 /* for authentication. 407 /* .PP 408 /* Available in Postfix version 2.5 and later: 409 /* .IP "\fBsmtp_sasl_auth_cache_name (empty)\fR" 410 /* An optional table to prevent repeated SASL authentication 411 /* failures with the same remote SMTP server hostname, username and 412 /* password. 413 /* .IP "\fBsmtp_sasl_auth_cache_time (90d)\fR" 414 /* The maximal age of an smtp_sasl_auth_cache_name entry before it 415 /* is removed. 416 /* .IP "\fBsmtp_sasl_auth_soft_bounce (yes)\fR" 417 /* When a remote SMTP server rejects a SASL authentication request 418 /* with a 535 reply code, defer mail delivery instead of returning 419 /* mail as undeliverable. 420 /* .PP 421 /* Available in Postfix version 2.9 and later: 422 /* .IP "\fBsmtp_send_dummy_mail_auth (no)\fR" 423 /* Whether or not to append the "AUTH=<>" option to the MAIL 424 /* FROM command in SASL-authenticated SMTP sessions. 425 /* STARTTLS SUPPORT CONTROLS 426 /* .ad 427 /* .fi 428 /* Detailed information about STARTTLS configuration may be found 429 /* in the TLS_README document. 430 /* .IP "\fBsmtp_tls_security_level (empty)\fR" 431 /* The default SMTP TLS security level for the Postfix SMTP client; 432 /* when a non-empty value is specified, this overrides the obsolete 433 /* parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername. 434 /* .IP "\fBsmtp_sasl_tls_security_options ($smtp_sasl_security_options)\fR" 435 /* The SASL authentication security options that the Postfix SMTP 436 /* client uses for TLS encrypted SMTP sessions. 437 /* .IP "\fBsmtp_starttls_timeout (300s)\fR" 438 /* Time limit for Postfix SMTP client write and read operations 439 /* during TLS startup and shutdown handshake procedures. 440 /* .IP "\fBsmtp_tls_CAfile (empty)\fR" 441 /* A file containing CA certificates of root CAs trusted to sign 442 /* either remote SMTP server certificates or intermediate CA certificates. 443 /* .IP "\fBsmtp_tls_CApath (empty)\fR" 444 /* Directory with PEM format Certification Authority certificates 445 /* that the Postfix SMTP client uses to verify a remote SMTP server 446 /* certificate. 447 /* .IP "\fBsmtp_tls_cert_file (empty)\fR" 448 /* File with the Postfix SMTP client RSA certificate in PEM format. 449 /* .IP "\fBsmtp_tls_mandatory_ciphers (medium)\fR" 450 /* The minimum TLS cipher grade that the Postfix SMTP client will 451 /* use with 452 /* mandatory TLS encryption. 453 /* .IP "\fBsmtp_tls_exclude_ciphers (empty)\fR" 454 /* List of ciphers or cipher types to exclude from the Postfix 455 /* SMTP client cipher 456 /* list at all TLS security levels. 457 /* .IP "\fBsmtp_tls_mandatory_exclude_ciphers (empty)\fR" 458 /* Additional list of ciphers or cipher types to exclude from the 459 /* Postfix SMTP client cipher list at mandatory TLS security levels. 460 /* .IP "\fBsmtp_tls_dcert_file (empty)\fR" 461 /* File with the Postfix SMTP client DSA certificate in PEM format. 462 /* .IP "\fBsmtp_tls_dkey_file ($smtp_tls_dcert_file)\fR" 463 /* File with the Postfix SMTP client DSA private key in PEM format. 464 /* .IP "\fBsmtp_tls_key_file ($smtp_tls_cert_file)\fR" 465 /* File with the Postfix SMTP client RSA private key in PEM format. 466 /* .IP "\fBsmtp_tls_loglevel (0)\fR" 467 /* Enable additional Postfix SMTP client logging of TLS activity. 468 /* .IP "\fBsmtp_tls_note_starttls_offer (no)\fR" 469 /* Log the hostname of a remote SMTP server that offers STARTTLS, 470 /* when TLS is not already enabled for that server. 471 /* .IP "\fBsmtp_tls_policy_maps (empty)\fR" 472 /* Optional lookup tables with the Postfix SMTP client TLS security 473 /* policy by next-hop destination; when a non-empty value is specified, 474 /* this overrides the obsolete smtp_tls_per_site parameter. 475 /* .IP "\fBsmtp_tls_mandatory_protocols (see 'postconf -d' output)\fR" 476 /* TLS protocols that the Postfix SMTP client will use with mandatory 477 /* TLS encryption. 478 /* .IP "\fBsmtp_tls_scert_verifydepth (9)\fR" 479 /* The verification depth for remote SMTP server certificates. 480 /* .IP "\fBsmtp_tls_secure_cert_match (nexthop, dot-nexthop)\fR" 481 /* How the Postfix SMTP client verifies the server certificate 482 /* peername for the "secure" TLS security level. 483 /* .IP "\fBsmtp_tls_session_cache_database (empty)\fR" 484 /* Name of the file containing the optional Postfix SMTP client 485 /* TLS session cache. 486 /* .IP "\fBsmtp_tls_session_cache_timeout (3600s)\fR" 487 /* The expiration time of Postfix SMTP client TLS session cache 488 /* information. 489 /* .IP "\fBsmtp_tls_verify_cert_match (hostname)\fR" 490 /* How the Postfix SMTP client verifies the server certificate 491 /* peername for the 492 /* "verify" TLS security level. 493 /* .IP "\fBtls_daemon_random_bytes (32)\fR" 494 /* The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8) 495 /* process requests from the \fBtlsmgr\fR(8) server in order to seed its 496 /* internal pseudo random number generator (PRNG). 497 /* .IP "\fBtls_high_cipherlist (see 'postconf -d' output)\fR" 498 /* The OpenSSL cipherlist for "high" grade ciphers. 499 /* .IP "\fBtls_medium_cipherlist (see 'postconf -d' output)\fR" 500 /* The OpenSSL cipherlist for "medium" or higher grade ciphers. 501 /* .IP "\fBtls_low_cipherlist (see 'postconf -d' output)\fR" 502 /* The OpenSSL cipherlist for "low" or higher grade ciphers. 503 /* .IP "\fBtls_export_cipherlist (see 'postconf -d' output)\fR" 504 /* The OpenSSL cipherlist for "export" or higher grade ciphers. 505 /* .IP "\fBtls_null_cipherlist (eNULL:!aNULL)\fR" 506 /* The OpenSSL cipherlist for "NULL" grade ciphers that provide 507 /* authentication without encryption. 508 /* .PP 509 /* Available in Postfix version 2.4 and later: 510 /* .IP "\fBsmtp_sasl_tls_verified_security_options ($smtp_sasl_tls_security_options)\fR" 511 /* The SASL authentication security options that the Postfix SMTP 512 /* client uses for TLS encrypted SMTP sessions with a verified server 513 /* certificate. 514 /* .PP 515 /* Available in Postfix version 2.5 and later: 516 /* .IP "\fBsmtp_tls_fingerprint_cert_match (empty)\fR" 517 /* List of acceptable remote SMTP server certificate fingerprints for 518 /* the "fingerprint" TLS security level (\fBsmtp_tls_security_level\fR = 519 /* fingerprint). 520 /* .IP "\fBsmtp_tls_fingerprint_digest (see 'postconf -d' output)\fR" 521 /* The message digest algorithm used to construct remote SMTP server 522 /* certificate fingerprints. 523 /* .PP 524 /* Available in Postfix version 2.6 and later: 525 /* .IP "\fBsmtp_tls_protocols (see postconf -d output)\fR" 526 /* TLS protocols that the Postfix SMTP client will use with 527 /* opportunistic TLS encryption. 528 /* .IP "\fBsmtp_tls_ciphers (medium)\fR" 529 /* The minimum TLS cipher grade that the Postfix SMTP client 530 /* will use with opportunistic TLS encryption. 531 /* .IP "\fBsmtp_tls_eccert_file (empty)\fR" 532 /* File with the Postfix SMTP client ECDSA certificate in PEM format. 533 /* .IP "\fBsmtp_tls_eckey_file ($smtp_tls_eccert_file)\fR" 534 /* File with the Postfix SMTP client ECDSA private key in PEM format. 535 /* .PP 536 /* Available in Postfix version 2.7 and later: 537 /* .IP "\fBsmtp_tls_block_early_mail_reply (no)\fR" 538 /* Try to detect a mail hijacking attack based on a TLS protocol 539 /* vulnerability (CVE-2009-3555), where an attacker prepends malicious 540 /* HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client TLS session. 541 /* .PP 542 /* Available in Postfix version 2.8 and later: 543 /* .IP "\fBtls_disable_workarounds (see 'postconf -d' output)\fR" 544 /* List or bit-mask of OpenSSL bug work-arounds to disable. 545 /* .PP 546 /* Available in Postfix version 2.11-3.1: 547 /* .IP "\fBtls_dane_digest_agility (on)\fR" 548 /* Configure RFC7671 DANE TLSA digest algorithm agility. 549 /* .IP "\fBtls_dane_trust_anchor_digest_enable (yes)\fR" 550 /* Enable support for RFC 6698 (DANE TLSA) DNS records that contain 551 /* digests of trust-anchors with certificate usage "2". 552 /* .PP 553 /* Available in Postfix version 2.11 and later: 554 /* .IP "\fBsmtp_tls_trust_anchor_file (empty)\fR" 555 /* Zero or more PEM-format files with trust-anchor certificates 556 /* and/or public keys. 557 /* .IP "\fBsmtp_tls_force_insecure_host_tlsa_lookup (no)\fR" 558 /* Lookup the associated DANE TLSA RRset even when a hostname is 559 /* not an alias and its address records lie in an unsigned zone. 560 /* .IP "\fBtlsmgr_service_name (tlsmgr)\fR" 561 /* The name of the \fBtlsmgr\fR(8) service entry in master.cf. 562 /* .PP 563 /* Available in Postfix version 3.0 and later: 564 /* .IP "\fBsmtp_tls_wrappermode (no)\fR" 565 /* Request that the Postfix SMTP client connects using the 566 /* legacy SMTPS protocol instead of using the STARTTLS command. 567 /* .PP 568 /* Available in Postfix version 3.1 and later: 569 /* .IP "\fBsmtp_tls_dane_insecure_mx_policy (see 'postconf -d' output)\fR" 570 /* The TLS policy for MX hosts with "secure" TLSA records when the 571 /* nexthop destination security level is \fBdane\fR, but the MX 572 /* record was found via an "insecure" MX lookup. 573 /* .PP 574 /* Available in Postfix version 3.4 and later: 575 /* .IP "\fBsmtp_tls_connection_reuse (no)\fR" 576 /* Try to make multiple deliveries per TLS-encrypted connection. 577 /* .IP "\fBsmtp_tls_chain_files (empty)\fR" 578 /* List of one or more PEM files, each holding one or more private keys 579 /* directly followed by a corresponding certificate chain. 580 /* .IP "\fBsmtp_tls_servername (empty)\fR" 581 /* Optional name to send to the remote SMTP server in the TLS Server 582 /* Name Indication (SNI) extension. 583 /* .PP 584 /* Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later: 585 /* .IP "\fBtls_fast_shutdown_enable (yes)\fR" 586 /* A workaround for implementations that hang Postfix while shutting 587 /* down a TLS session, until Postfix times out. 588 /* OBSOLETE STARTTLS CONTROLS 589 /* .ad 590 /* .fi 591 /* The following configuration parameters exist for compatibility 592 /* with Postfix versions before 2.3. Support for these will 593 /* be removed in a future release. 594 /* .IP "\fBsmtp_use_tls (no)\fR" 595 /* Opportunistic mode: use TLS when a remote SMTP server announces 596 /* STARTTLS support, otherwise send the mail in the clear. 597 /* .IP "\fBsmtp_enforce_tls (no)\fR" 598 /* Enforcement mode: require that remote SMTP servers use TLS 599 /* encryption, and never send mail in the clear. 600 /* .IP "\fBsmtp_tls_enforce_peername (yes)\fR" 601 /* With mandatory TLS encryption, require that the remote SMTP 602 /* server hostname matches the information in the remote SMTP server 603 /* certificate. 604 /* .IP "\fBsmtp_tls_per_site (empty)\fR" 605 /* Optional lookup tables with the Postfix SMTP client TLS usage 606 /* policy by next-hop destination and by remote SMTP server hostname. 607 /* .IP "\fBsmtp_tls_cipherlist (empty)\fR" 608 /* Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS 609 /* cipher list. 610 /* RESOURCE AND RATE CONTROLS 611 /* .ad 612 /* .fi 613 /* .IP "\fBsmtp_connect_timeout (30s)\fR" 614 /* The Postfix SMTP client time limit for completing a TCP connection, or 615 /* zero (use the operating system built-in time limit). 616 /* .IP "\fBsmtp_helo_timeout (300s)\fR" 617 /* The Postfix SMTP client time limit for sending the HELO or EHLO command, 618 /* and for receiving the initial remote SMTP server response. 619 /* .IP "\fBlmtp_lhlo_timeout (300s)\fR" 620 /* The Postfix LMTP client time limit for sending the LHLO command, 621 /* and for receiving the initial remote LMTP server response. 622 /* .IP "\fBsmtp_xforward_timeout (300s)\fR" 623 /* The Postfix SMTP client time limit for sending the XFORWARD command, 624 /* and for receiving the remote SMTP server response. 625 /* .IP "\fBsmtp_mail_timeout (300s)\fR" 626 /* The Postfix SMTP client time limit for sending the MAIL FROM command, 627 /* and for receiving the remote SMTP server response. 628 /* .IP "\fBsmtp_rcpt_timeout (300s)\fR" 629 /* The Postfix SMTP client time limit for sending the SMTP RCPT TO 630 /* command, and for receiving the remote SMTP server response. 631 /* .IP "\fBsmtp_data_init_timeout (120s)\fR" 632 /* The Postfix SMTP client time limit for sending the SMTP DATA command, 633 /* and for receiving the remote SMTP server response. 634 /* .IP "\fBsmtp_data_xfer_timeout (180s)\fR" 635 /* The Postfix SMTP client time limit for sending the SMTP message content. 636 /* .IP "\fBsmtp_data_done_timeout (600s)\fR" 637 /* The Postfix SMTP client time limit for sending the SMTP ".", and 638 /* for receiving the remote SMTP server response. 639 /* .IP "\fBsmtp_quit_timeout (300s)\fR" 640 /* The Postfix SMTP client time limit for sending the QUIT command, 641 /* and for receiving the remote SMTP server response. 642 /* .PP 643 /* Available in Postfix version 2.1 and later: 644 /* .IP "\fBsmtp_mx_address_limit (5)\fR" 645 /* The maximal number of MX (mail exchanger) IP addresses that can 646 /* result from Postfix SMTP client mail exchanger lookups, or zero (no 647 /* limit). 648 /* .IP "\fBsmtp_mx_session_limit (2)\fR" 649 /* The maximal number of SMTP sessions per delivery request before 650 /* the Postfix SMTP client 651 /* gives up or delivers to a fall-back relay host, or zero (no 652 /* limit). 653 /* .IP "\fBsmtp_rset_timeout (20s)\fR" 654 /* The Postfix SMTP client time limit for sending the RSET command, 655 /* and for receiving the remote SMTP server response. 656 /* .PP 657 /* Available in Postfix version 2.2 and earlier: 658 /* .IP "\fBlmtp_cache_connection (yes)\fR" 659 /* Keep Postfix LMTP client connections open for up to $max_idle 660 /* seconds. 661 /* .PP 662 /* Available in Postfix version 2.2 and later: 663 /* .IP "\fBsmtp_connection_cache_destinations (empty)\fR" 664 /* Permanently enable SMTP connection caching for the specified 665 /* destinations. 666 /* .IP "\fBsmtp_connection_cache_on_demand (yes)\fR" 667 /* Temporarily enable SMTP connection caching while a destination 668 /* has a high volume of mail in the active queue. 669 /* .IP "\fBsmtp_connection_reuse_time_limit (300s)\fR" 670 /* The amount of time during which Postfix will use an SMTP 671 /* connection repeatedly. 672 /* .IP "\fBsmtp_connection_cache_time_limit (2s)\fR" 673 /* When SMTP connection caching is enabled, the amount of time that 674 /* an unused SMTP client socket is kept open before it is closed. 675 /* .PP 676 /* Available in Postfix version 2.3 and later: 677 /* .IP "\fBconnection_cache_protocol_timeout (5s)\fR" 678 /* Time limit for connection cache connect, send or receive 679 /* operations. 680 /* .PP 681 /* Available in Postfix version 2.9 - 3.6: 682 /* .IP "\fBsmtp_per_record_deadline (no)\fR" 683 /* Change the behavior of the smtp_*_timeout time limits, from a 684 /* time limit per read or write system call, to a time limit to send 685 /* or receive a complete record (an SMTP command line, SMTP response 686 /* line, SMTP message content line, or TLS protocol message). 687 /* .PP 688 /* Available in Postfix version 2.11 and later: 689 /* .IP "\fBsmtp_connection_reuse_count_limit (0)\fR" 690 /* When SMTP connection caching is enabled, the number of times 691 /* that an SMTP session may be reused before it is closed, or zero (no 692 /* limit). 693 /* .PP 694 /* Available in Postfix version 3.4 and later: 695 /* .IP "\fBsmtp_tls_connection_reuse (no)\fR" 696 /* Try to make multiple deliveries per TLS-encrypted connection. 697 /* .PP 698 /* Available in Postfix version 3.7 and later: 699 /* .IP "\fBsmtp_per_request_deadline (no)\fR" 700 /* Change the behavior of the smtp_*_timeout time limits, from a 701 /* time limit per plaintext or TLS read or write call, to a combined 702 /* time limit for sending a complete SMTP request and for receiving a 703 /* complete SMTP response. 704 /* .IP "\fBsmtp_min_data_rate (500)\fR" 705 /* The minimum plaintext data transfer rate in bytes/second for 706 /* DATA requests, when deadlines are enabled with smtp_per_request_deadline. 707 /* .PP 708 /* Implemented in the qmgr(8) daemon: 709 /* .IP "\fBtransport_destination_concurrency_limit ($default_destination_concurrency_limit)\fR" 710 /* A transport-specific override for the 711 /* default_destination_concurrency_limit parameter value, where 712 /* \fItransport\fR is the master.cf name of the message delivery 713 /* transport. 714 /* .IP "\fBtransport_destination_recipient_limit ($default_destination_recipient_limit)\fR" 715 /* A transport-specific override for the 716 /* default_destination_recipient_limit parameter value, where 717 /* \fItransport\fR is the master.cf name of the message delivery 718 /* transport. 719 /* SMTPUTF8 CONTROLS 720 /* .ad 721 /* .fi 722 /* Preliminary SMTPUTF8 support is introduced with Postfix 3.0. 723 /* .IP "\fBsmtputf8_enable (yes)\fR" 724 /* Enable preliminary SMTPUTF8 support for the protocols described 725 /* in RFC 6531..6533. 726 /* .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR" 727 /* Detect that a message requires SMTPUTF8 support for the specified 728 /* mail origin classes. 729 /* .PP 730 /* Available in Postfix version 3.2 and later: 731 /* .IP "\fBenable_idna2003_compatibility (no)\fR" 732 /* Enable 'transitional' compatibility between IDNA2003 and IDNA2008, 733 /* when converting UTF-8 domain names to/from the ASCII form that is 734 /* used for DNS lookups. 735 /* TROUBLE SHOOTING CONTROLS 736 /* .ad 737 /* .fi 738 /* .IP "\fBdebug_peer_level (2)\fR" 739 /* The increment in verbose logging level when a nexthop destination, 740 /* remote client or server name or network address matches a pattern 741 /* given with the debug_peer_list parameter. 742 /* .IP "\fBdebug_peer_list (empty)\fR" 743 /* Optional list of nexthop destination, remote client or server 744 /* name or network address patterns that, if matched, cause the verbose 745 /* logging level to increase by the amount specified in $debug_peer_level. 746 /* .IP "\fBerror_notice_recipient (postmaster)\fR" 747 /* The recipient of postmaster notifications about mail delivery 748 /* problems that are caused by policy, resource, software or protocol 749 /* errors. 750 /* .IP "\fBinternal_mail_filter_classes (empty)\fR" 751 /* What categories of Postfix-generated mail are subject to 752 /* before-queue content inspection by non_smtpd_milters, header_checks 753 /* and body_checks. 754 /* .IP "\fBnotify_classes (resource, software)\fR" 755 /* The list of error classes that are reported to the postmaster. 756 /* MISCELLANEOUS CONTROLS 757 /* .ad 758 /* .fi 759 /* .IP "\fBbest_mx_transport (empty)\fR" 760 /* Where the Postfix SMTP client should deliver mail when it detects 761 /* a "mail loops back to myself" error condition. 762 /* .IP "\fBconfig_directory (see 'postconf -d' output)\fR" 763 /* The default location of the Postfix main.cf and master.cf 764 /* configuration files. 765 /* .IP "\fBdaemon_timeout (18000s)\fR" 766 /* How much time a Postfix daemon process may take to handle a 767 /* request before it is terminated by a built-in watchdog timer. 768 /* .IP "\fBdelay_logging_resolution_limit (2)\fR" 769 /* The maximal number of digits after the decimal point when logging 770 /* sub-second delay values. 771 /* .IP "\fBdisable_dns_lookups (no)\fR" 772 /* Disable DNS lookups in the Postfix SMTP and LMTP clients. 773 /* .IP "\fBinet_interfaces (all)\fR" 774 /* The network interface addresses that this mail system receives 775 /* mail on. 776 /* .IP "\fBinet_protocols (see 'postconf -d output')\fR" 777 /* The Internet protocols Postfix will attempt to use when making 778 /* or accepting connections. 779 /* .IP "\fBipc_timeout (3600s)\fR" 780 /* The time limit for sending or receiving information over an internal 781 /* communication channel. 782 /* .IP "\fBlmtp_assume_final (no)\fR" 783 /* When a remote LMTP server announces no DSN support, assume that 784 /* the 785 /* server performs final delivery, and send "delivered" delivery status 786 /* notifications instead of "relayed". 787 /* .IP "\fBlmtp_tcp_port (24)\fR" 788 /* The default TCP port that the Postfix LMTP client connects to. 789 /* .IP "\fBmax_idle (100s)\fR" 790 /* The maximum amount of time that an idle Postfix daemon process waits 791 /* for an incoming connection before terminating voluntarily. 792 /* .IP "\fBmax_use (100)\fR" 793 /* The maximal number of incoming connections that a Postfix daemon 794 /* process will service before terminating voluntarily. 795 /* .IP "\fBprocess_id (read-only)\fR" 796 /* The process ID of a Postfix command or daemon process. 797 /* .IP "\fBprocess_name (read-only)\fR" 798 /* The process name of a Postfix command or daemon process. 799 /* .IP "\fBproxy_interfaces (empty)\fR" 800 /* The network interface addresses that this mail system receives mail 801 /* on by way of a proxy or network address translation unit. 802 /* .IP "\fBsmtp_address_preference (any)\fR" 803 /* The address type ("ipv6", "ipv4" or "any") that the Postfix 804 /* SMTP client will try first, when a destination has IPv6 and IPv4 805 /* addresses with equal MX preference. 806 /* .IP "\fBsmtp_bind_address (empty)\fR" 807 /* An optional numerical network address that the Postfix SMTP client 808 /* should bind to when making an IPv4 connection. 809 /* .IP "\fBsmtp_bind_address6 (empty)\fR" 810 /* An optional numerical network address that the Postfix SMTP client 811 /* should bind to when making an IPv6 connection. 812 /* .IP "\fBsmtp_helo_name ($myhostname)\fR" 813 /* The hostname to send in the SMTP HELO or EHLO command. 814 /* .IP "\fBlmtp_lhlo_name ($myhostname)\fR" 815 /* The hostname to send in the LMTP LHLO command. 816 /* .IP "\fBsmtp_host_lookup (dns)\fR" 817 /* What mechanisms the Postfix SMTP client uses to look up a host's 818 /* IP address. 819 /* .IP "\fBsmtp_randomize_addresses (yes)\fR" 820 /* Randomize the order of equal-preference MX host addresses. 821 /* .IP "\fBsyslog_facility (mail)\fR" 822 /* The syslog facility of Postfix logging. 823 /* .IP "\fBsyslog_name (see 'postconf -d' output)\fR" 824 /* A prefix that is prepended to the process name in syslog 825 /* records, so that, for example, "smtpd" becomes "prefix/smtpd". 826 /* .PP 827 /* Available with Postfix 2.2 and earlier: 828 /* .IP "\fBfallback_relay (empty)\fR" 829 /* Optional list of relay hosts for SMTP destinations that can't be 830 /* found or that are unreachable. 831 /* .PP 832 /* Available with Postfix 2.3 and later: 833 /* .IP "\fBsmtp_fallback_relay ($fallback_relay)\fR" 834 /* Optional list of relay hosts for SMTP destinations that can't be 835 /* found or that are unreachable. 836 /* .PP 837 /* Available with Postfix 3.0 and later: 838 /* .IP "\fBsmtp_address_verify_target (rcpt)\fR" 839 /* In the context of email address verification, the SMTP protocol 840 /* stage that determines whether an email address is deliverable. 841 /* .PP 842 /* Available with Postfix 3.1 and later: 843 /* .IP "\fBlmtp_fallback_relay (empty)\fR" 844 /* Optional list of relay hosts for LMTP destinations that can't be 845 /* found or that are unreachable. 846 /* .PP 847 /* Available with Postfix 3.2 and later: 848 /* .IP "\fBsmtp_tcp_port (smtp)\fR" 849 /* The default TCP port that the Postfix SMTP client connects to. 850 /* .PP 851 /* Available in Postfix 3.3 and later: 852 /* .IP "\fBservice_name (read-only)\fR" 853 /* The master.cf service name of a Postfix daemon process. 854 /* .PP 855 /* Available in Postfix 3.7 and later: 856 /* .IP "\fBsmtp_bind_address_enforce (no)\fR" 857 /* Defer delivery when the Postfix SMTP client cannot apply the 858 /* smtp_bind_address or smtp_bind_address6 setting. 859 /* SEE ALSO 860 /* generic(5), output address rewriting 861 /* header_checks(5), message header content inspection 862 /* body_checks(5), body parts content inspection 863 /* qmgr(8), queue manager 864 /* bounce(8), delivery status reports 865 /* scache(8), connection cache server 866 /* postconf(5), configuration parameters 867 /* master(5), generic daemon options 868 /* master(8), process manager 869 /* tlsmgr(8), TLS session and PRNG management 870 /* postlogd(8), Postfix logging 871 /* syslogd(8), system logging 872 /* README FILES 873 /* .ad 874 /* .fi 875 /* Use "\fBpostconf readme_directory\fR" or 876 /* "\fBpostconf html_directory\fR" to locate this information. 877 /* .na 878 /* .nf 879 /* SASL_README, Postfix SASL howto 880 /* TLS_README, Postfix STARTTLS howto 881 /* LICENSE 882 /* .ad 883 /* .fi 884 /* The Secure Mailer license must be distributed with this software. 885 /* AUTHOR(S) 886 /* Wietse Venema 887 /* IBM T.J. Watson Research 888 /* P.O. Box 704 889 /* Yorktown Heights, NY 10598, USA 890 /* 891 /* Wietse Venema 892 /* Google, Inc. 893 /* 111 8th Avenue 894 /* New York, NY 10011, USA 895 /* 896 /* Command pipelining in cooperation with: 897 /* Jon Ribbens 898 /* Oaktree Internet Solutions Ltd., 899 /* Internet House, 900 /* Canal Basin, 901 /* Coventry, 902 /* CV1 4LY, United Kingdom. 903 /* 904 /* SASL support originally by: 905 /* Till Franke 906 /* SuSE Rhein/Main AG 907 /* 65760 Eschborn, Germany 908 /* 909 /* TLS support originally by: 910 /* Lutz Jaenicke 911 /* BTU Cottbus 912 /* Allgemeine Elektrotechnik 913 /* Universitaetsplatz 3-4 914 /* D-03044 Cottbus, Germany 915 /* 916 /* Revised TLS and SMTP connection cache support by: 917 /* Victor Duchovni 918 /* Morgan Stanley 919 /*--*/ 920 921 /* System library. */ 922 923 #include <sys_defs.h> 924 #include <unistd.h> 925 #include <stdlib.h> 926 #include <string.h> 927 #include <fcntl.h> 928 #include <dict.h> 929 #include <stringops.h> 930 931 /* Utility library. */ 932 933 #include <msg.h> 934 #include <mymalloc.h> 935 #include <name_mask.h> 936 #include <name_code.h> 937 #include <byte_mask.h> 938 939 /* Global library. */ 940 941 #include <deliver_request.h> 942 #include <delivered_hdr.h> 943 #include <mail_proto.h> 944 #include <mail_params.h> 945 #include <mail_version.h> 946 #include <mail_conf.h> 947 #include <debug_peer.h> 948 #include <flush_clnt.h> 949 #include <scache.h> 950 #include <string_list.h> 951 #include <maps.h> 952 #include <ext_prop.h> 953 #include <hfrom_format.h> 954 955 /* DNS library. */ 956 957 #include <dns.h> 958 959 /* Single server skeleton. */ 960 961 #include <mail_server.h> 962 963 /* Application-specific. */ 964 965 #include "smtp.h" 966 #include "smtp_sasl.h" 967 968 /* 969 * Tunable parameters. These have compiled-in defaults that can be overruled 970 * by settings in the global Postfix configuration file. 971 */ 972 int var_smtp_conn_tmout; 973 int var_smtp_helo_tmout; 974 int var_smtp_xfwd_tmout; 975 int var_smtp_mail_tmout; 976 int var_smtp_rcpt_tmout; 977 int var_smtp_data0_tmout; 978 int var_smtp_data1_tmout; 979 int var_smtp_data2_tmout; 980 int var_smtp_rset_tmout; 981 int var_smtp_quit_tmout; 982 char *var_notify_classes; 983 int var_smtp_skip_5xx_greeting; 984 int var_ign_mx_lookup_err; 985 int var_skip_quit_resp; 986 char *var_fallback_relay; 987 char *var_bestmx_transp; 988 char *var_error_rcpt; 989 int var_smtp_always_ehlo; 990 int var_smtp_never_ehlo; 991 char *var_smtp_sasl_opts; 992 char *var_smtp_sasl_path; 993 char *var_smtp_sasl_passwd; 994 bool var_smtp_sasl_enable; 995 char *var_smtp_sasl_mechs; 996 char *var_smtp_sasl_type; 997 char *var_smtp_bind_addr; 998 char *var_smtp_bind_addr6; 999 char *var_smtp_vrfy_tgt; 1000 bool var_smtp_rand_addr; 1001 int var_smtp_pix_thresh; 1002 int var_queue_run_delay; 1003 int var_min_backoff_time; 1004 int var_smtp_pix_delay; 1005 int var_smtp_line_limit; 1006 char *var_smtp_helo_name; 1007 char *var_smtp_host_lookup; 1008 bool var_smtp_quote_821_env; 1009 bool var_smtp_defer_mxaddr; 1010 bool var_smtp_send_xforward; 1011 int var_smtp_mxaddr_limit; 1012 int var_smtp_mxsess_limit; 1013 int var_smtp_cache_conn; 1014 int var_smtp_reuse_time; 1015 int var_smtp_reuse_count; 1016 char *var_smtp_cache_dest; 1017 char *var_scache_service; /* You can now leave this here. */ 1018 bool var_smtp_cache_demand; 1019 char *var_smtp_ehlo_dis_words; 1020 char *var_smtp_ehlo_dis_maps; 1021 char *var_smtp_addr_pref; 1022 1023 char *var_smtp_tls_level; 1024 bool var_smtp_use_tls; 1025 bool var_smtp_enforce_tls; 1026 char *var_smtp_tls_per_site; 1027 char *var_smtp_tls_policy; 1028 bool var_smtp_tls_wrappermode; 1029 bool var_smtp_tls_conn_reuse; 1030 char *var_tlsproxy_service; 1031 1032 #ifdef USE_TLS 1033 char *var_smtp_sasl_tls_opts; 1034 char *var_smtp_sasl_tlsv_opts; 1035 int var_smtp_starttls_tmout; 1036 char *var_smtp_tls_CAfile; 1037 char *var_smtp_tls_CApath; 1038 char *var_smtp_tls_chain_files; 1039 char *var_smtp_tls_cert_file; 1040 char *var_smtp_tls_mand_ciph; 1041 char *var_smtp_tls_excl_ciph; 1042 char *var_smtp_tls_mand_excl; 1043 char *var_smtp_tls_dcert_file; 1044 char *var_smtp_tls_dkey_file; 1045 bool var_smtp_tls_enforce_peername; 1046 char *var_smtp_tls_key_file; 1047 char *var_smtp_tls_loglevel; 1048 bool var_smtp_tls_note_starttls_offer; 1049 char *var_smtp_tls_mand_proto; 1050 char *var_smtp_tls_sec_cmatch; 1051 int var_smtp_tls_scert_vd; 1052 char *var_smtp_tls_vfy_cmatch; 1053 char *var_smtp_tls_fpt_cmatch; 1054 char *var_smtp_tls_fpt_dgst; 1055 char *var_smtp_tls_tafile; 1056 char *var_smtp_tls_proto; 1057 char *var_smtp_tls_ciph; 1058 char *var_smtp_tls_eccert_file; 1059 char *var_smtp_tls_eckey_file; 1060 char *var_smtp_tls_sni; 1061 bool var_smtp_tls_blk_early_mail_reply; 1062 bool var_smtp_tls_force_tlsa; 1063 char *var_smtp_tls_insecure_mx_policy; 1064 1065 #endif 1066 1067 char *var_smtp_generic_maps; 1068 char *var_prop_extension; 1069 bool var_smtp_sender_auth; 1070 char *var_smtp_tcp_port; 1071 int var_scache_proto_tmout; 1072 bool var_smtp_cname_overr; 1073 char *var_smtp_pix_bug_words; 1074 char *var_smtp_pix_bug_maps; 1075 char *var_cyrus_conf_path; 1076 char *var_smtp_head_chks; 1077 char *var_smtp_mime_chks; 1078 char *var_smtp_nest_chks; 1079 char *var_smtp_body_chks; 1080 char *var_smtp_resp_filter; 1081 bool var_lmtp_assume_final; 1082 char *var_smtp_dns_res_opt; 1083 char *var_smtp_dns_support; 1084 bool var_smtp_dummy_mail_auth; 1085 char *var_smtp_dsn_filter; 1086 char *var_smtp_dns_re_filter; 1087 bool var_smtp_balance_inet_proto; 1088 bool var_smtp_req_deadline; 1089 int var_smtp_min_data_rate; 1090 1091 /* Special handling of 535 AUTH errors. */ 1092 char *var_smtp_sasl_auth_cache_name; 1093 int var_smtp_sasl_auth_cache_time; 1094 bool var_smtp_sasl_auth_soft_bounce; 1095 1096 char *var_hfrom_format; 1097 bool var_smtp_bind_addr_enforce; 1098 1099 /* 1100 * Global variables. 1101 */ 1102 int smtp_mode; 1103 int smtp_host_lookup_mask; 1104 int smtp_dns_support; 1105 STRING_LIST *smtp_cache_dest; 1106 SCACHE *smtp_scache; 1107 MAPS *smtp_ehlo_dis_maps; 1108 MAPS *smtp_generic_maps; 1109 int smtp_ext_prop_mask; 1110 unsigned smtp_dns_res_opt; 1111 MAPS *smtp_pix_bug_maps; 1112 HBC_CHECKS *smtp_header_checks; /* limited header checks */ 1113 HBC_CHECKS *smtp_body_checks; /* limited body checks */ 1114 SMTP_CLI_ATTR smtp_cli_attr; /* parsed command-line */ 1115 int smtp_hfrom_format; /* postmaster notifications */ 1116 1117 #ifdef USE_TLS 1118 1119 /* 1120 * OpenSSL client state (opaque handle) 1121 */ 1122 TLS_APPL_STATE *smtp_tls_ctx; 1123 int smtp_tls_insecure_mx_policy; 1124 1125 #endif 1126 1127 /* 1128 * IPv6 preference. 1129 */ 1130 static int smtp_addr_pref; 1131 1132 /* get_cli_attr - get command-line attributes */ 1133 1134 static void get_cli_attr(SMTP_CLI_ATTR *attr, char **argv) 1135 { 1136 const char myname[] = "get_cli_attr"; 1137 const char *last_flags = "flags="; /* i.e. empty */ 1138 static const BYTE_MASK flags_map[] = { 1139 'D', SMTP_CLI_FLAG_DELIVERED_TO, 1140 'O', SMTP_CLI_FLAG_ORIG_RCPT, 1141 'R', SMTP_CLI_FLAG_RETURN_PATH, 1142 'X', SMTP_CLI_FLAG_FINAL_DELIVERY, 1143 0, 1144 }; 1145 1146 /* 1147 * Initialize. 1148 */ 1149 attr->flags = 0; 1150 1151 /* 1152 * Iterate over the command-line attribute list. Errors are fatal. 1153 */ 1154 for ( /* void */ ; *argv != 0; argv++) { 1155 1156 /* 1157 * flags=stuff. Errors are fatal. 1158 */ 1159 if (strncasecmp("flags=", *argv, sizeof("flags=") - 1) == 0) { 1160 last_flags = *argv; 1161 if (msg_verbose) 1162 msg_info("%s: %s", myname, last_flags); 1163 attr->flags = byte_mask(*argv, flags_map, 1164 *argv + sizeof("flags=") - 1); 1165 } 1166 1167 /* 1168 * Bad. 1169 */ 1170 else 1171 msg_fatal("unknown attribute name: %s", *argv); 1172 } 1173 1174 /* 1175 * Backwards compatibility, redundancy, and obsolescence. 1176 */ 1177 if (!smtp_mode && var_lmtp_assume_final 1178 && (attr->flags & SMTP_CLI_FLAG_FINAL_DELIVERY) == 0) { 1179 attr->flags |= SMTP_CLI_FLAG_FINAL_DELIVERY; 1180 msg_warn("%s is obsolete; instead, specify \"%sX\" in %s", 1181 VAR_LMTP_ASSUME_FINAL, last_flags, MASTER_CONF_FILE); 1182 } 1183 } 1184 1185 /* deliver_message - deliver message with extreme prejudice */ 1186 1187 static int deliver_message(const char *service, DELIVER_REQUEST *request) 1188 { 1189 SMTP_STATE *state; 1190 int result; 1191 1192 if (msg_verbose) 1193 msg_info("deliver_message: from %s", request->sender); 1194 1195 /* 1196 * Sanity checks. The smtp server is unprivileged and chrooted, so we can 1197 * afford to distribute the data censoring code, instead of having it all 1198 * in one place. 1199 */ 1200 if (request->nexthop[0] == 0) 1201 msg_fatal("empty nexthop hostname"); 1202 if (request->rcpt_list.len <= 0) 1203 msg_fatal("recipient count: %d", request->rcpt_list.len); 1204 1205 /* 1206 * D flag checks. 1207 */ 1208 if (smtp_cli_attr.flags & SMTP_CLI_FLAG_DELIVERED_TO) { 1209 1210 /* 1211 * The D flag cannot be specified for multi-recipient deliveries. 1212 */ 1213 if (request->rcpt_list.len > 1) { 1214 msg_warn("flag `D' requires %s_destination_recipient_limit = 1", 1215 service); 1216 return (reject_deliver_request(service, request, "4.3.5", 1217 "mail system configuration error")); 1218 } 1219 1220 /* 1221 * The recipient cannot appear in a Delivered-To: header. 1222 */ 1223 else { 1224 DELIVERED_HDR_INFO *delivered_info = delivered_hdr_init( 1225 request->fp, request->data_offset, FOLD_ADDR_ALL); 1226 VSTRING *generic_rcpt = vstring_alloc(100); 1227 int have_delivered_loop; 1228 1229 smtp_rewrite_generic_internal(generic_rcpt, 1230 request->rcpt_list.info->address); 1231 have_delivered_loop = delivered_hdr_find( 1232 delivered_info, STR(generic_rcpt)); 1233 vstring_free(generic_rcpt); 1234 delivered_hdr_free(delivered_info); 1235 if (have_delivered_loop) { 1236 return (reject_deliver_request(service, request, "5.4.6", 1237 "mail forwarding loop for %s", 1238 request->rcpt_list.info->address)); 1239 } 1240 } 1241 } 1242 1243 /* 1244 * The O flag cannot be specified for multi-recipient deliveries. 1245 */ 1246 if ((smtp_cli_attr.flags & SMTP_CLI_FLAG_ORIG_RCPT) 1247 && request->rcpt_list.len > 1) { 1248 msg_warn("flag `O' requires %s_destination_recipient_limit = 1", 1249 service); 1250 return (reject_deliver_request(service, request, "4.3.5", 1251 "mail system configuration error")); 1252 } 1253 1254 /* 1255 * Initialize. Bundle all information about the delivery request, so that 1256 * we can produce understandable diagnostics when something goes wrong 1257 * many levels below. The alternative would be to make everything global. 1258 */ 1259 state = smtp_state_alloc(); 1260 state->request = request; 1261 state->src = request->fp; 1262 state->service = service; 1263 state->misc_flags |= smtp_addr_pref; 1264 state->debug_peer_per_nexthop = 1265 debug_peer_check(request->nexthop, "noaddr"); 1266 SMTP_RCPT_INIT(state); 1267 1268 /* 1269 * Establish an SMTP session and deliver this message to all requested 1270 * recipients. At the end, notify the postmaster of any protocol errors. 1271 * Optionally deliver mail locally when this machine is the best mail 1272 * exchanger. 1273 */ 1274 result = smtp_connect(state); 1275 1276 /* 1277 * Clean up. 1278 */ 1279 smtp_state_free(state); 1280 1281 return (result); 1282 } 1283 1284 /* smtp_service - perform service for client */ 1285 1286 static void smtp_service(VSTREAM *client_stream, char *service, 1287 char **unused_argv) 1288 { 1289 DELIVER_REQUEST *request; 1290 int status; 1291 1292 /* 1293 * This routine runs whenever a client connects to the UNIX-domain socket 1294 * dedicated to remote SMTP delivery service. What we see below is a 1295 * little protocol to (1) tell the queue manager that we are ready, (2) 1296 * read a request from the queue manager, and (3) report the completion 1297 * status of that request. All connection-management stuff is handled by 1298 * the common code in single_server.c. 1299 */ 1300 if ((request = deliver_request_read(client_stream)) != 0) { 1301 status = deliver_message(service, request); 1302 deliver_request_done(client_stream, request, status); 1303 } 1304 } 1305 1306 /* post_init - post-jail initialization */ 1307 1308 static void post_init(char *unused_name, char **argv) 1309 { 1310 static const NAME_MASK lookup_masks[] = { 1311 SMTP_HOST_LOOKUP_DNS, SMTP_HOST_FLAG_DNS, 1312 SMTP_HOST_LOOKUP_NATIVE, SMTP_HOST_FLAG_NATIVE, 1313 0, 1314 }; 1315 static const NAME_MASK dns_res_opt_masks[] = { 1316 SMTP_DNS_RES_OPT_DEFNAMES, RES_DEFNAMES, 1317 SMTP_DNS_RES_OPT_DNSRCH, RES_DNSRCH, 1318 0, 1319 }; 1320 static const NAME_CODE dns_support[] = { 1321 SMTP_DNS_SUPPORT_DISABLED, SMTP_DNS_DISABLED, 1322 SMTP_DNS_SUPPORT_ENABLED, SMTP_DNS_ENABLED, 1323 #if (RES_USE_DNSSEC != 0) && (RES_USE_EDNS0 != 0) 1324 SMTP_DNS_SUPPORT_DNSSEC, SMTP_DNS_DNSSEC, 1325 #endif 1326 0, SMTP_DNS_INVALID, 1327 }; 1328 1329 if (*var_smtp_dns_support == 0) { 1330 /* Backwards compatible empty setting */ 1331 smtp_dns_support = 1332 var_disable_dns ? SMTP_DNS_DISABLED : SMTP_DNS_ENABLED; 1333 } else { 1334 smtp_dns_support = 1335 name_code(dns_support, NAME_CODE_FLAG_NONE, var_smtp_dns_support); 1336 if (smtp_dns_support == SMTP_DNS_INVALID) 1337 msg_fatal("invalid %s: \"%s\"", VAR_LMTP_SMTP(DNS_SUPPORT), 1338 var_smtp_dns_support); 1339 var_disable_dns = (smtp_dns_support == SMTP_DNS_DISABLED); 1340 } 1341 1342 #ifdef USE_TLS 1343 if (smtp_mode) { 1344 smtp_tls_insecure_mx_policy = 1345 tls_level_lookup(var_smtp_tls_insecure_mx_policy); 1346 switch (smtp_tls_insecure_mx_policy) { 1347 case TLS_LEV_MAY: 1348 case TLS_LEV_ENCRYPT: 1349 case TLS_LEV_DANE: 1350 break; 1351 default: 1352 msg_fatal("invalid %s: \"%s\"", VAR_SMTP_TLS_INSECURE_MX_POLICY, 1353 var_smtp_tls_insecure_mx_policy); 1354 } 1355 } 1356 #endif 1357 1358 /* 1359 * Select hostname lookup mechanisms. 1360 */ 1361 if (smtp_dns_support == SMTP_DNS_DISABLED) 1362 smtp_host_lookup_mask = SMTP_HOST_FLAG_NATIVE; 1363 else 1364 smtp_host_lookup_mask = 1365 name_mask(VAR_LMTP_SMTP(HOST_LOOKUP), lookup_masks, 1366 var_smtp_host_lookup); 1367 if (msg_verbose) 1368 msg_info("host name lookup methods: %s", 1369 str_name_mask(VAR_LMTP_SMTP(HOST_LOOKUP), lookup_masks, 1370 smtp_host_lookup_mask)); 1371 1372 /* 1373 * Session cache instance. 1374 */ 1375 if (*var_smtp_cache_dest || var_smtp_cache_demand) 1376 #if 0 1377 smtp_scache = scache_multi_create(); 1378 #else 1379 smtp_scache = scache_clnt_create(var_scache_service, 1380 var_scache_proto_tmout, 1381 var_ipc_idle_limit, 1382 var_ipc_ttl_limit); 1383 #endif 1384 1385 /* 1386 * Select DNS query flags. 1387 */ 1388 smtp_dns_res_opt = name_mask(VAR_LMTP_SMTP(DNS_RES_OPT), dns_res_opt_masks, 1389 var_smtp_dns_res_opt); 1390 1391 /* 1392 * Address verification. 1393 */ 1394 smtp_vrfy_init(); 1395 1396 /* 1397 * Look up service command-line attributes; these do not change during 1398 * the process lifetime. 1399 */ 1400 get_cli_attr(&smtp_cli_attr, argv); 1401 1402 /* 1403 * header_from format, for postmaster notifications. 1404 */ 1405 smtp_hfrom_format = hfrom_format_parse(VAR_HFROM_FORMAT, var_hfrom_format); 1406 } 1407 1408 /* pre_init - pre-jail initialization */ 1409 1410 static void pre_init(char *unused_name, char **unused_argv) 1411 { 1412 int use_tls; 1413 static const NAME_CODE addr_pref_map[] = { 1414 INET_PROTO_NAME_IPV6, SMTP_MISC_FLAG_PREF_IPV6, 1415 INET_PROTO_NAME_IPV4, SMTP_MISC_FLAG_PREF_IPV4, 1416 INET_PROTO_NAME_ANY, 0, 1417 0, -1, 1418 }; 1419 1420 /* 1421 * Turn on per-peer debugging. 1422 */ 1423 debug_peer_init(); 1424 1425 /* 1426 * SASL initialization. 1427 */ 1428 if (var_smtp_sasl_enable) 1429 #ifdef USE_SASL_AUTH 1430 smtp_sasl_initialize(); 1431 #else 1432 msg_warn("%s is true, but SASL support is not compiled in", 1433 VAR_LMTP_SMTP(SASL_ENABLE)); 1434 #endif 1435 1436 if (*var_smtp_tls_level != 0) 1437 #ifdef USE_TLS 1438 switch (tls_level_lookup(var_smtp_tls_level)) { 1439 case TLS_LEV_SECURE: 1440 case TLS_LEV_VERIFY: 1441 case TLS_LEV_DANE_ONLY: 1442 case TLS_LEV_FPRINT: 1443 case TLS_LEV_ENCRYPT: 1444 var_smtp_use_tls = var_smtp_enforce_tls = 1; 1445 break; 1446 case TLS_LEV_DANE: 1447 case TLS_LEV_MAY: 1448 var_smtp_use_tls = 1; 1449 var_smtp_enforce_tls = 0; 1450 break; 1451 case TLS_LEV_NONE: 1452 var_smtp_use_tls = var_smtp_enforce_tls = 0; 1453 break; 1454 default: 1455 /* tls_level_lookup() logs no warning. */ 1456 /* session_tls_init() assumes that var_smtp_tls_level is sane. */ 1457 msg_fatal("Invalid TLS level \"%s\"", var_smtp_tls_level); 1458 } 1459 #endif 1460 use_tls = (var_smtp_use_tls || var_smtp_enforce_tls); 1461 1462 /* 1463 * Initialize the TLS data before entering the chroot jail 1464 */ 1465 if (use_tls || var_smtp_tls_per_site[0] || var_smtp_tls_policy[0]) { 1466 #ifdef USE_TLS 1467 TLS_CLIENT_INIT_PROPS props; 1468 1469 tls_pre_jail_init(TLS_ROLE_CLIENT); 1470 1471 /* 1472 * We get stronger type safety and a cleaner interface by combining 1473 * the various parameters into a single tls_client_props structure. 1474 * 1475 * Large parameter lists are error-prone, so we emulate a language 1476 * feature that C does not have natively: named parameter lists. 1477 * 1478 * With tlsproxy(8) turned on, this is still needed for DANE-related 1479 * initializations. 1480 */ 1481 smtp_tls_ctx = 1482 TLS_CLIENT_INIT(&props, 1483 log_param = VAR_LMTP_SMTP(TLS_LOGLEVEL), 1484 log_level = var_smtp_tls_loglevel, 1485 verifydepth = var_smtp_tls_scert_vd, 1486 cache_type = LMTP_SMTP_SUFFIX(TLS_MGR_SCACHE), 1487 chain_files = var_smtp_tls_chain_files, 1488 cert_file = var_smtp_tls_cert_file, 1489 key_file = var_smtp_tls_key_file, 1490 dcert_file = var_smtp_tls_dcert_file, 1491 dkey_file = var_smtp_tls_dkey_file, 1492 eccert_file = var_smtp_tls_eccert_file, 1493 eckey_file = var_smtp_tls_eckey_file, 1494 CAfile = var_smtp_tls_CAfile, 1495 CApath = var_smtp_tls_CApath, 1496 mdalg = var_smtp_tls_fpt_dgst); 1497 smtp_tls_list_init(); 1498 tls_dane_loglevel(VAR_LMTP_SMTP(TLS_LOGLEVEL), var_smtp_tls_loglevel); 1499 #else 1500 msg_warn("TLS has been selected, but TLS support is not compiled in"); 1501 #endif 1502 } 1503 1504 /* 1505 * Flush client. 1506 */ 1507 flush_init(); 1508 1509 /* 1510 * Session cache domain list. 1511 */ 1512 if (*var_smtp_cache_dest) 1513 smtp_cache_dest = string_list_init(VAR_SMTP_CACHE_DEST, 1514 MATCH_FLAG_RETURN, 1515 var_smtp_cache_dest); 1516 1517 /* 1518 * EHLO keyword filter. 1519 */ 1520 if (*var_smtp_ehlo_dis_maps) 1521 smtp_ehlo_dis_maps = maps_create(VAR_LMTP_SMTP(EHLO_DIS_MAPS), 1522 var_smtp_ehlo_dis_maps, 1523 DICT_FLAG_LOCK); 1524 1525 /* 1526 * PIX bug workarounds. 1527 */ 1528 if (*var_smtp_pix_bug_maps) 1529 smtp_pix_bug_maps = maps_create(VAR_LMTP_SMTP(PIX_BUG_MAPS), 1530 var_smtp_pix_bug_maps, 1531 DICT_FLAG_LOCK); 1532 1533 /* 1534 * Generic maps. 1535 */ 1536 if (*var_prop_extension) 1537 smtp_ext_prop_mask = 1538 ext_prop_mask(VAR_PROP_EXTENSION, var_prop_extension); 1539 if (*var_smtp_generic_maps) 1540 smtp_generic_maps = 1541 maps_create(VAR_LMTP_SMTP(GENERIC_MAPS), var_smtp_generic_maps, 1542 DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX 1543 | DICT_FLAG_UTF8_REQUEST); 1544 1545 /* 1546 * Header/body checks. 1547 */ 1548 smtp_header_checks = hbc_header_checks_create( 1549 VAR_LMTP_SMTP(HEAD_CHKS), var_smtp_head_chks, 1550 VAR_LMTP_SMTP(MIME_CHKS), var_smtp_mime_chks, 1551 VAR_LMTP_SMTP(NEST_CHKS), var_smtp_nest_chks, 1552 smtp_hbc_callbacks); 1553 smtp_body_checks = hbc_body_checks_create( 1554 VAR_LMTP_SMTP(BODY_CHKS), var_smtp_body_chks, 1555 smtp_hbc_callbacks); 1556 1557 /* 1558 * Server reply filter. 1559 */ 1560 if (*var_smtp_resp_filter) 1561 smtp_chat_resp_filter = 1562 dict_open(var_smtp_resp_filter, O_RDONLY, 1563 DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX); 1564 1565 /* 1566 * Address family preference. 1567 */ 1568 if (*var_smtp_addr_pref) { 1569 smtp_addr_pref = name_code(addr_pref_map, NAME_CODE_FLAG_NONE, 1570 var_smtp_addr_pref); 1571 if (smtp_addr_pref < 0) 1572 msg_fatal("bad %s value: %s", VAR_LMTP_SMTP(ADDR_PREF), 1573 var_smtp_addr_pref); 1574 } 1575 1576 /* 1577 * DNS reply filter. 1578 */ 1579 if (*var_smtp_dns_re_filter) 1580 dns_rr_filter_compile(VAR_LMTP_SMTP(DNS_RE_FILTER), 1581 var_smtp_dns_re_filter); 1582 } 1583 1584 /* pre_accept - see if tables have changed */ 1585 1586 static void pre_accept(char *unused_name, char **unused_argv) 1587 { 1588 const char *table; 1589 1590 if ((table = dict_changed_name()) != 0) { 1591 msg_info("table %s has changed -- restarting", table); 1592 exit(0); 1593 } 1594 } 1595 1596 MAIL_VERSION_STAMP_DECLARE; 1597 1598 /* main - pass control to the single-threaded skeleton */ 1599 1600 int main(int argc, char **argv) 1601 { 1602 char *sane_procname; 1603 1604 #include "smtp_params.c" 1605 #include "lmtp_params.c" 1606 1607 /* 1608 * Fingerprint executables and core dumps. 1609 */ 1610 MAIL_VERSION_STAMP_ALLOCATE; 1611 1612 /* 1613 * XXX At this point, var_procname etc. are not initialized. 1614 * 1615 * The process name, "smtp" or "lmtp", determines the protocol, the DSN 1616 * server reply type, SASL service information lookup, and more. Prepare 1617 * for the possibility there may be another personality. 1618 */ 1619 sane_procname = sane_basename((VSTRING *) 0, argv[0]); 1620 if (strcmp(sane_procname, "smtp") == 0) 1621 smtp_mode = 1; 1622 else if (strcmp(sane_procname, "lmtp") == 0) 1623 smtp_mode = 0; 1624 else 1625 /* TODO: logging is not initialized. */ 1626 msg_fatal("unexpected process name \"%s\" - " 1627 "specify \"smtp\" or \"lmtp\"", var_procname); 1628 1629 /* 1630 * Initialize with the LMTP or SMTP parameter name space. 1631 */ 1632 single_server_main(argc, argv, smtp_service, 1633 CA_MAIL_SERVER_TIME_TABLE(smtp_mode ? 1634 smtp_time_table : lmtp_time_table), 1635 CA_MAIL_SERVER_INT_TABLE(smtp_mode ? 1636 smtp_int_table : lmtp_int_table), 1637 CA_MAIL_SERVER_STR_TABLE(smtp_mode ? 1638 smtp_str_table : lmtp_str_table), 1639 CA_MAIL_SERVER_BOOL_TABLE(smtp_mode ? 1640 smtp_bool_table : lmtp_bool_table), 1641 CA_MAIL_SERVER_NBOOL_TABLE(smtp_mode ? 1642 smtp_nbool_table : lmtp_nbool_table), 1643 CA_MAIL_SERVER_PRE_INIT(pre_init), 1644 CA_MAIL_SERVER_POST_INIT(post_init), 1645 CA_MAIL_SERVER_PRE_ACCEPT(pre_accept), 1646 CA_MAIL_SERVER_BOUNCE_INIT(VAR_SMTP_DSN_FILTER, 1647 &var_smtp_dsn_filter), 1648 0); 1649 } 1650