1SMTPD(8) System Manager's Manual SMTPD(8)
2
6 smtpd - Postfix SMTP server
7
9 smtpd [generic Postfix daemon options]
10 sendmail -bs
12
14 The SMTP server accepts network connection requests and performs zero
15 or more SMTP transactions per connection. Each received message is
16 piped through the cleanup(8) daemon, and is placed into the incoming
17 queue as one single queue file. For this mode of operation, the pro‐
18 gram expects to be run from the master(8) process manager.
19 Alternatively, the SMTP server be can run in stand-alone mode; this is
21 traditionally obtained with "sendmail -bs". When the SMTP server runs
22 stand-alone with non $mail_owner privileges, it receives mail even
23 while the mail system is not running, deposits messages directly into
24 the maildrop queue, and disables the SMTP server's access policies. As
25 of Postfix version 2.3, the SMTP server refuses to receive mail from
26 the network when it runs with non $mail_owner privileges.
27 The SMTP server implements a variety of policies for connection
29 requests, and for parameters given to HELO, ETRN, MAIL FROM, VRFY and
30 RCPT TO commands. They are detailed below and in the main.cf configura‐
31 tion file.
32
34 The SMTP server is moderately security-sensitive. It talks to SMTP
35 clients and to DNS servers on the network. The SMTP server can be run
36 chrooted at fixed low privilege.
37
39 RFC 821 (SMTP protocol)
40 RFC 1123 (Host requirements)
41 RFC 1652 (8bit-MIME transport)
42 RFC 1869 (SMTP service extensions)
43 RFC 1870 (Message Size Declaration)
44 RFC 1985 (ETRN command)
45 RFC 2034 (SMTP Enhanced Error Codes)
46 RFC 2554 (AUTH command)
47 RFC 2821 (SMTP protocol)
48 RFC 2920 (SMTP Pipelining)
49 RFC 3207 (STARTTLS command)
50 RFC 3461 (SMTP DSN Extension)
51 RFC 3463 (Enhanced Status Codes)
52 RFC 3848 (ESMTP Transmission Types)
53 RFC 4954 (AUTH command)
54
56 Problems and transactions are logged to syslogd(8).
57 Depending on the setting of the notify_classes parameter, the postmas‐
59 ter is notified of bounces, protocol problems, policy violations, and
60 of other trouble.
61
63 Changes to main.cf are picked up automatically, as smtpd(8) processes
64 run for only a limited amount of time. Use the command "postfix reload"
65 to speed up a change.
66 The text below provides only a parameter summary. See postconf(5) for
68 more details including examples.
69
71 The following parameters work around implementation errors in other
72 software, and/or allow you to override standards in order to prevent
73 undesirable use.
74 broken_sasl_auth_clients (no)
76 Enable inter-operability with SMTP clients that implement an
77 obsolete version of the AUTH command (RFC 4954).
78 disable_vrfy_command (no)
80 Disable the SMTP VRFY command.
81 smtpd_noop_commands (empty)
83 List of commands that the Postfix SMTP server replies to with
84 "250 Ok", without doing any syntax checks and without changing
85 state.
86 strict_rfc821_envelopes (no)
88 Require that addresses received in SMTP MAIL FROM and RCPT TO
89 commands are enclosed with <>, and that those addresses do not
90 contain RFC 822 style comments or phrases.
91 Available in Postfix version 2.1 and later:
93 resolve_null_domain (no)
95 Resolve an address that ends in the "@" null domain as if the
96 local hostname were specified, instead of rejecting the address
97 as invalid.
98 smtpd_reject_unlisted_sender (no)
100 Request that the Postfix SMTP server rejects mail from unknown
101 sender addresses, even when no explicit reject_unlisted_sender
102 access restriction is specified.
103 smtpd_sasl_exceptions_networks (empty)
105 What remote SMTP clients the Postfix SMTP server will not offer
106 AUTH support to.
107 Available in Postfix version 2.2 and later:
109 smtpd_discard_ehlo_keyword_address_maps (empty)
111 Lookup tables, indexed by the remote SMTP client address, with
112 case insensitive lists of EHLO keywords (pipelining, starttls,
113 auth, etc.) that the SMTP server will not send in the EHLO
114 response to a remote SMTP client.
115 smtpd_discard_ehlo_keywords (empty)
117 A case insensitive list of EHLO keywords (pipelining, starttls,
118 auth, etc.) that the SMTP server will not send in the EHLO
119 response to a remote SMTP client.
120 smtpd_delay_open_until_valid_rcpt (yes)
122 Postpone the start of an SMTP mail transaction until a valid
123 RCPT TO command is received.
124 Available in Postfix version 2.3 and later:
126 smtpd_tls_always_issue_session_ids (yes)
128 Force the Postfix SMTP server to issue a TLS session id, even
129 when TLS session caching is turned off (smtpd_tls_ses‐
130 sion_cache_database is empty).
131 Available in Postfix version 2.6 and later:
133 tcp_windowsize (0)
135 An optional workaround for routers that break TCP window scal‐
136 ing.
137
139 See the ADDRESS_REWRITING_README document for a detailed discussion of
140 Postfix address rewriting.
141 receive_override_options (empty)
143 Enable or disable recipient validation, built-in content filter‐
144 ing, or address mapping.
145 Available in Postfix version 2.2 and later:
147 local_header_rewrite_clients (permit_inet_interfaces)
149 Rewrite message header addresses in mail from these clients and
150 update incomplete addresses with the domain name in $myorigin or
151 $mydomain; either don't rewrite message headers from other
152 clients at all, or rewrite message headers and update incomplete
153 addresses with the domain specified in the remote_header_re‐
154 write_domain parameter.
155
157 As of version 1.0, Postfix can be configured to send new mail to an
158 external content filter AFTER the mail is queued. This content filter
159 is expected to inject mail back into a (Postfix or other) MTA for fur‐
160 ther delivery. See the FILTER_README document for details.
161 content_filter (empty)
163 The name of a mail delivery transport that filters mail after it
164 is queued.
165
167 As of version 2.1, the Postfix SMTP server can be configured to send
168 incoming mail to a real-time SMTP-based content filter BEFORE mail is
169 queued. This content filter is expected to inject mail back into Post‐
170 fix. See the SMTPD_PROXY_README document for details on how to config‐
171 ure and operate this feature.
172 smtpd_proxy_filter (empty)
174 The hostname and TCP port of the mail filtering proxy server.
175 smtpd_proxy_ehlo ($myhostname)
177 How the Postfix SMTP server announces itself to the proxy fil‐
178 ter.
179 smtpd_proxy_timeout (100s)
181 The time limit for connecting to a proxy filter and for sending
182 or receiving information.
183
185 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
186 filter) protocol. These content filters run outside Postfix. They can
187 inspect the SMTP command stream and the message content, and can
188 request modifications before mail is queued. For details see the MIL‐
189 TER_README document.
190 smtpd_milters (empty)
192 A list of Milter (mail filter) applications for new mail that
193 arrives via the Postfix smtpd(8) server.
194 milter_protocol (6)
196 The mail filter protocol version and optional protocol exten‐
197 sions for communication with a Milter application; prior to
198 Postfix 2.6 the default protocol is 2.
199 milter_default_action (tempfail)
201 The default action when a Milter (mail filter) application is
202 unavailable or mis-configured.
203 milter_macro_daemon_name ($myhostname)
205 The {daemon_name} macro value for Milter (mail filter) applica‐
206 tions.
207 milter_macro_v ($mail_name $mail_version)
209 The {v} macro value for Milter (mail filter) applications.
210 milter_connect_timeout (30s)
212 The time limit for connecting to a Milter (mail filter) applica‐
213 tion, and for negotiating protocol options.
214 milter_command_timeout (30s)
216 The time limit for sending an SMTP command to a Milter (mail
217 filter) application, and for receiving the response.
218 milter_content_timeout (300s)
220 The time limit for sending message content to a Milter (mail
221 filter) application, and for receiving the response.
222 milter_connect_macros (see 'postconf -d' output)
224 The macros that are sent to Milter (mail filter) applications
225 after completion of an SMTP connection.
226 milter_helo_macros (see 'postconf -d' output)
228 The macros that are sent to Milter (mail filter) applications
229 after the SMTP HELO or EHLO command.
230 milter_mail_macros (see 'postconf -d' output)
232 The macros that are sent to Milter (mail filter) applications
233 after the SMTP MAIL FROM command.
234 milter_rcpt_macros (see 'postconf -d' output)
236 The macros that are sent to Milter (mail filter) applications
237 after the SMTP RCPT TO command.
238 milter_data_macros (see 'postconf -d' output)
240 The macros that are sent to version 4 or higher Milter (mail
241 filter) applications after the SMTP DATA command.
242 milter_unknown_command_macros (see 'postconf -d' output)
244 The macros that are sent to version 3 or higher Milter (mail
245 filter) applications after an unknown SMTP command.
246 milter_end_of_header_macros (see 'postconf -d' output)
248 The macros that are sent to Milter (mail filter) applications
249 after the end of the message header.
250 milter_end_of_data_macros (see 'postconf -d' output)
252 The macros that are sent to Milter (mail filter) applications
253 after the message end-of-data.
254
256 The following parameters are applicable for both built-in and external
257 content filters.
258 Available in Postfix version 2.1 and later:
260 receive_override_options (empty)
262 Enable or disable recipient validation, built-in content filter‐
263 ing, or address mapping.
264
266 The following parameters are applicable for both before-queue and
267 after-queue content filtering.
268 Available in Postfix version 2.1 and later:
270 smtpd_authorized_xforward_hosts (empty)
272 What SMTP clients are allowed to use the XFORWARD feature.
273
275 Postfix SASL support (RFC 4954) can be used to authenticate remote SMTP
276 clients to the Postfix SMTP server, and to authenticate the Postfix
277 SMTP client to a remote SMTP server. See the SASL_README document for
278 details.
279 broken_sasl_auth_clients (no)
281 Enable inter-operability with SMTP clients that implement an
282 obsolete version of the AUTH command (RFC 4954).
283 smtpd_sasl_auth_enable (no)
285 Enable SASL authentication in the Postfix SMTP server.
286 smtpd_sasl_local_domain (empty)
288 The name of the Postfix SMTP server's local SASL authentication
289 realm.
290 smtpd_sasl_security_options (noanonymous)
292 Postfix SMTP server SASL security options; as of Postfix 2.3 the
293 list of available features depends on the SASL server implemen‐
294 tation that is selected with smtpd_sasl_type.
295 smtpd_sender_login_maps (empty)
297 Optional lookup table with the SASL login names that own sender
298 (MAIL FROM) addresses.
299 Available in Postfix version 2.1 and later:
301 smtpd_sasl_exceptions_networks (empty)
303 What remote SMTP clients the Postfix SMTP server will not offer
304 AUTH support to.
305 Available in Postfix version 2.1 and 2.2:
307 smtpd_sasl_application_name (smtpd)
309 The application name that the Postfix SMTP server uses for SASL
310 server initialization.
311 Available in Postfix version 2.3 and later:
313 smtpd_sasl_authenticated_header (no)
315 Report the SASL authenticated user name in the smtpd(8) Received
316 message header.
317 smtpd_sasl_path (smtpd)
319 Implementation-specific information that the Postfix SMTP server
320 passes through to the SASL plug-in implementation that is
321 selected with smtpd_sasl_type.
322 smtpd_sasl_type (cyrus)
324 The SASL plug-in type that the Postfix SMTP server should use
325 for authentication.
326 Available in Postfix version 2.5 and later:
328 cyrus_sasl_config_path (empty)
330 Search path for Cyrus SASL application configuration files, cur‐
331 rently used only to locate the $smtpd_sasl_path.conf file.
332
334 Detailed information about STARTTLS configuration may be found in the
335 TLS_README document.
336 smtpd_tls_security_level (empty)
338 The SMTP TLS security level for the Postfix SMTP server; when a
339 non-empty value is specified, this overrides the obsolete param‐
340 eters smtpd_use_tls and smtpd_enforce_tls.
341 smtpd_sasl_tls_security_options ($smtpd_sasl_security_options)
343 The SASL authentication security options that the Postfix SMTP
344 server uses for TLS encrypted SMTP sessions.
345 smtpd_starttls_timeout (300s)
347 The time limit for Postfix SMTP server write and read operations
348 during TLS startup and shutdown handshake procedures.
349 smtpd_tls_CAfile (empty)
351 A file containing (PEM format) CA certificates of root CAs
352 trusted to sign either remote SMTP client certificates or inter‐
353 mediate CA certificates.
354 smtpd_tls_CApath (empty)
356 A directory containing (PEM format) CA certificates of root CAs
357 trusted to sign either remote SMTP client certificates or inter‐
358 mediate CA certificates.
359 smtpd_tls_always_issue_session_ids (yes)
361 Force the Postfix SMTP server to issue a TLS session id, even
362 when TLS session caching is turned off (smtpd_tls_ses‐
363 sion_cache_database is empty).
364 smtpd_tls_ask_ccert (no)
366 Ask a remote SMTP client for a client certificate.
367 smtpd_tls_auth_only (no)
369 When TLS encryption is optional in the Postfix SMTP server, do
370 not announce or accept SASL authentication over unencrypted con‐
371 nections.
372 smtpd_tls_ccert_verifydepth (9)
374 The verification depth for remote SMTP client certificates.
375 smtpd_tls_cert_file (empty)
377 File with the Postfix SMTP server RSA certificate in PEM format.
378 smtpd_tls_exclude_ciphers (empty)
380 List of ciphers or cipher types to exclude from the SMTP server
381 cipher list at all TLS security levels.
382 smtpd_tls_dcert_file (empty)
384 File with the Postfix SMTP server DSA certificate in PEM format.
385 smtpd_tls_dh1024_param_file (empty)
387 File with DH parameters that the Postfix SMTP server should use
388 with EDH ciphers.
389 smtpd_tls_dh512_param_file (empty)
391 File with DH parameters that the Postfix SMTP server should use
392 with EDH ciphers.
393 smtpd_tls_dkey_file ($smtpd_tls_dcert_file)
395 File with the Postfix SMTP server DSA private key in PEM format.
396 smtpd_tls_key_file ($smtpd_tls_cert_file)
398 File with the Postfix SMTP server RSA private key in PEM format.
399 smtpd_tls_loglevel (0)
401 Enable additional Postfix SMTP server logging of TLS activity.
402 smtpd_tls_mandatory_ciphers (medium)
404 The minimum TLS cipher grade that the Postfix SMTP server will
405 use with mandatory TLS encryption.
406 smtpd_tls_mandatory_exclude_ciphers (empty)
408 Additional list of ciphers or cipher types to exclude from the
409 SMTP server cipher list at mandatory TLS security levels.
410 smtpd_tls_mandatory_protocols (SSLv3, TLSv1)
412 The SSL/TLS protocols accepted by the Postfix SMTP server with
413 mandatory TLS encryption.
414 smtpd_tls_received_header (no)
416 Request that the Postfix SMTP server produces Received: message
417 headers that include information about the protocol and cipher
418 used, as well as the client CommonName and client certificate
419 issuer CommonName.
420 smtpd_tls_req_ccert (no)
422 With mandatory TLS encryption, require a trusted remote SMTP
423 client certificate in order to allow TLS connections to proceed.
424 smtpd_tls_session_cache_database (empty)
426 Name of the file containing the optional Postfix SMTP server TLS
427 session cache.
428 smtpd_tls_session_cache_timeout (3600s)
430 The expiration time of Postfix SMTP server TLS session cache
431 information.
432 smtpd_tls_wrappermode (no)
434 Run the Postfix SMTP server in the non-standard "wrapper" mode,
435 instead of using the STARTTLS command.
436 tls_daemon_random_bytes (32)
438 The number of pseudo-random bytes that an smtp(8) or smtpd(8)
439 process requests from the tlsmgr(8) server in order to seed its
440 internal pseudo random number generator (PRNG).
441 tls_high_cipherlist (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)
443 The OpenSSL cipherlist for "HIGH" grade ciphers.
444 tls_medium_cipherlist (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)
446 The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers.
447 tls_low_cipherlist (ALL:!EXPORT:+RC4:@STRENGTH)
449 The OpenSSL cipherlist for "LOW" or higher grade ciphers.
450 tls_export_cipherlist (ALL:+RC4:@STRENGTH)
452 The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.
453 tls_null_cipherlist (eNULL:!aNULL)
455 The OpenSSL cipherlist for "NULL" grade ciphers that provide
456 authentication without encryption.
457 Available in Postfix version 2.5 and later:
459 smtpd_tls_fingerprint_digest (md5)
461 The message digest algorithm used to construct client-certifi‐
462 cate fingerprints for check_ccert_access and per‐
463 mit_tls_clientcerts.
464 Available in Postfix version 2.6 and later:
466 smtpd_tls_protocols (empty)
468 List of TLS protocols that the Postfix SMTP server will exclude
469 or include with opportunistic TLS encryption.
470 smtpd_tls_ciphers (export)
472 The minimum TLS cipher grade that the Postfix SMTP server will
473 use with opportunistic TLS encryption.
474 smtpd_tls_eccert_file (empty)
476 File with the Postfix SMTP server ECDSA certificate in PEM for‐
477 mat.
478 smtpd_tls_eckey_file ($smtpd_tls_eccert_file)
480 File with the Postfix SMTP server ECDSA private key in PEM for‐
481 mat.
482 smtpd_tls_eecdh_grade (see 'postconf -d' output)
484 The Postfix SMTP server security grade for ephemeral elliptic-
485 curve Diffie-Hellman (EECDH) key exchange.
486 tls_eecdh_strong_curve (prime256v1)
488 The elliptic curve used by the SMTP server for sensibly strong
489 ephemeral ECDH key exchange.
490 tls_eecdh_ultra_curve (secp384r1)
492 The elliptic curve used by the SMTP server for maximally strong
493 ephemeral ECDH key exchange.
494
496 The following configuration parameters exist for compatibility with
497 Postfix versions before 2.3. Support for these will be removed in a
498 future release.
499 smtpd_use_tls (no)
501 Opportunistic TLS: announce STARTTLS support to SMTP clients,
502 but do not require that clients use TLS encryption.
503 smtpd_enforce_tls (no)
505 Mandatory TLS: announce STARTTLS support to SMTP clients, and
506 require that clients use TLS encryption.
507 smtpd_tls_cipherlist (empty)
509 Obsolete Postfix < 2.3 control for the Postfix SMTP server TLS
510 cipher list.
511
513 With VERP style delivery, each recipient of a message receives a cus‐
514 tomized copy of the message with his/her own recipient address encoded
515 in the envelope sender address. The VERP_README file describes config‐
516 uration and operation details of Postfix support for variable envelope
517 return path addresses. VERP style delivery is requested with the SMTP
518 XVERP command or with the "sendmail -V" command-line option and is
519 available in Postfix version 1.1 and later.
520 default_verp_delimiters (+=)
522 The two default VERP delimiter characters.
523 verp_delimiter_filter (-=+)
525 The characters Postfix accepts as VERP delimiter characters on
526 the Postfix sendmail(1) command line and in SMTP commands.
527 Available in Postfix version 1.1 and 2.0:
529 authorized_verp_clients ($mynetworks)
531 What SMTP clients are allowed to specify the XVERP command.
532 Available in Postfix version 2.1 and later:
534 smtpd_authorized_verp_clients ($authorized_verp_clients)
536 What SMTP clients are allowed to specify the XVERP command.
537
539 The DEBUG_README document describes how to debug parts of the Postfix
540 mail system. The methods vary from making the software log a lot of
541 detail, to running some daemon processes under control of a call tracer
542 or debugger.
543 debug_peer_level (2)
545 The increment in verbose logging level when a remote client or
546 server matches a pattern in the debug_peer_list parameter.
547 debug_peer_list (empty)
549 Optional list of remote client or server hostname or network
550 address patterns that cause the verbose logging level to
551 increase by the amount specified in $debug_peer_level.
552 error_notice_recipient (postmaster)
554 The recipient of postmaster notifications about mail delivery
555 problems that are caused by policy, resource, software or proto‐
556 col errors.
557 internal_mail_filter_classes (empty)
559 What categories of Postfix-generated mail are subject to before-
560 queue content inspection by non_smtpd_milters, header_checks and
561 body_checks.
562 notify_classes (resource, software)
564 The list of error classes that are reported to the postmaster.
565 soft_bounce (no)
567 Safety net to keep mail queued that would otherwise be returned
568 to the sender.
569 Available in Postfix version 2.1 and later:
571 smtpd_authorized_xclient_hosts (empty)
573 What SMTP clients are allowed to use the XCLIENT feature.
574
576 As of Postfix version 2.0, the SMTP server rejects mail for unknown
577 recipients. This prevents the mail queue from clogging up with undeliv‐
578 erable MAILER-DAEMON messages. Additional information on this topic is
579 in the LOCAL_RECIPIENT_README and ADDRESS_CLASS_README documents.
580 show_user_unknown_table_name (yes)
582 Display the name of the recipient table in the "User unknown"
583 responses.
584 canonical_maps (empty)
586 Optional address mapping lookup tables for message headers and
587 envelopes.
588 recipient_canonical_maps (empty)
590 Optional address mapping lookup tables for envelope and header
591 recipient addresses.
592 Parameters concerning known/unknown local recipients:
594 mydestination ($myhostname, localhost.$mydomain, localhost)
596 The list of domains that are delivered via the $local_transport
597 mail delivery transport.
598 inet_interfaces (all)
600 The network interface addresses that this mail system receives
601 mail on.
602 proxy_interfaces (empty)
604 The network interface addresses that this mail system receives
605 mail on by way of a proxy or network address translation unit.
606 inet_protocols (ipv4)
608 The Internet protocols Postfix will attempt to use when making
609 or accepting connections.
610 local_recipient_maps (proxy:unix:passwd.byname $alias_maps)
612 Lookup tables with all names or addresses of local recipients: a
613 recipient address is local when its domain matches $mydestina‐
614 tion, $inet_interfaces or $proxy_interfaces.
615 unknown_local_recipient_reject_code (550)
617 The numerical Postfix SMTP server response code when a recipient
618 address is local, and $local_recipient_maps specifies a list of
619 lookup tables that does not match the recipient.
620 Parameters concerning known/unknown recipients of relay destinations:
622 relay_domains ($mydestination)
624 What destination domains (and subdomains thereof) this system
625 will relay mail to.
626 relay_recipient_maps (empty)
628 Optional lookup tables with all valid addresses in the domains
629 that match $relay_domains.
630 unknown_relay_recipient_reject_code (550)
632 The numerical Postfix SMTP server reply code when a recipient
633 address matches $relay_domains, and relay_recipient_maps speci‐
634 fies a list of lookup tables that does not match the recipient
635 address.
636 Parameters concerning known/unknown recipients in virtual alias
638 domains:
639 virtual_alias_domains ($virtual_alias_maps)
641 Postfix is final destination for the specified list of virtual
642 alias domains, that is, domains for which all addresses are
643 aliased to addresses in other local or remote domains.
644 virtual_alias_maps ($virtual_maps)
646 Optional lookup tables that alias specific mail addresses or
647 domains to other local or remote address.
648 unknown_virtual_alias_reject_code (550)
650 The SMTP server reply code when a recipient address matches
651 $virtual_alias_domains, and $virtual_alias_maps specifies a list
652 of lookup tables that does not match the recipient address.
653 Parameters concerning known/unknown recipients in virtual mailbox
655 domains:
656 virtual_mailbox_domains ($virtual_mailbox_maps)
658 Postfix is final destination for the specified list of domains;
659 mail is delivered via the $virtual_transport mail delivery
660 transport.
661 virtual_mailbox_maps (empty)
663 Optional lookup tables with all valid addresses in the domains
664 that match $virtual_mailbox_domains.
665 unknown_virtual_mailbox_reject_code (550)
667 The SMTP server reply code when a recipient address matches
668 $virtual_mailbox_domains, and $virtual_mailbox_maps specifies a
669 list of lookup tables that does not match the recipient address.
670
672 The following parameters limit resource usage by the SMTP server and/or
673 control client request rates.
674 line_length_limit (2048)
676 Upon input, long lines are chopped up into pieces of at most
677 this length; upon delivery, long lines are reconstructed.
678 queue_minfree (0)
680 The minimal amount of free space in bytes in the queue file sys‐
681 tem that is needed to receive mail.
682 message_size_limit (10240000)
684 The maximal size in bytes of a message, including envelope
685 information.
686 smtpd_recipient_limit (1000)
688 The maximal number of recipients that the Postfix SMTP server
689 accepts per message delivery request.
690 smtpd_timeout (normal: 300s, stress: 10s)
692 The time limit for sending a Postfix SMTP server response and
693 for receiving a remote SMTP client request.
694 smtpd_history_flush_threshold (100)
696 The maximal number of lines in the Postfix SMTP server command
697 history before it is flushed upon receipt of EHLO, RSET, or end
698 of DATA.
699 Available in Postfix version 2.3 and later:
701 smtpd_peername_lookup (yes)
703 Attempt to look up the remote SMTP client hostname, and verify
704 that the name matches the client IP address.
705 The per SMTP client connection count and request rate limits are imple‐
707 mented in co-operation with the anvil(8) service, and are available in
708 Postfix version 2.2 and later.
709 smtpd_client_connection_count_limit (50)
711 How many simultaneous connections any client is allowed to make
712 to this service.
713 smtpd_client_connection_rate_limit (0)
715 The maximal number of connection attempts any client is allowed
716 to make to this service per time unit.
717 smtpd_client_message_rate_limit (0)
719 The maximal number of message delivery requests that any client
720 is allowed to make to this service per time unit, regardless of
721 whether or not Postfix actually accepts those messages.
722 smtpd_client_recipient_rate_limit (0)
724 The maximal number of recipient addresses that any client is
725 allowed to send to this service per time unit, regardless of
726 whether or not Postfix actually accepts those recipients.
727 smtpd_client_event_limit_exceptions ($mynetworks)
729 Clients that are excluded from connection count, connection
730 rate, or SMTP request rate restrictions.
731 Available in Postfix version 2.3 and later:
733 smtpd_client_new_tls_session_rate_limit (0)
735 The maximal number of new (i.e., uncached) TLS sessions that a
736 remote SMTP client is allowed to negotiate with this service per
737 time unit.
738
740 When a remote SMTP client makes errors, the Postfix SMTP server can
741 insert delays before responding. This can help to slow down run-away
742 software. The behavior is controlled by an error counter that counts
743 the number of errors within an SMTP session that a client makes without
744 delivering mail.
745 smtpd_error_sleep_time (1s)
747 With Postfix version 2.1 and later: the SMTP server response
748 delay after a client has made more than $smtpd_soft_error_limit
749 errors, and fewer than $smtpd_hard_error_limit errors, without
750 delivering mail.
751 smtpd_soft_error_limit (10)
753 The number of errors a remote SMTP client is allowed to make
754 without delivering mail before the Postfix SMTP server slows
755 down all its responses.
756 smtpd_hard_error_limit (normal: 20, stress: 1)
758 The maximal number of errors a remote SMTP client is allowed to
759 make without delivering mail.
760 smtpd_junk_command_limit (normal: 100, stress: 1)
762 The number of junk commands (NOOP, VRFY, ETRN or RSET) that a
763 remote SMTP client can send before the Postfix SMTP server
764 starts to increment the error counter with each junk command.
765 Available in Postfix version 2.1 and later:
767 smtpd_recipient_overshoot_limit (1000)
769 The number of recipients that a remote SMTP client can send in
770 excess of the limit specified with $smtpd_recipient_limit,
771 before the Postfix SMTP server increments the per-session error
772 count for each excess recipient.
773
775 As of version 2.1, Postfix can be configured to delegate access policy
776 decisions to an external server that runs outside Postfix. See the
777 file SMTPD_POLICY_README for more information.
778 smtpd_policy_service_max_idle (300s)
780 The time after which an idle SMTPD policy service connection is
781 closed.
782 smtpd_policy_service_max_ttl (1000s)
784 The time after which an active SMTPD policy service connection
785 is closed.
786 smtpd_policy_service_timeout (100s)
788 The time limit for connecting to, writing to or receiving from a
789 delegated SMTPD policy server.
790
792 The SMTPD_ACCESS_README document gives an introduction to all the SMTP
793 server access control features.
794 smtpd_delay_reject (yes)
796 Wait until the RCPT TO command before evaluating
797 $smtpd_client_restrictions, $smtpd_helo_restrictions and
798 $smtpd_sender_restrictions, or wait until the ETRN command
799 before evaluating $smtpd_client_restrictions and
800 $smtpd_helo_restrictions.
801 parent_domain_matches_subdomains (see 'postconf -d' output)
803 What Postfix features match subdomains of "domain.tld" automati‐
804 cally, instead of requiring an explicit ".domain.tld" pattern.
805 smtpd_client_restrictions (empty)
807 Optional SMTP server access restrictions in the context of a
808 client SMTP connection request.
809 smtpd_helo_required (no)
811 Require that a remote SMTP client introduces itself at the
812 beginning of an SMTP session with the HELO or EHLO command.
813 smtpd_helo_restrictions (empty)
815 Optional restrictions that the Postfix SMTP server applies in
816 the context of the SMTP HELO command.
817 smtpd_sender_restrictions (empty)
819 Optional restrictions that the Postfix SMTP server applies in
820 the context of the MAIL FROM command.
821 smtpd_recipient_restrictions (permit_mynetworks, reject_unauth_destina‐
823 tion)
824 The access restrictions that the Postfix SMTP server applies in
825 the context of the RCPT TO command.
826 smtpd_etrn_restrictions (empty)
828 Optional SMTP server access restrictions in the context of a
829 client ETRN request.
830 allow_untrusted_routing (no)
832 Forward mail with sender-specified routing
833 (user[@%!]remote[@%!]site) from untrusted clients to destina‐
834 tions matching $relay_domains.
835 smtpd_restriction_classes (empty)
837 User-defined aliases for groups of access restrictions.
838 smtpd_null_access_lookup_key (<>)
840 The lookup key to be used in SMTP access(5) tables instead of
841 the null sender address.
842 permit_mx_backup_networks (empty)
844 Restrict the use of the permit_mx_backup SMTP access feature to
845 only domains whose primary MX hosts match the listed networks.
846 Available in Postfix version 2.0 and later:
848 smtpd_data_restrictions (empty)
850 Optional access restrictions that the Postfix SMTP server
851 applies in the context of the SMTP DATA command.
852 smtpd_expansion_filter (see 'postconf -d' output)
854 What characters are allowed in $name expansions of RBL reply
855 templates.
856 Available in Postfix version 2.1 and later:
858 smtpd_reject_unlisted_sender (no)
860 Request that the Postfix SMTP server rejects mail from unknown
861 sender addresses, even when no explicit reject_unlisted_sender
862 access restriction is specified.
863 smtpd_reject_unlisted_recipient (yes)
865 Request that the Postfix SMTP server rejects mail for unknown
866 recipient addresses, even when no explicit
867 reject_unlisted_recipient access restriction is specified.
868 Available in Postfix version 2.2 and later:
870 smtpd_end_of_data_restrictions (empty)
872 Optional access restrictions that the Postfix SMTP server
873 applies in the context of the SMTP END-OF-DATA command.
874
876 Postfix version 2.1 introduces sender and recipient address verifica‐
877 tion. This feature is implemented by sending probe email messages that
878 are not actually delivered. This feature is requested via the
879 reject_unverified_sender and reject_unverified_recipient access
880 restrictions. The status of verification probes is maintained by the
881 verify(8) server. See the file ADDRESS_VERIFICATION_README for infor‐
882 mation about how to configure and operate the Postfix sender/recipient
883 address verification service.
884 address_verify_poll_count (3)
886 How many times to query the verify(8) service for the completion
887 of an address verification request in progress.
888 address_verify_poll_delay (3s)
890 The delay between queries for the completion of an address veri‐
891 fication request in progress.
892 address_verify_sender ($double_bounce_sender)
894 The sender address to use in address verification probes; prior
895 to Postfix 2.5 the default was "postmaster".
896 unverified_sender_reject_code (450)
898 The numerical Postfix SMTP server response code when a recipient
899 address is rejected by the reject_unverified_sender restriction.
900 unverified_recipient_reject_code (450)
902 The numerical Postfix SMTP server response when a recipient
903 address is rejected by the reject_unverified_recipient restric‐
904 tion.
905 Available in Postfix version 2.6 and later:
907 unverified_sender_defer_code (450)
909 The numerical Postfix SMTP server response code when a sender
910 address probe fails due to a temporary error condition.
911 unverified_recipient_defer_code (450)
913 The numerical Postfix SMTP server response when a recipient
914 address probe fails due to a temporary error condition.
915 unverified_sender_reject_reason (empty)
917 The Postfix SMTP server's reply when rejecting mail with
918 reject_unverified_sender.
919 unverified_recipient_reject_reason (empty)
921 The Postfix SMTP server's reply when rejecting mail with
922 reject_unverified_recipient.
923 unverified_sender_tempfail_action ($reject_tempfail_action)
925 The Postfix SMTP server's action when reject_unverified_sender
926 fails due to a temporary error condition.
927 unverified_recipient_tempfail_action ($reject_tempfail_action)
929 The Postfix SMTP server's action when reject_unverified_recipi‐
930 ent fails due to a temporary error condition.
931
933 The following parameters control numerical SMTP reply codes and/or text
934 responses.
935 access_map_reject_code (554)
937 The numerical Postfix SMTP server response code for an access(5)
938 map "reject" action.
939 defer_code (450)
941 The numerical Postfix SMTP server response code when a remote
942 SMTP client request is rejected by the "defer" restriction.
943 invalid_hostname_reject_code (501)
945 The numerical Postfix SMTP server response code when the client
946 HELO or EHLO command parameter is rejected by the
947 reject_invalid_helo_hostname restriction.
948 maps_rbl_reject_code (554)
950 The numerical Postfix SMTP server response code when a remote
951 SMTP client request is blocked by the reject_rbl_client,
952 reject_rhsbl_client, reject_rhsbl_sender or reject_rhsbl_recipi‐
953 ent restriction.
954 non_fqdn_reject_code (504)
956 The numerical Postfix SMTP server reply code when a client
957 request is rejected by the reject_non_fqdn_helo_hostname,
958 reject_non_fqdn_sender or reject_non_fqdn_recipient restriction.
959 plaintext_reject_code (450)
961 The numerical Postfix SMTP server response code when a request
962 is rejected by the reject_plaintext_session restriction.
963 reject_code (554)
965 The numerical Postfix SMTP server response code when a remote
966 SMTP client request is rejected by the "reject" restriction.
967 relay_domains_reject_code (554)
969 The numerical Postfix SMTP server response code when a client
970 request is rejected by the reject_unauth_destination recipient
971 restriction.
972 unknown_address_reject_code (450)
974 The numerical Postfix SMTP server response code when a sender or
975 recipient address is rejected by the
976 reject_unknown_sender_domain or reject_unknown_recipient_domain
977 restriction.
978 unknown_client_reject_code (450)
980 The numerical Postfix SMTP server response code when a client
981 without valid address <=> name mapping is rejected by the
982 reject_unknown_client_hostname restriction.
983 unknown_hostname_reject_code (450)
985 The numerical Postfix SMTP server response code when the host‐
986 name specified with the HELO or EHLO command is rejected by the
987 reject_unknown_helo_hostname restriction.
988 Available in Postfix version 2.0 and later:
990 default_rbl_reply (see 'postconf -d' output)
992 The default SMTP server response template for a request that is
993 rejected by an RBL-based restriction.
994 multi_recipient_bounce_reject_code (550)
996 The numerical Postfix SMTP server response code when a remote
997 SMTP client request is blocked by the reject_multi_recipi‐
998 ent_bounce restriction.
999 rbl_reply_maps (empty)
1001 Optional lookup tables with RBL response templates.
1002 Available in Postfix version 2.6 and later:
1004 access_map_defer_code (450)
1006 The numerical Postfix SMTP server response code for an access(5)
1007 map "defer" action, including "defer_if_permit" or
1008 "defer_if_reject".
1009 reject_tempfail_action (defer_if_permit)
1011 The Postfix SMTP server's action when a reject-type restriction
1012 fails due to a temporary error condition.
1013 unknown_helo_hostname_tempfail_action ($reject_tempfail_action)
1015 The Postfix SMTP server's action when reject_unknown_helo_host‐
1016 name fails due to an temporary error condition.
1017 unknown_address_tempfail_action ($reject_tempfail_action)
1019 The Postfix SMTP server's action when
1020 reject_unknown_sender_domain or reject_unknown_recipient_domain
1021 fail due to a temporary error condition.
1022
1024 config_directory (see 'postconf -d' output)
1025 The default location of the Postfix main.cf and master.cf con‐
1026 figuration files.
1027 daemon_timeout (18000s)
1029 How much time a Postfix daemon process may take to handle a
1030 request before it is terminated by a built-in watchdog timer.
1031 command_directory (see 'postconf -d' output)
1033 The location of all postfix administrative commands.
1034 double_bounce_sender (double-bounce)
1036 The sender address of postmaster notifications that are gener‐
1037 ated by the mail system.
1038 ipc_timeout (3600s)
1040 The time limit for sending or receiving information over an
1041 internal communication channel.
1042 mail_name (Postfix)
1044 The mail system name that is displayed in Received: headers, in
1045 the SMTP greeting banner, and in bounced mail.
1046 mail_owner (postfix)
1048 The UNIX system account that owns the Postfix queue and most
1049 Postfix daemon processes.
1050 max_idle (100s)
1052 The maximum amount of time that an idle Postfix daemon process
1053 waits for an incoming connection before terminating voluntarily.
1054 max_use (100)
1056 The maximal number of incoming connections that a Postfix daemon
1057 process will service before terminating voluntarily.
1058 myhostname (see 'postconf -d' output)
1060 The internet hostname of this mail system.
1061 mynetworks (see 'postconf -d' output)
1063 The list of "trusted" SMTP clients that have more privileges
1064 than "strangers".
1065 myorigin ($myhostname)
1067 The domain name that locally-posted mail appears to come from,
1068 and that locally posted mail is delivered to.
1069 process_id (read-only)
1071 The process ID of a Postfix command or daemon process.
1072 process_name (read-only)
1074 The process name of a Postfix command or daemon process.
1075 queue_directory (see 'postconf -d' output)
1077 The location of the Postfix top-level queue directory.
1078 recipient_delimiter (empty)
1080 The separator between user names and address extensions
1081 (user+foo).
1082 smtpd_banner ($myhostname ESMTP $mail_name)
1084 The text that follows the 220 status code in the SMTP greeting
1085 banner.
1086 syslog_facility (mail)
1088 The syslog facility of Postfix logging.
1089 syslog_name (see 'postconf -d' output)
1091 The mail system name that is prepended to the process name in
1092 syslog records, so that "smtpd" becomes, for example, "post‐
1093 fix/smtpd".
1094 Available in Postfix version 2.2 and later:
1096 smtpd_forbidden_commands (CONNECT, GET, POST)
1098 List of commands that causes the Postfix SMTP server to immedi‐
1099 ately terminate the session with a 221 code.
1100 Available in Postfix version 2.5 and later:
1102 smtpd_client_port_logging (no)
1104 Enable logging of the remote SMTP client port in addition to the
1105 hostname and IP address.
1106
1108 anvil(8), connection/rate limiting
1109 cleanup(8), message canonicalization
1110 tlsmgr(8), TLS session and PRNG management
1111 trivial-rewrite(8), address resolver
1112 verify(8), address verification service
1113 postconf(5), configuration parameters
1114 master(5), generic daemon options
1115 master(8), process manager
1116 syslogd(8), system logging
1117
1119 Use "postconf readme_directory" or "postconf html_directory" to locate
1120 this information.
1121 ADDRESS_CLASS_README, blocking unknown hosted or relay recipients
1122 ADDRESS_REWRITING_README Postfix address manipulation
1123 FILTER_README, external after-queue content filter
1124 LOCAL_RECIPIENT_README, blocking unknown local recipients
1125 MILTER_README, before-queue mail filter applications
1126 SMTPD_ACCESS_README, built-in access policies
1127 SMTPD_POLICY_README, external policy server
1128 SMTPD_PROXY_README, external before-queue content filter
1129 SASL_README, Postfix SASL howto
1130 TLS_README, Postfix STARTTLS howto
1131 VERP_README, Postfix XVERP extension
1132 XCLIENT_README, Postfix XCLIENT extension
1133 XFORWARD_README, Postfix XFORWARD extension
1134
1136 The Secure Mailer license must be distributed with this software.
1137
1139 Wietse Venema
1140 IBM T.J. Watson Research
1141 P.O. Box 704
1142 Yorktown Heights, NY 10598, USA
1143 SASL support originally by:
1145 Till Franke
1146 SuSE Rhein/Main AG
1147 65760 Eschborn, Germany
1148 TLS support originally by:
1150 Lutz Jaenicke
1151 BTU Cottbus
1152 Allgemeine Elektrotechnik
1153 Universitaetsplatz 3-4
1154 D-03044 Cottbus, Germany
1155 Revised TLS support by:
1157 Victor Duchovni
1158 Morgan Stanley
1159 SMTPD(8)