1SMTPD(8) System Manager's Manual SMTPD(8)
2
6 smtpd - Postfix SMTP server
7
9 smtpd [generic Postfix daemon options]
10 sendmail -bs
12
14 The SMTP server accepts network connection requests and performs zero
15 or more SMTP transactions per connection. Each received message is
16 piped through the cleanup(8) daemon, and is placed into the incoming
17 queue as one single queue file. For this mode of operation, the pro‐
18 gram expects to be run from the master(8) process manager.
19 Alternatively, the SMTP server be can run in stand-alone mode; this is
21 traditionally obtained with "sendmail -bs". When the SMTP server runs
22 stand-alone with non $mail_owner privileges, it receives mail even
23 while the mail system is not running, deposits messages directly into
24 the maildrop queue, and disables the SMTP server's access policies. As
25 of Postfix version 2.3, the SMTP server refuses to receive mail from
26 the network when it runs with non $mail_owner privileges.
27 The SMTP server implements a variety of policies for connection
29 requests, and for parameters given to HELO, ETRN, MAIL FROM, VRFY and
30 RCPT TO commands. They are detailed below and in the main.cf configura‐
31 tion file.
32
34 The SMTP server is moderately security-sensitive. It talks to SMTP
35 clients and to DNS servers on the network. The SMTP server can be run
36 chrooted at fixed low privilege.
37
39 RFC 821 (SMTP protocol)
40 RFC 1123 (Host requirements)
41 RFC 1652 (8bit-MIME transport)
42 RFC 1869 (SMTP service extensions)
43 RFC 1870 (Message Size Declaration)
44 RFC 1985 (ETRN command)
45 RFC 2034 (SMTP Enhanced Error Codes)
46 RFC 2554 (AUTH command)
47 RFC 2821 (SMTP protocol)
48 RFC 2920 (SMTP Pipelining)
49 RFC 3207 (STARTTLS command)
50 RFC 3461 (SMTP DSN Extension)
51 RFC 3463 (Enhanced Status Codes)
52 RFC 3848 (ESMTP Transmission Types)
53 RFC 4954 (AUTH command)
54
56 Problems and transactions are logged to syslogd(8).
57 Depending on the setting of the notify_classes parameter, the postmas‐
59 ter is notified of bounces, protocol problems, policy violations, and
60 of other trouble.
61
63 Changes to main.cf are picked up automatically, as smtpd(8) processes
64 run for only a limited amount of time. Use the command "postfix reload"
65 to speed up a change.
66 The text below provides only a parameter summary. See postconf(5) for
68 more details including examples.
69
71 The following parameters work around implementation errors in other
72 software, and/or allow you to override standards in order to prevent
73 undesirable use.
74 broken_sasl_auth_clients (no)
76 Enable inter-operability with SMTP clients that implement an
77 obsolete version of the AUTH command (RFC 4954).
78 disable_vrfy_command (no)
80 Disable the SMTP VRFY command.
81 smtpd_noop_commands (empty)
83 List of commands that the Postfix SMTP server replies to with
84 "250 Ok", without doing any syntax checks and without changing
85 state.
86 strict_rfc821_envelopes (no)
88 Require that addresses received in SMTP MAIL FROM and RCPT TO
89 commands are enclosed with <>, and that those addresses do not
90 contain RFC 822 style comments or phrases.
91 Available in Postfix version 2.1 and later:
93 resolve_null_domain (no)
95 Resolve an address that ends in the "@" null domain as if the
96 local hostname were specified, instead of rejecting the address
97 as invalid.
98 smtpd_reject_unlisted_sender (no)
100 Request that the Postfix SMTP server rejects mail from unknown
101 sender addresses, even when no explicit reject_unlisted_sender
102 access restriction is specified.
103 smtpd_sasl_exceptions_networks (empty)
105 What remote SMTP clients the Postfix SMTP server will not offer
106 AUTH support to.
107 Available in Postfix version 2.2 and later:
109 smtpd_discard_ehlo_keyword_address_maps (empty)
111 Lookup tables, indexed by the remote SMTP client address, with
112 case insensitive lists of EHLO keywords (pipelining, starttls,
113 auth, etc.) that the SMTP server will not send in the EHLO
114 response to a remote SMTP client.
115 smtpd_discard_ehlo_keywords (empty)
117 A case insensitive list of EHLO keywords (pipelining, starttls,
118 auth, etc.) that the SMTP server will not send in the EHLO
119 response to a remote SMTP client.
120 smtpd_delay_open_until_valid_rcpt (yes)
122 Postpone the start of an SMTP mail transaction until a valid
123 RCPT TO command is received.
124 Available in Postfix version 2.3 and later:
126 smtpd_tls_always_issue_session_ids (yes)
128 Force the Postfix SMTP server to issue a TLS session id, even
129 when TLS session caching is turned off (smtpd_tls_ses‐
130 sion_cache_database is empty).
131 Available in Postfix version 2.6 and later:
133 tcp_windowsize (0)
135 An optional workaround for routers that break TCP window scal‐
136 ing.
137 Available in Postfix version 2.7 and later:
139 smtpd_command_filter (empty)
141 A mechanism to transform commands from remote SMTP clients.
142
144 See the ADDRESS_REWRITING_README document for a detailed discussion of
145 Postfix address rewriting.
146 receive_override_options (empty)
148 Enable or disable recipient validation, built-in content filter‐
149 ing, or address mapping.
150 Available in Postfix version 2.2 and later:
152 local_header_rewrite_clients (permit_inet_interfaces)
154 Rewrite message header addresses in mail from these clients and
155 update incomplete addresses with the domain name in $myorigin or
156 $mydomain; either don't rewrite message headers from other
157 clients at all, or rewrite message headers and update incomplete
158 addresses with the domain specified in the remote_header_re‐
159 write_domain parameter.
160
162 As of version 1.0, Postfix can be configured to send new mail to an
163 external content filter AFTER the mail is queued. This content filter
164 is expected to inject mail back into a (Postfix or other) MTA for fur‐
165 ther delivery. See the FILTER_README document for details.
166 content_filter (empty)
168 After the message is queued, send the entire message to the
169 specified transport:destination.
170
172 As of version 2.1, the Postfix SMTP server can be configured to send
173 incoming mail to a real-time SMTP-based content filter BEFORE mail is
174 queued. This content filter is expected to inject mail back into Post‐
175 fix. See the SMTPD_PROXY_README document for details on how to config‐
176 ure and operate this feature.
177 smtpd_proxy_filter (empty)
179 The hostname and TCP port of the mail filtering proxy server.
180 smtpd_proxy_ehlo ($myhostname)
182 How the Postfix SMTP server announces itself to the proxy fil‐
183 ter.
184 smtpd_proxy_options (empty)
186 List of options that control how the Postfix SMTP server commu‐
187 nicates with a before-queue content filter.
188 smtpd_proxy_timeout (100s)
190 The time limit for connecting to a proxy filter and for sending
191 or receiving information.
192
194 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
195 filter) protocol. These content filters run outside Postfix. They can
196 inspect the SMTP command stream and the message content, and can
197 request modifications before mail is queued. For details see the MIL‐
198 TER_README document.
199 smtpd_milters (empty)
201 A list of Milter (mail filter) applications for new mail that
202 arrives via the Postfix smtpd(8) server.
203 milter_protocol (6)
205 The mail filter protocol version and optional protocol exten‐
206 sions for communication with a Milter application; prior to
207 Postfix 2.6 the default protocol is 2.
208 milter_default_action (tempfail)
210 The default action when a Milter (mail filter) application is
211 unavailable or mis-configured.
212 milter_macro_daemon_name ($myhostname)
214 The {daemon_name} macro value for Milter (mail filter) applica‐
215 tions.
216 milter_macro_v ($mail_name $mail_version)
218 The {v} macro value for Milter (mail filter) applications.
219 milter_connect_timeout (30s)
221 The time limit for connecting to a Milter (mail filter) applica‐
222 tion, and for negotiating protocol options.
223 milter_command_timeout (30s)
225 The time limit for sending an SMTP command to a Milter (mail
226 filter) application, and for receiving the response.
227 milter_content_timeout (300s)
229 The time limit for sending message content to a Milter (mail
230 filter) application, and for receiving the response.
231 milter_connect_macros (see 'postconf -d' output)
233 The macros that are sent to Milter (mail filter) applications
234 after completion of an SMTP connection.
235 milter_helo_macros (see 'postconf -d' output)
237 The macros that are sent to Milter (mail filter) applications
238 after the SMTP HELO or EHLO command.
239 milter_mail_macros (see 'postconf -d' output)
241 The macros that are sent to Milter (mail filter) applications
242 after the SMTP MAIL FROM command.
243 milter_rcpt_macros (see 'postconf -d' output)
245 The macros that are sent to Milter (mail filter) applications
246 after the SMTP RCPT TO command.
247 milter_data_macros (see 'postconf -d' output)
249 The macros that are sent to version 4 or higher Milter (mail
250 filter) applications after the SMTP DATA command.
251 milter_unknown_command_macros (see 'postconf -d' output)
253 The macros that are sent to version 3 or higher Milter (mail
254 filter) applications after an unknown SMTP command.
255 milter_end_of_header_macros (see 'postconf -d' output)
257 The macros that are sent to Milter (mail filter) applications
258 after the end of the message header.
259 milter_end_of_data_macros (see 'postconf -d' output)
261 The macros that are sent to Milter (mail filter) applications
262 after the message end-of-data.
263
265 The following parameters are applicable for both built-in and external
266 content filters.
267 Available in Postfix version 2.1 and later:
269 receive_override_options (empty)
271 Enable or disable recipient validation, built-in content filter‐
272 ing, or address mapping.
273
275 The following parameters are applicable for both before-queue and
276 after-queue content filtering.
277 Available in Postfix version 2.1 and later:
279 smtpd_authorized_xforward_hosts (empty)
281 What SMTP clients are allowed to use the XFORWARD feature.
282
284 Postfix SASL support (RFC 4954) can be used to authenticate remote SMTP
285 clients to the Postfix SMTP server, and to authenticate the Postfix
286 SMTP client to a remote SMTP server. See the SASL_README document for
287 details.
288 broken_sasl_auth_clients (no)
290 Enable inter-operability with SMTP clients that implement an
291 obsolete version of the AUTH command (RFC 4954).
292 smtpd_sasl_auth_enable (no)
294 Enable SASL authentication in the Postfix SMTP server.
295 smtpd_sasl_local_domain (empty)
297 The name of the Postfix SMTP server's local SASL authentication
298 realm.
299 smtpd_sasl_security_options (noanonymous)
301 Postfix SMTP server SASL security options; as of Postfix 2.3 the
302 list of available features depends on the SASL server implemen‐
303 tation that is selected with smtpd_sasl_type.
304 smtpd_sender_login_maps (empty)
306 Optional lookup table with the SASL login names that own sender
307 (MAIL FROM) addresses.
308 Available in Postfix version 2.1 and later:
310 smtpd_sasl_exceptions_networks (empty)
312 What remote SMTP clients the Postfix SMTP server will not offer
313 AUTH support to.
314 Available in Postfix version 2.1 and 2.2:
316 smtpd_sasl_application_name (smtpd)
318 The application name that the Postfix SMTP server uses for SASL
319 server initialization.
320 Available in Postfix version 2.3 and later:
322 smtpd_sasl_authenticated_header (no)
324 Report the SASL authenticated user name in the smtpd(8) Received
325 message header.
326 smtpd_sasl_path (smtpd)
328 Implementation-specific information that the Postfix SMTP server
329 passes through to the SASL plug-in implementation that is
330 selected with smtpd_sasl_type.
331 smtpd_sasl_type (cyrus)
333 The SASL plug-in type that the Postfix SMTP server should use
334 for authentication.
335 Available in Postfix version 2.5 and later:
337 cyrus_sasl_config_path (empty)
339 Search path for Cyrus SASL application configuration files, cur‐
340 rently used only to locate the $smtpd_sasl_path.conf file.
341
343 Detailed information about STARTTLS configuration may be found in the
344 TLS_README document.
345 smtpd_tls_security_level (empty)
347 The SMTP TLS security level for the Postfix SMTP server; when a
348 non-empty value is specified, this overrides the obsolete param‐
349 eters smtpd_use_tls and smtpd_enforce_tls.
350 smtpd_sasl_tls_security_options ($smtpd_sasl_security_options)
352 The SASL authentication security options that the Postfix SMTP
353 server uses for TLS encrypted SMTP sessions.
354 smtpd_starttls_timeout (300s)
356 The time limit for Postfix SMTP server write and read operations
357 during TLS startup and shutdown handshake procedures.
358 smtpd_tls_CAfile (empty)
360 A file containing (PEM format) CA certificates of root CAs
361 trusted to sign either remote SMTP client certificates or inter‐
362 mediate CA certificates.
363 smtpd_tls_CApath (empty)
365 A directory containing (PEM format) CA certificates of root CAs
366 trusted to sign either remote SMTP client certificates or inter‐
367 mediate CA certificates.
368 smtpd_tls_always_issue_session_ids (yes)
370 Force the Postfix SMTP server to issue a TLS session id, even
371 when TLS session caching is turned off (smtpd_tls_ses‐
372 sion_cache_database is empty).
373 smtpd_tls_ask_ccert (no)
375 Ask a remote SMTP client for a client certificate.
376 smtpd_tls_auth_only (no)
378 When TLS encryption is optional in the Postfix SMTP server, do
379 not announce or accept SASL authentication over unencrypted con‐
380 nections.
381 smtpd_tls_ccert_verifydepth (9)
383 The verification depth for remote SMTP client certificates.
384 smtpd_tls_cert_file (empty)
386 File with the Postfix SMTP server RSA certificate in PEM format.
387 smtpd_tls_exclude_ciphers (empty)
389 List of ciphers or cipher types to exclude from the SMTP server
390 cipher list at all TLS security levels.
391 smtpd_tls_dcert_file (empty)
393 File with the Postfix SMTP server DSA certificate in PEM format.
394 smtpd_tls_dh1024_param_file (empty)
396 File with DH parameters that the Postfix SMTP server should use
397 with EDH ciphers.
398 smtpd_tls_dh512_param_file (empty)
400 File with DH parameters that the Postfix SMTP server should use
401 with EDH ciphers.
402 smtpd_tls_dkey_file ($smtpd_tls_dcert_file)
404 File with the Postfix SMTP server DSA private key in PEM format.
405 smtpd_tls_key_file ($smtpd_tls_cert_file)
407 File with the Postfix SMTP server RSA private key in PEM format.
408 smtpd_tls_loglevel (0)
410 Enable additional Postfix SMTP server logging of TLS activity.
411 smtpd_tls_mandatory_ciphers (medium)
413 The minimum TLS cipher grade that the Postfix SMTP server will
414 use with mandatory TLS encryption.
415 smtpd_tls_mandatory_exclude_ciphers (empty)
417 Additional list of ciphers or cipher types to exclude from the
418 SMTP server cipher list at mandatory TLS security levels.
419 smtpd_tls_mandatory_protocols (SSLv3, TLSv1)
421 The SSL/TLS protocols accepted by the Postfix SMTP server with
422 mandatory TLS encryption.
423 smtpd_tls_received_header (no)
425 Request that the Postfix SMTP server produces Received: message
426 headers that include information about the protocol and cipher
427 used, as well as the client CommonName and client certificate
428 issuer CommonName.
429 smtpd_tls_req_ccert (no)
431 With mandatory TLS encryption, require a trusted remote SMTP
432 client certificate in order to allow TLS connections to proceed.
433 smtpd_tls_session_cache_database (empty)
435 Name of the file containing the optional Postfix SMTP server TLS
436 session cache.
437 smtpd_tls_session_cache_timeout (3600s)
439 The expiration time of Postfix SMTP server TLS session cache
440 information.
441 smtpd_tls_wrappermode (no)
443 Run the Postfix SMTP server in the non-standard "wrapper" mode,
444 instead of using the STARTTLS command.
445 tls_daemon_random_bytes (32)
447 The number of pseudo-random bytes that an smtp(8) or smtpd(8)
448 process requests from the tlsmgr(8) server in order to seed its
449 internal pseudo random number generator (PRNG).
450 tls_high_cipherlist (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)
452 The OpenSSL cipherlist for "HIGH" grade ciphers.
453 tls_medium_cipherlist (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)
455 The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers.
456 tls_low_cipherlist (ALL:!EXPORT:+RC4:@STRENGTH)
458 The OpenSSL cipherlist for "LOW" or higher grade ciphers.
459 tls_export_cipherlist (ALL:+RC4:@STRENGTH)
461 The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.
462 tls_null_cipherlist (eNULL:!aNULL)
464 The OpenSSL cipherlist for "NULL" grade ciphers that provide
465 authentication without encryption.
466 Available in Postfix version 2.5 and later:
468 smtpd_tls_fingerprint_digest (md5)
470 The message digest algorithm used to construct client-certifi‐
471 cate fingerprints for check_ccert_access and per‐
472 mit_tls_clientcerts.
473 Available in Postfix version 2.6 and later:
475 smtpd_tls_protocols (empty)
477 List of TLS protocols that the Postfix SMTP server will exclude
478 or include with opportunistic TLS encryption.
479 smtpd_tls_ciphers (export)
481 The minimum TLS cipher grade that the Postfix SMTP server will
482 use with opportunistic TLS encryption.
483 smtpd_tls_eccert_file (empty)
485 File with the Postfix SMTP server ECDSA certificate in PEM for‐
486 mat.
487 smtpd_tls_eckey_file ($smtpd_tls_eccert_file)
489 File with the Postfix SMTP server ECDSA private key in PEM for‐
490 mat.
491 smtpd_tls_eecdh_grade (see 'postconf -d' output)
493 The Postfix SMTP server security grade for ephemeral elliptic-
494 curve Diffie-Hellman (EECDH) key exchange.
495 tls_eecdh_strong_curve (prime256v1)
497 The elliptic curve used by the SMTP server for sensibly strong
498 ephemeral ECDH key exchange.
499 tls_eecdh_ultra_curve (secp384r1)
501 The elliptic curve used by the SMTP server for maximally strong
502 ephemeral ECDH key exchange.
503
505 The following configuration parameters exist for compatibility with
506 Postfix versions before 2.3. Support for these will be removed in a
507 future release.
508 smtpd_use_tls (no)
510 Opportunistic TLS: announce STARTTLS support to SMTP clients,
511 but do not require that clients use TLS encryption.
512 smtpd_enforce_tls (no)
514 Mandatory TLS: announce STARTTLS support to SMTP clients, and
515 require that clients use TLS encryption.
516 smtpd_tls_cipherlist (empty)
518 Obsolete Postfix < 2.3 control for the Postfix SMTP server TLS
519 cipher list.
520
522 With VERP style delivery, each recipient of a message receives a cus‐
523 tomized copy of the message with his/her own recipient address encoded
524 in the envelope sender address. The VERP_README file describes config‐
525 uration and operation details of Postfix support for variable envelope
526 return path addresses. VERP style delivery is requested with the SMTP
527 XVERP command or with the "sendmail -V" command-line option and is
528 available in Postfix version 1.1 and later.
529 default_verp_delimiters (+=)
531 The two default VERP delimiter characters.
532 verp_delimiter_filter (-=+)
534 The characters Postfix accepts as VERP delimiter characters on
535 the Postfix sendmail(1) command line and in SMTP commands.
536 Available in Postfix version 1.1 and 2.0:
538 authorized_verp_clients ($mynetworks)
540 What SMTP clients are allowed to specify the XVERP command.
541 Available in Postfix version 2.1 and later:
543 smtpd_authorized_verp_clients ($authorized_verp_clients)
545 What SMTP clients are allowed to specify the XVERP command.
546
548 The DEBUG_README document describes how to debug parts of the Postfix
549 mail system. The methods vary from making the software log a lot of
550 detail, to running some daemon processes under control of a call tracer
551 or debugger.
552 debug_peer_level (2)
554 The increment in verbose logging level when a remote client or
555 server matches a pattern in the debug_peer_list parameter.
556 debug_peer_list (empty)
558 Optional list of remote client or server hostname or network
559 address patterns that cause the verbose logging level to
560 increase by the amount specified in $debug_peer_level.
561 error_notice_recipient (postmaster)
563 The recipient of postmaster notifications about mail delivery
564 problems that are caused by policy, resource, software or proto‐
565 col errors.
566 internal_mail_filter_classes (empty)
568 What categories of Postfix-generated mail are subject to before-
569 queue content inspection by non_smtpd_milters, header_checks and
570 body_checks.
571 notify_classes (resource, software)
573 The list of error classes that are reported to the postmaster.
574 soft_bounce (no)
576 Safety net to keep mail queued that would otherwise be returned
577 to the sender.
578 Available in Postfix version 2.1 and later:
580 smtpd_authorized_xclient_hosts (empty)
582 What SMTP clients are allowed to use the XCLIENT feature.
583
585 As of Postfix version 2.0, the SMTP server rejects mail for unknown
586 recipients. This prevents the mail queue from clogging up with undeliv‐
587 erable MAILER-DAEMON messages. Additional information on this topic is
588 in the LOCAL_RECIPIENT_README and ADDRESS_CLASS_README documents.
589 show_user_unknown_table_name (yes)
591 Display the name of the recipient table in the "User unknown"
592 responses.
593 canonical_maps (empty)
595 Optional address mapping lookup tables for message headers and
596 envelopes.
597 recipient_canonical_maps (empty)
599 Optional address mapping lookup tables for envelope and header
600 recipient addresses.
601 Parameters concerning known/unknown local recipients:
603 mydestination ($myhostname, localhost.$mydomain, localhost)
605 The list of domains that are delivered via the $local_transport
606 mail delivery transport.
607 inet_interfaces (all)
609 The network interface addresses that this mail system receives
610 mail on.
611 proxy_interfaces (empty)
613 The network interface addresses that this mail system receives
614 mail on by way of a proxy or network address translation unit.
615 inet_protocols (ipv4)
617 The Internet protocols Postfix will attempt to use when making
618 or accepting connections.
619 local_recipient_maps (proxy:unix:passwd.byname $alias_maps)
621 Lookup tables with all names or addresses of local recipients: a
622 recipient address is local when its domain matches $mydestina‐
623 tion, $inet_interfaces or $proxy_interfaces.
624 unknown_local_recipient_reject_code (550)
626 The numerical Postfix SMTP server response code when a recipient
627 address is local, and $local_recipient_maps specifies a list of
628 lookup tables that does not match the recipient.
629 Parameters concerning known/unknown recipients of relay destinations:
631 relay_domains ($mydestination)
633 What destination domains (and subdomains thereof) this system
634 will relay mail to.
635 relay_recipient_maps (empty)
637 Optional lookup tables with all valid addresses in the domains
638 that match $relay_domains.
639 unknown_relay_recipient_reject_code (550)
641 The numerical Postfix SMTP server reply code when a recipient
642 address matches $relay_domains, and relay_recipient_maps speci‐
643 fies a list of lookup tables that does not match the recipient
644 address.
645 Parameters concerning known/unknown recipients in virtual alias
647 domains:
648 virtual_alias_domains ($virtual_alias_maps)
650 Postfix is final destination for the specified list of virtual
651 alias domains, that is, domains for which all addresses are
652 aliased to addresses in other local or remote domains.
653 virtual_alias_maps ($virtual_maps)
655 Optional lookup tables that alias specific mail addresses or
656 domains to other local or remote address.
657 unknown_virtual_alias_reject_code (550)
659 The SMTP server reply code when a recipient address matches
660 $virtual_alias_domains, and $virtual_alias_maps specifies a list
661 of lookup tables that does not match the recipient address.
662 Parameters concerning known/unknown recipients in virtual mailbox
664 domains:
665 virtual_mailbox_domains ($virtual_mailbox_maps)
667 Postfix is final destination for the specified list of domains;
668 mail is delivered via the $virtual_transport mail delivery
669 transport.
670 virtual_mailbox_maps (empty)
672 Optional lookup tables with all valid addresses in the domains
673 that match $virtual_mailbox_domains.
674 unknown_virtual_mailbox_reject_code (550)
676 The SMTP server reply code when a recipient address matches
677 $virtual_mailbox_domains, and $virtual_mailbox_maps specifies a
678 list of lookup tables that does not match the recipient address.
679
681 The following parameters limit resource usage by the SMTP server and/or
682 control client request rates.
683 line_length_limit (2048)
685 Upon input, long lines are chopped up into pieces of at most
686 this length; upon delivery, long lines are reconstructed.
687 queue_minfree (0)
689 The minimal amount of free space in bytes in the queue file sys‐
690 tem that is needed to receive mail.
691 message_size_limit (10240000)
693 The maximal size in bytes of a message, including envelope
694 information.
695 smtpd_recipient_limit (1000)
697 The maximal number of recipients that the Postfix SMTP server
698 accepts per message delivery request.
699 smtpd_timeout (normal: 300s, stress: 10s)
701 The time limit for sending a Postfix SMTP server response and
702 for receiving a remote SMTP client request.
703 smtpd_history_flush_threshold (100)
705 The maximal number of lines in the Postfix SMTP server command
706 history before it is flushed upon receipt of EHLO, RSET, or end
707 of DATA.
708 Available in Postfix version 2.3 and later:
710 smtpd_peername_lookup (yes)
712 Attempt to look up the remote SMTP client hostname, and verify
713 that the name matches the client IP address.
714 The per SMTP client connection count and request rate limits are imple‐
716 mented in co-operation with the anvil(8) service, and are available in
717 Postfix version 2.2 and later.
718 smtpd_client_connection_count_limit (50)
720 How many simultaneous connections any client is allowed to make
721 to this service.
722 smtpd_client_connection_rate_limit (0)
724 The maximal number of connection attempts any client is allowed
725 to make to this service per time unit.
726 smtpd_client_message_rate_limit (0)
728 The maximal number of message delivery requests that any client
729 is allowed to make to this service per time unit, regardless of
730 whether or not Postfix actually accepts those messages.
731 smtpd_client_recipient_rate_limit (0)
733 The maximal number of recipient addresses that any client is
734 allowed to send to this service per time unit, regardless of
735 whether or not Postfix actually accepts those recipients.
736 smtpd_client_event_limit_exceptions ($mynetworks)
738 Clients that are excluded from connection count, connection
739 rate, or SMTP request rate restrictions.
740 Available in Postfix version 2.3 and later:
742 smtpd_client_new_tls_session_rate_limit (0)
744 The maximal number of new (i.e., uncached) TLS sessions that a
745 remote SMTP client is allowed to negotiate with this service per
746 time unit.
747
749 When a remote SMTP client makes errors, the Postfix SMTP server can
750 insert delays before responding. This can help to slow down run-away
751 software. The behavior is controlled by an error counter that counts
752 the number of errors within an SMTP session that a client makes without
753 delivering mail.
754 smtpd_error_sleep_time (1s)
756 With Postfix version 2.1 and later: the SMTP server response
757 delay after a client has made more than $smtpd_soft_error_limit
758 errors, and fewer than $smtpd_hard_error_limit errors, without
759 delivering mail.
760 smtpd_soft_error_limit (10)
762 The number of errors a remote SMTP client is allowed to make
763 without delivering mail before the Postfix SMTP server slows
764 down all its responses.
765 smtpd_hard_error_limit (normal: 20, stress: 1)
767 The maximal number of errors a remote SMTP client is allowed to
768 make without delivering mail.
769 smtpd_junk_command_limit (normal: 100, stress: 1)
771 The number of junk commands (NOOP, VRFY, ETRN or RSET) that a
772 remote SMTP client can send before the Postfix SMTP server
773 starts to increment the error counter with each junk command.
774 Available in Postfix version 2.1 and later:
776 smtpd_recipient_overshoot_limit (1000)
778 The number of recipients that a remote SMTP client can send in
779 excess of the limit specified with $smtpd_recipient_limit,
780 before the Postfix SMTP server increments the per-session error
781 count for each excess recipient.
782
784 As of version 2.1, Postfix can be configured to delegate access policy
785 decisions to an external server that runs outside Postfix. See the
786 file SMTPD_POLICY_README for more information.
787 smtpd_policy_service_max_idle (300s)
789 The time after which an idle SMTPD policy service connection is
790 closed.
791 smtpd_policy_service_max_ttl (1000s)
793 The time after which an active SMTPD policy service connection
794 is closed.
795 smtpd_policy_service_timeout (100s)
797 The time limit for connecting to, writing to or receiving from a
798 delegated SMTPD policy server.
799
801 The SMTPD_ACCESS_README document gives an introduction to all the SMTP
802 server access control features.
803 smtpd_delay_reject (yes)
805 Wait until the RCPT TO command before evaluating
806 $smtpd_client_restrictions, $smtpd_helo_restrictions and
807 $smtpd_sender_restrictions, or wait until the ETRN command
808 before evaluating $smtpd_client_restrictions and
809 $smtpd_helo_restrictions.
810 parent_domain_matches_subdomains (see 'postconf -d' output)
812 What Postfix features match subdomains of "domain.tld" automati‐
813 cally, instead of requiring an explicit ".domain.tld" pattern.
814 smtpd_client_restrictions (empty)
816 Optional SMTP server access restrictions in the context of a
817 client SMTP connection request.
818 smtpd_helo_required (no)
820 Require that a remote SMTP client introduces itself with the
821 HELO or EHLO command before sending the MAIL command or other
822 commands that require EHLO negotiation.
823 smtpd_helo_restrictions (empty)
825 Optional restrictions that the Postfix SMTP server applies in
826 the context of the SMTP HELO command.
827 smtpd_sender_restrictions (empty)
829 Optional restrictions that the Postfix SMTP server applies in
830 the context of the MAIL FROM command.
831 smtpd_recipient_restrictions (permit_mynetworks, reject_unauth_destina‐
833 tion)
834 The access restrictions that the Postfix SMTP server applies in
835 the context of the RCPT TO command.
836 smtpd_etrn_restrictions (empty)
838 Optional SMTP server access restrictions in the context of a
839 client ETRN request.
840 allow_untrusted_routing (no)
842 Forward mail with sender-specified routing
843 (user[@%!]remote[@%!]site) from untrusted clients to destina‐
844 tions matching $relay_domains.
845 smtpd_restriction_classes (empty)
847 User-defined aliases for groups of access restrictions.
848 smtpd_null_access_lookup_key (<>)
850 The lookup key to be used in SMTP access(5) tables instead of
851 the null sender address.
852 permit_mx_backup_networks (empty)
854 Restrict the use of the permit_mx_backup SMTP access feature to
855 only domains whose primary MX hosts match the listed networks.
856 Available in Postfix version 2.0 and later:
858 smtpd_data_restrictions (empty)
860 Optional access restrictions that the Postfix SMTP server
861 applies in the context of the SMTP DATA command.
862 smtpd_expansion_filter (see 'postconf -d' output)
864 What characters are allowed in $name expansions of RBL reply
865 templates.
866 Available in Postfix version 2.1 and later:
868 smtpd_reject_unlisted_sender (no)
870 Request that the Postfix SMTP server rejects mail from unknown
871 sender addresses, even when no explicit reject_unlisted_sender
872 access restriction is specified.
873 smtpd_reject_unlisted_recipient (yes)
875 Request that the Postfix SMTP server rejects mail for unknown
876 recipient addresses, even when no explicit
877 reject_unlisted_recipient access restriction is specified.
878 Available in Postfix version 2.2 and later:
880 smtpd_end_of_data_restrictions (empty)
882 Optional access restrictions that the Postfix SMTP server
883 applies in the context of the SMTP END-OF-DATA command.
884
886 Postfix version 2.1 introduces sender and recipient address verifica‐
887 tion. This feature is implemented by sending probe email messages that
888 are not actually delivered. This feature is requested via the
889 reject_unverified_sender and reject_unverified_recipient access
890 restrictions. The status of verification probes is maintained by the
891 verify(8) server. See the file ADDRESS_VERIFICATION_README for infor‐
892 mation about how to configure and operate the Postfix sender/recipient
893 address verification service.
894 address_verify_poll_count (${stress?1}${stress:3})
896 How many times to query the verify(8) service for the completion
897 of an address verification request in progress.
898 address_verify_poll_delay (3s)
900 The delay between queries for the completion of an address veri‐
901 fication request in progress.
902 address_verify_sender ($double_bounce_sender)
904 The sender address to use in address verification probes; prior
905 to Postfix 2.5 the default was "postmaster".
906 unverified_sender_reject_code (450)
908 The numerical Postfix SMTP server response code when a recipient
909 address is rejected by the reject_unverified_sender restriction.
910 unverified_recipient_reject_code (450)
912 The numerical Postfix SMTP server response when a recipient
913 address is rejected by the reject_unverified_recipient restric‐
914 tion.
915 Available in Postfix version 2.6 and later:
917 unverified_sender_defer_code (450)
919 The numerical Postfix SMTP server response code when a sender
920 address probe fails due to a temporary error condition.
921 unverified_recipient_defer_code (450)
923 The numerical Postfix SMTP server response when a recipient
924 address probe fails due to a temporary error condition.
925 unverified_sender_reject_reason (empty)
927 The Postfix SMTP server's reply when rejecting mail with
928 reject_unverified_sender.
929 unverified_recipient_reject_reason (empty)
931 The Postfix SMTP server's reply when rejecting mail with
932 reject_unverified_recipient.
933 unverified_sender_tempfail_action ($reject_tempfail_action)
935 The Postfix SMTP server's action when reject_unverified_sender
936 fails due to a temporary error condition.
937 unverified_recipient_tempfail_action ($reject_tempfail_action)
939 The Postfix SMTP server's action when reject_unverified_recipi‐
940 ent fails due to a temporary error condition.
941
943 The following parameters control numerical SMTP reply codes and/or text
944 responses.
945 access_map_reject_code (554)
947 The numerical Postfix SMTP server response code for an access(5)
948 map "reject" action.
949 defer_code (450)
951 The numerical Postfix SMTP server response code when a remote
952 SMTP client request is rejected by the "defer" restriction.
953 invalid_hostname_reject_code (501)
955 The numerical Postfix SMTP server response code when the client
956 HELO or EHLO command parameter is rejected by the
957 reject_invalid_helo_hostname restriction.
958 maps_rbl_reject_code (554)
960 The numerical Postfix SMTP server response code when a remote
961 SMTP client request is blocked by the reject_rbl_client,
962 reject_rhsbl_client, reject_rhsbl_sender or reject_rhsbl_recipi‐
963 ent restriction.
964 non_fqdn_reject_code (504)
966 The numerical Postfix SMTP server reply code when a client
967 request is rejected by the reject_non_fqdn_helo_hostname,
968 reject_non_fqdn_sender or reject_non_fqdn_recipient restriction.
969 plaintext_reject_code (450)
971 The numerical Postfix SMTP server response code when a request
972 is rejected by the reject_plaintext_session restriction.
973 reject_code (554)
975 The numerical Postfix SMTP server response code when a remote
976 SMTP client request is rejected by the "reject" restriction.
977 relay_domains_reject_code (554)
979 The numerical Postfix SMTP server response code when a client
980 request is rejected by the reject_unauth_destination recipient
981 restriction.
982 unknown_address_reject_code (450)
984 The numerical Postfix SMTP server response code when a sender or
985 recipient address is rejected by the
986 reject_unknown_sender_domain or reject_unknown_recipient_domain
987 restriction.
988 unknown_client_reject_code (450)
990 The numerical Postfix SMTP server response code when a client
991 without valid address <=> name mapping is rejected by the
992 reject_unknown_client_hostname restriction.
993 unknown_hostname_reject_code (450)
995 The numerical Postfix SMTP server response code when the host‐
996 name specified with the HELO or EHLO command is rejected by the
997 reject_unknown_helo_hostname restriction.
998 Available in Postfix version 2.0 and later:
1000 default_rbl_reply (see 'postconf -d' output)
1002 The default SMTP server response template for a request that is
1003 rejected by an RBL-based restriction.
1004 multi_recipient_bounce_reject_code (550)
1006 The numerical Postfix SMTP server response code when a remote
1007 SMTP client request is blocked by the reject_multi_recipi‐
1008 ent_bounce restriction.
1009 rbl_reply_maps (empty)
1011 Optional lookup tables with RBL response templates.
1012 Available in Postfix version 2.6 and later:
1014 access_map_defer_code (450)
1016 The numerical Postfix SMTP server response code for an access(5)
1017 map "defer" action, including "defer_if_permit" or
1018 "defer_if_reject".
1019 reject_tempfail_action (defer_if_permit)
1021 The Postfix SMTP server's action when a reject-type restriction
1022 fails due to a temporary error condition.
1023 unknown_helo_hostname_tempfail_action ($reject_tempfail_action)
1025 The Postfix SMTP server's action when reject_unknown_helo_host‐
1026 name fails due to an temporary error condition.
1027 unknown_address_tempfail_action ($reject_tempfail_action)
1029 The Postfix SMTP server's action when
1030 reject_unknown_sender_domain or reject_unknown_recipient_domain
1031 fail due to a temporary error condition.
1032
1034 config_directory (see 'postconf -d' output)
1035 The default location of the Postfix main.cf and master.cf con‐
1036 figuration files.
1037 daemon_timeout (18000s)
1039 How much time a Postfix daemon process may take to handle a
1040 request before it is terminated by a built-in watchdog timer.
1041 command_directory (see 'postconf -d' output)
1043 The location of all postfix administrative commands.
1044 double_bounce_sender (double-bounce)
1046 The sender address of postmaster notifications that are gener‐
1047 ated by the mail system.
1048 ipc_timeout (3600s)
1050 The time limit for sending or receiving information over an
1051 internal communication channel.
1052 mail_name (Postfix)
1054 The mail system name that is displayed in Received: headers, in
1055 the SMTP greeting banner, and in bounced mail.
1056 mail_owner (postfix)
1058 The UNIX system account that owns the Postfix queue and most
1059 Postfix daemon processes.
1060 max_idle (100s)
1062 The maximum amount of time that an idle Postfix daemon process
1063 waits for an incoming connection before terminating voluntarily.
1064 max_use (100)
1066 The maximal number of incoming connections that a Postfix daemon
1067 process will service before terminating voluntarily.
1068 myhostname (see 'postconf -d' output)
1070 The internet hostname of this mail system.
1071 mynetworks (see 'postconf -d' output)
1073 The list of "trusted" SMTP clients that have more privileges
1074 than "strangers".
1075 myorigin ($myhostname)
1077 The domain name that locally-posted mail appears to come from,
1078 and that locally posted mail is delivered to.
1079 process_id (read-only)
1081 The process ID of a Postfix command or daemon process.
1082 process_name (read-only)
1084 The process name of a Postfix command or daemon process.
1085 queue_directory (see 'postconf -d' output)
1087 The location of the Postfix top-level queue directory.
1088 recipient_delimiter (empty)
1090 The separator between user names and address extensions
1091 (user+foo).
1092 smtpd_banner ($myhostname ESMTP $mail_name)
1094 The text that follows the 220 status code in the SMTP greeting
1095 banner.
1096 syslog_facility (mail)
1098 The syslog facility of Postfix logging.
1099 syslog_name (see 'postconf -d' output)
1101 The mail system name that is prepended to the process name in
1102 syslog records, so that "smtpd" becomes, for example, "post‐
1103 fix/smtpd".
1104 Available in Postfix version 2.2 and later:
1106 smtpd_forbidden_commands (CONNECT, GET, POST)
1108 List of commands that causes the Postfix SMTP server to immedi‐
1109 ately terminate the session with a 221 code.
1110 Available in Postfix version 2.5 and later:
1112 smtpd_client_port_logging (no)
1114 Enable logging of the remote SMTP client port in addition to the
1115 hostname and IP address.
1116
1118 anvil(8), connection/rate limiting
1119 cleanup(8), message canonicalization
1120 tlsmgr(8), TLS session and PRNG management
1121 trivial-rewrite(8), address resolver
1122 verify(8), address verification service
1123 postconf(5), configuration parameters
1124 master(5), generic daemon options
1125 master(8), process manager
1126 syslogd(8), system logging
1127
1129 Use "postconf readme_directory" or "postconf html_directory" to locate
1130 this information.
1131 ADDRESS_CLASS_README, blocking unknown hosted or relay recipients
1132 ADDRESS_REWRITING_README Postfix address manipulation
1133 FILTER_README, external after-queue content filter
1134 LOCAL_RECIPIENT_README, blocking unknown local recipients
1135 MILTER_README, before-queue mail filter applications
1136 SMTPD_ACCESS_README, built-in access policies
1137 SMTPD_POLICY_README, external policy server
1138 SMTPD_PROXY_README, external before-queue content filter
1139 SASL_README, Postfix SASL howto
1140 TLS_README, Postfix STARTTLS howto
1141 VERP_README, Postfix XVERP extension
1142 XCLIENT_README, Postfix XCLIENT extension
1143 XFORWARD_README, Postfix XFORWARD extension
1144
1146 The Secure Mailer license must be distributed with this software.
1147
1149 Wietse Venema
1150 IBM T.J. Watson Research
1151 P.O. Box 704
1152 Yorktown Heights, NY 10598, USA
1153 SASL support originally by:
1155 Till Franke
1156 SuSE Rhein/Main AG
1157 65760 Eschborn, Germany
1158 TLS support originally by:
1160 Lutz Jaenicke
1161 BTU Cottbus
1162 Allgemeine Elektrotechnik
1163 Universitaetsplatz 3-4
1164 D-03044 Cottbus, Germany
1165 Revised TLS support by:
1167 Victor Duchovni
1168 Morgan Stanley
1169 SMTPD(8)