1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
|
.\" $Id: smtpd.8,v 1.14 1999/07/02 20:11:49 aaron Exp $
.Dd December 10, 1997
.Dt SMTPD 8
.Os
.Sh NAME
.Nm smtpd
.Nd
Obtuse Systems SMTPD message storing daemon
.Sh SYNOPSIS
.Nm smtpd
.Op Fl HPDLq
.Op Fl c Ar chrootdir
.Op Fl d Ar spooldir
.Op Fl u Ar user
.Op Fl g Ar group
.Op Fl m Ar myname
.Op Fl s Ar maxsize
.Op Fl l Ar listenip
.Op Fl p Ar listenport
.Op Fl i Ar pidfile
.Sh DESCRIPTION
.Nm smtpd
talks the Simple Mail Transfer Protocol (SMTP) with
other SMTP daemons to receive mail from them, and saves it into a spool
directory for later processing. It is the store portion of an SMTP
store and forward proxy. The symbiotic companion program
.Xr smtpfwdd 8
is used to forward the spooled mail on to its eventual destination.
.Nm smtpd
is normally invoked from a super-server such as
.Xr inetd 8 .
.Sh OPTIONS
.Bl -tag -width Ds
.It Fl c
Specify a different
.Ar chrootdir
directory to chroot into on startup. The default is
.Pa /var/spool/smtpd.
This directory should be readable and writable only to the user that
.Nm smtpd
runs as.
.It Fl d
Specify a different spool
.Ar directory
within the chrooted subtree. The default is ".", making
.Nm smtpd
spool files to the directory it chroots itself to.
.It Fl D
Tells
.Nm smtpd
to run as a daemon, listening on port 25.
The default is not to run as a daemon.
.It Fl g
Specify a
.Ar group
to run as.
.It Fl H
Disable host checking against the DNS. By default
.Nm smtpd
checks and will complain in the syslogs if the DNS information for
a host seems to indicate a possible spoof or misconfiguration.
.It Fl i
Specify a filename that
.Nm smtpd
should lock and write its pid to when running as a daemon.
Doesn't do anything if running from inetd. Default pid file
in daemon mode is
.Pa /var/run/smtpd.pid
on BSD systems, or
.Pa /usr/spool/smtpd/smtpd.pid
on non-BSD systems.
.It Fl l
Specify an ip address in dotted quad format for
.Nm smtpd
to accept connections to. In daemon mode this limits the address
that
.Nm smtpd
listens on. In inetd mode, smtpd will issue a 521 error
code and exit if connected to an address other than the specified
one. By default,
.Nm smtpd
accepts a connection no matter what address it is connected to.
.It Fl L
Suppress children in daemon mode (above) from doing an
openlog() call. This means your syslogs won't have pid
information, but is useful if you don't want to have to set up
your chroot jail for
.Nm smtpd
in a manner that an openlog() call will work in it.
.It Fl m
Specify
.Ar myname ,
the hostname the daemon should announce itself
as. The default is whatever gethostname() returns.
.It Fl p
Specify a decimal port number for
.Nm smtpd
to listen when running as a daemon. Doesn't do anything if running
from inetd.
.It Fl P
Enable paranoid mode of operation. In this mode connections are
dropped from any client feeding
.Nm smtpd
a suspicious hostname, FROM: or RCPT: lines containing characters
indicative of an attempt to do something evil, or any message headers
that aren't 8-bit clean. The default is to log such occurrences and
substitute for the offending characters, but not drop the connection.
.It Fl q
Tell
.Nm smtpd
to be quieter. By default smtpd emits very verbose syslog messages. With
this option it will emit one line of log for each normal message exchange.
.It Fl s
Specify
.Ar maxsize
the maximum size (in bytes) of mail message the
daemon should accept. The default is not to have a maximum size.
.It Fl u
Specify a
.Ar user
to run as. This user must not be root but
should be a user that is able to run sendmail and use the
.Fl f
option to specify the sender of a mail message.
.El
.Sh FILES
The address checking file is normally
.Pa etc/smtpd_check_rules ,
within the chroot directory.
.Pp
The address check file, when enabled, is read for each RCPT line in the
SMTP dialogue. Each rule is checked with the current source (SMTP
client machine and possibly user from ident) and the current FROM: and
RCPT: addresses.
.Sh SEE ALSO
.Xr inetd 8 ,
.Xr sendmail 8 ,
.Xr smtpfwdd 8
.Pp
.Pa /usr/share/smtpd
\- example configuration files.
.Pp
.Pa http://www.obtuse.com/smtpd.html
\- more examples and rules file details.
.Sh BUGS
Mistakes in
.Pa /etc/smtpd_check_rules
can discard legitimate mail and annoy
your users and other postmasters a very great deal! When
combined with custom return codes it is possible to write rules
that completely break the smtp protocol. It is important to test
your rules out and be absolutely sure they do exactly what you
want and no more.
.Pp
If
.Xr sendmail 8
is not run as a daemon when using
.Xr smtpd 8
and
.Xr smtpfwdd 8 ,
one must use cron to periodically invoke sendmail -q so that
queued messages are retried for eventual delivery. Alternatively,
.Xr sendmail 8
may be run as a daemon, but configured not to listen to the network.
.Pp
|
