SMTPD(6)SMTPD(6)NAMEsmtpd - SMTP listener configuration
The SMTP daemon of mail(1) implements the slave side of the SMTP proto‐
col to accept incoming mail on TCP port 25. In general, smtpd's
default parameters are sufficient for internal systems on protected
networks, but external or gateway systems require additional security
mechanisms. The files /mail/lib/smtpd.conf, containing configuration
parameters, and /mail/lib/blocked, containing banished addresses, pro‐
vide the means to exercise these facilities.
In both files input lines consist of a verb followed by one or more
parameters. These tokens are separated by white space or commas and
all characters following a # are comments. A # cannot be escaped.
Continuation lines are not supported, but verbs that take multiple
parameters can be restated on many lines and the associated parameters
accumulate into a single set. All token processing is case-insensi‐
Many parameters are addresses, either numeric IP addresses in CIDR
notation or a sender address in UUCP-style format.
An IP address in CIDR notation has the form
consisting of a four octet IP address, a slash, and a mask length spec‐
ifying the number of significant high-order bits. The lower the mask
length, the larger the range of addresses covered by the CIDR address;
see RFC 1878 for a discussion of mask lengths. Missing low-order
octets are assumed to be zero. If a mask length is not given, a mask
length of 16, 24, or 32 is assumed for addresses containing two, three,
or four octets, respectively. These mask lengths select a class B,
class C or Class D address block. Notice that this convention differs
from the standard treatment, where the default mask length depends on
the allocation class of the network block containing the address.
Sender addresses are specified in UUCP notation as follows:
It is seldom necessary to specify more than one domain. When domain is
missing or *, the address selects the specified user in all domains. A
domain of the form *.domain selects the domain and all of its sub-
domains. For example, example.com!user only matches the account user
in domain example.com, while *.example.com!user selects that account in
example.com and all of its sub-domains. When user is omitted or *, the
address selects all users in the specified domain. Finally, when * is
the last character of the user name it is a wild-card matching all user
names beginning with user. This limited pattern matching capability
should be used with care. For safety, the sender addresses *, !, *!,
!* and *!* are ignored.
This file contains configuration options and parameters describing the
local domain. Many of the options can also be specified on the command
line; command line options always override the values in this file.
Configuration options are:
The name of the local domain; it is appended to addresses
lacking a domain qualification. This is identical to the -h
command line option.
If on is specified, relaying is prohibited from unauthorized
networks to external domains. Authorized networks and
domains must be specified by the ournets and ourdomains verbs
described below. Setting this option on is equivalent to
specifying the -f command line flag, but the list of networks
and domains can only be specified in this file.
When on, smtpd verifies that the first domain of the sender's
address exists. The test is cursory; it checks only that
there is a DNS delegation for the domain. Setting the option
on is equivalent to specifying the -r command line option and
is useful for detecting some unreturnable messages as well as
messages with randomly generated domain names.
When on, causes copies of blocked messages to be saved in
subdirectories of /mail/queue.dump. Directories are named
with the date and file names are random numbers. If this
option is off blocked messages are discarded. Setting this
option on is equivalent to specifying the -s command line
ournets IP address [, IP address, ..., IP address]
This option specifies trusted source networks that are
allowed to relay mail to external domains. These are usually
the internal networks of the local domain, but they can also
include friendly external networks. Addresses are in CIDR
ourdomains domain [, domain, ..., domain]
This option specifies destination domains that are allowed to
receive relayed mail. These are usually the domains served
by a gateway system. Domain specifications conform to the
format for sender addresses given above.
When the norelay option is enabled or the -f command line option given,
relaying is allowed only if the source IP address is in ournets or the
destination domain is specified in ourdomains.
Smtpd consults /mail/ratify (see ratfs(4)) for a list of banned
addresses. Messages received from these addresses are rejected with a
5xx-series SMTP error code. There is no option to turn blocking on or
off; if /mail/ratify is mounted, smtpd will use it, even for connec‐
tions from trusted networks.
The command line format and address specifications conform to the nota‐
tion described above. If the parameters of the verb is sender
addresses in UUCP format, the line must begin with an * character; if
the parameters are one or more IP addresses, the * must precede the
verb. Most verbs cause messages to be rejected; verbs of this class
generally select different error messages. The remaining verbs specify
addresses that are always accepted, in effect overriding blocked
addresses. The file is processed in order, so an override must precede
its associated blocked address. Supported verbs are:
dial IP address [,..., IP address]
The parameters are IP addresses associated with dial-up
ports. The rejection message states that connections from
dial-up ports are not accepted. Copies of messages are never
block address [, ... address]
Messages from addresses matching the parameters are rejected
with an error message saying that spam is not accepted. The
message is saved if the option is enabled.
relay address [, ... address]
This verb is identical to block, but the error message states
that the message is rejected because the sending system is
being used as a spam relay.
deny address [, ... address]
The deny command rejects a message when the sender address
matches one of its parameters. The rejection message asks
the sender to contact postmaster@ hostdomain for further
information. This verb is usually used to block inadver‐
tently abusive traffic, for example, mail loops and stuck
senders. Messages are never saved.
allow address [, ... address]
The allow verb negates the effect of subsequent blocking com‐
mands. It is useful when a large range of addresses contains
a few legitimate addresses, for example, when a mail server
is in a Class C network block of modem ports. Rather than
enumerate the dial ports, it is easier to block the entire
Class C with a dial command, and precede it with an override
for the address of the mail server. Similarly, it is possi‐
ble to block mail from an entire domain while accepting mail
from a few friendly senders in the domain. The verb accept
is a synonym for allow.
Scanmail(8) describes spam detection software that works well with the
capabilities described here and mail(1) defines additional smtpd com‐
mand line arguments applicable to exposed systems.
SEE ALSOmail(1), ratfs(4), scanmail(8)SMTPD(6)