-
-
Notifications
You must be signed in to change notification settings - Fork 2
qmail smtpd.8
qmail-smtpd - receive mail via SMTP
qmail-smtpd [ -v ] [ hostname checkprogram subprogram subprogram .. falsepgm ]
-v
Print qmail-smtpd features, control files present and environment
variables used and set. After displaying this information, qmail-smtpd
will exit. This option gets activated only when the first argument to
qmail-smtpd is -v.
qmail-smtpd receives mail messages via the Simple Mail Transfer Protocol (SMTP) and invokes the program defined by QMAILQUEUE environment variable to deposit the message into the outgoing queue. If QMAILQUEUE isn't defined then /usr/sbin/qmail-queue is used as a default.
qmail-smtpd uses /etc/indimail as its working directory which can be changed by setting SYSCONFDIR environment variable.
qmail-smtpd must be supplied several environment variables; see tcp-environ(5). One important environment variable is TCPREMOTEIP which is the IP address of the connecting remote host.
If the environment variable TCPPARANOID is set (tcpserver(1) with -p option), qmail-smtpd returns a permanent error code 553 to the client. TCPPARANOID is set by tcpserver(1) if the IP for reverse DNS address for TCPREMOTEIP does not match TCPREMOTEIP.
qmail-smtpd employs DNS look-up for the "MAIL from:" sender address. This can be bypassed using the nodnscheck control file.
If the environment variable REQPTR is set and TCPREMOTEHOST is absent, qmail-smtpd rejects connections from unresolvable IP address (hosts without reverse DNS). qmail-smtpd returns permanent error code 553 to the client. TCPREMOTEHOST environment variable is removed by tcpserver(1) if remote host (TCPREMOTEIP) does not have a reverse DNS record.
If the environment variable SMTPS is non-empty, qmail-smtpd starts a TLS session (to support the deprecated SMTPS protocol, normally on port 465). Otherwise, if you set the STARTTLS environment variable, qmail-smtpd offers the STARTTLS extension to ESMTP. If you set FORCE_TLS environment variable, qmail-smtpd does not accept MAIL FROM, RCPT TO commands unless the client issues a STARTTLS command. One can set the environment variable SSL_BITS to set the pem file that qmail-smtpd will use. By default this is set to 2048. This makes qmail-smtpd to use rsa2048.pem for the RSA private key and dh2048.pem for the DH parameters. If the environment variable CLIENT_RENEGOTIATION is set, client-initiated TLS renegotiation will be enabled
If the environment variable SMTPUTF8 is defined and non-empty qmail-smtpd offers RFC 5336 SMTP Email Address Internationalization support and will advertize the capability in the EHLO greeting. Since qmail-smtpd is 8 bit clean, setting of SMTPUTF8 has no real consequences except for displaying this setting in the received headers as UTF8(E)SMTP.
qmail-smtpd is responsible for counting hops. It rejects any message with 100 or more Received or Delivered-To header fields. The default value of 100 hops can be changed by having a control file maxhops.
qmail-smtpd supports ESMTP, including the 8BITMIME, DATA, PIPELINING, SIZE, VRFY, ETRN, ATRN and AUTH options. You can disable VRFY by setting environment variable DISABLE_VRFY.
qmail-smtpd supports basic help usage when you use the HELP command. You can disable HELP by setteing environment variable DISABLE_HELP.
qmail-smtpd includes a 'MAIL FROM:' parameter parser and obeys 'AUTH' and 'SIZE' advertisements.
qmail-smtpd can accept LOGIN, PLAIN, XOAUTH2, CRAM-MD5, CRAM-SHA1, CRAM-SHA224, CRAM-SHA256, CRAM-SHA384, CRAM-RIPEMD, DIGEST-MD5, SCRAM-SHA-1, SCRAM-SHA-1-PLUS, SCRAM-SHA-256, SCRAM-SHA-256-PLUS AUTH types. For auth types other than the SCRAM methods, it invokes checkprogram, which reads on file descriptor 3 the username, a NULL byte, the password or challenge derived from hostname, another NULL byte, a CRAM-MD5/CRAM-SHA1/CRAM-SHA256/CRAM-RIPEMD/DIGEST-MD5 response (if applicable to the AUTH type), and a final NULL byte. checkprogram invokes subprogram upon unsuccessful authentication, passing the same data (read earlier on descriptor 3) on a pipe with file descriptor 4 as the write end and file descriptor 3 as the read end. subprogram should read file descriptor 3 and should in turn return 0 to qmail-smtpd, effectively setting the environment variables TCPREMOTEINFO and AUTHINFO (any supplied value replaced with the authenticated username). One can specifically disable the AUTH methods by setting DISABLE_AUTH_LOGIN, DISABLE_AUTH_PLAIN, DISABLE_AUTH_OAUTH2, DISABLE_CRAM_MD5, DISABLE_CRAM_SHA1, DISABLE_CRAM_SHA224, DISABLE_CRAM_SHA256, DISABLE_CRAM_SHA384, DISABLE_CRAM_SHA512, DISABLE_CRAM_RIPEMD, DISABLE_DIGEST_MD5, DISABLE_SCRAM_SHA1, DISABLE_SCRAM_SHA1_PLUS, DISABLE_SCRAM_SHA256, DISABLE_SCRAM_SHA256_PLUS, environment variable. If you set the environment variable SECURE_AUTH, AUTH LOGIN, AUTH PLAIN, AUTH XOAUTH2 gets disabled unless STARTTLS is issued or you run qmail-smtpd under SSL (e.g. port 465). You may set FORCE_TLS environment variable to deny authentication, if the client does not provide the STARTTLS command. The falsepgm argument is the name of a program that always fails, such as /bin/false.
qmail-smtpd supports SASL - Simple Authentication and Security Layer framework with the GNU SASL library. For SCRAM authentication types, qmail-smtpd uses SASL. For the SCRAM-*-PLUS methods, qmail-smtpd(8) supports the tls-unique and tls-exporter channel binding types (See RFC 5929 and RFC 9266). qmail-smtpd fetches server_key, stored_key from the indimail MySQL database for authentication. If you have used vpasswd(1) or vmoduser(1) to set clear text passwords for CRAM authentication methods (-C option), the same passwords will work for SCRAM authentication.
checkprogram returns 0 on successful authentication, terminating the chain. Similarly subprogram exits 0 on successful authentication, terminating the chain.
checkprogram, subprogram should exit 3 if the user doesn't have relay privileges. You can have as long chain of checkprogram subprogram1 subpgoram2 ... as long as the number of authentication mehods/databases you want to support.
qmail-smtpd will reject the authentication attempt if it receives a nonzero return value from checkprogram or subprogram. There can be multiple subprograms for a particular type of authentication. The last subprogram should typically be /bin/false or /usr/bin/false depending on your Operating System. qmail-smtpd advertizes AUTH capability only if hostname and checkprogram are passed as the minimum arguments.
qmail-smtpd prevents unauthorized relaying and also reject mails addressed to invalid mailboxes. To do this, qmail-smtpd employs the following additional checks -
Check Relay Status by looking up in MySQL, email addresses logged in the relay table within past 30 Minutes, corresponding to the remote ip address of the client. This effectively prevents the user to give any "RCPT TO:" recipient address other than those belonging to local domains in rcpthosts, locals control files. This option is turned on by defining the environment variable CHECKRELAY. Email address and IP address is logged into the relay table when the user does a IMAP or POP3 access. This mechanism 'pop before smtp' allows qmail-smtpd to relay out mails after a successful IMAP/POP3 authentication.
NOTE: Only domains not listed in rcpthosts are checked. Users can send emails for domains in rcpthosts without authentication. Authentication can be forced for everyone by having the AUTH_ALL environment variable. If you desire forced authentication for certain domains, you can do it so by having the domain listed in the control file authdomains. In such cases of enforced authentication, an email transaction will succeed only if the sender has authenticated using SMTP AUTH, IMAP or POP3. If the environment variable REQUIREAUTH is set, qmail-smtpd will not accept any MAIL FROM commands until and unless the client has authenticated using the SMTP AUTH command.
[step]
Check Recipient Status by looking up in MySQL or recipients
extension, status of recipients is determined before accepting the
mails. This option is turned on by defining the environment variable
CHECKRECIPIENT to one of the following values
1. Reject if recipient not in MySQL 2. Reject if recipient not in both MySQL and recipients extension (See below) 3. Reject if recipient not found through recipients extension (See below)
The following status for the user is checked
-
Inactive Recipients Recipients who have not logged on to the mailing system for more than 60 days (works only if CHECKRECIPIENT is set to 1)
-
Invalid Recipients Recipients who do not have any accounts on the mailing system
-
Overquota Recipients Recipients who have exhausted their current mailbox quota. (works only if CHECKRECIPIENT is set to 1)
If the status of the recipient fall into any of the above category, the mail is rejected with a permanent error.
NOTE: To turn on recipient status check for selected domains, include the domains in the chkrcptdomains control file. Check the CONTROL FILES section below for the syntax for chkrcptdomains control file.
If CHECKRECIPIENT is defined and if the control file chkrcptdomains is absent, the recipient status check is turned on for all domains. If the environment variable MAX_RCPT_ERRCOUNT is set, qmail-smtpd will reject mails if number of errors while doing recipient status check equals/exceeds the value defined by MAX_RCPT_ERRCOUNT.
[step]
Check Sender Status This enforces local user to authenticate via
authenticated SMTP, IMAP/POP3 before accepting mail from the user. This
option is turned on by setting CHECKSENDER environment variable. The
following status for the user is checked
-
Inactive Senders Senders who have not logged on to the mailing system for more than 60 days (works only virtual users)
-
Invalid Senders Senders who do not have any accounts in MySQL or /etc/passwd
-
NO_SMTP flag Senders who have NO_SMTP flag set by vmoduser(1). This is applicable only for virtual users.
If the status of the sender fall into any of the above category, the mail is rejected with a permanent error. If the sender doesn't fall into the above category, mail will be accepted.
Setting CHECKSENDER environment variable also turns on anti-spoofing feature for the domain where the user cannot forge the MAIL FROM address. If the MASQUERADE environment variable is set, the user will be able to use any MAIL FROM, but since qmail-smtpd logs all transactions, the actual user id used for authentication will be logged.
Once a user has authenticated or authentication is enforced, you can use MASQUERADE environment variable to enforce a certain behaviour.
If MASQUERADE is set to an empty string, mail will be accepted with any sender address
[step]
If MASQUERADE environment variable set to an address, mail will be
accepted only when the sender address matches the value of the
environment variable
[step]
If MASQUERADE is not set, mail will be accpeted only if the
IMAP/POP3/SMTP authenticated userid matches the "MAIL FROM" sender
address.
NOTE: To turn on sender status check for selected domains, include the domains in the chksenderdomains control file. Check the CONTROL FILES section below for the syntax for chksenderdomains control file.
If the CUGMAIL environment variable is defined qmail-smtpd accepts mail only from/to local domains (domains listed in rcpthosts).
qmail-smtpd can greet clients "421 service unavailable" if you set environment variable SHUTDOWN.
$ env SHUTDOWN="" ./qmail-smtpd
421 indimail.org SMTP service unavailable (#4.3.2)
$ env SHUTDOWN="554 service discontinued (#5.1.6)" ./qmail-smtpd
554 indimail.org service discontinued (#5.1.6)
qmail-smtpd(8) supports Bounce Address Tag Validation (BATV). It will verify signature in BATV tagged recipient bounce addresses. Having the control file batvkey or setting the environment variable BATVKEY enables BATV. When a bounce is received by qmail-smtpd(8) it checks recipient address for validity of the signature in the tagged bounce address and reject the message in case the signature is invalid. qmail-smtpd(8) will also unwrap the signature for replies to a an address tagged by qmail-remote(8).
qmail-smtpd(8) can be configured to do SPF lookup by using the control file spfbehavior. SPF lookup enables qmail-smtpd(8) to accept mails for a domain from IP addresses designated as permitted sender by the domain administrator. When SPF lookup is enabled, qmail-smtpd sets the environment variable SPFRESULT which contains the result of the SPF evaluation. You can use this variable in your filter scripts or any configured qmail-queue-frontend like qmail-multi(8), qmail-qfilter(1), qfrontend(1).
qmail-smtpd(8) will decode recipient addresses written using Sender Rewriting Scheme (SRS) for srs domain configured in the control file srs_domain. This enables qmail-smtpd(8) to redirect mail to the original sender (forwarder) without using a complicated scheme of using .qmail-srs-default which calls srsfilter(1). See indimail-srs(5) on how to configure srs.
If the environment variable LOGFILTER is defined, qmail-smtpd will open a fifo defined by LOGFILTER environment variable in O_WRONLY mode. It will write the SMTP transaction log to the fifo. This makes it possible for qmail-smtpd to push the SMTP transaction log to exernal programs. Additionally, if QMAILQUEUE or FILTERARGS env variabels are defined, qmail-smtpd will make available file descriptor 255 to be available for writing by external programs. Additionally, qmail-smtpd will read 255 bytes on file descriptor 255. To use a file descriptor other than 255, use the LOGFD environment variable. The bytes read will be logged to stderr along with the transaction log. This makes it possible for programs called during the data phase of SMTP to send back 255 bytes of messages back to qmail-smtpd. In fact, this is used to obtain the X-Bogosity header from bogofilter(1) when during spam filtering. An example of a SMTP transaction log is as below
qmail-smtpd: pid 14544 from ::ffff:127.0.0.1 HELO <indimail.org> \
MAIL from <newsletter_xxx@example.com> \
RCPT <mailstore@indimail.org> AUTH <local-rcpt> Size: 245988 \
X-Bogosity: No, spamicity=0.578967, cutoff=9.90e-01, ham_cutoff=0.00e+00, \
queueID=x18cs40485wff, msgID=<Newsletter_xxx@example.com>, \
ipaddr=217.73.48.143
qmail-smtpd writes Received: header with details of the SMTP connection regarding ESMTP, UTF, TLS, date and time.
Received: indimail-mta smtpd 28500 (HELO argos.indimail.org) (::1)
by unknown with ESMTPS
(tls provider dotls, TLS Server=TLSv1.3, Client=TLSv1.3,
Ciphers=TLS_AES_256_GCM_SHA384);
Mon, 26 Dec 2022 21:02:07 +0530
If the environment variable HIDE_HOST is set, qmail-smtpd does not write hostnames and IP addresses in the received header.
qmail-smtpd should be run as qmaild user, qmail, indimail groups. If you are using signing your messages using DKIM or if you are are encrypting outgoing connections with TLS/SSL, qcerts group should be added as a supplementary group for qmailr user.
qmail-smtpd uses inlookup(8), instead of directly connecting to MySQL. This allows very a high queries per seconds to be achieved by avoiding frequent tearing down of TCP/IP connections.
For a non-distributed architecture, you need a local MySQL database. To connect to a MySQL database, you need to have a control file host.mysql. This control file contains the IP address/hostname of the MySQL database corresponding to the local database. If the control file host.mysql is missing, programs will use localhost to connect to MySQL. One can also use host:user:password:socket/port[:ssl] format for host.mysql.
inlookup can be used to serve queries for multiple databases (as in a distributed architecture). The information of all databases that inlookup needs to connect to can maintained in the file mcdinfo. Without this file, inlookup will use the host.mysql control file.
The information of all the databases that qmail-smtpd can connect to connect to can be maintained in the file mcdinfo. You can use dbinfo(1) program to edit mcdinfo. For each database that qmail-smtpd needs to connect to, the following lines need to be maintained
domain indimail.org 1 server localhost mdahost 192.9.0.1 port 3306 database indimail user indimail pass passwd
domain has two arguments, the first is the domain name and the second if non-zero specifies a clustered domain
server specifies the server to which connection for database needs to be made to.
mdahost specifies where the mails for this domain needs to be delivered to.
port specifies the port on which the database server listens.
database specifies the name of the database containing the mail users information.
user specifies the database user having privilege to connect and carry out various activity in the mail database.
pass specifies the password of the database user.
qmail-smtpd supports AUTOTURN, ETRN (RFC 1985) and ATRN (RFC 2645). The parameter to an ETRN request is normally a domain name. qmail-smtpd issues a new connection when a client issues ETRN command and uses the best MX for the domain, thus avoiding security problems.
For AUTOTURN, no client support is required. A connect to port 25 will cause qmail-smtpd to connect back to $TCPREMOTEIP on port 25. For enabling AUTOTURN, the following entry should be present in virtualdomains.
virt.dom:autoturn-202.144.44.3
and the following entry in the assign file
+autoturn-:autoturn:508:508:/var/indimail/autoturn:-::
The above specifies that AUTOTURN be enabled for domain virt.dom. Clients only from the IP Address 202.144.44.3 can then issue the AUTOTURN command. All mails for virt.dom will be queued in the Maildir /var/qmail/autoturn/202.144.44.3
With the spread of low-cost computer systems and Internet connectivity, the demand for local mail servers has been rising. Many people now want to operate a mail server on a system which has only an intermittent connection to a service provider. If the system has a static IP address, the ESMTP ETRN command [ETRN] can be used. However, systems with dynamic IP addresses (which are very common with low-cost connections) have no widely-deployed solution.
The ATRN command uses On-Demand Mail Relay (ODMR), which is a profile of SMTP [SMTP, ESMTP], provides a secure, extensible, easy to implement approach to the problem. To setup ODMR, setup qmail-smtpd to listen on port 366 without any delivery queue. ODMR uses maildirserial(1) and serialsmtp(1) to act as an SMTP client. qmail-smtpd(8) running on port 366 dups descriptor 0 to 6 and descriptor 1 to 7 for serialsmtp(1) to work.
For ATRN, access is granted to domains to a user that can perform SMTP authentication. There are two ways to allow access to ATRN domains to a user. For local users (those that are in the local authentcation database like passwd(5), shadow(5), one has to use the atrnaccess control file. The format of this file is
user1:atrn1_domain, atrn5_domain, atrn7_domain, ...
user2:atrn2_domain, atrn3_domain, atrn3_domain, ...
user3:atrn4_domain, atrn6_domain,...
For users in indimail's MySQL database, you can use the vatrn(1) command to configure access.
ETRN/AUTOTURN/ATRN command is enabled only for domains listed in the control file etrnhosts.
NOTE: User Status Check does not work on ETRN/AUTOTURN/ATRN domains. Hence to turn on User Status Check for selected domains, include non ETRN/AUTOTURN/ATRN domains in the control file chkrcptdomains. If the control file chkrcptdomains is absent and User Status Check is enabled, the User Status Check is turned on for all domains. In this case mails to ETRN/AUTOTURN/ATRN domains will bounce.
qmail-smtpd converts the SMTP newline convention into the UNIX newline convention by converting CR LF into LF. It returns a temporary error and drops the connection on bare LFs; see https://cr.yp.to/docs/smtplf.html. If you set ALLOW_BARELF, it will accept connections on bare LFs.
qmail-smtpd accepts messages that contain long lines or non-ASCII characters, even though such messages violate the SMTP protocol.
qmail-smtpd by default looks at /etc/indimail/control for all control files. This path can be changed by defining the CONTROLDIR environment variable. Some of these control files can also be in cdb format if they have the .cdb extension. Some of these control files can be in MySQL if they have the .sql extension. If you desire that the control file to be in MySQL, the file (with .sql extension) should have an entry in the following format.
dbase_server_ip:dbase_user:dbase_password:dbase_name:table_name
See indimail-control(5) to see the full list of control files which support .cdb and .sql extensions.
authdomains
Any sender domain listed in this file will require authentication to be
able to send mails to any domain (local or remote). A line in
authdomains may be of the form **@**host, meaning every address at
host. authdomains can also be in cdb format. if authdomains.cdb
file is present, it will be searched first. authdomains.cdb can be
built using qmail-cdb(8). You can set QREGEX environment
variable if you want to use regex patterns for addresses in
authdomains.
badhelo
Unacceptable HELO/EHLO greeting strings. qmail-smtpd will reject
every connection attempt if the client MTA's HELO/EHLO greeting compares
with a REGEX pattern provided in badhelo. To enable badhelo check,
define the environment variable BADHELOCHECK or set the environment
variable BADHELO to a control file containing unacceptable HELO/EHLO
greetings strings. When badhelocheck is enabled, qmail-smtpd will
reject email sent using HELO hostname equal to your IP address, or
hostname without dns records. You can put an entry in nodnscheck
control file to bypass dnscheck. If ENFORCE_FQDN_HELO is set
qmail-smtpd will reject emails from hosts which pass HELO hostname
without dots. A line in badhelo may be of the form **@**host,
meaning every address at host. badhelo can also be in cdb format. if
badhelo.cdb file is present, it will be searched first,
badhelo.cdb can be built using qmail-cdb(8). The filename
can be overridden by the environment variable BADHELO. You can set
QREGEX environment variable if you want to use regex patterns for
addresses in badhelo.
badip
Unacceptable IP address in environment variable TCPREMOTEIP.
qmail-smtpd will reject with a temporary error code, every host
listed in badip. A line in badip may be case insensitive regular
expression. To enable badip check, define the environment variable
BADIPCHECK or set the environment variable BADIP to a control file
containing unacceptable IP addresses. badip can also be in cdb format.
if badip.cdb file is present, it will be searched first.
badip.cdb can be built using qmail-cdb(8). The filename can
be overridden by the environment variable BADIP. You can set QREGEX
environment variable if you want to use regex patterns for addresses in
badip.
badhost
Unacceptable remote host in environment variable TCPREMOTEHOST.
qmail-smtpd will reject every host listed in badhost. A line in
badhost may be a case insensitive regular expression. To enable
badhost check, define the environment variable BADHOSTCHECK or set
the environment variable BADHOST to a control file containing
unacceptable remote hosts. The environment variable QREGEX can be
set to match host, recipient using regular expressions.
accesslist
qmail-smtpd will apply access list to allow email transaction
between sender and recipient. A line in accesslist is of the form
type:sender:recipient
where type is either the word 'from' for access control on sender. It can be 'rcpt' for access control on recipient. sender and recipient can be the actual sender, recipient or a wildcard/regexp. The environment variable QREGEX can be set to match sender, recipient using regular expressions. If QREGEX environment variable is set to 0 or not set, simple wildcard matching will be used.
from:recruiter@yahoo.com:hr@indimail.org
rcpt:ceo@indimail.org:country_distribution_list@indimail.org
rcpt:md@indimail.org:country_distribution_list@indimail.org
- recruiter@yahoo.com is permitted to send mails only to
hr@indimail.org and no one else.
- only ceo@indimail.org and md@indimail.org are permitted to send mails to
country_distribution_list@indimail.org
These restrictions do not apply when the from is "" or the recipient is
postmaster or abuse. This is to prevent violating RFCs. A utility
uacl(1) is provided to test the accesslist.
badmailfrom
Unacceptable envelope sender addresses. qmail-smtpd will reject
every recipient address for a message if the envelope sender address is
listed in badmailfrom. A line in badmailfrom may be of the form
**@**host, meaning every address at host. badmailfrom can also be
in cdb format. if badmailfrom.cdb file is present, it will be
searched first. badmailfrom.cdb can be built using
qmail-cdb(8). The filename can be overridden by the environment
variable BADMAILFROM. You can have wildcard patterns too for sender
addresses. You can set QREGEX environment variable if you want to
use regex patterns for envelope sender addresses, else simple wildcard
match is used.
badmailpatterns
gives **qmail-smtpd ** the ability to filter E-Mails by comparing the
sender address with a REGEX pattern in badmailpatterns.
Example:
*@earthlink.net
!fred@earthlink.net
[0-9][0-9][0-9][0-9][0-9]@[0-9][0-9][0-9].com
answerme@save*
*%*
badmailpatterns file with this contents stops all mail from Earthlink except from fred@earthlink.net. It also stops all mail with addresses like: 12345@123.com and answerme@savetrees.com. Further, any E-Mail with a sender address containing a percent sign (%) is rejected. The filename can be overridden by the environment variable BADMAILPATTERNS. badmailpatterns gets disabled of you set QREGEX environment variable. badmailpatterns uses simple shell-style pattern matching unlike regular expressions used by setting QREGEX environment variable. You can set wildcard/regex patterns in badmailfrom itself if QREGEX environment variable is set to 0 or 1.
tlsservermethod
The TLS protocol list. Accepted values are TLSv1_2, TLSv1_3. The default
is TLSv1.2 for OpenSSL Version < 1.0.1. OpenSSL Version >= 1.0.1 uses
TLS_server_method() where the actual protocol version used will be
negotiated to the highest version mutually supported by the client and
the server. The supported protocols are TLSv1.2 and TLSv1.3. You can
specify the minimum and maximum protocol by using min:max format. e.g.
TLSv1_2:TLSv1_3. It is best not to have this control file to let
qmail-smtpd chose the highest supported protocol.
servercipherlist | serverciphersuite
A set of OpenSSL cipher strings. Multiple ciphers contained in a string
should be separated by a colon. The default location of SYSCONF/control
can be overridden by environment variable CONTROLDIR. The control
file can be overridden by setting the cipher strings in the environment
variable TLS_CIPHER_LIST for TLSv1.2 and below and
TLS_CIPHER_SUITE for TLSv1.3 and above. servercipherlist is used
for TLSv1.2 and below. serverciphersuite is used for TLSv1.3 and
above. TLSv1.3 changed the way ciphersuites work quite significantly. As
a result ciphersuites defined for TLSv1.3 and above do not work in
TLSv1.2 and below and vice versa. For this reason OpenSSL handles them
separately internally as well and they are configured in different
ways - even though "on the wire" the list of TLSv1.2 and TLSv1.3
ciphersuites get merged. The openssl ciphers command reports the merged
list of TLSv1.2 and TLSv1.3 ciphersuites. Earlier verions of qmail-smtpd
used tlsserverciphers. The changes for TLSv1.3 has necessitated having
serverciphersuite for TLSv1.3 and servercipherlist for TLSv1.2 and
below.
tlsclients
A list of email addresses. When relay rules would reject an incoming
message, qmail-smtpd can allow it if the client presents a
certificate that can be verified against the CA list in clientca.pem
and the certificate email address is in tlsclients.
servercert.pem
SSL certificate to be presented to clients in TLS-encrypted sessions.
Should contain both the certificate and the private key. Certifying
Authority (CA) and intermediate certificates can be added at the end of
the file. The filename can be overridden by the environment variable
SERVERCERT. The default location of /etc/indimail/certs can be
overridden by environment variable CERTDIR.
clientca.pem
A list of Certifying Authority (CA) certificates that are used to verify
the client-presented certificates during a TLS-encrypted session. The
filename can be overridden by the environment variable CLIENTCA. The
default location of /etc/indimail/certs can be overridden by environment
variable CERTDIR.
clientcrl.pem
A list of Certificate Revocation Lists (CRLs). If present it should
contain the CRLs of the CAs in clientca.pem and client certs that will
be checked for revocation. The filename can be overridden by the
environment variable CLIENTCRL. The default location of
/etc/indimail/certs can be overridden by environment variable CERTDIR.
rsa512.pem
If this 512 bit RSA key is provided, qmail-smtpd will use it for TLS
sessions instead of generating one on-the-fly. The default location of
/etc/indimail/certs can be overridden by environment variable CERTDIR.
dh1024.pem
If these 1024 bit DH parameters are provided, qmail-smtpd will use
them for TLS sessions instead of generating one on-the-fly (which is
very timeconsuming). The default location of /etc/indimail/certs can be
overridden by environment variable CERTDIR.
dh512.pem
512 bit counterpart for dh1024.pem. The default location of
/etc/indimail/certs can be overridden by environment variable CERTDIR.
signatures
Unacceptable base64 encoded MIME types in message. qmail-smtpd will
reject every message if the first 9 significant characters (eg.
TVqQAAMAA) of any of it's embedded MIME types is identical with one
present in signatures. The control file signatures is evaluated if
the environment variable VIRUSCHECK is set but empty. All matches will
be logged. Additionally a description for the pattern can be set by
appending it just after the pattern, with a colon : as a separator.
i.e.
TvqQAAMAA:An Executable from a Dirty OS
By default the pattern is matched in both the headers and the body The word -header or -body can be appended to the comment (with : as a separator) to run the check only on the mail header or mail body respectively. The word -headerblackhole or -bodyblackhole can be appended to the comment to run the check only on the mail header or mail body respectively and also blackhole the mail. i.e.
TvqQAAMAA:An Executable from a Dirty OS:-body
The filename can be overridden by the environment variable SIGNATURES.
bodycheck
This control file gives qmail-smtpd content-filtering ability. Any
regex pattern in this file will be matched againt all lines entered in
the SMTP data session. e.g. To block files with an extension created by
a widely used brain-dead word processor used by some modern cave men
^Content-Disposition:.*filename=".*.doc":Prehistoric documents from M$
^X-QHPSI:.*Virus found: Virus email from M$
By default the pattern is matched in both the headers and the body The word -header or -body can be appended (with colon : as a separator) to the comment to run bodycheck only on the mail header or mail body respectively. The word blackhole can be appended to -header or -body to silently discard the email in case of a match. All attemts for emails which get rejected when they match a pattern get logged. The bodycheck control gets enabled if the environment variable BODYCHECK is set. The filename can be overridden by the environment variable BODYCHECK provided that the value of BODYCHECK environment variable is non-empty. e.g. BODYCHECK=bodycheck.paranoid
badrcptto
Unacceptable envelope recipient addresses. qmail-smtpd will reject
every incoming message if the envelope recipient address is listed in
badrcptto. This control file is complementary to badmailfrom. A line
in badrcptto may be of the form **@**host, meaning every address at
host. badrcptto can also be in cdb format. if badrcptto.cdb
file is present, it will be searched first. badrcptto.cdb can be
built using qmail-cdb(8). The filename can be overridden by the
environment variable BADRCPTTO. You can have wildcard patterns too
for recipient addresses. You can set QREGEX environment variable if
you want to use regex patterns for envelope sender addresses, else
simple wildcard match is used.
You can set QREGEX environment variable if you want to use regex patterns for addresses in BADRCPTTO.
badrcptpatterns
employes the same filtering logic for the envelope recipient as
badmailpatterns. It allows qmail-smtpd to reject SPAM E-Mail
including the signature
*\[dd.dd.dd.dd\]*
in the badrcptpatterns file, where dd.dd.dd is the IP address in brackets. The filename can be overridden by the environment variable BADRCPTPATTERNS. badrcptpatterns gets disabled of you set QREGEX environment variable. badrcptpatterns uses simple shell-style pattern matching unlike regular expressions used by setting QREGEX environment variable. You can use wildcard or regex patterns in badrcpt itself if QREGEX is set to 0 or 1.
goodrcptto
If CHECKRECIPIENT environment variable is defined, user status check
will not be carried out for addresses listed in this file. Addresses
listed in this file will additionally bypass badrcptto,
badrcptpatterns, and blackholedrcpt. A line in goodrcptto may be
of the form **@**host, meaning every address at host. goodrcptto
can also be in cdb format. If goodrcptto.cdb is present, it will be
searched first. The filename can be overridden by the environment
variable GOODRCPTTO. You can set QREGEX environment variable if
you want to use regex patterns for good envelope recipient addresses. If
QREGEX is set as 0, wildcard match is used instead.
goodrcptpatterns
REGEX patterns of envelope recipient addresses which should bypass
CHECKRECIPIENT checks. The filename can be overridden by the environment
variable GOODRCPTPATTERNS. goodrcptpatterns gets disabled of you
set QREGEX environment variable. goodrcptpatterns uses simple
shell-style pattern matching unlike regular expressions used by setting
QREGEX environment variable. You can use wildcard or regex patterns
in goodrcpt itself if QREGEX is set to 0 or 1. Addresses listed in
this file will additionally bypass badrcptto, badrcptpatterns and
blackholdrcpt.
blackholedsender
Envelope sender address causing delivery of mail to a blackhole.
qmail-smtpd will carry on the SMTP connection without writing the
mail to the queue after recognizing an envelope sender address listed in
blackholedsender. The peer (Client) is notified of success. This is
called blackholing where the mail is forever lost. A line in
blackholedsender may be of the form @host, meaning every address at
host. blackholedsender can also be in cdb format. If
blackholedsender.cdb is present, it will be searched first. The
filename can be overridden by the environment variable
BLACKHOLEDSENDER You can set QREGEX environment variable if you
want to use wildcard or regex patterns for blackholed envelope sender
addresses. Setting QREGEX to 1 enables regex match while setting it
to 0 enables wildcard match.
blackholedrcpt
Envelope recipient address causing delivery of mail to a blackhole.
qmail-smtpd will cause the mail not to be written to the queue.
However the client will be notified of success. A line in
blackholedrcpt may be of the form **@**host, meaning every address
at host. blackholedrcpt can also be in cdb format. If
blackholedrcpt.cdb is present, it will be searched first. The filename
can be overridden by the environment variable BLACKHOLEDRCPT. You
can set QREGEX environment variable to 0 or 1 if you want to use
wildcard or regex patterns for blackholed envelope recipient addresses.
hostaccess
provides domain, IP address pair access list control. You can control
sender domains to orignate from certian IP addresses. You can override
hostaccess filename with the environment variable HOSTACCESS If
the environment variable PARANOID is set, then only domain-ip pairs
listed in the control file will be granted access. If the variable
DOMAIN_MASQUERADE is set, then for IP addresses listed in the
control file, domains not matching the pair will still be allowed.
*:202.133.22.1
yahoo.com:202.144.77.5
abc.com:202.10-33.54.5
indimail.org:*
- All domains allowed from 202.133.22.1 (no domain restriction
for 202.133.22.1)
- mail from yahoo.com allowed from 202.144.77.5
if PARANOID is set, mail from yahoo.com will be allowed
only from 202.144.77.5
- any domain other than yahoo.com will be rejected from
202.144.77.5 (unless DOMAIN_MASQUERADE is set)
- mail from abc.com is allowed from a ip range 202.10.54.5 to
202.33.54.5
- mail from indimail.org is allowed from any ip address (no IP
restriction for indimail.org)
maxcmdlen
When a clients sends a commandline which is longer than maxcmdlen,
than the client gets tarpitted and the connection is closed.
spamignore
envelope sender addresses which should bypass spam filter (whitelisted).
qmail-smtpd will unset SPAMFILTER environment variable for a message
if the envelope sender address is listed in spamignore. A line in
spamignore may be of the form **@**host, meaning every address at
host. If SPAMFILTER is not defined, qmail-multi does not apply
spam filter on the message See qmail-multi(8) for more details.
spamignore can also be in cdb format. If spamignore.cdb is present,
it will be searched first. The filename can be overridden by the
environment variable SPAMIGNORE. You can set QREGEX environment
variable if you want to use regex patterns for whitelised envelope
sender addresses.
QREGEX
The files badhelo, badmailfrom, badrcptto, blackholedsender,
blackholedrcpt, spamignore, relaymailfrom, authdomains, chkrcptdomains,
chksenderdomains, goodrcptto, can be used with regular expressions if
the environment variable QREGEX is defined (in which case, the
control files badhelopatterns, badmailfrompatterns, badrcpttopatterns,
goodrcptpatterns etc are not required and get disabled). Setting
QREGEX to 0 enables simple wildcard match. Setting it to 1 enables
regex match.
# drop everything containing the word spam
.*spam.*
# force users to fully qualify themselves (ie deny "user", accept "user@domain")
!@
For badrcptto you then can have the following # must not contain invalid characters, brakets or multiple @'s [\W\D!%#:\\] [\\] [\\] @.*@
maxrecipients
maxrecipients is the number of RCPT TO:'s qmail-smtpd will accept in
a SMTP session. Default: 0 which means no restriction. The environment
variable MAXRECIPIENTS overrides the value in this control file.
databytes
Maximum number of bytes allowed in a message, or 0 for no limit.
Default: 0. If a message exceeds this limit, qmail-smtpd returns a
permanent error code to the client; in contrast, if the disk is full or
** qmail-smtpd** hits a resourcs limit, ** qmail-smtpd** returns a
temporary error code. If you define the environment variable
DATABYTES_NOTIFY, then the recipient gets notified in case a message
is bounced back to the sender due to crossing the databyte limit.
databytes counts bytes as stored on disk, not as transmitted through the network. It does not count the ** qmail-smtpd** Received line, the ** qmail-queue** Received line, or the envelope.
If the environment variable DATABYTES is set, it overrides databytes.
greetdelay
The greetdelay control file adds a defined delay after the SMTP client
has initiated the SMTP session and before qmail-smtpd answers with
"220 ESMTP" welcome prompt. A negative value in the control file causes
the session to be terminated if any input is received before the welcome
prompt. The absolute value in the control file determines the delay.
This can be helpful to trap junk SMTP traffic (well-behaved MTAs will wait for the welcome prompt before sending). Time enough to discourage a typical Spambot's SMTP client from continuing the SMTP session (the session will be aborted by the client). Setting of GREETDELAY does not harm 'regular' mail clients, but will reduce Spam traffic. It has been argued, that the sleeping qmail-smtpd blocks local resources and it should be better to send the client a 55x reply (in case of protocol violations) by having a negative value for the greet delay. However, one should keep in mind, that not only the resources on the mail server are used, but in addition those of the spam mail sender are blocked for that particular session. Thus, the GREETDELAY will not only save you for spam mails, but unlike Greylisting and/or filtering a la SpamAssassin, this is the only mean to really reduce the overall amount of spam because the timeslot required for the spam sender to deliver messages (whether successfully or unsuccessfully) is raised from typically one second to (<=) GREETDELAY seconds.
The delay can also be set via the environment variable GREETDELAY, which is typically set by means of tcpserver's rule-set file. A value of GREETDELAY="30" will delay the qmail-smtpd's greeting for 30 seconds. A value of GREETDELAY="-30" will delay the qmail-smtpd's greeting by 30 seconds and as well as terminate the session if any input is received before 30 seconds. If the environment variable GREETDELAY is set, it overrides greetdelay control file.
dnsbllist
A list of dnsbl providers that qmail-smtpd checks to identify
blacklisted ip addresses. The filename can be overridden by the
environment variable DNSBLLIST.
If the environment variable SKIPDNSBL is set, qmail-smtpd ignores dnsbllist, and the dnsbl check is not performed. The check is skipped even if some other authentication method succedeed which authorize the client to relay (smtp-auth or tls client certificate), or if RELAYCLIENT enviromnent variable is set. The dnsbllist functionality is provided by /usr/lib/indimail/plugins/smtpd-plugin0 plugin.
localiphost
Replacement host name for local IP addresses. Default: me, if that is
supplied. qmail-smtpd is responsible for recognizing dotted-decimal
addresses for the current host. When it sees a recipient address of the
form box@[d.d.d.d], where d.d.d.d is a local IP address, it
replaces [d.d.d.d] with localiphost. This is done before
rcpthosts.
moreipme
qmail-smtpd will treat all addresses in this file exactly as if they
were local, though not identified initially by the OS; eg. in a NAT
environment. Local IP addresses can be displayed by means of the program
ipmeprint.
notipme
qmail-smtpd will ignore detected local IP addresses included in
notipme. This has precedence over moreipme. moreipme, notipme
can be used in some configurations that involve network address
translation or port forwarding. It prevents a problem caused by an MX or
other mail routing directive instructing qmail to connect to itself
without realizing it's connecting to itself. When this happens, it
accepts the message, finds out where to deliver it to (itself), and
promptly reconnects to itself to deliver the message. Eventually, when
it has done this 20 or 30 times, it will give up and bounce the message,
but not before sucking up all of your CPU while it's happening.
It may also be useful in some configurations that have multiple qmail servers configured on different interfaces of the same system. qmail will normally refuse to deliver mail by SMTP to the machine it's running on, but with multiple copies of qmail, you may want to prevent this behavior.
Normally, qmail can detect what IP addresses refer to itself by getting a list of all network interfaces with IP addresses from the operating system. It uses this list to determine whether connecting to an address will cause it to connect to itself, and avoid the situation (it calls the perm_ambigmx() function, which prints the message:
Sorry. Although I'm listed as a best-preference MX or A for that host, it isn't in my control/locals file, so I don't treat it as local. (#5.4.6)
But in situations where the OS is not aware of all IP addresses that connect back to itself, this detection fails, causing the CPU-sucking phenomenon described above. This can happen if there is a network address translation device in front of the qmail server, such as a load-balancer or a router which allows you to share one IP address among several machines; if there is a port forwarder forwarding connections from some other machine to the SMTP server on the qmail server; or in configurations where a "dumb" mailserver is configured to use your qmail server as a "smarthost", delivering all mail to it without inspection.
To solve this, other IP addresses which will ultimately connect back to your machine can be added to the file moreipme, one per line. qmail will treat all addresses in this file exactly as if they were local, and if it finds an MX record or other mail routing information which would cause it to connect to any of these addresses, it will call perm_ambigmx(), and print the above error message.
Additionally, IP addresses which the system detects but which should *not* be treated as local can be removed from qmail's ipme list by adding them to the file notipme.
notipme takes precedence over moreipme. In other words, addresses that appear in both moreipme and otipme will not be considered local.
You can run the program ipmeprint to see what interfaces qmail is detecting or finds in moreipme.
morercpthosts
Extra allowed RCPT domains. If rcpthosts and morercpthosts both
exist, morercpthosts is effectively appended to rcpthosts.
You must run /usr/sbin/qmail-cdb on morercpthosts whenever it changes.
Rule of thumb for large sites: Put your 50 most commonly used domains into rcpthosts, and the rest into morercpthosts.
nodnscheck
DNS checks are bypassed for domain part of sender addresses (MAIL FROM)
and helo domain included in this control file. Addresses can be
expressed individually and/or for a domain:
god@heaven.af.mil
@heaven.af.mil
If the environment variable NODNSCHECK is set, qmail-smtpd will ignore nodnscheck DNS check will not be carried for MAIL, EHLO or HELO commands. A line in nodnschecks may be of the form **@**host, meaning every address at host. **@**host is also applicable for argument given to HELO or EHLO command.
rcpthosts
Allowed RCPT domains. If *rcpthosts is supplied, *qmail-smtpd will
reject any envelope recipient address with a domain not listed in
rcpthosts.
Exception: If the environment variable RELAYCLIENT is set, qmail-smtpd will ignore rcpthosts, and will append the value of RELAYCLIENT to each incoming recipient address.
rcpthosts may include wildcards:
heaven.af.mil
.heaven.af.mil
Envelope recipient addresses without @ signs are always allowed through.
etrnhosts
domain names for which ETRN is allowed. Delivery for these domains
should should be set to the Maildir
/var/indimail/autoturn/domain_name/Maildir where domain_name is the name
of the domain.
relayclients
IP addresses of clients allowed to relay mail through this host. Each
address should be followed by a colon and an (optional) string that
should be appended to each incoming recipient address, just as with the
RELAYCLIENT environment variable. Nearly always, the optional string
should be null. The filename can be overridden by the environment
variable RELAYCLIENTS.
Addresses in relayclients may be wildcarded:
192.168.0.1:
192.168.1.:
EE
relaydomains
Host and domain names allowed to relay mail through this host.
Each address should be followed by a colon and an (optional) string
that should be appended to each incoming recipient address, just as
with the RELAYCLIENT environment variable. Nearly always, the
optional string should be null.
Addresses in relaydomains may be wildcarded:
heaven.af.mil:
.heaven.af.mil:
relaymailfrom
envelope senders (MAIL FROM) listed in this file will be allowed to
relay independently of the $RELAYCLIENT environment variable. Entries
in *relaymailfrom * can be E-Mail addresses, or just the domain (with
the @ sign). Unlike relaydomains native addresses should be entered. A
line in relaymailfrom may be of the form **@**host, meaning every
address at host. relaymailfrom can also be in cdb format. If
relaymailfrom.cdb is present, it will be searched first. Examples:
joeblow@domain1.com
@domain2.com
recipients
List of external resources providing acceptable, full-qualified envelope
addresses ('RCPT to: <recip@domain>') to be used for recipient
verification during the SMTP session.
The external sources can be either fastforward compliant cdbs including the envelope addresses, where the path to a cdb has to be referenced relative to /etc/indimail directory - or - checkpassword compatible Plugable Address Verificaiton Modules (PAVM), receiving the envelope address on FD 3 as 'recip@domain\0\0\0' and returning '0' in case of success and '1' in case of failure. The use of a PAVM is indicated with a delimiting '|' and the program following '|' will be called along with addition parameters if given; while a cdb follows a ':', which can be omitted.
The list of external sources is consulted line-by-line for each recipient envelope address until the first positive answer, or a final negative response is encountered. Which external source to be queried, depends on the domain part of the recipient envelope address specified on the left side of the recipients file, while the external resource is provided right from the delimiter.
The addresses' domain part is evaluted in lower-case.
-
An entry 'example.com' is used to match 'example.com' and in addition all subdomain addresses '*.example.com'; depending of course control/rcpthosts.
-
An entry '@example.com' serves as exact match for the domain address
-
The entry '*' will match all domains for the cdb or pam lookup.
-
Reversely, domains flagged as '!domain.com' are not queried and all recipients for this domain are accepted.
-
Additionally, a '!*' can be used as wildcard for all domains not encountered before in recipients (pass-thru).
A recipients file is always constructed like 'domain:cdb', 'domain|pam', or simply 'cdb':
!nocheck.com
@mydomain.com:users/recipients.cdb
example.com|ldap_pam ldapserver host port DN passwd
*:control/fastforward.cdb
*|ldap_pam otherserver
!*
Legacy format:
recipients.cdb
etc/fastforward.cdb
NOTE: Particular domains starting with a '!' or a '@' should be placed in the beginning of the recipients control file for performance reasons, while the pass-thru statement '!*' has to be on the last line. The recipients check is applied after the rcpthosts evaluation.
qmail-cdb may be used to construct recipients.cdb from recipients in the /etc/indimail/users directory.
The qmail-smtpd recipients mechanism supports qmail's address extension (VERP). Unqualified envelope recipients are appended with '@localhost'.
batvkey
Key for Bounce Address Tag Validation (BATV) signing. The filename can
be overridden by the environment variable BATVKEY.
batvkeystale
Validity period in days of the BATV signing key after which the key will
be considered Stale. The validity period can be overridden by setting
the environment variable BATVKEYSTALE.
batvnosignremote
Exclusions of remote hosts for Bounce Address Tag Validation (BATV) that
do not work with signed addresses. The filename can be overridden by the
environment variable BATVNOSIGNREMOTE.
batvnosignlocals
Exclusions of hosts for Bounce Address Tag Validation (BATV) that do not
work with signed addresses. If you want to skip BATV validiation for any
host in locals or rcpthosts, you need to put them here. The filename can
be overridden by the environment variable BATVNOSIGNLOCALS.
smtpgreeting
SMTP greeting message. Default: me, if that is supplied; otherwise
qmail-smtpd will refuse to run. The first word of smtpgreeting
should be the current host's name. The first line of greeting includes
version, revision and local date and time. You can disable printing of
version, revision and local date and time by setting
DISABLE_EXTRA_GREET environment variable.
tarpitcount
tarpitcount ist the number of RPCT TO: qmail-smtpd accepts before it
starts tarpitting. Default: 0 which means no tarpitting. The environment
variable TARPITCOUNT can be used instead.
tarpitdelay
tarpitdelay is the time in seconds of delay to be introduced after each
subsequent RCPT TO:. Default: 5. The environment variable
TARPITDELAY can be used instead.
timeoutsmtpd
Number of seconds qmail-smtpd will wait for each new buffer of data
from the remote SMTP client. Default: 1200.
timeoutread
Number of seconds qmail-smtpd will wait for each new buffer of data
from inlookup for fifo query. Default: 4.
timeoutwrite
Number of seconds qmail-smtpd will wait for writing data to inlookup
for fifo query. Default: 4.
spfbehavior
Set to a value between 1 and 6 to enable SPF checks; 0 to disable. The contents of this file are overridden by the value of the SPFBEHAVIOR environment variable, if set. e.g. from tcpserver rules or setting it in the supervise variables directory.
Values bigger than 3 are strongly discouraged, you probably want to go with 2 or 3.
Note: If RELAYCLIENT is set, SPF checks won't run at all. (This also includes SMTP-AUTH and similar patches)
disable spf check
[step]
select 'annotate-only' mode, where qmail-smtpd will annotate incoming email with Received-SPF fields, but will not reject any messages.[step]
produce temporary failures on DNS lookup problems so you can make sure you always have meaningful Received-SPF headers.[step]
select 'reject' mode, where incoming mail will be rejected if the SPF record says 'fail'.[step]
select a more stricter rejection mode, which is like 'reject' mode, except that incoming mail will also be rejected when the SPF record says 'softfail'.[step]
reject when the SPF record says 'neutral'[step]
reject if no SPF records are available at all (or a syntax error was encountered).
spfexp
You can add a line with a an SPF explanation that will be shown to the
sender in case of a reject. It will override the default one. You can
use SPF macro expansions. If a domain specifies its own explanation it
is going to be used instead. You can override the spfexp filename by
setting SPFEXP environment variable.
The SMTP answer when rejecting mails will look like:
550 the expanded SPF explanation (#5.7.1)
spfguess
You can add a line with SPF rules that will be checked if a sender
domain doesn't have a SPF record. The local spfrules are always executed
afterwards.
It is suggested to add a/24 mx/24 ptr. This isn't needed but generally gives good results (for spam filters scoring Received-SPF lines). You can override the spfguess filename by setting SPFGUESS environment variable.
spfrules
Local rules means: Rules that are executed before the real SPF rules for
a domain would fail (fail, softfail, neutral). This can be used to
always allow certain machines to send certain mails. You can override
spfrules filename by setting SPFRULES environment variable.
They are also executed for domains that don't publish SPF entries. It is suggested to add include:spf.trusted-forwarder.org. You can also add mechanisms to trust known mail servers like backup MX servers, though you should at least also use tcprules (to modify SPFBEHAVIOR).
spfipv6
You can turn on spf for ipv6 connections by setting to value 1; 0 to
disable. You can override this control file with environment variable
USE_SPFIPV6.
bouncesubject, doublebouncesubject
The subject which will be used for bounce messages and double bounce
messages. Default: failure notice
bouncemessage, doublebouncemessage
The text which will be used for bounce messages and double bounce
messages. Default: QSBMF
chkrcptdomains
If CHECKRECIPIENT environment variable is defined, user status check
will be carried out for addresses listed in this file. A line in
chkrcptdomains may be of the form **@**host, meaning every address
at host. chkrcptdomains can also be in cdb format. if
chkrcptdomains.cdb file is present, it will be searched first.
chkrcptdomains.cdb can be built using qmail-cdb(8). You can
set QREGEX environment variable to 0 or 1 if you want to use
wildcard or regex patterns for addresses in chkrcptdomains.
Default: All domains listed in rcpthosts are checked if CHECKRECIPIENT is defined and this control file is absent. If the CUGMAIL environment variable is defined, mails will be accepted only from local domains (defined in rcpthosts). Also the users will be required to be active and have privileges to use SMTP.
domainqueue
Specific queue can be assigned to recipient domains. The format of this
file is of the form
domain:QUEUEDIR=queue_dir
where domain is the recipient domain and queue_dir is any queue which is part of indimail's queue collection. You could also specify a set of queues for a domain.
domain:QUEUE_COUNT=5,QUEUE_START=6,QUEUE_BASE=/var/indimail/queue
specifies that any emails to *@domain be queued in /var/indimail/queue/queue[6,7,8,9,10]. You can use domainqueue to queue mails for certain domains into specific domains and specify individual concurrencies for these queues (see qmail-send(8)). e.g. having
yahoo.com:QUEUEDIR=/var/indimail/queue/queue6 in /etc/indimail/control/domainqueue and
10 in /etc/indimail/control/concurrencyr.queue6
will set 10 as the remote concurrency for all emails sent to yahoo.com
from.envrules
Specific environment variables can be set for specific senders. The
format of this file is of the form
pat:envar1=val,envar2=val,...]
where pat is a regular expression which matches a sender. envar1, envar2 are list of environment variables to be set. If val is omitted, the environment variable is unset.
The name of the control file can be overridden by the environment variable FROMRULES.
Example: answerme@save*:DATABYTES=2000000, MAXRECIPIENT=2,QMAILQUEUE= :BADRCPTTO=mybadrcptto
first line sets databytes 2000000 bytes, max no of recipients in rcptto to two for the sender answerme@saveme.com and unsets QMAILQUEUE environment variable. If there are multiple lines for a pattern, all lines are applied. However if an environment variable is being set in multiple lines, the last rule takes precedence. The environment variable QREGEX can be set to use wildcard or regular expressions for matching pat instead of the internal wildmat function. The second line gets applied for null senders.
auth.envrules
Specific environment variables can be set for clients who have
RELAYCLIENT set or authenticate using SMTP AUTH. These environment
variables are available for qmail-queue(8). The format of this file
is of the form
<>:envar1=val,envar2=val,...]
envar1, envar2 are list of environment variables to be set. If val is omitted, the environment variable is unset.
The name of the control file can be overridden by the environment variable AUTHRULES.
The following list of environment variables can be modified using envrules ACCESSLIST, AUTH_ALL, BADEXT, BADEXTPATTERNS, BADMAILFROM, BADMAILFROMPATTERNS, BADRCPTTO, BADRCPTPATTERNS, BATVKEY, BATVKEYSTALE, BLACKHOLEDSENDER, BLACKHOLEDPATTERNS, BLACKHOLEDRCPT, BLACKHOLEDRCPTPATTERNS, BODYCHECK, CHECKRECIPIENT, CHECKRELAY, CONTROLDIR, CLIENTCA, DATABYTES, DKIMEXPIRE, DKIMIDENTITY, DKIMPRACTICE, DKIMSIGN, DKIMQUEUE, DKIMVERIFY, DNSBLLIST, DOMAINQUEUE. ENVHEADERS, ERROR_FD, EXTRAQUEUE, FILTERARGS, GOODRCPTTO, GOODRCPTPATTERNS, HOSTACCESS, LOGHEADERS, LOGHEADERFD, LOGFILTER, MAILARCHIVE, MAKESEEKABLE, MAXRECIPIENTS, MIN_FREE, PASSWORD_HASH, PLUGINDIR, QHPSI, QHPSIMINSIZE, QHPSIMAXSIZE, QHPSIRC, QHPSIRN, QQEH, QREGEX, QUARANTINE, QUEUE_BASE, QUEUE_COUNT, QUEUE_START, QUEUE_PLUGIN, QMAILQUEUE, QUEUEDIR, QUEUEPROG, REJECTSPAM, REMOVEHEADERS, SCANCMD, SERVERCERT, SIGNATUREDOMAINS, SKIPDNSBLLIST, NOSIGNATUREDOMAINS, SIGNATURES, SIGN_PRACTICE SPAMEXITCODE, SPAMFILTERARGS, SPAMIGNORE, SPAMIGNOREPATTERNS, SPAMREDIRECT, SPFBEHAVIOR, TARPITCOUNT, TARPITDELAY, TCPPARANOID, TLS_CIPHER_LIST, TLS_CIPHER_SUITE, TMPDIR, USE_FSYNC, USE_SPFIPV6, VIRUSCHECK, and VIRUSFORWARD
Example:
answerme@save*:DATABYTES=2000000, MAXRECIPIENT=2,QMAILQUEUE=
answerme@save*:DATABYTES=4000000
DATABYTES gets set to 4 MB in for any email matching answerme@save*
qmail-smtpd has ability to load plugins from the plugins directory. This is done by using dlopen(3) on smtpd-plugin.so. The plugin file can be changed by setting environment variable SMTP_PLUGIN. After loading the plugin, the function plugin_init() is executed. The function to be executed can be changed by setting environment variable SMTP_PLUGIN_SYM. The function plugin_init() should return a PLUGIN structure (see plugin_init(3) for details). The PLUGIN structure returns pointer to three functions to be executed in the MAIL FROM, RCPT and DATA phase of SMTP. You can disable the loading of plugins by setting DISABLE_PLUGIN environment variable.
By default qmail-smtpd looks for plugins in /usr/lib/indimail/plugins directory. You can change this by defining PLUGINDIR environment variable. You can also load multiple plugins by creating smtpd-plugin0.so, smtpd-plugin1.so, and so on. You can also test the plugins using the plugtest(1) command.
qmail-smtpd can load an external library to add functionality. The virtual package can be loaded by setting the environment variable VIRTUAL_PKG_LIB or by using the control file libindimail. The value in libindimail is set to libindimail.so by default.
Following functions should be provided by the shared library parse_function(), vshow_atrn_map(), atrn_access(), iopen(), iclose(), sql_getpw(), get_real_domain()
qmail-smtpd has the ability to greylist incoming mails. Subject to the environment variable GREYIP being set, greylist checks are made for incoming SMTP connections prior to accepting messages.
"Full" greylisting is implemented, meaning that the connecting IP address, envelope sender and envelope recipient form the triplet that is checked.
qmail-greyd is used by qmail-smtpd to carry out these checks; qmail-smtpd communicates with qmail-greyd using UDP. To enable greylisting the environment variable GREYIP is used. For the default values (loopback address 127.0.0.1, port 19999 use,
GREYIP="127.0.0.1@1999"
Alternatively a different IP address and/or port can be specified as in these examples,
GREYIP="192.168.1.50"
GREYIP="::1@1999"
GREYIP="192.168.1.33@1999"
Exception: If the environment variable RELAYCLIENT is set (see details on this above), greylisting does not occur.
Greylisting may be explicitly disabled by setting GREYIP to an empty string,
GREYIP=""
Clearly qmail-greyd must be available to respond to greylisting queries. If the GREYIP address/port is unavailable and the system detects this - perhaps via an ICMP 'unreachable' type response - the SMTP session aborts with a temporary error when the greylisting check occurs; the errno string is logged to help troubleshooting (typically qmail-greyd isn't running or is blocked by firewall rules). Otherwise if there is no response a timeout occurs, producing the same temporary error but without further logging detail.
The environment variable VIRUSCHECK can be set to one of the 7 values given below for scanning MS viruses which affect vulnerable Operating Systems. Virus scanning is not handled by qmail-smtpd(8). It is done by qmail-multi(8), which uses qscanq(8) to extract the attachments in a temporary work directory and run a suitable virus scanner like clamdscan(1). qscanq(8) also handles the check for prohibited filename extensions.
1. Internal virus scanner (via signatures control file) 2. Internal+External (qscanq) virus scanner 3. Internal virus scanner and checking mime for prohibited filename extensions (qscanq) 4. Internal+External(qscanq) virus scanner and checking mime for prohibited filename extensions 5. External(qscanq) virus scanner and checking mime for prohibited filename extensions 6. External virus scanner (via qscanq) 7. Check for prohibited filename extensions (qscanq)
Following is the list of errors printed by qmail-smtpd. See rfc-1893(5) for an explanation of the error codes in parentheses.
"421 too many invalid addresses, goodbye (#4.7.1)" "450 atrn service unavailable (#5.7.1)" "450 try again later (#4.3.0)" "451 communication with mail server failed (#4.4.2)" "451 connection to mail server rejected (#4.4.1)" "451 connection to mail server timed out (#4.4.1)" "451 mail server temporarily rejected message (#4.3.0)" "451 qq crashed (#4.3.0)" "451 qq internal bug (#4.3.0)" "451 qq out of memory (#4.3.0)" "451 qq read error (#4.3.0)" "451 qq temporary problem (#4.3.0)" "451 qq timeout (#4.3.0)" "451 qq trouble creating files in queue (#4.3.0)" "451 qq trouble creating pipes (#4.3.0)" "451 qq trouble creating temporary files (#4.3.0)" "451 qq trouble getting uids/gids (#4.3.0)" "451 qq trouble in home directory (#4.3.0)" "451 qq trouble making network connection (#4.3.0)" "451 qq unable to read configuration (#4.3.0)" "451 qq unable to run QHPSI scanner (#4.3.0)" "451 qq waitpid surprise (#4.3.0)" "451 qq write error or disk full (#4.3.0)" "451 Requested action aborted: Bare LF received. (#4.6.0)" "451 Requested action aborted: child won't start and I can't auth (#4.3.0)" "451 Requested action aborted: database error (#4.3.2)" "451 Requested action aborted: DNS temporary failure (#4.4.3)" "451 Requested action aborted: out of memory (#4.3.0)" "451 Requested action aborted: problem with child and I can't auth (#4.3.0)" "451 Requested action aborted: qqt failure (#4.3.0)" "451 Requested action aborted: timeout (#4.4.2)" "451 Requested action aborted: unable to create temporary files (#4.3.0)" "451 Requested action aborted: unable to figure out my IP addresses (#4.3.0)" "451 Requested action aborted: unable to open pipe and I can't auth (#4.3.0)" "451 Requested action aborted: unable to read controls (#4.3.0)" "451 Requested action aborted: unable to write pipe and I can't auth (#4.3.0)" "451 SPF lookup failure (#4.3.0)" "451 temporary problem with SPAM filter (#4.3.0)" "451 unable to accept non-FQDN HELO (#4.3.0)" "451 unable to exec filter (#4.3.0)" "451 unable to exec qq (#4.3.0)" "451 unable to fork filter (#4.3.0)" "451 Unable to queue messages (#4.3.0)" "451 greylist temporary failure - Timeout (#4.3.0)" "451 greylist temporary failure (#4.3.0)" "451 failed to decode srs address (#4.3.0)" "451 unable to decode SRS address (#4.3.5)" "501 auth exchange cancelled (#5.0.0)" "501 invalid parameter syntax (#5.3.2)" "501 malformed auth input (#5.5.4)" "501 Syntax error (no parameters allowed) (#5.5.4)" "502 unimplemented (#5.5.1)" "503 auth not available (#5.3.3)" "503 bad sequence of commands (#5.3.2)" "503 MAIL first (#5.5.1)" "503 Polite people say hello first (#5.5.4)" "503 RCPT first (#5.5.1)" "503 you're already authenticated (#5.5.0)" "504 auth type unimplemented (#5.5.1)" "530 authentication required (#5.7.1)" "530 authentication required for local users (#5.7.1)" "535 authorization failed (#5.7.1)" "550 we don't relay (#5.7.1)" "552 sorry, that message size exceeds my databytes limit (#5.3.4)" "552-we don't accept email with the below content (#5.3.4)" "553 atrn service unavailable (#5.7.1)" "553 Bad sender's system address (#5.1.8)" "553 SMTP Access denied (#5.7.1)" "553 sorry, bounce messages should have a single envelope recipient (#5.7.1)" "553 sorry, helo domain must exist (#5.1.8)" "553 sorry, sites access list denies transaction (#5.7.1)" "553 sorry, that domain isn't allowed to be relayed thru this MTA without authentication " "553 sorry, the given command is t00 long! (#5.5.2)" "553 sorry, this MTA does not accept masquerading/forging " "553 sorry, your envelope recipient has been denied (#5.7.1)" "553 sorry, your envelope sender has been denied (#5.7.1)" "553 sorry, your HELO/EHLO greeting is in my badhelo list (#5.7.1)" "553 sorry, your host has been denied (#5.7.1)" "554 envelope address too long for qq (#5.1.3)" "554 mail server permanently rejected message (#5.3.0)" "554 Message contains banned attachment (#5.7.1)" "554 Message contains virus (#5.7.1)" "554 qq permanent problem (#5.3.0)" "554 SPAM or junk mail threshold exceeded (#5.7.1)" "554 too many hops, this message is looping (#5.4.6)" "554 SMTP protocol violation. Polite people say hello after the server greets them (#5.7.1)" "555 syntax error in address (#5.1.3)" "553 Not our message (#5.7.1)" "553 message format wrong (#5.7.1)" "553 message expired (#5.7.1)" "557 sorry, too many recipients (#5.7.1)"
https://github.com/indimail/indimail-mta/wiki/0-IndiMail-Wiki mysqld(1) tcp-env(1), tcp-environ(5), tcpserver(1), tcprules(1), uacl(1), indimail-control(5), MCDFILE(5) qmail-inject(8), qmail-cdb(8), qmail-queue(8), qmail-multi(8), qscanq(8), cleanq(8), qmail-remote(8), qmail-send(8), pam-multi(8), spfquery(1), pam-checkpwd(8) inlookup(8), batv(1), vchkpass(8), systpass(8) plugin_init(3), dlopen(3) plugtest(1), bogofilter(1), greydaemon(8), qmail-greyd(8), indimail-srs(5), rfc-2821(5) rfc-1893(5) rfc-1894(5) rfc-1985(5) rfc-2645(5) rfc-1321(5) rfc-822(5) rfc-2104(5) rfc-2476(5)