|
@@ -24,10 +24,10 @@ smtp, smtpd \- mail transport
|
|
.PP
|
|
.PP
|
|
.B upas/smtpd
|
|
.B upas/smtpd
|
|
[
|
|
[
|
|
-.B -adfrg
|
|
|
|
|
|
+.B -adDfrg
|
|
][
|
|
][
|
|
-.B -n
|
|
|
|
-.I netdir
|
|
|
|
|
|
+.B -c
|
|
|
|
+.I certfile
|
|
][
|
|
][
|
|
.B -h
|
|
.B -h
|
|
.I mydom
|
|
.I mydom
|
|
@@ -35,11 +35,10 @@ smtp, smtpd \- mail transport
|
|
.B -k
|
|
.B -k
|
|
.I evilipaddr
|
|
.I evilipaddr
|
|
][
|
|
][
|
|
-.B -c
|
|
|
|
-.I certfile
|
|
|
|
|
|
+.B -n
|
|
|
|
+.I netdir
|
|
]
|
|
]
|
|
.SH DESCRIPTION
|
|
.SH DESCRIPTION
|
|
-.PP
|
|
|
|
.I Smtp
|
|
.I Smtp
|
|
sends the mail message from standard input
|
|
sends the mail message from standard input
|
|
to the users
|
|
to the users
|
|
@@ -103,11 +102,24 @@ protocols is supported; authenticated connections are permitted to relay.
|
|
.PP
|
|
.PP
|
|
The options are:
|
|
The options are:
|
|
.TP
|
|
.TP
|
|
|
|
+.B -a
|
|
|
|
+requires that all clients authenticate to be able to send mail.
|
|
|
|
+.TP
|
|
|
|
+.B -c
|
|
|
|
+specifies a certificate to use for TLS. Without this
|
|
|
|
+option, the capability to start TLS will not be advertised.
|
|
|
|
+.TP
|
|
.B -d
|
|
.B -d
|
|
turns on debugging output to standard error.
|
|
turns on debugging output to standard error.
|
|
.TP
|
|
.TP
|
|
-.B -r
|
|
|
|
-turns on forward DNS validation of non-trusted sender address.
|
|
|
|
|
|
+.B -D
|
|
|
|
+sleeps for 15 seconds at the start of the SMTP dialogue;
|
|
|
|
+this deters some spammers.
|
|
|
|
+.TP
|
|
|
|
+.B -f
|
|
|
|
+prevents relaying from non-trusted networks.
|
|
|
|
+It also tags messages from non-trusted sites when they deliver mail
|
|
|
|
+from an address in a domain we believe we represent.
|
|
.TP
|
|
.TP
|
|
.B -g
|
|
.B -g
|
|
turns on grey/white list processing. All mail is rejected (with a
|
|
turns on grey/white list processing. All mail is rejected (with a
|
|
@@ -127,24 +139,10 @@ not, the file is created and the mail is rejected with a `try again'
|
|
code. The expectation is that spammers will not retry and that others
|
|
code. The expectation is that spammers will not retry and that others
|
|
will.
|
|
will.
|
|
.TP
|
|
.TP
|
|
-.B -f
|
|
|
|
-prevents relaying from non-trusted networks.
|
|
|
|
-It also tags messages from non-trusted sites when they deliver mail
|
|
|
|
-from an address in a domain we believe we represent.
|
|
|
|
-.TP
|
|
|
|
-.B -n
|
|
|
|
-specifies the name of the network directory assigned to the incoming connection.
|
|
|
|
-This is used to determine the peer IP address. If this flag is not
|
|
|
|
-specified, the peer address is determined using standard input.
|
|
|
|
-.TP
|
|
|
|
.B -h
|
|
.B -h
|
|
specifies the receiving domain. If this flag is not specified, the
|
|
specifies the receiving domain. If this flag is not specified, the
|
|
receiving domain is inferred from the host name.
|
|
receiving domain is inferred from the host name.
|
|
.TP
|
|
.TP
|
|
-.B -s
|
|
|
|
-causes copies of blocked messages to be saved in a sub-directory of
|
|
|
|
-.BR /mail/queue.dump .
|
|
|
|
-.TP
|
|
|
|
.B -k
|
|
.B -k
|
|
causes connections from the host at
|
|
causes connections from the host at
|
|
the IP address,
|
|
the IP address,
|
|
@@ -158,12 +156,10 @@ service attacks or broken mailers which continually
|
|
connect. The connections are not logged and the
|
|
connect. The connections are not logged and the
|
|
remote system is not notified via the protocol.
|
|
remote system is not notified via the protocol.
|
|
.TP
|
|
.TP
|
|
-.B -c
|
|
|
|
-specifies a certificate to use for TLS. Without this
|
|
|
|
-option, the capability to start TLS will not be advertised.
|
|
|
|
-.TP
|
|
|
|
-.B -a
|
|
|
|
-requires that all clients authenticate to be able to send mail.
|
|
|
|
|
|
+.B -n
|
|
|
|
+specifies the name of the network directory assigned to the incoming connection.
|
|
|
|
+This is used to determine the peer IP address. If this flag is not
|
|
|
|
+specified, the peer address is determined using standard input.
|
|
.TP
|
|
.TP
|
|
.B -p
|
|
.B -p
|
|
permits clients to authenticate using protocols which transfer
|
|
permits clients to authenticate using protocols which transfer
|
|
@@ -172,6 +168,13 @@ the password in the clear, e.g.
|
|
protocol. This should only be used if the connection has
|
|
protocol. This should only be used if the connection has
|
|
previously encrypted using e.g.
|
|
previously encrypted using e.g.
|
|
.IR tlssrv (8).
|
|
.IR tlssrv (8).
|
|
|
|
+.TP
|
|
|
|
+.B -r
|
|
|
|
+turns on forward DNS validation of non-trusted sender address.
|
|
|
|
+.TP
|
|
|
|
+.B -s
|
|
|
|
+causes copies of blocked messages to be saved in a sub-directory of
|
|
|
|
+.BR /mail/queue.dump .
|
|
.PP
|
|
.PP
|
|
.I Smtpd
|
|
.I Smtpd
|
|
is normally run by a network listener such as
|
|
is normally run by a network listener such as
|