smtp 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265
  1. .TH SMTP 8
  2. .SH NAME
  3. smtp, smtpd \- mail transport
  4. .SH SYNOPSIS
  5. .in +0.5i
  6. .ti -0.5i
  7. .B upas/smtp
  8. [
  9. .B -aAdfiops
  10. ] [
  11. .B -b
  12. .I busted-mx
  13. ] ... [
  14. .B -g
  15. .I gateway
  16. ] [
  17. .B -h
  18. .I host
  19. ] [
  20. .B -u
  21. .I user
  22. ] [
  23. .BI . domain
  24. ]
  25. .I destaddr
  26. .I sender
  27. .I rcpt-list
  28. .in -0.5i
  29. .PP
  30. .in +0.5i
  31. .ti -0.5i
  32. .B upas/smtpd
  33. [
  34. .B -adDfrg
  35. ] [
  36. .B -c
  37. .I certfile
  38. ] [
  39. .B -h
  40. .I mydom
  41. ] [
  42. .B -k
  43. .I evilipaddr
  44. ] [
  45. .B -m
  46. .I mailer
  47. ] [
  48. .B -n
  49. .I netdir
  50. ]
  51. .in -0.5i
  52. .SH DESCRIPTION
  53. .I Smtp
  54. sends the mail message from standard input
  55. to the users
  56. .I rcpt-list
  57. on the host at network address
  58. .I address
  59. using the Simple Mail Transfer Protocol.
  60. The options are:
  61. .TF -
  62. .PD
  63. .TP
  64. .B -a
  65. if the server supports PLAIN or LOGIN authentication,
  66. authenticate to the server using a password from
  67. .IR factotum (4).
  68. See RFCs 3207 and 2554.
  69. This option implies
  70. .BR -s .
  71. .TP
  72. .B -A
  73. autistic server: don't wait for an SMTP greeting banner
  74. but immediately send a
  75. .L NOOP
  76. command to provoke the server into responding.
  77. .TP
  78. .B -b
  79. ignore
  80. .I busted-mx
  81. when trying MX hosts.
  82. May be repeated.
  83. .TP
  84. .B -d
  85. turn on debugging to standard error.
  86. .TP
  87. .B -f
  88. just filter the converted message to standard
  89. output rather than sending it.
  90. .TP
  91. .B -g
  92. makes
  93. .I gateway
  94. the system to pass the message to if
  95. .I smtp
  96. can't find an address nor MX entry for the destination system.
  97. .TP
  98. .B -h
  99. use
  100. .I host
  101. as the local system name;
  102. it may be fully-qualified or not. If not
  103. specified, it will default to the contents of
  104. .BR /dev/sysname .
  105. .TP
  106. .B -i
  107. under
  108. .BR -a ,
  109. authenticate even if we can't start TLS.
  110. .TP
  111. .B -o
  112. under
  113. .BR -s ,
  114. use TLS even if we don't know the remote system.
  115. .TP
  116. .B -p
  117. ping: just verify that the users named in the
  118. .I rcpt-list
  119. are valid users at
  120. .IR destaddr ;
  121. don't send any mail.
  122. .TP
  123. .B -s
  124. if the server supports the ESMTP extension to use TLS encryption, turn it on for
  125. this session. See RFC3207 for details.
  126. .TP
  127. .B -u
  128. specify a user name to be used in authentication. The default name is
  129. the current login id.
  130. .PD
  131. .PP
  132. Finally if
  133. .I .domain
  134. is given, it is appended to the end of any unqualified system names
  135. in the envelope or header.
  136. .
  137. .PP
  138. .I Smtpd
  139. receives a message using the Simple Mail Transfer Protocol.
  140. Standard input and output are the protocol connection.
  141. SMTP authentication by
  142. .I login
  143. and
  144. .I cram-md5
  145. protocols is supported; authenticated connections are permitted to relay.
  146. .PP
  147. The options are:
  148. .TF -
  149. .PD
  150. .TP
  151. .B -a
  152. requires that all clients authenticate to be able to send mail.
  153. .TP
  154. .B -c
  155. specifies a certificate to use for TLS. Without this
  156. option, the capability to start TLS will not be advertised.
  157. .TP
  158. .B -d
  159. turns on debugging output,
  160. with each connection's output going to a uniquely-named file in
  161. .BR /sys/log/smtpdb .
  162. .TP
  163. .B -D
  164. sleeps for 15 seconds usually at the start of the SMTP dialogue;
  165. this deters some spammers.
  166. Connections from Class A networks frequented by spammers will incur
  167. a longer delay.
  168. .TP
  169. .B -f
  170. prevents relaying from non-trusted networks.
  171. It also tags messages from non-trusted sites when they deliver mail
  172. from an address in a domain we believe we represent.
  173. .TP
  174. .B -g
  175. turns on grey/white list processing. All mail is rejected (with a
  176. retry code) unless the sender's IP address is on the whitelist,
  177. .BR /mail/grey/whitelist ,
  178. an append only file.
  179. Addresses can be added to the whitelist by the administrator. However,
  180. the usual way for addresses to be added is by
  181. .I smtpd
  182. itself.
  183. Whenever a message is received and the sender's address isn't on the whitelist,
  184. .I smtpd
  185. first looks for the file
  186. .BI /mail\%/grey\%/tmp\%/\| local\% /\| remote\% /\| recipient\fP,
  187. where
  188. .I local
  189. and
  190. .I remote
  191. are IP addresses of the local and remote systems, respectively.
  192. If it exists and was created more than a few minutes go,
  193. the remote address is added to the whitelist.
  194. If not, the file is created and the mail is rejected with a `try again' code.
  195. The expectation is that spammers will not retry for more than a few minutes
  196. and that others will.
  197. .TP
  198. .B -h
  199. specifies the receiving domain. If this flag is not specified, the
  200. receiving domain is inferred from the host name.
  201. .TP
  202. .B -k
  203. causes connections from the host at
  204. the IP address,
  205. .IR evilipaddr ,
  206. to be dropped at program startup. Multiple addresses
  207. can be specified with several
  208. .B -k
  209. options. This option should be used carefully;
  210. it is intended to lessen the effects of denial of
  211. service attacks or broken mailers which continually
  212. connect. The connections are not logged and the
  213. remote system is not notified via the protocol.
  214. .TP
  215. .B -m
  216. set the
  217. .I mailer
  218. to which
  219. .I smtpd
  220. passes a received message.
  221. The default is
  222. .BR /bin/upas/send .
  223. .TP
  224. .B -n
  225. specifies the name of the network directory assigned to the incoming connection.
  226. This is used to determine the peer IP address. If this flag is not
  227. specified, the peer address is determined using standard input.
  228. .TP
  229. .B -p
  230. permits clients to authenticate using protocols which transfer
  231. the password in the clear, e.g.
  232. .I login
  233. protocol. This should only be used if the connection has
  234. previously encrypted using e.g.
  235. .IR tlssrv (8).
  236. .TP
  237. .B -r
  238. turns on forward DNS validation of non-trusted sender address.
  239. .TP
  240. .B -s
  241. causes copies of blocked messages to be saved in a sub-directory of
  242. .BR /mail/queue.dump .
  243. .PP
  244. .I Smtpd
  245. is normally run by a network listener such as
  246. .IR listen (8).
  247. Most of the command line options are more conveniently
  248. specified in the smtpd configuration file stored in
  249. .BR /mail/lib/smtpd.conf .
  250. .SH SOURCE
  251. .TP
  252. .B /sys/src/cmd/upas/smtp
  253. .SH "SEE ALSO"
  254. .IR aliasmail (8),
  255. .IR faces (1),
  256. .IR filter (1),
  257. .IR mail (1),
  258. .IR marshal (1),
  259. .IR mlmgr (1),
  260. .IR nedmail (1),
  261. .IR qer (8),
  262. .IR rewrite (6),
  263. .IR send (8),
  264. .IR tlssrv (8),
  265. .IR upasfs (4)