SYNOPSIS

qmail-smtpd

DESCRIPTION

qmail-smtpd receives mail messages via the Simple Mail Transfer Protocol (SMTP) and invokes qmail-queue to deposit them into the outgoing queue. qmail-smtpd must be supplied several environment variables; see tcp-environ(5).

qmail-smtpd is responsible for counting hops. It rejects any message with 100 or more Received or Delivered-To header fields.

qmail-smtpd supports ESMTP, including the 8BITMIME and PIPELINING options.

TRANSPARENCY

qmail-smtpd converts the SMTP newline convention into the UNIX newline convention by converting CR LF into LF. It returns a temporary error and drops the connection on bare LFs; see http://pobox.com/~djb/docs/smtplf.html.

qmail-smtpd accepts messages that contain long lines or non-ASCII characters, even though such messages violate the SMTP protocol.

CONTROL FILES

badmailfrom

Unacceptable envelope sender addresses. qmail-smtpd will reject every recipient address for a message if the envelope sender address is listed in badmailfrom. A line in badmailfrom may be of the form @host, meaning every address at host.

databytes

Maximum number of bytes allowed in a message, or 0 for no limit. Default: 0. If a message exceeds this limit, qmail-smtpd returns a permanent error code to the client; in contrast, if the disk is full or qmail-smtpd hits a resource limit, qmail-smtpd returns a temporary error code.

databytes counts bytes as stored on disk, not as transmitted through the network. It does not count the qmail-smtpd Received line, the qmail-queue Received line, or the envelope.

If the environment variable DATABYTES is set, it overrides databytes.

localiphost

Replacement host name for local IP addresses. Default: me, if that is supplied. qmail-smtpd is responsible for recognizing dotted-decimal addresses for the current host. When it sees a recipient address of the form box@[d.d.d.d], where d.d.d.d is a local IP address, it replaces [d.d.d.d] with localiphost. This is done before rcpthosts.

morercpthosts

Extra allowed RCPT domains. If rcpthosts and morercpthosts both exist, morercpthosts is effectively appended to rcpthosts.

You must run qmail-newmrh whenever morercpthosts changes.

Rule of thumb for large sites: Put your 50 most commonly used domains into rcpthosts, and the rest into morercpthosts.

rcpthosts

Allowed RCPT domains. If rcpthosts is supplied, qmail-smtpd will reject any envelope recipient address with a domain not listed in rcpthosts.

Exception: If the environment variable RELAYCLIENT is set, qmail-smtpd will ignore rcpthosts, and will append the value of RELAYCLIENT to each incoming recipient address.

rcpthosts may include wildcards:

   heaven.af.mil
   .heaven.af.mil

Envelope recipient addresses without @ signs are always allowed through.

smtpgreeting

SMTP greeting message. Default: me, if that is supplied; otherwise qmail-smtpd will refuse to run. The first word of smtpgreeting should be the current host's name.

timeoutsmtpd

Number of seconds qmail-smtpd will wait for each new buffer of data from the remote SMTP client. Default: 1200.

RECIPIENT VERIFICATION

Recipient verification is enabled with the VERIFY environment variable. This can be used to specify per-recipient rejection of invalid recipient addresses (immediate verification causing a permanent 550 error response to the RCPT command), or deferred rejection at DATA time (554 response) of the whole session if any recipient addresses don't exist.

To verify an address, qmail-smtpd uses a separate qmail-verify UDP server. By default this will be on the loopback address 127.0.0.1, port 11113. Enable verification like this,

   VERIFY=":"

   VERIFY="DEFER"

(for immediate, deferred verification respectively). A different IP address and/or port can be specified for qmail-verify as in these examples,

   VERIFY="192.168.1.1"
   VERIFY=":10101"
   VERIFY="DEFER,:10101"
   VERIFY="DEFER,192.168.1.1:10101"

Recipient verification may be explicitly disabled by setting VERIFY to an empty string,

   VERIFY=""

Addresses with domains appearing in control/rcpthosts but not in control/locals or control/virtualdomains will be considered valid, reflecting qmail's standard behaviour.

Note that if the environment variable RELAYCLIENT is set, no checking is carried out.

qmail-verify needs to be running to respond to recipient verification queries. If no qmail-verify response is received a temporary 451 error response is given to the remote system and the session terminated.