OpenBSD manual page server
SMTPD(8) OpenBSD System Manager's Manual SMTPD(8)
smtpd - Obtuse Systems SMTPD message storing daemon
smtpd [-HPDLq] [-c chrootdir] [-d spooldir] [-u user] [-g group] [-m
myname] [-s maxsize] [-l listenip] [-p listenport] [-i pidfile]
smtpd talks the Simple Mail Transfer Protocol (SMTP) with other SMTP dae-
mons to receive mail from them and saves it into a spool directory for
later processing. It is the store portion of an SMTP store and forward
proxy. The symbiotic companion program smtpfwdd(8) is used to forward
the spooled mail on to its eventual destination. smtpd is normally in-
voked from a super-server such as inetd(8).
The options are as follows:
Specify a different chrootdir directory to chroot into on start-
up. The default is /var/spool/smtpd. This directory should be
readable and writable only to the user that smtpd runs as.
Specify a different spool directory within the chrooted subtree.
The default is ``.'', making smtpd spool files to the directory
it chroots itself to.
-D Tells smtpd to run as a daemon, listening on port 25. The de-
fault is not to run as a daemon.
Specify a group to run as.
-H Disable host checking against the DNS. By default, smtpd checks
and will complain in the syslogs if the DNS information for a
host seems to indicate a possible spoof or misconfiguration.
Specify a filename that smtpd should lock and write its PID to
when running as a daemon. Doesn't do anything if running from
inetd. Default PID file in daemon mode is /var/run/smtpd.pid on
BSD systems, or /usr/spool/smtpd/smtpd.pid on non-BSD systems.
Specify an IP address in dotted quad format for smtpd to accept
connections to. In daemon mode this limits the address that smt-
pd listens on. In inetd mode, smtpd will issue a 521 error code
and exit if connected to an address other than the specified one.
By default, smtpd accepts a connection no matter what address it
is connected to.
-L Suppress children in daemon mode (above) from doing an openlog()
call. This means your syslogs won't have PID information, but is
useful if you don't want to have to set up your chroot jail for
smtpd in a manner that an openlog() call will work in it.
Specify myname, the hostname the daemon should announce itself
as. The default is whatever gethostname() returns.
Specify a decimal port number for smtpd to listen when running as
a daemon. Doesn't do anything if running from inetd.
-P Enable paranoid mode of operation. In this mode connections are
dropped from any client feeding smtpd a suspicious hostname,
FROM: or RCPT: lines containing characters indicative of an at-
tempt to do something evil, or any message headers that aren't
8-bit clean. The default is to log such occurrences and substi-
tute for the offending characters, but not drop the connection.
-q Tell smtpd to be quieter. By default, smtpd emits very verbose
syslog messages. With this option it will emit one line of log
for each normal message exchange.
Specify maxsize, the maximum size (in bytes) of mail message the
daemon should accept. The default is not to have a maximum size.
Specify a user to run as. This user must not be root but should
be a user that is able to run sendmail and use the -f option to
specify the sender of a mail message.
The address checking file is normally etc/smtpd_check_rules, within the
The address check file, when enabled, is read for each RCPT line in the
SMTP dialogue. Each rule is checked with the current source (SMTP client
machine and possibly user from ident) and the current ``FROM:'' and
inetd(8), sendmail(8), smtpfwdd(8)
/usr/share/smtpd - example configuration files.
http://www.obtuse.com/smtpd.html - more examples and rules file details.
Mistakes in /etc/smtpd_check_rules can discard legitimate mail and annoy
your users and other postmasters a very great deal! When combined with
custom return codes it is possible to write rules that completely break
the smtp protocol. It is important to test your rules out and be abso-
lutely sure they do exactly what you want and no more.
If sendmail(8) is not run as a daemon when using smtpd and smtpfwdd(8),
one must use cron to periodically invoke sendmail -q so that queued mes-
sages are retried for eventual delivery. Alternatively, sendmail(8) may
be run as a daemon, but configured not to listen to the network.
OpenBSD 3.2 December 10, 1997 2