SMAILCONF(5) Local SMAILCONF(5)NAME
/etc/smail/config - smail global variables configuration
THE CONFIG FILE
The config file defines values for global variables used by smail.
Each entry in this file gives the name of a variable to be set and
defines a string, numeric or boolean value to give to that variable.
The recognised forms for entries in the config file are:
variable_name = string or number
or:
variable_name or +variable_name
or:
-variable_name
The first form above sets the variable to a string or numeric value,
the second form sets a boolean variable, and the last form un-sets a
boolean variable, clears a string value or sets a numeric value to
zero. The format of string and numeric values, comments, and the quot‐
ing and line continuation syntax is all described in the smail(5) man‐
ual page.
The following config file specifies a spool file mode of 0400, a maxi‐
mum message size of 200KB, a method directory of /usr/lib/smail/method
and disables use of a transport configuration:
# don't allow others to read spool files
spool_mode = 0400
# reject messages that are too large
max_message_size = 200k
# method files are stored in this directory
method_dir = /usr/lib/smail/method
# we are using the built in transport definitions,
# so don't bother looking for a transport file
-transport_file
The complete list of recognised attributes is given in the following
table, in alphabetic order. Note that the default values can be changed
when compiling the smail program.
allow_one_mx_target_cname_hack
type: boolean
default value: off
This flag controls whether or not we allow Smail to follow a single
CNAME alias hop when looking for the addresses of MX target hosts.
Note that only DNS replies where the A RR for the CNAME target is
also included in the answers section will be allowed. Smail does
not (and never ever did) actually go out and look for any missing A
records.
Note that no existing RFC gives even the slightest allowance for
this behaviour. All specifications are, and always have been, very
strict in saying that the target of an MX record MUST be a canoni‐
cal hostname and that the SMTP server MUST report unusable MX
records as errors.
auth_domains
type: string
default value: (none)
A colon-separated list of domain names for which this host is con‐
sidered authoritative. A host that is authoritative for a domain
has access to all routing information needed for that domain. The
primary purpose of this variable is to list domains that will not
be matched by the smarthost router driver.
auto_mkdir
type: boolean
default value: on
If set, then any directories required for spooling and logging will
be created if they do not exist. Smail will never try to create
required parent directories.
auto_mkdir_mode
type: integer
default value: 0755
When directories are created automatically by smail, they are cre‐
ated with this permissions mode mask. See stat(2) for information
on what this mode represents.
console
type: string
default value: /dev/console
The file name for the console device. This filename is used as a
last resort when attempting to write panic messages.
copying_file
type: string
default value: COPYING
The pathname to the COPYING file, which describes your distribution
rights and details the warranty information from the authors of
smail. If this does not begin with ``/'', it will be referenced
relative to the smail_lib_dir directory.
daemon_pidfile
type: string
default value: /var/mail/smail.pid
The pathname of the file in which the process-ID of the Smail dae‐
mon process. This pathname will normally be the proper default for
any given system, but if you have more than one daemon process run‐
ning on the same system you may want to make this value unique
amongst all instances. This file will normally be removed when the
daemon process exits, but this cannot happen in some circumstances
so care should be taken when using the contents of this file to
identify the daemon process.
date_field
type: string
default value:
Date: $spool_date
This string will be expanded to form the Date: header field in a
mail message. This will be used if such a field does not already
exist in the message headers.
delivery_grades
type: string
default value: (none)
The grades of message which will have delivery attempted immedi‐
ately. Other message grades (outside this range) will be queued
for later delivery. The runq_grades configuration variable simi‐
larly controls delivery of mail that is in the smail queue. If
queue_only is set or delivery_mode is set to queued, then deliv‐
ery_grades has no effect. The grade string is a simple range of
mail grades (see the definition of the grades configuration vari‐
able). Entries can be of the following forms:
delivery_grades="0-Z"
This allows immediate delivery of mail of grades ``0'' to ``Z''
(inclusive) (ie all other mail is queued for later delivery).
delivery_grades="C"
Only grade ``C'' (normally ``First-Class'') is immediately deliv‐
ered.
delivery_grades="C-"
The third form means that grade ``C'' or lower mail is delivered.
delivery_grades="-C"
The fourth form means that mail of grades ``C'' or above is immedi‐
ately delivered
delivery_grades="-"
delivery_grades=""
-delivery_grades
All grades are delivered immediately - this is the default.
delivery_mode
type: string
default value: background
The default mode of delivery for new mail. This can be one of the
values ``foreground'' (immediate delivery in the process that
received the message), ``background'' (immediate delivery in a
child process, where the process that received the message exits
immediately), or ``queued'' (do not attempt delivery until a later
queue run).
director_file
type: string
default value: directors
Names the file containing the director configuration information.
If this does not begin with ``/'', it will be referenced relative
to the smail_lib_dir directory.
domains
type: string
default value: uucp
Specifies the (mail) domains that this host is in. The first item
in the list is used with the hostname to make the primary_name
which is used as this machine's name in SMTP conversations etc.
error_copy_postmaster
type: boolean
default value: off
Copy the postmaster on all error messages. Normally only errors
that appear to be a result of administrator errors will be mailed
to the postmaster. If error_copy_postmaster is set, then errors
that are returned to the sender, or that are mailed to owners of
mailing lists, will also be sent to the postmaster.
fnlock_interval
type: number
default value: 3
The sleep interval between retries while attempting to lock mailbox
files with a lockfile-based locking protocol. On systems with one
second timer granularity, this value should be at least 2.
fnlock_mode
type: number
default value: 0666
Mailbox lock files are created with this mode.
fnlock_retries
type: number
default value: 0
The number of times to attempt to lock mailbox files using a file-
based locking protocol.
If your system doesn't have an atomic rename() call the default
value will be ``5''.
from_field
type: string
default value:
From: $sender${if def:sender_name: ($sender_name)}
This string will be expanded to form From: or Sender: header
fields. The expanded string must begin with ``From:'', which may
be replaced by other strings to form an actual header field.
grades
type: string
default value:
special-delivery:9:air-mail:A:first-class:C:bulk:a:junk:n
The priority, or grade, characters corresponding to particular val‐
ues of the Precedence: field in the message header. The parts of
the string are separated by colons (`:') with alternating prece‐
dence string and grade character. Numbers are higher in priority
than upper case letters which are in turn higher than lower case
letters. Also note that smaller numbers are higher in priority
than larger numbers, and the same goes for letters lower in the
alphabet. Grades in the range ``[a-m]'' will only have an error
message and header returned to the sender on errors, rather than
including the message body as well. Grades in the range ``[n-z]''
will not have anything returned to the sender on errors. The
precedence names recognised by many BSD sendmail configurations
are: special-delivery, first-class, and junk. Others are useful
mainly for getting mail out of the local machine or for communica‐
tion with other machines running Smail in a similar configuration.
The grade character for a message is available in string expansions
as the $grade variable.
hit_table_len
type: number
default value: 241
The length of an internal address hit table. Addresses are hashed
into this table to prevent multiple deliveries to the same address.
Longer tables speed address hashing at a small memory expense.
If your system does not have a a large virtual address space the
default value will be ``13''.
NOTE: This value may be ignored/deprecated in the future.
host_lock_timeout
type: interval
default value: 30s
Specify the timeout for locking a host's retry file for the purpose
of exclusive delivery to that host. If the file cannot be locked
within the specified time, then the message delivery is deferred
until a later queue run after the retry time expires on the retry
file. This timeout is in some ways like a short first-stage retry
time that will prevent an in-progress delivery by another Smail
process from causing this process to defer this message for an
entire full retry interval. You probably don't want to make this
value very large -- certainly it should be no longer than it will
take to deliver one message to a given destination.
Note that this timeout does not apply to runq processes attempting
to deliver deferred messages. A runq process will immediately go
on to another message (or other destination for the current message
if it has more than one) if the retry file needed for the current
message is already locked.
Remember Smail doesn't normally allow multiple simultaneous deliv‐
eries to occur to the same host (though in the case of SNMP and DNS
it's possible for a given host (i.e. machine answering at a given
IP number) to have more than one name, in which case Smail will
potentially connect to that machine once for every name it has.
A number given with no units suffix indicates the value is in sec‐
onds. Values can also be written as a sequence of numbers with
suffixes to indicate a time multiplier: `m' indicates minutes, `h'
indicates hours, and `d' indicates days.
hostnames or hostname
type: string
default value: (computed at run time)
A colon-separated list of names for the local host. This list,
together with uucp_host and more_hostnames should represent all
possible names for the local host. For a host with both a regis‐
tered Internet domain and also has a name in the UUCP zone, local‐
host.uucp should also be given in this list.
Note the value of visible_name is not recognised as a name for the
local host unless it also appears in the value for one of the other
hostname variables.
The first value in hostnames is used internally as a special ``pri‐
mary name'' for the local host (see primary_name in smail(5)).
If hostnames is set turned off (which is generally the default)
then the hostnames value will be computed by pairing the local
host's name, computed in a system-dependent manner, with all values
in the domains attribute list.
WARNING: Do not include the names of domains this machine is a
gateway (i.e. mail exchanger) for, but put those in more_hostnames
instead.
listen_name
type: string
default value: (none)
This variable may be set to the DNS name of an interface on which
the SMTP daemon should listen. By default the the listens are done
using the wildcard address (INADDR_ANY). See also the sending_name
attribute.
lock_by_name
type: boolean
default value: (system-dependent)
If this is on, then input spool file locking is always based on
lock files. Otherwise, an inode-based locking mechanism may be
used, such as flock(2) under BSD, or lockf(3) on older UNIX sys‐
tems. Inode-based locking is more efficient, if available. How‐
ever, lock files can be easily created by shell scripts which may
be advantageous under some circumstances.
lock_mode
type: number
default value: 0444
The creation mode for lock files.
log_mode
type: number
default value: 0664
The creation mode for the various mail system log files.
logfile
type: string
default value: /var/log/smail/logfile
The name of a file to which transaction and error messages are
appended. If this file does not exist, it is created with its per‐
missions taken from the log_mode attribute.
max_hop_count
type: number
default value: 20
If the hop count for a message equals or exceeds this number, then
attempts at remote delivery will result in an error message being
returned to the sender. This is used to prevent infinite loops.
The hop count for a message can be set using the ``-h'' option when
invoking smail. Otherwise it is computed from the number of
Received: fields in the message header.
max_load_ave
type: number
default value: 0
For systems on which a load average can be computed, this specifies
the maximum system load average at which mail delivery will be per‐
formed, otherwise this value is ignored. If the load average
exceeds this number, incoming mail will be saved in the input spool
directory, though no delivery will be performed. If this value is
0 the load average will not be computed and delivery will always be
performed. Normally the load average refers to a 5 minute load
average based on the number of jobs ready to run over the sample
time. (This feature is not currently implemented)
max_message_size
type: number
default value: 1M
Messages larger than this limit will be rejected by Smail when
received via SMTP.
NOTE: It is not clear how best to handle excessively large mes‐
sages received by UUCP.
message_buf_size
type: number
default value: 100k
The size of an internal buffer for reading and writing messages.
For systems with a reasonably large virtual address space, this can
be equal to the maximum size for messages. Specifying the value of
in which case reading messages and then delivering them to one or
more destinations requires very few read calls, as the entire mes‐
sage is always kept in memory.
If your system does not have a large address space the value of
BUFSIZ will be the default. BUFSIZ refers to the defined symbol in
/usr/include/stdio.h.
message_id_field
type: string
default value:
Message-Id: <$message_id@$primary_name>
This string will be expanded to form the Message-Id: message header
field. This will be used if such a field does not already exist in
the message headers.
message_log_mode
type: number
default value: 0644
Each message has associated with it a unique file containing a
transaction log for that message. This number specifies the cre‐
ation mode for this log file.
method_dir
type: string
default value: methods
If a method attribute for a router does not specify a pathname
beginning with `/', then this directory is prepended to the path to
form the complete path for the method file. If this does not begin
with a slash (`/'), it will be referenced relative to the
smail_lib_dir directory. See the description of the routers file
for more information on method files.
more_hostnames or gateway_names
type: string
default value: (none)
A colon-separated list of domain names for which this host will do
local mail delivery or private routing for (i.e. the list of
domains which this host will act as the primary mail echanger for).
This list is used in addition to any names in the value of host‐
names thus it should only specify names which are not formed from
the computed name for the host.
WARNING: Note that virtual domains handled by pathalias or rewrite
router drivers should not be listed here (nor in hostnames) since
only domains handled via directors need be listed (and besides,
routers take precedence over directors).
nobody
type: string
default value: (site-dependent)
This names a default user that defines permissions when no other
user is specified. Also note this user is used in some conditions
when it is not certain whether a set of actions can be trusted if
performed as other, potentially more powerful users. This should
reference a user-ID which has few, or no, capabilities for doing
harm or accessing protected files.
On many systems, especially those that support NFS, the default
value will be ``nobody''.
paniclog
type: string
default value: /var/log/smail/paniclog
The name of a file to which panic and very important error messages
are appended. If this file does not exist, it is created with a
mode from the log_mode attribute. Entries written to this log file
represent problems that require human intervention, such as config‐
uration errors or directory permission errors preventing mail
spooling or delivery.
Configuration errors generally cause mail to be moved into a spe‐
cial error directory under the input spool directory, thus prevent‐
ing attempts at re-delivery until the configuration error has been
corrected.
Thus, both the paniclog file and the error directory should be
checked periodically under normal use, and frequently after config‐
uration changes. When any problems have been resolved, these mes‐
sages can be re-queued for delivery by using mv(1) to move the
spool files back into the spool directory. However, before doing
so, the file in the msglog directory for each message should be
checked. If the address which caused the message to be moved to
the error directory is marked as failed, then that line should be
removed from the msglog file, because otherwise smail will not try
to deliver to that address again.
See checkerr(8) for information about automatically performing such
checks.
postmaster_address
type: string
default value: root
This is the default address for the postmaster. If the address
Postmaster is not resolved by any of the configured directors, then
this address is used.
qualify_file
type: string
default value: qualify
Names the file containing the hostname qualification information.
If this does not begin with a slash (`/'), it will be referenced
relative to the smail_lib_dir directory.
queue_only
type: boolean
default value: off
If this is set then smail will not immediately attempt delivery for
incoming mail. The smail program will then only attempt delivery
when explicitly processing the input queue, such as when invoked
with the ``-q'' flag.
received_field
type: string
default value:
Received: \
${if def:sender_host\
{from $sender_host${if def:sender_host_addr\
{(${if and{{def:sender_host_really}\
{!eq{sender_host_really}{$sender_host}}}\
{$sender_host_really}}[$sender_host_addr])}} }\
else {${if def:sender_host_addr\
{from ${if def:sender_host_really\
{$sender_host_really}}[$sender_host_addr] }\
else {${if origin:local\
{from localhost }}}}}}\
${if def:message_size\
{($message_size bytes) }}\
by $primary_name\n\t\
${if def:sender_program\
{via $sender_program }}\
${if def:sender_proto\
{with P:$sender_proto}\
else {with P:stdio}}\
${if def:director\
{/D:$director}}\
${if def:router\
{/R:$router}}\
${if def:transport\
{/T:$transport}}\n\t\
${if or{{def:sender} {def:owner}}\
{(${if def:sender\
{sender: <$sender>}\
}${if and{{def:sender} {def:owner}}\
{ }\
}${if def:owner\
{owner: <$owner>}}) }}\
${if def:ident_sender\
{(ident <$ident_sender> using $ident_method)}\
else {${if origin:local\
{(ident <$sender> using unix)}}}}\n\t\
id <$message_id@$primary_name>\n\t\
${if def:input_addr\
{for ${if origin:local\
{<}}${top:input_addr}${if origin:local\
{>}}}\
else {for <unknown>}}\
; $spool_date\n\t\
($version_string built $compile_date)
This string will be expanded to form the Received: header field.
This field will be inserted into the message headers if the
received attribute is not explicitly turned off for the transport
delivering the current message.
require_configs
type: boolean
default value: off
If this is not set, then configuration files are not required to
exist. This applies to the config and second_config_file files and
to the director_file, router_file, and transport_file files. If
one of these files does not exist then it is ignored and internally
compiled configuration is used instead. If this attribute is set,
then any configuration file, which does not have a NULL filename
(for example, using -router_file to clear the name for the router
file) and which does not exist, will cause smail to generate a
panic message.
resolve_timeout
type: interval
default value: 3d
This sets a timeout for how long smail will continue attempting to
resolve an address (that is route or direct it). This timeout
causes messages to be bounced if they have not been resolved after
this timeout has expired.
retry_file
type: string
default value: retry
Names the file containing the retry control information. If this
does not begin with a slash (`/'), it will be referenced relative
to the smail_lib_dir directory. See the smailrtry(5) manual page
for further information.
retry_duration
type: interval
default value: 5d
Specify the default duration for attempting deliver of messages.
This value will only be used if there's no wildcard entry in the
file specified by retry_file. See the smailrtry(5) manual page for
further information.
If a message cannot be delivered within this period of time then
the message delivery fails and a bounce message is sent to the
sender, or to the list owner, if there is one (and possibly to the
Postmaster too). A number with no units suffix indicates the value
is in seconds. Values can also be written as a sequence of numbers
with suffixes to indicate a time multiplier: `m' indicates min‐
utes, `h' indicates hours, and `d' indicates days.
retry_interval
type: interval
default value: (2 * queue_interval)
Specify the default retry interval for connecting to inaccessible
hosts. This value will only be used if there's no wildcard entry
in the file specified by retry_file. See the smailrtry(5) manual
page for further information.
If a host is temporarily unreachable, then smail will avoid
attempting to deliver to that host until this period of time has
elapsed. This applies to all messages, so that queue runs will not
block each message waiting for a timeout for a particular set of
inaccessible hosts.
The default value (also attained by explicitly using a setting of
``0'') is twice whatever is given as the queue run interval with
the ``-q'' parameter. This will prevent messages to one or more
domains with many dead/broken MX targets from blocking the queue
with every queue run attempt and will allow other messages in the
queue to be processed more quickly. In extreme circumstances this
may help avoid accumulating too many queue run processes that are
doing nothing useful.
A number with no units suffix indicates the value is in seconds.
Values can also be written as a sequence of numbers with suffixes
to indicate a time multiplier: `m' indicates minutes, `h' indi‐
cates hours, and `d' indicates days.
return_path_field
type: string
default value:
Return-Path: <$sender>
This string will be expanded to form the Return-Path: message
header field. This field will be inserted into the header if the
return_path attribute is turned on for the transport doing the mes‐
sage delivery.
rfc1413_query_timeout
type: number
default value: -1
This defines the timeout for RFC 1413 ``ident'' protocol queries on
incoming SMTP connections. Values of zero or less mean that no
query is made (queries are initially disabled). This is only
available if RFC1413 support is compiled into your copy of smail.
router_file
type: string
default value: routers
Names the file containing the router configuration information. If
this does not begin with a slash (`/'), it will be referenced rela‐
tive to the smail_lib_dir directory.
runq_grades
type: string
default value: (none)
The grades of message which will be processed by a normal queue
run. Other grades of message are ignored by a queue run, but can
be processed by a smail with a different runq_grades setting or by
overriding the setting using the ``-oG'' command line option. This
allows low priority mail to be processed in special queue runs to
cut down system load in peak hours. See the discussion of the
delivery_grades configuration variable to learn the meaning of the
grade range.
second_config_file
type: string
default value: (none)
This names one or more secondary configuration file(s) which can
define attribute values which override internal defaults and values
in the primary configuration file. Multiple file names are sepa‐
rated by colons. If a name does not begin with a slash (`/'), it
will be referenced relative to the smail_lib_dir directory.
This features is primarily useful in networks containing machines
that share filesystems. By having a shared primary configuration
file most systems on a network need not be concerned with maintain‐
ing the smail program, while other systems may want or need to use
a different configuration, while sharing the same binary. In par‐
ticular, the smart_user, smart_path, and smart_transport attributes
are commonly set in the secondary configuration file.
sender_env_variable
type: string
default value: (none)
This names an environment variable that can be used to name the
sender. Normally, the sender is determined from system login
information, or by checking the real user-ID of the calling
process. If sender_env_variable is set, and an environment vari‐
able with the given name exists, then use it, by default. This can
be set to ``LOGNAME'' for use with modern Unix systems, or ``USER''
for older BSD based systems.
sending_name
type: string
default value: (none)
This variable may be set to the DNS name of an interface to which
SMTP connections should be bound locally. By default connections
are not bound to any specific address.
smail
type: string
default value: /usr/sbin/smail
Name a valid path to a smail binary that can be used to re-invoke
smail when a major configuration change has been detected, or to
invoke smail for delivery of error messages. If this does not
begin with a slash (`/'), it will be referenced relative to the
smail_lib_dir directory.
smail_lib_dir
type: string
default value: /etc/smail
This defines the path to the smail configuration file directory.
The router, director and transport files, as well as alias and path
files and method files may be referenced relative to this direc‐
tory.
smail_util_dir
type: string
default value: /usr/lib/smail
This defines the path to directory containing most smail utilities.
In particular, smail expects to find the mkaliases and mkdbm utili‐
ties in this directory.
smart_path
type: string
default value: (none)
This defines the default value for the path attribute used by the
smarthost router driver. This gives the path to a machine which
supposedly contains a more complete routing database than is avail‐
able on the local host. See the smailrtrs(5) manual for more
information on the use of this attribute.
smart_transport
type: string
default value: (none)
This defines the default value for the transport generic attribute
used by the smarthost router driver.
smart_user
type: string
default value: (none)
This defines the default value for the new_user attribute used by
the smartuser director driver. See the smaildrct(5) manual for
more information on the use of this attribute.
WARNING: The contents of variables such as $user, $sender, etc.,
are under the control of the remote user. If these strings are
passed to a pipe command via a shell command line it is extremely
important that expansion of these variables be very carefully pro‐
tected by proper shell quoting.
For example:
smart_user="|/local/sbin/phquery -f ${shquote:sender} \
${shquote:user}"
Note also that if this command is itself a script it must also
treat the values of these arguments as potentially containing meta
characters and such. Similarly for any program which may pass
these values on to another via a shell command line.
smtp_accept_max
type: number
default value: 0
The maximum number of SMTP connections that smail will accept at
any one time. This is for use with SMTP daemons started with the
``-bd'' command-line option. If connection requests come in while
when this number of SMTP-connection children are forked, the con‐
nection will be shutdown with an SMTP ``421'' reply.
If this value is zero, then the number of SMTP connections is not
limited.
smtp_accept_queue
type: number
default value: 0
If this number of SMTP connection processes is exceeded, then addi‐
tional connections will be accepted, but their messages will be
queued and will not be processed until a later queue run. When the
number of current connection processes drops below this number,
immediate mail processing will resume, depending upon the value of
delivery_mode.
If this value is zero, then SMTP connections will not be converted
to queue-only mode based on the number of connections. Note that
the value of smtp_accept_queue should be less than the value of
smtp_accept_max, and that setting smtp_accept_max to zero prevents
smtp_accept_queue from working correctly in all cases.
smtp_allow_debug
type: boolean
default value: on
This boolean variable controls the meaning of the ``DEBUG'' command
when receiving SMTP commands. If the variable is on, then the
``DEBUG'' command (with an optional debugging level) sets debugging
to the specified level, or 1 if no level was specified. The debug‐
ging output will be written over the SMTP
Having this enabled may enable people to gain more information than
you would like about your systems, and so could be used as a pre‐
lude to a break-in attempt. Note that the ``DEBUG'' command cannot
be directly used to gain any form of access.
smtp_allow_expn
type: boolean
default value: on
This boolean variable enables the use of the SMTP ``EXPN'' command.
Some sites may wish to disable this command to prevent divulging
the contents of mailing lists and aliases.
smtp_bad_mx_targets
type: string
default value:
":10/8;RFC-1918 addresses are never valid for MX targets on the public Internet!\
:127/8;localhost is never valid for any MX target on the public Internet!\
:169.254/16;DHCP local addresses are never valid for MX targets on the public Internet!\
:172.16/12;RFC-1918 addresses are never valid for MX targets on the public Internet!\
:192.16/16;RFC-1918 addresses are never valid for MX targets on the public Internet!\
:192.0.2/24;Reserved addresses are never valid for MX targets on the public Internet!"
A colon-separated list of IP or IP network numbers that are checked
against the target addresses of DNS MX hosts for sender domains.
Any MX host with a matching target address will cause the connec‐
tion to be rejected by a 550 status message.
An optional text message to present in the reject message follows a
semicolon after the IP/net number. Note that the message text is
not quoted so it must not contain another `:' character. Escape
processing as described in smail(5) cannot protect a field separa‐
tor. Note that if you use the semicolon separator then you must
either escape it with a backslash or enclose the entire variable
definition in double quotes. The text message may contain semi‐
colons itself though since it extends to the end of the field (i.e.
to the next `:' character).
smtp_banner
type: string
default value:
"Smail$version #$compile_num ready at $date"
This string will be expanded to form the SMTP startup banner that
is written by the SMTP server when a connection request is
accepted. The value of primary_name (followed by a space) is auto‐
matically prepended to to this value, as required by the SMTP pro‐
tocol. Each line of this message is automatically preceded by a
``220'' identification code, and newlines are correctly changed
into a carriage-return newline sequences.
If ESMTP is configured in Smail the default value is:
"Smail$version #$compile_num ready at $date\n\
ESMTP spoken here"
smtp_error_delay
type: number
default value: 60
The number of seconds to delay before sending the last line of any
SMTP error response. This can be set to some reasonable number up
to as high as 200 seconds or so so as to delay any client from
attempting an immediate re-try (as unfortunately many do). RFC
2821 requires the client wait for at least five minutes for initial
greetings, MAIL, and RCPT command responses, but other delays may
already have been introduced by normal processing so stay well
below this absolute limit. At the moment this is a blanket delay
applied indescriminantly to all errors (and does not include the
hard-coded one-second inter-line delay also implemented in many
responses).
smtp_expn_delay
type: number
default value: 10
The number of seconds to delay after processing an SMTP ``EXPN''
command. This can be set to some reasonable number so as to delay
anyone attempting to do dictionary-style guessing attacks while at
the same time not preventing human use of ``EXPN''.
smtp_hello_broken_allow
type: string
default value: (none)
A colon-separated list of client IP or IP network numbers that are
allowed to deliver mail even though they may have given an incor‐
rect ``HELO'' or ``EHLO'' SMTP greeting name, or errors were found
in the DNS for the greeting name, or if there's no PTR for the
client when smtp_hello_verify_ptr is set.
Minor syntax errors in the name are also permitted to clients in
this list, such as use of underscore characters, as well as use of
unqualified names (which are normally always rejected even when
smtp_hello_verify is disabled).
All connections where the peer address is the same as the socket
address (i.e. if the connection is from the local host) are allowed
by default.
See smail(5) (under ``IP and IP Network Number Representation'')
for a description of the syntax of IP and IP network numbers, as
well as any magic values that may be used to represent such num‐
bers.
smtp_hello_dnsbl_domains
type: string
default value: (none)
This is a colon-separated list of Realtime DNS Black List (DNSBL)
domains in which the verified SMTP greeting name is searched for
(after first checking the name, if smtp_hello_verify is enabled,
and checking the reverse DNS, if smtp_hello_reject_dns_paranoid
and/or smtp_hello_verify_ptr is/are enabled, and finally after
first checking the name against any regular expressions given in
smtp_hello_reject_hostnames).
Most DNS Black lists use an A record value of 127.0.0.2 to indicate
that a host is listed. Optionally a comma-separated list of valid
DNS A record values, either as explicit 4-octet ascii-form host
addresses, or in a network/mask form, may follow a semicolon after
any domain to explicitly define the which results will trigger a
match. Note that if you use the semicolon separator then you must
either escape it with a backslash or enclose the entire variable
definition in double quotes.
A match in any BL will cause the connection to be rejected by a 550
status message that includes the DNSBL name in the text of the mes‐
sage, along with the content any associated DNS TXT record for the
same domain.
smtp_hello_dnsbl_except
type: string
default value: (none)
A colon-separated list of client IP or IP network numbers that are
not looked up in the blacklists specified in
smtp_hello_dnsbl_domains.
See smail(5) (under ``IP and IP Network Number Representation'')
for a description of the syntax of IP and IP network numbers, as
well as any magic values that may be used to represent such num‐
bers.
smtp_hello_reject_dns_paranoid
type: boolean
default value: on
This flag is the equivalent of the TCP Wrappers ``PARANOID'' check.
It is slightly less strict than smtp_hello_verify_ptr, and far more
important since it catches DNS spoofing attacks in progress!
The implementation checks that the name(s) given in one or more PTR
records for the remote client address resolve to hostnames giving
one or more A records of which one must give the address being
checked (for each PTR name found).
smtp_hello_reject_hostnames
type: string
default value:
"localhost(\\.)*;You've got to be kidding! If you really were 'localhost' I'd be talking to myself!\
:.*\\.localdomain;There is no such domain 'localdomain' you spammer!\
:.*\\.test;There is no such domain 'test' -- it is reserved by IANA as per RFC 2606\
:.*\\.example;There is no such domain 'example' -- it is reserved by IANA as per RFC 2606\
:.*\\.invalid;There is no such domain 'invalid' -- it is reserved by IANA as per RFC 2606\
:.*\\.localhost;There is no such domain 'localhost' -- it is reserved by IANA as per RFC 2606\
:(.*\\.)*example\\.com;There is no such domain 'example.com' -- it is reserved by IANA as per RFC 2606\
:(.*\\.)*example\\.net;There is no such domain 'example.net' -- it is reserved by IANA as per RFC 2606\
:(.*\\.)*example\\.org;There is no such domain 'example.org' -- it is reserved by IANA as per RFC 2606\
:${rxquote:hostnames}"
A colon-separated list of hostname regular expressions the already
syntax checked, and optionally verified, SMTP greeting name is com‐
pared against if the peer address is not the same as the socket
address (i.e. if the connection is not from the local host). A
match will cause the connection to be rejected by a 550 status mes‐
sage unless the client's IP address is the same as the local end‐
point IP address (i.e. unless the client is running on the local
machine).
An optional text message to present in the reject message follows a
semicolon after an expression. Note that the message text is not
quoted so it must not contain another `:' character. Escape pro‐
cessing as described in smail(5) cannot protect a field separator.
Note that if you use the semicolon separator then you must either
escape it with a backslash or enclose the entire variable defini‐
tion in double quotes. The text message may contain semicolons
itself though since it extends to the end of the field (i.e. to the
next `:' character).
As you can see from the default value any configuration items
and/or variable are expanded, complete with meta-expansion fea‐
tures, when this item is used, as described in smail(5). This
allows other colon-separated lists of hostnames, including those
derived at run time, to be included in this list. Note however
that such expansions are done before sub-fields are searched so if
any optional description is included after such an entry it will
only result in the text applying to the last name in any expanded
list.
WARNING: Do not arbitrarily include more_hostnames in this list!
Doing so would block the hosts this server MXs for from delivering
to addresses at their own domain names.
Note the default value depends on use of IEEE Std 1003.2-1992
(POSIX.2) regex(3) with full support for the REG_EXTENDED flag for
modern extended regular expressions.
smtp_hello_verify
type: boolean
default value: on
This flag tells smail to verify the hostnames given in ``HELO'' or
``EHLO'' SMTP greeting command. This means the hostname specified
in the greeting must resolve to a valid DNS ``A'' resource record
with a target address matching the client connection source
address.
Note that RFC 1123 says it is the responsibility of the remote SMTP
client to supply a valid canonical hostname and that the SMTP
server ``MUST NOT'' reject a connection just because some arbitrary
verification fails on this hostname. However in the Internet today
we cannot usually trust the sender and so we must violate RFC 1123
in this respect lest the sender does the same to us while we're not
checking. Remember that RFC 1123 was written in the days when it
was unthinkable that a home PC would be used to initiate SMTP ses‐
sions, let alone 30,000,000 plus PCs all hammering on your SMTP
port.
Note that disabling this flag does not turn off syntax checking of
the SMTP greeting. See smtp_hello_broken_allow, described above,
for that.
smtp_hello_verify_literal
type: boolean
default value: on
If the greeting hostname given with the ``HELO'' or ``EHLO'' SMTP
greeting command is a literal IP address (eg. ``[127.0.0.1]''),
this flag tells smail to look up the domain name associated with
the address given by the literal. This means the connecting host
must have valid DNS, i.e. a ``PTR'' resource record for the connec‐
tion address (sender_host_address), and the name given by the PTR
must return an ``A'' resource record with an address matching the
connection address. See the caveat for smtp_hello_verify for stan‐
dards conformance notes.
smtp_hello_verify_ptr
type: boolean
default value: off
This flag tells smail to verify that there's a DNS ``PTR'' resource
record for the connection address and that it (or one of its
aliases) matches the hostname given with the ``HELO'' or ``EHLO''
SMTP greeting command. This check is off by default because
there's still a large segment of the Internet the doesn't have
proper reverse DNS. See the caveat for smtp_hello_verify for stan‐
dards conformance notes.
smtp_host_dnsbl_domains
type: string
default value: (none)
This is a colon-separated list of Realtime DNS Black List (DNSBL)
domains in which the client host's domain name (as given in the
primary DNS PTR record for the client's address) is searched for.
Most DNS Black lists use an A record value of 127.0.0.2 to indicate
that a host is listed. Optionally a comma-separated list of valid
DNS A record values, either as explicit 4-octet ascii-form host
addresses, or in a network/mask form, may follow a semicolon after
any domain to explicitly define the which results will trigger a
match. Note that if you use the semicolon separator to specify a
sub-field then you must either escape it with a backslash or
enclose the entire variable definition in double quotes.
A match in any BL will cause the connection to be rejected by a 550
status message that includes the DNSBL name in the text of the mes‐
sage, along with the content any associated DNS TXT record for the
same domain.
smtp_host_dnsbl_except
type: string
default value: (none)
A colon-separated list of client IP or IP network numbers that are
not looked up in the blacklists specified in
smtp_host_dnsbl_domains.
See smail(5) (under ``IP and IP Network Number Representation'')
for a description of the syntax of IP and IP network numbers, as
well as any magic values that may be used to represent such num‐
bers.
smtp_host_reject_hostnames
type: string
default value:
"localhost(\\.)*;You have got to be kidding! If you really were 'localhost' I would be talking to myself!\
:.*\\.localdomain;The domain 'localdomain' is not valid!\
:.*\\.test;The domain 'test' is not valid -- it is reserved by IANA as per RFC 2606\
:.*\\.example;The domain 'example' is not valid -- it is reserved by IANA as per RFC 2606\
:.*\\.invalid;The domain 'invalid' is not valid -- it is reserved by IANA as per RFC 2606\
:.*\\.localhost;The domain 'localhost' is not valid -- it is reserved by IANA as per RFC 2606\
:(.*\\.)*example\\.com;The domain 'example.com' is not valid -- it is reserved by IANA as per RFC 2606\
:(.*\\.)*example\\.net;The domain 'example.net' is not valid -- it is reserved by IANA as per RFC 2606\
:(.*\\.)*example\\.org;The domain 'example.org' is not valid -- it is reserved by IANA as per RFC 2606\
:${rxquote:hostnames}"
A colon-separated list of hostname regular expressions the client
host's domain name (as given in the primary DNS PTR record for the
client's address) is compared against if the peer address is not
the same as the socket address (i.e. if the connection is not from
the local host). Any match will cause the connection to be
rejected by a 550 status message.
An optional text message to present in the reject message follows a
semicolon after an expression. Note that the message text is not
quoted so it must not contain another `:' character. Escape pro‐
cessing as described in smail(5) cannot protect a field separator.
Note that if you use the semicolon separator to specify a sub-field
then you must either escape it with a backslash or enclose the
entire variable definition in double quotes. The text message may
contain semicolons itself though since it extends to the end of the
field (i.e. to the next `:' character).
As you can see from the default value any configuration items
and/or variable are expanded, complete with meta-expansion fea‐
tures, when this item is used, as described in smail(5). This
allows other colon-separated lists of hostnames, including those
derived at run time, to be included in this list. Note however
that such expansions are done before sub-fields are searched so if
any optional description is included after such an entry it will
only result in the text applying to the last name in any expanded
list.
WARNING: Do not arbitrarily include more_hostnames in this list!
Doing so would block the hosts this server MXs for from delivering
to addresses at their own domain names.
smtp_local_sender_allow
type: string
default value:
"mailer-daemon:owner-.*:postmaster:real-.*:.*-request"
A colon-separated list of regular expressions used when
smtp_local_sender_restrict is enabled to check if the sender
address local part matches an authorised mailbox. These are some
of the sender addresses which may commonly be used on messages re-
routed (forwarded) back to the local machine, such as the owner
addresses used for distributing mailing lists, or those used by the
dotforward director, etc.
Note that a case-insensitive match is always done if the host plat‐
form's underlying regular expression library is POSIX compliant.
smtp_local_sender_restrict
type: boolean
default value: off
Enabling this flag tells Smail to do basic sender address anti-
spoofing protection by ensuring that any sender address which is
locally deliverable has come from an authorised client (i.e. the
client's source IP address must match an entry in
smtp_remote_allow), or if the local part of the sender address
matches any entry in the list of regular expressions in
smtp_local_sender_allow
WARNING: If you host virtual domains for users who don't always use
your mail server to relay their outgoing mail then you do not want
to enable this feature or they may not be able to send e-mail to
themselves from any other server (assuming they use their ``local''
sender address and of course assuming the remote server allows them
to do so).
Note that RFC-2822 header anti-spoofing can be simulated to some
degree by simply forcing all Sender: and From: header fields to be
re-written in conjunction with this feature.
smtp_max_recipients
type: number
default value: 100
The maximum number of recipients that can be specified in a single
SMTP envelope. If too many recipients are specified each one over
the maximum will be rejected with an SMTP ``452'' reply message.
If this value is zero (or explicitly unset), then the number of
recipients per SMTP envelope is not limited.
smtp_max_bounce_recipients
type: number
default value: 1
The maximum number of recipients that can be specified in the SMTP
envelope for a bounce message, i.e. a message where the SMTP enve‐
lope sender address is the null address.
If this value is zero (or explicitly unset), then the number of
recipients per bounce message defaults to the current value of
smtp_max_recipients.
Normally only one recipient can ever be specified for a bounce mes‐
sage since there's only ever one SMTP envelope address to which a
bounce can be returned to. A common counter-example to this is
bounces from mailing lists, or indeed bounces to any mailbox which
may be aliased to more than one person at the same remote domain.
Of course this only matters if this particular mailer instance is
handling that remote domain (and if the remote mailer on the list
host will attempt to send one message to multiple SMTP recipients
at a time).
smtp_permit_mx_backup
type: string
default value: (none)
A colon-separated list of hostname regular expressions the target
domain name of a recipient address must match before relaying to
the primary MX for the target domain name will be allowed. If this
list is not empty then a failure to match at least one entry in the
list will result in the recipient address being rejected with a
remote relay security violation error. Any match will allow Smail
to go on to check if any secondary MX records for the target domain
name match a locally handled hostname, and if so the recipient
address will be accepted and the message queued for eventual deliv‐
ery to the primary MX host.
To disable all support for secondary MX relaying set this variable
as follows:
smtp_permit_mx_backup="!.*"
smtp_rbl_domains
type: string
default value: (none)
This is a colon-separated list of Realtime/Reverse Blocking/Black
List (RBL) domains in which a DNS A record for the ASCII-octet-
reversed (as with .IN-ADDR.ARPA) connecting client address is
looked up.
The de facto standard set for DNS RBL configurations by the Mail
Abuse Prevention System LLC (MAPS project, founded by Paul Vixie)
uses an A record value of 127.0.0.2 to indicate that a host is
listed. Since some other RBLs use other A record values to indi‐
cate other meanings a comma-separated list of valid DNS A record
values, either as explicit 4-octet ascii-form host addresses, or in
a network/mask form, may follow a semicolon after any domain. Note
that if you use the semicolon separator to specify a sub-field then
you must either escape it with a backslash or enclose the entire
variable definition in double quotes.
A match in any RBL will cause the connection to be rejected by a
550 status message that includes the RBL name in the text of the
message, along with the content any associated DNS TXT record for
the same domain.
An example:
smtp_rbl_domains="rbl1.domain;127.0.0.1,10/8\
:rbl2.domain;127.0.0/24"
Some of the most commonly used RBLs for blocking unsolicited e-mail
are hosted by MAPS: <URL:http::/www.mail-abuse.org/> and another
well known RBL for blocking e-mail from insecure (open relay)
servers is hosted by ORBL: <URL:http::/www.orbl.org/>. A list of
similar RBLs can be found here:
<URL:http://www.declude.com/JunkMail/Support/ip4r.htm>
See smail(5) (under ``IP and IP Network Number Representation'')
for a description of the syntax of IP and IP network numbers. Note
that in this case none of the magic values that may be used to rep‐
resent such numbers are likely to be of any use.
smtp_rbl_except
type: string
default value: localnet
This is a colon-separated list of IP or IP network numbers for
client hosts that should not trigger RBL lookups.
An optional text message to document the reason for the exception
follows a semicolon after a domain. Note though that this message
won't appear anywhere in the message, the logs, or the SMTP ses‐
sion. Note also that the message text is not quoted so it must not
contain another `:' character. Escape processing as described in
smail(5) cannot protect a field separator. Note that if you use
the semicolon separator to specify a sub-field then you must either
escape it with a backslash or enclose the entire variable defini‐
tion in double quotes. The text message may contain semicolons
itself though since it extends to the end of the field (i.e. to the
next `:' character).
An example:
smtp_rbl_except="172.16.99.4;Our dial-up subnet.\
:192.168.30/24;This is our friend's net."
See smail(5) (under ``IP and IP Network Number Representation'')
for a description of the syntax of IP and IP network numbers, as
well as any magic values that may be used to represent such num‐
bers.
smtp_receive_command_timeout
type: interval
default value: 5m
This interval defines the timeout for each SMTP receiver command
for interactive SMTP daemons. If a command is not received within
this period of time after a prompt, then the connection is closed
down and the SMTP receiver exits.
smtp_receive_message_timeout
type: interval
default value: 2h
This interval defines the timeout for reading a message with the
``DATA'' command for interactive SMTP daemons. If the entire mes‐
sage is not received within this period of time after the ``354''
reply prompt, then the message is removed, the connection is closed
down, and the SMTP receiver process exits.
smtp_recipient_no_verify
type: string
default value: (none)
A colon-separated list of client IP or IP network numbers that are
allowed to deliver remote mail via SMTP and which do not need or
want target addresses specified in ``RCPT TO:'' commands to be ver‐
ified immediately during message delivery. Setting this to a list
of local network numbers helps clients deliver mail immediately to
the queue without needing to wait for possible DNS lookup timeouts.
Some MUAs (and even some primitive MTAs) that use SMTP for mail
delivery do not have sufficient or adjustable timeouts and may fail
to deliver mail when network or remote nameserver problems cause
delays. This variable has precedence over smtp_remote_allow. If
you need to set this then you should probably be setting it to the
same list as you use in smtp_remote_allow.
See smail(5) (under ``IP and IP Network Number Representation'')
for a description of the syntax of IP and IP network numbers, as
well as any magic values that may be used to represent such num‐
bers.
smtp_reject_hosts
type: string
default value: (none)
This is a colon-separated list of IP or IP network numbers for
client hosts that should be immediately and permanently be rejected
using an SMTP 550 status message.
An optional text message to present in the reject message text fol‐
lows a semicolon after the IP number. Note that the message text
is not quoted so it must not contain another `:' character. Escape
processing as described in smail(5) cannot protect a field separa‐
tor. Note that if you use the semicolon separator to specify a
sub-field then you must either escape it with a backslash or
enclose the entire variable definition in double quotes. The text
message may contain semicolons itself though since it extends to
the end of the field (i.e. to the next `:' character).
An example:
smtp_reject_hosts="172.16.99.4;Go away you nutcase!\
:192.168.30/24;What a naughty net you have!"
See smail(5) (under ``IP and IP Network Number Representation'')
for a description of the syntax of IP and IP network numbers, as
well as any magic values that may be used to represent such num‐
bers.
smtp_remote_allow
type: string
default value: localnet
A colon-separated list of client IP or IP network numbers that are
allowed to deliver remote mail via SMTP. Setting this to a list of
local network numbers helps stop remote systems from using your
mailer to spoof headers in mail bound to remote addresses. This
list is used for verification of the target addresses specified in
all ``VRFY'' and ``RCPT TO:'' SMTP commands.
Note that mail is implicitly accepted from arbitrary hosts if the
target address is for any of the locally accepted domains, or if
any of the locally accepted domain names are mentioned as MX hosts
for the target address.
See smail(5) (under ``IP and IP Network Number Representation'')
for a description of the syntax of IP and IP network numbers, as
well as any magic values that may be used to represent such num‐
bers.
smtp_sender_no_verify
type: string
default value: (none)
A colon-separated list of client IP or IP network numbers that are
allowed to deliver remote mail via SMTP and which do not need or
want target addresses specified in ``MAIL FROM:'' commands to be
verified immediately during message delivery. Setting this to a
list of local network numbers helps clients deliver mail immedi‐
ately to the queue without needing to wait for possible DNS lookup
timeouts. Some MUAs (and even some primitive MTAs) that use SMTP
for mail delivery do not have sufficient or adjustable timeouts and
may fail to deliver mail when network or remote nameserver problems
cause delays.
Note that setting this variable, and thus disabling sender address
verification unnecessarily, will make it possible for users to use
incorrect sender addresses, and that may prevent them from ever
receiving bounces or even replies (the latter in the usual case
where the sender's MUA uses the same address in the From: and/or
Reply-To: header field(s) as it uses for the SMTP sender address).
See smail(5) (under ``IP and IP Network Number Representation'')
for a description of the syntax of IP and IP network numbers, as
well as any magic values that may be used to represent such num‐
bers.
smtp_sender_reject
type: string
default value:
".*@localhost;There's no such domain 'localhost'!"
A colon-separated list of expressions the SMTP envelope sender
address (as given in the SMTP ``MAIL FROM:'' command) is checked
against. Any match will cause the connection to be rejected by a
550 status message.
An optional text message to present in the reject message follows a
semicolon after an expression. Note that the message text is not
quoted so it must not contain another `:' character. Escape pro‐
cessing as described in smail(5) cannot protect a field separator.
Note that if you use the semicolon separator to specify a sub-field
then you must either escape it with a backslash or enclose the
entire variable definition in double quotes. The text message may
contain semicolons itself though since it extends to the end of the
field (i.e. to the next `:' character).
smtp_sender_reject_db
type: string
default value:
"dead-mail.senders"
WARNING: This variable may be deprecated by the potentially more
general smtp_sender_reject if a future release adds ${lookup expan‐
sion to item lists.
The name of a database containing strings that the SMTP envelop
sender address (as given in the SMTP ``RCPT TO:'' command) is
checked against. Any match will cause the connection to be
rejected by a 550 status message.
An optional text message to present in the reject message follows
the address on the same line.
The filename given by default value corresponds to the list of
invalid sender addresses, maintained by checkerr(8), to which dou‐
ble bounces cannot be sent.
smtp_sender_reject_db_proto
type: string
default value:
"lsearch"
The lookup method for the smtp_sender_reject_db database. See the
section File Lookups in smail(5) for a list of valid lookup methds
and their use.
smtp_sender_reject_hostnames
type: string
default value:
".*\\.localdomain;There's no such domain 'localdomain' you spammer!"
WARNING: This variable may be deprecated by the more general
smtp_sender_reject in a future release.
A colon-separated list of hostname regular expressions the SMTP
envelope sender address domain name (as given in the SMTP ``RCPT
TO:'' command) is checked against. Any match will cause the con‐
nection to be rejected by a 550 status message.
An optional text message to present in the reject message follows a
semicolon after an expression. Note that the message text is not
quoted so it must not contain another `:' character. Escape pro‐
cessing as described in smail(5) cannot protect a field separator.
Note that if you use the semicolon separator to specify a sub-field
then you must either escape it with a backslash or enclose the
entire variable definition in double quotes. The text message may
contain semicolons itself though since it extends to the end of the
field (i.e. to the next `:' character).
smtp_sender_rhsbl_domains
type: string
default value: (none)
This is a colon-separated list of Realtime Right-Hand Side Block‐
ing/Black Lists (RHSBL) domains in which a DNS A record for the
target domain of the sender address is looked up as a subdomain.
The de facto standard set of DNS blacklists for checking sender
addresses are managed by rfc-ignorant.org. Like the MAPS RBL they
also use an A record value of 127.0.0.2 to indicate that a domain
is listed.
A match in any domain will cause the connection to be rejected by a
550 status message that includes the blacklist name in the text of
the message, along with the content any associated DNS TXT record
for the same domain.
An example:
smtp_sender_rhsbl_domains="rhsbl1.domain;127.0.0.1,10/8\
:rhsbl2.domain;127.0.0/24"
smtp_sender_rhsbl_except
type: string
default value:
"${rxquote:hostnames}:${rxquote:more_hostnames}"
This is a colon-separated list of sender address target domain reg‐
ular expressions that should not trigger RHSBL lookups.
An example:
smtp_sender_rhsbl_except="some.domain:another.domain"
As you can see from the default value any configuration items
and/or variable are expanded, complete with meta-expansion fea‐
tures, when this item is used, as described in smail(5). This
allows other colon-separated lists of hostnames, including those
derived at run time, to be included in this list.
Note also that any semicolon separated sub-field value is simply
ignored.
smtp_sender_verify_mx_only
type: boolean
default value: off
This flag tells smail to only look for DNS MX (mail exchanger)
resource records when verifying the the host part of the SMTP enve‐
lope sender address. Strictly speaking all domain names used in
SMTP should have DNS MX RRs associated, but it is common practice
on the internet to allow a mail host to have only an A RR. In the
default configuration Smail will also search for DNS A RRs that
match the domain part of the sender address.
smtp_vrfy_delay
type: number
default value: 10
The number of seconds to delay after processing an SMTP ``VRFY com‐
mand. This can be set to some reasonable number so as to delay
anyone attempting to do dictionary-style guessing attacks while at
the same time not preventing human use of ``VRFY''.
spool_dirs
type: string
default value: /var/mail
This defines one or more directories into which incoming mail can
be spooled. Directories are separated by single colon characters.
When writing a message to the first spool directory fails, (say due
to permission problems, filesystem full errors, etc.) successive
spool directories are tried until the incoming message can be suc‐
cessfully written or until no more alternative directories exist.
Each spool directory is expected to have subdirectories of: input
(to hold the actual spool files), lock (for temporary lock files),
msglog (for temporary per-message transaction logs and audit
trails), retry (for host retry information), error (to hold mes‐
sages which failed due to configuration errors or other problems
which require human intervention), and tmp (to hold temporary files
in a safe non-world-writable place). Normally these directories
will be created on demand. However in order to properly share
retry information it may be prudent to at least try to make all
retry entries be symbolic links.
Note that due to the way free space is reserved on the spool
filesystem, only the last directory in this list will actually have
free space reserved in it. Note also that if the goal is to pro‐
vide for extra space then of course each directory must be on a
separate filesystem.
Note that spool files should not be copied from one place to
another. In the current implementation their names are BASE-62
encoded forms of the inode number of the message file, as well as
the current time (in seconds since the epoch), so only in a perfect
world will the copied files be ``safe'' in that they won't ever
clash with possible future spool files.
spool_grade
type: character
default value: C
This character names the default grade for messages. This can be
overridden by a Precedence: field in the message header. The grade
is used in sorting messages in the input spool directory and is
also available in string expansions as the $grade variable. See
the grades attribute for more information.
spool_mode
type: number
default value: 0440
This defines the file creation mode for spool files.
transport_file
type: string
default value: transports
names the file containing the transport configuration information.
If this does not begin with a slash (`/'), it will be referenced
relative to the smail_lib_dir directory.
trusted_users
type: string
default value: (none)
This names a list of users (separated by colons) who are trusted to
specify a sender for a message. Users who are not in this list
cannot specify a Sender: header field without it being removed.
If such users specify a From: header field, then a Sender: field
will be created that specifies the real user that submitted this
mail. Generally, this should be set to that names of all users
under which remote mail is received by smail. If this list is
turned off, using -trusted, then all users are trusted.
NOTE: The real user-ID is used in verifying trusted users. How‐
ever, under many operating systems, the uucico(8) program runs
under the real UID of the user that ran it and often any user can
do so. Smail program cannot differentiate this case from any other
case and will thus do the ``wrong thing'' here. If this problem
exists on your machine, then the trusted attribute may need to be
turned off.
trusted_groups
type: string
default value: (none)
This names a list of groups (separated by colons) that are trusted
to specify a sender for a message. The groups specified are
checked against the effective gid of smail. Thus, if smail is a
set-group-ID program, then this string is of no value and should be
turned off. However, if smail is not set-group-ID, then programs
that invoke smail under a specific effective GID, while not a spe‐
cific real UID, can be detected and can be properly treated as
trusted.
uucp_name
type: string
default value: (computed at run time)
This specifies a name for the local host. This name is available
in string expansions as the $uucp_name variable. It is also used
in the ``remote from hostname'' suffix to ``From<space>'' lines for
mail being delivered to remote machines when the from attribute is
turned on for a transport.
visible_name
type: string
default value: (computed at run time)
The full domain name used in outgoing mail addresses within header
fields. If visible_name is turned off, then it will be set to the
first name from the hostnames attribute. If the hostnames
attribute is not specified then that attribute will be filled in
with hostnames of the form hostname.domain, where hostname is
derived in a system-dependent manner and where domain, here, is the
first name from the domains attribute. Note that each entry in the
domains list is used, in sequence, to created the hostnames value
if the latter is not explicitly specified.
For sites in the UUCP zone domains will often merely be the string
``uucp''.
FILES
/etc/smail/config
Optional general smail configuration. This file can override com‐
piled-in configuration.
/etc/smail/transports
Optional configuration for smail transports; i.e., configured meth‐
ods of mail delivery. This file replaces the compiled-in transport
configuration.
/etc/smail/directors
Optional configuration for smail directors, i.e., configured meth‐
ods for resolving local addresses. This file replaces the com‐
piled-in director configuration.
/etc/smail/routers
Optional configuration for smail routers, i.e., configured methods
for resolving or routing to remote hosts. This file replaces the
compiled-in router configuration.
/var/mail
The top of the spool directory hierarchy.
/var/mail/input
The directory containing messages to be processed and delivered.
/var/mail/msglog
A directory of transaction logs for individual messages.
/var/mail/lock
A directory used for input spool files.
/var/log/smail/logfile
A log of smail transactions.
/var/log/smail/paniclog
A log of serious configuration and/or system errors encountered by
smail.
DEFAULT CONFIGURATION
The default internal directors configuration can be viewed by typing
smail -oC /no-such-file -v -bP all. Note that this reports the values
of all configuration variables using the default variable names (alias
names are not shown). You should only adjust the values of those vari‐
ables absolutely necessary to adjust for your particular system. Don't
simply copy this output to your new config file or you'll make upgrad‐
ing much harder.
SEE ALSOsmail(5), smaildrct(5), smailmeth(5), smailqual(5), smailrtrs(5),
smailrtry(5), smailtrns(5), checkerr(8), smail(8).
Smail Administration and Installation Guide.
DARPA Internet Requests for Comments RFC 821, RFC 822, RFC 974, RFC
976, and RFC 1123.
Regular expression documentation for your host, perhaps in re_for‐
mat(7), regex(3), ed(1), or grep(1).
BUGS
Colons cannot be included in the value of a list element. In most
cases this is really a feature, such as with user and group names since
a colon can never appear in such names anyway.
Database files cannot contain ``#'' in the left-hand field.
COPYRIGHT
Copyright (C) 1987, 1988 Ronald S. Karr and Landon Curt Noll
Copyright (C) 1992 Ronald S. Karr
See a file COPYING, distributed with the source code, or type smail
-bc, to view distribution rights and restrictions associated with this
software.
Smail-3 RELEASE-3_2_0_115 SMAILCONF(5)