SMTP(8)                                                                SMTP(8)

NAME
       smtp  - Postfix SMTP client SYNOPSIS smtp [generic Postfix
       daemon options]

DESCRIPTION
       The  Postfix  SMTP  client  processes   message   delivery
       requests  from the queue manager. Each request specifies a
       queue file, a sender address, a domain or host to  deliver
       to, and recipient information.  This program expects to be
       run from the master(8) process manager.

       The SMTP client updates the queue file and  marks  recipi-
       ents  as  finished,  or  it informs the queue manager that
       delivery should be tried again at a later  time.  Delivery
       status  reports  are  sent  to  the bounce(8), defer(8) or
       trace(8) daemon as appropriate.

       The  SMTP  client  looks  up  a  list  of  mail  exchanger
       addresses  for  the  destination  host,  sorts the list by
       preference, and connects to each listed address  until  it
       finds a server that responds.

       When  a  server  is  not  reachable, or when mail delivery
       fails due to  a  recoverable  error  condition,  the  SMTP
       client  will try to deliver the mail to an alternate host.

       After a successful mail transaction, a connection  may  be
       saved to the scache(8) connection cache server, so that it
       may be used by any SMTP client for a  subsequent  transac-
       tion.

       By  default, connection caching is enabled temporarily for
       destinations that have a high volume of mail in the active
       queue. Session caching can be enabled permanently for spe-
       cific destinations.  SECURITY
       The SMTP client is moderately security-sensitive. It talks
       to  SMTP  servers  and  to DNS servers on the network. The
       SMTP client can be run chrooted at  fixed  low  privilege.
       STANDARDS  RFC  821 (SMTP protocol) RFC 822 (ARPA Internet
       Text Messages) RFC 1651 (SMTP service extensions) RFC 1652
       (8bit-MIME  transport) RFC 1870 (Message Size Declaration)
       RFC 2045 (MIME: Format of  Internet  Message  Bodies)  RFC
       2046  (MIME: Media Types) RFC 2554 (AUTH command) RFC 2821
       (SMTP  protocol)  RFC  2920  (SMTP  Pipelining)  RFC  3207
       (STARTTLS command)

DIAGNOSTICS
       Problems  and transactions are logged to syslogd(8).  Cor-
       rupted message files are marked so that the queue  manager
       can move them to the corrupt queue for further inspection.

       Depending on the setting of the notify_classes  parameter,
       the  postmaster is notified of bounces, protocol problems,
       and of other trouble.

BUGS
       SMTP connection caching does not work with TLS. The neces-
       sary  support for TLS object passivation and re-activation
       does not exist without closing the session, which  defeats
       the purpose.

       SMTP  connection caching assumes that SASL credentials are
       valid for all destinations  that  map  onto  the  same  IP
       address and TCP port.  CONFIGURATION PARAMETERS
       Changes to main.cf are picked up automatically, as smtp(8)
       processes run for only a limited amount of time.  Use  the
       command "postfix reload" to speed up a change.

       The  text  below  provides  only  a parameter summary. See
       postconf(5) for more details including examples.  COMPATI-
       BILITY CONTROLS

       ignore_mx_lookup_error (no)
              Ignore DNS MX lookups that produce no response.

       smtp_always_send_ehlo (yes)
              Always send EHLO at the start of an SMTP session.

       smtp_never_send_ehlo (no)
              Never send EHLO at the start of an SMTP session.

       smtp_defer_if_no_mx_address_found (no)
              Defer  mail  delivery when no MX record resolves to
              an IP address.

       smtp_line_length_limit (990)
              The maximal length of message header and body lines
              that Postfix will send via SMTP.

       smtp_pix_workaround_delay_time (10s)
              How  long  the  Postfix  SMTP  client pauses before
              sending ".<CR><LF>" in order to work around the PIX
              firewall "<CR><LF>.<CR><LF>" bug.

       smtp_pix_workaround_threshold_time (500s)
              How  long  a  message must be queued before the PIX
              firewall  "<CR><LF>.<CR><LF>"  bug  workaround   is
              turned on.

       smtp_quote_rfc821_envelope (yes)
              Quote  addresses in SMTP MAIL FROM and RCPT TO com-
              mands as required by RFC 821.

       smtp_skip_5xx_greeting (yes)
              Skip SMTP servers that greet with a 5XX status code
              (go away, do not try again later).

       smtp_skip_quit_response (yes)
              Do  not wait for the response to the SMTP QUIT com-
              mand.

       Available in Postfix version 2.0 and earlier:

       smtp_skip_4xx_greeting (yes)
              Skip SMTP servers that greet with a 4XX status code
              (go away, try again later).

       Available in Postfix version 2.2 and later:

       smtp_discard_ehlo_keyword_address_maps (empty)
              Lookup  tables,  indexed  by the remote SMTP server
              address, with case insensitive lists of  EHLO  key-
              words  (pipelining,  starttls, auth, etc.) that the
              SMTP client will ignore in the EHLO response from a
              remote SMTP server.

       smtp_discard_ehlo_keywords (empty)
              A  case insensitive list of EHLO keywords (pipelin-
              ing, starttls, auth, etc.)  that  the  SMTP  client
              will ignore in the EHLO response from a remote SMTP
              server.

       smtp_generic_maps (empty)
              Optional lookup tables that perform address rewrit-
              ing  in  the  SMTP client, typically to transform a
              locally valid address into a globally valid address
              when  sending  mail across the Internet.  MIME PRO-
              CESSING CONTROLS
              Available in Postfix version 2.0 and later:

       disable_mime_output_conversion (no)
              Disable the conversion of 8BITMIME format  to  7BIT
              format.

       mime_boundary_length_limit (2048)
              The  maximal  length  of  MIME  multipart  boundary
              strings.

       mime_nesting_limit (100)
              The maximal recursion level that the MIME processor
              will handle.  EXTERNAL CONTENT INSPECTION CONTROLS
              Available in Postfix version 2.1 and later:

       smtp_send_xforward_command (no)
              Send  the  non-standard  XFORWARD  command when the
              Postfix SMTP server EHLO response  announces  XFOR-
              WARD support.  SASL AUTHENTICATION CONTROLS

       smtp_sasl_auth_enable (no)
              Enable  SASL  authentication  in  the  Postfix SMTP
              client.

       smtp_sasl_password_maps (empty)
              Optional SMTP client lookup tables with  one  user-
              name:password  entry per remote hostname or domain.

       smtp_sasl_security_options (noplaintext, noanonymous)
              What authentication  mechanisms  the  Postfix  SMTP
              client is allowed to use.

       smtp_sasl_path (empty)
              The  path where SASL will look for plugins. This is
              a colon separated list  of  directories  where  the
              SASL  plugins  shared  objects  are  located.   The
              default value is the null string,  which  will  use
              the path defined in the SASL library.

       Available in Postfix version 2.2 and later:

       smtp_sasl_mechanism_filter (empty)
              If  non-empty, a Postfix SMTP client filter for the
              remote SMTP server's list of  offered  SASL  mecha-
              nisms.  STARTTLS SUPPORT CONTROLS
              Detailed  information  about STARTTLS configuration
              may be found in the TLS_README document.

       smtp_use_tls (no)
              Opportunistic mode: use  TLS  when  a  remote  SMTP
              server  announces  STARTTLS support, otherwise send
              the mail in the clear.

       smtp_enforce_tls (no)
              Enforcement mode: require that remote SMTP  servers
              use  TLS  encryption,  and  never  send mail in the
              clear.

       smtp_sasl_tls_security_options           ($smtp_sasl_secu-
       rity_options)
              The SASL authentication security options  that  the
              Postfix  SMTP  client  uses  for TLS encrypted SMTP
              sessions.

       smtp_starttls_timeout (300s)
              Time limit for Postfix SMTP client write  and  read
              operations  during  TLS  startup and shutdown hand-
              shake procedures.

       smtp_tls_CAfile (empty)
              The file with the certificate of the  certification
              authority  (CA) that issued the Postfix SMTP client
              certificate.

       smtp_tls_CApath (empty)
              Directory with  PEM  format  certificate  authority
              certificates  that  the Postfix SMTP client uses to
              verify a remote SMTP server certificate.

       smtp_tls_cert_file (empty)
              File with the Postfix SMTP client  RSA  certificate
              in PEM format.

       smtp_tls_cipherlist (empty)
              Controls  the Postfix SMTP client TLS cipher selec-
              tion scheme.

       smtp_tls_dcert_file (empty)
              File with the Postfix SMTP client  DSA  certificate
              in PEM format.

       smtp_tls_dkey_file ($smtp_tls_dcert_file)
              File  with  the Postfix SMTP client DSA private key
              in PEM format.

       smtp_tls_enforce_peername (yes)
              When TLS encryption is enforced, require  that  the
              remote SMTP server hostname matches the information
              in the remote SMTP server certificate.

       smtp_tls_key_file ($smtp_tls_cert_file)
              File with the Postfix SMTP client RSA  private  key
              in PEM format.

       smtp_tls_loglevel (0)
              Enable  additional  Postfix  SMTP client logging of
              TLS activity.

       smtp_tls_note_starttls_offer (no)
              Log the hostname  of  a  remote  SMTP  server  that
              offers  STARTTLS,  when  TLS is not already enabled
              for that server.

       smtp_tls_per_site (empty)
              Optional lookup tables with the Postfix SMTP client
              TLS  usage  policy  by  next-hop domain name and by
              remote SMTP server hostname.

       smtp_tls_scert_verifydepth (5)
              The verification depth for remote SMTP server  cer-
              tificates.

       smtp_tls_session_cache_database (empty)
              Name  of  the  file containing the optional Postfix
              SMTP client TLS session cache.

       smtp_tls_session_cache_timeout (3600s)
              The expiration time of Postfix SMTP client TLS ses-
              sion cache information.

       tls_daemon_random_bytes (32)
              The  number  of pseudo-random bytes that an smtp(8)
              or smtpd(8) process  requests  from  the  tlsmgr(8)
              server  in order to seed its internal pseudo random
              number generator (PRNG).  RESOURCE  AND  RATE  CON-
              TROLS

       smtp_destination_concurrency_limit      ($default_destina-
       tion_concurrency_limit)
              The  maximal  number  of parallel deliveries to the
              same destination  via  the  smtp  message  delivery
              transport.

       smtp_destination_recipient_limit        ($default_destina-
       tion_recipient_limit)
              The  maximal  number of recipients per delivery via
              the smtp message delivery transport.

       smtp_connect_timeout (30s)
              The SMTP client time limit  for  completing  a  TCP
              connection,  or  zero  (use  the  operating  system
              built-in time limit).

       smtp_helo_timeout (300s)
              The SMTP client time limit for sending the HELO  or
              EHLO  command, and for receiving the initial server
              response.

       smtp_xforward_timeout (300s)
              The SMTP client time limit for sending the XFORWARD
              command, and for receiving the server response.

       smtp_mail_timeout (300s)
              The  SMTP  client  time  limit for sending the MAIL
              FROM  command,  and  for   receiving   the   server
              response.

       smtp_rcpt_timeout (300s)
              The  SMTP  client  time  limit for sending the SMTP
              RCPT TO  command,  and  for  receiving  the  server
              response.

       smtp_data_init_timeout (120s)
              The  SMTP  client  time  limit for sending the SMTP
              DATA  command,  and  for   receiving   the   server
              response.

       smtp_data_xfer_timeout (180s)
              The  SMTP  client  time  limit for sending the SMTP
              message content.

       smtp_data_done_timeout (600s)
              The SMTP client time limit  for  sending  the  SMTP
              ".", and for receiving the server response.

       smtp_quit_timeout (300s)
              The  SMTP  client  time  limit for sending the QUIT
              command, and for receiving the server response.

       Available in Postfix version 2.1 and later:

       smtp_mx_address_limit (0)
              The  maximal  number  of  MX  (mail  exchanger)  IP
              addresses  that  can  result  from  mail  exchanger
              lookups, or zero (no limit).

       smtp_mx_session_limit (2)
              The maximal number of SMTP  sessions  per  delivery
              request  before  giving up or delivering to a fall-
              back relay host, or zero (no limit).

       smtp_rset_timeout (20s)
              The SMTP client time limit  for  sending  the  RSET
              command, and for receiving the server response.

       Available in Postfix version 2.2 and later:

       smtp_connection_cache_destinations (empty)
              Permanently  enable SMTP connection caching for the
              specified destinations.

       smtp_connection_cache_on_demand (yes)
              Temporarily enable SMTP connection caching while  a
              destination has a high volume of mail in the active
              queue.

       smtp_connection_cache_reuse_limit (10)
              When SMTP connection caching is enabled, the number
              of  times  that an SMTP session is reused before it
              is closed.

       smtp_connection_cache_time_limit (2s)
              When SMTP connection caching is enabled, the amount
              of  time  that an unused SMTP client socket is kept
              open before it is closed.   TROUBLE  SHOOTING  CON-
              TROLS

       debug_peer_level (2)
              The  increment  in  verbose  logging  level  when a
              remote client or server matches a  pattern  in  the
              debug_peer_list parameter.

       debug_peer_list (empty)
              Optional  list  of remote client or server hostname
              or network address patterns that cause the  verbose
              logging  level  to increase by the amount specified
              in $debug_peer_level.

       error_notice_recipient (postmaster)
              The recipient  of  postmaster  notifications  about
              mail  delivery  problems that are caused by policy,
              resource, software or protocol errors.

       notify_classes (resource, software)
              The list of error classes that are reported to  the
              postmaster.  MISCELLANEOUS CONTROLS

       best_mx_transport (empty)
              Where  the  Postfix SMTP client should deliver mail
              when it detects a "mail loops back to myself" error
              condition.

       config_directory (see 'postconf -d' output)
              The  default  location  of  the Postfix main.cf and
              master.cf configuration files.

       daemon_timeout (18000s)
              How much time a Postfix daemon process may take  to
              handle  a  request  before  it  is  terminated by a
              built-in watchdog timer.

       disable_dns_lookups (no)
              Disable DNS lookups in the Postfix  SMTP  and  LMTP
              clients.

       fallback_relay (empty)
              Optional  list of relay hosts for SMTP destinations
              that can't be found or that are unreachable.

       inet_interfaces (all)
              The network interface addresses that this mail sys-
              tem receives mail on.

       inet_protocols (ipv4)
              The  Internet protocols Postfix will attempt to use
              when making or accepting connections.

       ipc_timeout (3600s)
              The time limit for sending or receiving information
              over an internal communication channel.

       max_idle (100s)
              The  maximum  amount  of  time that an idle Postfix
              daemon process waits for the next  service  request
              before exiting.

       max_use (100)
              The  maximal number of connection requests before a
              Postfix daemon process terminates.

       process_id (read-only)
              The process ID  of  a  Postfix  command  or  daemon
              process.

       process_name (read-only)
              The  process  name  of  a Postfix command or daemon
              process.

       proxy_interfaces (empty)
              The network interface addresses that this mail sys-
              tem  receives  mail on by way of a proxy or network
              address translation unit.

       smtp_bind_address (empty)
              An optional numerical network address that the SMTP
              client  should  bind to when making an IPv4 connec-
              tion.

       smtp_bind_address6 (empty)
              An optional numerical network address that the SMTP
              client  should  bind to when making an IPv6 connec-
              tion.

       smtp_helo_name ($myhostname)
              The hostname to send in the SMTP EHLO or HELO  com-
              mand.

       smtp_host_lookup (dns)
              What  mechanisms  when the SMTP client uses to look
              up a host's IP address.

       smtp_randomize_addresses (yes)
              Randomize the order  of  equal-preference  MX  host
              addresses.

       syslog_facility (mail)
              The syslog facility of Postfix logging.

       syslog_name (postfix)
              The  mail  system  name  that  is  prepended to the
              process name in syslog  records,  so  that  "smtpd"
              becomes,  for  example,  "postfix/smtpd".  SEE ALSO
              qmgr(8), queue manager bounce(8),  delivery  status
              reports  scache(8),  connection  cache server post-
              conf(5),   configuration   parameters    master(5),
              generic  daemon  options master(8), process manager
              tlsmgr(8), TLS session  and  PRNG  management  sys-
              logd(8), system logging README FILES
              Use   "postconf   readme_directory"   or  "postconf
              html_directory" to locate this information.
              SASL_README, Postfix SASL howto
              TLS_README, Postfix STARTTLS howto
              LICENSE
              The Secure Mailer license must be distributed  with
              this  software.   AUTHOR(S)  Wietse Venema IBM T.J.
              Watson Research P.O. Box 704 Yorktown  Heights,  NY
              10598, USA

              Command pipelining in cooperation with: Jon Ribbens
              Oaktree Internet Solutions  Ltd.,  Internet  House,
              Canal Basin, Coventry, CV1 4LY, United Kingdom.

              Connection  caching  in  cooperation  with:  Victor
              Duchovni Morgan Stanley

              TLS support originally by: Lutz Jaenicke  BTU  Cot-
              tbus  Allgemeine  Elektrotechnik Universitaetsplatz
              3-4 D-03044 Cottbus, Germany

                                                                       SMTP(8)