postscreen(8) - phpMan

Command: man perldoc info search(apropos)  


POSTSCREEN(8postfix)                                                         POSTSCREEN(8postfix)

NAME
       postscreen - Postfix zombie blocker

SYNOPSIS
       postscreen [generic Postfix daemon options]

DESCRIPTION
       The  Postfix postscreen(8) server provides additional protection against mail server over-
       load. One postscreen(8) process handles multiple inbound  SMTP  connections,  and  decides
       which  clients  may  talk  to  a  Postfix  SMTP server process.  By keeping spambots away,
       postscreen(8) leaves more SMTP server processes available for legitimate clients, and  de-
       lays the onset of server overload conditions.

       This  program  should  not  be  used on SMTP ports that receive mail from end-user clients
       (MUAs). In a typical deployment, postscreen(8) handles the MX service on TCP port 25,  and
       smtpd(8)  receives  mail from MUAs on the submission service (TCP port 587) which requires
       client authentication.  Alternatively, a site could set up  a  dedicated,  non-postscreen,
       "port  25"  server  that  provides submission service and client authentication, but no MX
       service.

       postscreen(8) maintains a temporary allowlist for clients that have  passed  a  number  of
       tests.  When an SMTP client IP address is allowlisted, postscreen(8) hands off the connec-
       tion immediately to a Postfix SMTP server process. This minimizes the overhead for legiti-
       mate mail.

       By  default, postscreen(8) logs statistics and hands off each connection to a Postfix SMTP
       server process, while excluding clients in mynetworks from all tests (primarily, to  avoid
       problems with non-standard SMTP implementations in network appliances).  This default mode
       blocks no clients, and is useful for non-destructive testing.

       In a typical production setting, postscreen(8) is configured to reject mail  from  clients
       that  fail  one  or  more tests. postscreen(8) logs rejected mail with the client address,
       helo, sender and recipient information.

       postscreen(8) is not an SMTP proxy; this is intentional.  The purpose is to keep  spambots
       away from Postfix SMTP server processes, while minimizing overhead for legitimate traffic.

SECURITY
       The  postscreen(8) server is moderately security-sensitive.  It talks to untrusted clients
       on the network. The process can be run chrooted at fixed low privilege.

STANDARDS
       RFC 821 (SMTP protocol)
       RFC 1123 (Host requirements)
       RFC 1652 (8bit-MIME transport)
       RFC 1869 (SMTP service extensions)
       RFC 1870 (Message Size Declaration)
       RFC 1985 (ETRN command)
       RFC 2034 (SMTP Enhanced Status Codes)
       RFC 2821 (SMTP protocol)
       Not: RFC 2920 (SMTP Pipelining)
       RFC 3030 (CHUNKING without BINARYMIME)
       RFC 3207 (STARTTLS command)
       RFC 3461 (SMTP DSN Extension)
       RFC 3463 (Enhanced Status Codes)
       RFC 5321 (SMTP protocol, including multi-line 220 banners)

DIAGNOSTICS
       Problems and transactions are logged to syslogd(8) or postlogd(8).

BUGS
       The postscreen(8) built-in SMTP protocol engine currently does not  announce  support  for
       AUTH,  XCLIENT or XFORWARD.  If you need to make these services available on port 25, then
       do not enable the optional "after 220 server greeting" tests.

       The optional "after 220 server greeting" tests may result in  unexpected  delivery  delays
       from senders that retry email delivery from a different IP address.  Reason: after passing
       these tests a new client must disconnect, and reconnect from the same IP address before it
       can  deliver  mail. See POSTSCREEN_README, section "Tests after the 220 SMTP server greet-
       ing", for a discussion.

CONFIGURATION PARAMETERS
       Changes to main.cf are not picked up automatically, as postscreen(8) processes may run for
       several hours.  Use the command "postfix reload" after a configuration change.

       The text below provides only a parameter summary. See postconf(5) for more details includ-
       ing examples.

       NOTE: Some postscreen(8) parameters implement stress-dependent  behavior.   This  is  sup-
       ported  only  when the default parameter value is stress-dependent (that is, it looks like
       ${stress?{X}:{Y}}, or it is the $name of an smtpd parameter with  a  stress-dependent  de-
       fault).   Other  parameters  always evaluate as if the stress parameter value is the empty
       string.

COMPATIBILITY CONTROLS
       postscreen_command_filter ($smtpd_command_filter)
              A mechanism to transform commands from remote SMTP clients.

       postscreen_discard_ehlo_keyword_address_maps ($smtpd_discard_ehlo_keyword_address_maps)
              Lookup tables, indexed by the remote SMTP client  address,  with  case  insensitive
              lists  of  EHLO  keywords (pipelining, starttls, auth, etc.) that the postscreen(8)
              server will not send in the EHLO response to a remote SMTP client.

       postscreen_discard_ehlo_keywords ($smtpd_discard_ehlo_keywords)
              A case insensitive list of EHLO keywords (pipelining, starttls,  auth,  etc.)  that
              the  postscreen(8)  server  will  not  send  in  the EHLO response to a remote SMTP
              client.

       Available in Postfix version 3.1 and later:

       dns_ncache_ttl_fix_enable (no)
              Enable a workaround for future libc incompatibility.

       Available in Postfix version 3.4 and later:

       postscreen_reject_footer_maps ($smtpd_reject_footer_maps)
              Optional lookup table  for  information  that  is  appended  after  a  4XX  or  5XX
              postscreen(8) server response.

       Available in Postfix 3.6 and later:

       respectful_logging (see 'postconf -d' output)
              Avoid logging that implies white is better than black.

TROUBLE SHOOTING CONTROLS
       postscreen_expansion_filter (see 'postconf -d' output)
              List  of characters that are permitted in postscreen_reject_footer attribute expan-
              sions.

       postscreen_reject_footer ($smtpd_reject_footer)
              Optional information that is appended after a 4XX or 5XX postscreen(8)  server  re-
              sponse.

       soft_bounce (no)
              Safety net to keep mail queued that would otherwise be returned to the sender.

BEFORE-POSTSCREEN PROXY AGENT
       Available in Postfix version 2.10 and later:

       postscreen_upstream_proxy_protocol (empty)
              The name of the proxy protocol used by an optional before-postscreen proxy agent.

       postscreen_upstream_proxy_timeout (5s)
              The   time   limit  for  the  proxy  protocol  specified  with  the  postscreen_up-
              stream_proxy_protocol parameter.

PERMANENT ALLOW/DENYLIST TEST
       This test is executed immediately after a remote SMTP client connects. If a client is per-
       manently  allowlisted,  the client will be handed off immediately to a Postfix SMTP server
       process.

       postscreen_access_list (permit_mynetworks)
              Permanent allow/denylist for remote SMTP client IP addresses.

       postscreen_blacklist_action (ignore)
              Renamed to postscreen_denylist_action in Postfix 3.6.

MAIL EXCHANGER POLICY TESTS
       When postscreen(8) is configured to monitor all primary and backup MX  addresses,  it  can
       refuse  to  allowlist  clients  that connect to a backup MX address only. For small sites,
       this requires configuring primary and backup MX addresses on the same  MTA.  Larger  sites
       would  have  to share the postscreen(8) cache between primary and backup MTAs, which would
       introduce a common point of failure.

       postscreen_whitelist_interfaces (static:all)
              Renamed to postscreen_allowlist_interfaces in Postfix 3.6.

BEFORE 220 GREETING TESTS
       These tests are executed before the remote  SMTP  client  receives  the  "220  servername"
       greeting.  If  no  tests  remain after the successful completion of this phase, the client
       will be handed off immediately to a Postfix SMTP server process.

       dnsblog_service_name (dnsblog)
              The name of the dnsblog(8) service entry in master.cf.

       postscreen_dnsbl_action (ignore)
              The action that postscreen(8) takes when a  remote  SMTP  client's  combined  DNSBL
              score   is   equal   to   or   greater  than  a  threshold  (as  defined  with  the
              postscreen_dnsbl_sites and postscreen_dnsbl_threshold parameters).

       postscreen_dnsbl_reply_map (empty)
              A mapping from actual DNSBL domain name which includes a secret  password,  to  the
              DNSBL domain name that postscreen will reply with when it rejects mail.

       postscreen_dnsbl_sites (empty)
              Optional list of DNS allow/denylist domains, filters and weight factors.

       postscreen_dnsbl_threshold (1)
              The  inclusive lower bound for blocking a remote SMTP client, based on its combined
              DNSBL score as defined with the postscreen_dnsbl_sites parameter.

       postscreen_greet_action (ignore)
              The action that postscreen(8) takes when a remote SMTP  client  speaks  before  its
              turn within the time specified with the postscreen_greet_wait parameter.

       postscreen_greet_banner ($smtpd_banner)
              The  text  in  the  optional "220-text..." server response that postscreen(8) sends
              ahead of the real Postfix SMTP server's "220 text..." response, in  an  attempt  to
              confuse bad SMTP clients so that they speak before their turn (pre-greet).

       postscreen_greet_wait (normal: 6s, overload: 2s)
              The  amount  of time that postscreen(8) will wait for an SMTP client to send a com-
              mand before its turn, and for DNS blocklist lookup results to arrive  (default:  up
              to 2 seconds under stress, up to 6 seconds otherwise).

       smtpd_service_name (smtpd)
              The internal service that postscreen(8) hands off allowed connections to.

       Available in Postfix version 2.11 and later:

       postscreen_dnsbl_whitelist_threshold (0)
              Renamed to postscreen_dnsbl_allowlist_threshold in Postfix 3.6.

       Available in Postfix version 3.0 and later:

       postscreen_dnsbl_timeout (10s)
              The time limit for DNSBL or DNSWL lookups.

       Available in Postfix version 3.6 and later:

       postscreen_denylist_action (ignore)
              The  action  that  postscreen(8)  takes  when  a  remote SMTP client is permanently
              denylisted with the postscreen_access_list parameter.

       postscreen_allowlist_interfaces (static:all)
              A list of local postscreen(8) server IP addresses where  a  non-allowlisted  remote
              SMTP client can obtain postscreen(8)'s temporary allowlist status.

       postscreen_dnsbl_allowlist_threshold (0)
              Allow  a  remote  SMTP  client  to  skip "before" and "after 220 greeting" protocol
              tests, based on its combined DNSBL score as defined with the postscreen_dnsbl_sites
              parameter.

AFTER 220 GREETING TESTS
       These tests are executed after the remote SMTP client receives the "220 servername" greet-
       ing. If a client passes all tests during this phase, it will receive a 4XX response to all
       RCPT  TO  commands.  After the client reconnects, it will be allowed to talk directly to a
       Postfix SMTP server process.

       postscreen_bare_newline_action (ignore)
              The action that postscreen(8) takes when a remote SMTP client sends a bare  newline
              character, that is, a newline not preceded by carriage return.

       postscreen_bare_newline_enable (no)
              Enable "bare newline" SMTP protocol tests in the postscreen(8) server.

       postscreen_disable_vrfy_command ($disable_vrfy_command)
              Disable the SMTP VRFY command in the postscreen(8) daemon.

       postscreen_forbidden_commands ($smtpd_forbidden_commands)
              List  of  commands that the postscreen(8) server considers in violation of the SMTP
              protocol.

       postscreen_helo_required ($smtpd_helo_required)
              Require that a remote SMTP client sends HELO  or  EHLO  before  commencing  a  MAIL
              transaction.

       postscreen_non_smtp_command_action (drop)
              The  action  that postscreen(8) takes when a remote SMTP client sends non-SMTP com-
              mands as specified with the postscreen_forbidden_commands parameter.

       postscreen_non_smtp_command_enable (no)
              Enable "non-SMTP command" tests in the postscreen(8) server.

       postscreen_pipelining_action (enforce)
              The action that postscreen(8) takes when a remote SMTP client sends  multiple  com-
              mands instead of sending one command and waiting for the server to respond.

       postscreen_pipelining_enable (no)
              Enable "pipelining" SMTP protocol tests in the postscreen(8) server.

CACHE CONTROLS
       postscreen_cache_cleanup_interval (12h)
              The amount of time between postscreen(8) cache cleanup runs.

       postscreen_cache_map (btree:$data_directory/postscreen_cache)
              Persistent storage for the postscreen(8) server decisions.

       postscreen_cache_retention_time (7d)
              The amount of time that postscreen(8) will cache an expired temporary allowlist en-
              try before it is removed.

       postscreen_bare_newline_ttl (30d)
              The amount of time that postscreen(8) will use the result from a  successful  "bare
              newline" SMTP protocol test.

       postscreen_dnsbl_max_ttl (${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h)
              The maximum amount of time that postscreen(8) will use the result from a successful
              DNS-based reputation test before a client IP address is required to pass that  test
              again.

       postscreen_dnsbl_min_ttl (60s)
              The minimum amount of time that postscreen(8) will use the result from a successful
              DNS-based reputation test before a client IP address is required to pass that  test
              again.

       postscreen_greet_ttl (1d)
              The  amount  of  time that postscreen(8) will use the result from a successful PRE-
              GREET test.

       postscreen_non_smtp_command_ttl (30d)
              The amount of time that  postscreen(8)  will  use  the  result  from  a  successful
              "non_smtp_command" SMTP protocol test.

       postscreen_pipelining_ttl (30d)
              The  amount of time that postscreen(8) will use the result from a successful "pipe-
              lining" SMTP protocol test.

RESOURCE CONTROLS
       line_length_limit (2048)
              Upon input, long lines are chopped up into pieces of at most this length; upon  de-
              livery, long lines are reconstructed.

       postscreen_client_connection_count_limit ($smtpd_client_connection_count_limit)
              How  many  simultaneous  connections any remote SMTP client is allowed to have with
              the postscreen(8) daemon.

       postscreen_command_count_limit (20)
              The limit on the total number of commands  per  SMTP  session  for  postscreen(8)'s
              built-in SMTP protocol engine.

       postscreen_command_time_limit (normal: 300s, overload: 10s)
              The  time  limit  to read an entire command line with postscreen(8)'s built-in SMTP
              protocol engine.

       postscreen_post_queue_limit ($default_process_limit)
              The number of clients that can be waiting for service  from  a  real  Postfix  SMTP
              server process.

       postscreen_pre_queue_limit ($default_process_limit)
              The  number  of  non-allowlisted clients that can be waiting for a decision whether
              they will receive service from a real Postfix SMTP server process.

       postscreen_watchdog_timeout (10s)
              How much time a postscreen(8) process may take to respond to a remote  SMTP  client
              command  or  to  perform  a  cache  operation before it is terminated by a built-in
              watchdog timer.

STARTTLS CONTROLS
       postscreen_tls_security_level ($smtpd_tls_security_level)
              The SMTP TLS security level for the postscreen(8) server; when a non-empty value is
              specified,   this   overrides   the   obsolete  parameters  postscreen_use_tls  and
              postscreen_enforce_tls.

       tlsproxy_service_name (tlsproxy)
              The name of the tlsproxy(8) service entry in master.cf.

OBSOLETE STARTTLS SUPPORT CONTROLS
       These parameters are supported for compatibility with smtpd(8) legacy parameters.

       postscreen_use_tls ($smtpd_use_tls)
              Opportunistic TLS: announce STARTTLS support to remote SMTP clients, but do not re-
              quire that clients use TLS encryption.

       postscreen_enforce_tls ($smtpd_enforce_tls)
              Mandatory  TLS:  announce STARTTLS support to remote SMTP clients, and require that
              clients use TLS encryption.

MISCELLANEOUS CONTROLS
       config_directory (see 'postconf -d' output)
              The default location of the Postfix main.cf and master.cf configuration files.

       delay_logging_resolution_limit (2)
              The maximal number of digits after the decimal point when logging sub-second  delay
              values.

       command_directory (see 'postconf -d' output)
              The location of all postfix administrative commands.

       max_idle (100s)
              The  maximum amount of time that an idle Postfix daemon process waits for an incom-
              ing connection before terminating voluntarily.

       process_id (read-only)
              The process ID of a Postfix command or daemon process.

       process_name (read-only)
              The process name of a Postfix command or daemon process.

       syslog_facility (mail)
              The syslog facility of Postfix logging.

       syslog_name (see 'postconf -d' output)
              A prefix that is prepended to the process name in syslog records, so that, for  ex-
              ample, "smtpd" becomes "prefix/smtpd".

       Available in Postfix 3.3 and later:

       service_name (read-only)
              The master.cf service name of a Postfix daemon process.

       Available in Postfix 3.5 and later:

       info_log_address_format (external)
              The  email  address  form  that  will  be used in non-debug logging (info, warning,
              etc.).

SEE ALSO
       smtpd(8), Postfix SMTP server
       tlsproxy(8), Postfix TLS proxy server
       dnsblog(8), DNS allow/denylist logger
       postlogd(8), Postfix logging
       syslogd(8), system logging

README FILES
       Use "postconf readme_directory" or "postconf html_directory" to locate this information.
       POSTSCREEN_README, Postfix Postscreen Howto

LICENSE
       The Secure Mailer license must be distributed with this software.

HISTORY
       This service was introduced with Postfix version 2.8.

       Many ideas in postscreen(8) were explored in earlier work by Michael Tokarev,  in  OpenBSD
       spamd, and in MailChannels Traffic Control.

AUTHOR(S)
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

       Wietse Venema
       Google, Inc.
       111 8th Avenue
       New York, NY 10011, USA

                                                                             POSTSCREEN(8postfix)

Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2024-12-07 06:51 @18.97.14.80 CrawledBy CCBot/2.0 (https://commoncrawl.org/faq/)
Valid XHTML 1.0!Valid CSS!