SMTP(8) System Manager's Manual SMTP(8)
smtp - Postfix remote delivery via SMTP
smtp [generic Postfix daemon options]
The SMTP client processes message delivery requests from the queue man-
ager. Each request specifies a queue file, a sender address, a domain
or host to deliver to, and recipient information. This program expects
to be run from the master(8) process manager.
The SMTP client updates the queue file and marks recipients as fin-
ished, or it informs the queue manager that delivery should be tried
again at a later time. Delivery problem reports are sent to the
bounce(8) or defer(8) daemon as appropriate.
The SMTP client looks up a list of mail exchanger addresses for the
destination host, sorts the list by preference, and connects to each
listed address until it finds a server that responds.
Once the SMTP client has received the server greeting banner, no error
will cause it to proceed to the next address on the mail exchanger
list. Instead, the message is either bounced, or its delivery is
deferred until later.
The SMTP client is moderately security-sensitive. It talks to SMTP
servers and to DNS servers on the network. The SMTP client can be run
chrooted at fixed low privilege.
RFC 821 (SMTP protocol)
RFC 822 (ARPA Internet Text Messages)
RFC 1651 (SMTP service extensions)
RFC 1652 (8bit-MIME transport)
RFC 1870 (Message Size Declaration)
RFC 2045 (MIME: Format of Internet Message Bodies)
RFC 2046 (MIME: Media Types)
RFC 2554 (AUTH command)
RFC 2821 (SMTP protocol)
RFC 2920 (SMTP Pipelining)
Problems and transactions are logged to syslogd(8). Corrupted message
files are marked so that the queue manager can move them to the corrupt
queue for further inspection.
Depending on the setting of the notify_classes parameter, the postmas-
ter is notified of bounces, protocol problems, and of other trouble.
The following main.cf parameters are especially relevant to this pro-
gram. See the Postfix main.cf file for syntax details and for default
values. Use the postfix reload command after a configuration change.
Name of the delivery transport to use when the local machine is
the most-preferred mail exchanger (by default, a mailer loop is
reported, and the message is bounced).
Verbose logging level increment for hosts that match a pattern
in the debug_peer_list parameter.
List of domain or network patterns. When a remote host matches a
pattern, increase the verbose logging level by the amount speci-
fied in the debug_peer_level parameter.
Disable DNS lookups. This means that mail must be forwarded via
a smart relay host.
Recipient of protocol/policy/resource/software error notices.
Hosts to hand off mail to if a message destination is not found
or if a destination is unreachable.
When a name server fails to respond to an MX query, search for
an A record instead deferring mail delivery.
The network interface addresses that this mail system receives
mail on. When any of those addresses appears in the list of mail
exchangers for a remote destination, the list is truncated to
avoid mail delivery loops. See also the proxy_interfaces param-
When this parameter includes the protocol class, send mail to
the postmaster with transcripts of SMTP sessions with protocol
Network interfaces that this mail system receives mail on by way
of a proxy or network address translator. When any of those
addresses appears in the list of mail exchangers for a remote
destination, the list is truncated to avoid mail delivery loops.
See also the inet_interfaces parameter.
Always send EHLO at the start of a connection.
Never send EHLO at the start of a connection.
Numerical source network address to bind to when making a con-
Length limit for SMTP message content lines. Zero means no
limit. Some SMTP servers misbehave on long lines.
The hostname to be used in HELO and EHLO commands.
Skip servers that greet us with a 4xx status code.
Skip servers that greet us with a 5xx status code.
Do not wait for the server response after sending QUIT.
The time to pause before sending .<CR><LF>, while working around
the CISCO PIX firewall <CR><LF>.<CR><LF> bug.
The time a message must be queued before the CISCO PIX firewall
<CR><LF>.<CR><LF> bug workaround is turned on.
Disable the conversion of 8BITMIME format to 7BIT format when
the remote system does not advertise 8BITMIME support.
The amount of space that will be allocated for MIME multipart
boundary strings. The MIME processor is unable to distinguish
between boundary strings that do not differ in the first
The maximal nesting level of multipart mail that the MIME pro-
cessor can handle. Refuse mail that is nested deeper, when con-
verting from 8BITMIME format to 7BIT format.
Enable per-session authentication as per RFC 2554 (SASL). By
default, Postfix is built without SASL support.
Lookup tables with per-host or domain name:password entries. No
entry for a host means no attempt to authenticate.
Zero or more of the following.
Disallow authentication methods that use plaintext pass-
Disallow authentication methods that are vulnerable to
non-dictionary active attacks.
Disallow authentication methods that are vulnerable to
passive dictionary attack.
Disallow anonymous logins.
Limit the number of parallel deliveries to the same destination.
The default limit is taken from the default_destination_concur-
Limit the number of recipients per message delivery. The
default limit is taken from the default_destination_recipi-
The default time unit is seconds; an explicit time unit can be speci-
fied by appending a one-letter suffix to the value: s (seconds), m
(minutes), h (hours), d (days) or w (weeks).
Timeout for completing a TCP connection. When no connection can
be made within the deadline, the SMTP client tries the next
address on the mail exchanger list.
Timeout for receiving the SMTP greeting banner. When the server
drops the connection without sending a greeting banner, or when
it sends no greeting banner within the deadline, the SMTP client
tries the next address on the mail exchanger list.
Timeout for sending the HELO command, and for receiving the
Timeout for sending the MAIL FROM command, and for receiving the
Timeout for sending the RCPT TO command, and for receiving the
Timeout for sending the DATA command, and for receiving the
Timeout for sending the message content.
Timeout for sending the "." command, and for receiving the
server response. When no response is received, a warning is
logged that the mail may be delivered multiple times.
Timeout for sending the QUIT command, and for receiving the
bounce(8) non-delivery status reports
master(8) process manager
qmgr(8) queue manager
syslogd(8) system logging
The Secure Mailer license must be distributed with this software.
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA