SMTPD(6)                                                 SMTPD(6)

          smtpd - SMTP listener configuration

          The SMTP daemon of mail(1) implements the slave side of the
          SMTP protocol to accept incoming mail on TCP port 25.  In
          general, smtpd's default parameters are sufficient for
          internal systems on protected networks, but external or
          gateway systems require additional security mechanisms.  The
          files /mail/lib/smtpd.conf, containing configuration parame-
          ters, and /mail/lib/blocked, containing banished addresses,
          provide the means to exercise these facilities.

        Input Format
          In both files input lines consist of a verb followed by one
          or more parameters.  These tokens are separated by white
          space or commas and all characters following a # are com-
          ments.  A # cannot be escaped.  Continuation lines are not
          supported, but verbs that take multiple parameters can be
          restated on many lines and the associated parameters accumu-
          late into a single set.  All token processing is case-

          Many parameters are addresses, either numeric IP addresses
          in CIDR notation or a sender address in UUCP-style format.

          An IP address in CIDR notation has the form


          consisting of a four octet IP address, a slash, and a mask
          length specifying the number of significant high-order bits.
          The lower the mask length, the larger the range of addresses
          covered by the CIDR address; see RFC 1878 for a discussion
          of mask lengths.  Missing low-order octets are assumed to be
          zero.  If a mask length is not given, a mask length of 16,
          24, or 32 is assumed for addresses containing two, three, or
          four octets, respectively.  These mask lengths select a
          class B, class C or Class D address block.  Notice that this
          convention differs from the standard treatment, where the
          default mask length depends on the allocation class of the
          network block containing the address.

          Sender addresses are specified in UUCP notation as follows:


          It is seldom necessary to specify more than one domain.
          When domain is missing or *, the address selects the speci-
          fied user in all domains.  A domain of the form *.domain

     Page 1                       Plan 9             (printed 4/22/24)

     SMTPD(6)                                                 SMTPD(6)

          selects the domain and all of its sub-domains.  For example,
!user only matches the account user in domain
, while *!user selects that account
          in and all of its sub-domains.  When user is
          omitted or *, the address selects all users in the specified
          domain.  Finally, when * is the last character of the user
          name it is a wild-card matching all user names beginning
          with user. This limited pattern matching capability should
          be used with care.  For safety, the sender addresses *, !,
          *!, !* and *!* are ignored.

          This file contains configuration options and parameters
          describing the local domain.  Many of the options can also
          be specified on the command line; command line options
          always override the values in this file.  Configuration
          options are:
          defaultdomain domain
                    The name of the local domain; it is appended to
                    addresses lacking a domain qualification.  This is
                    identical to the -h command line option.
          norelay [on|off]
                    If on is specified, relaying is prohibited from
                    unauthorized networks to external domains.  Autho-
                    rized networks and domains must be specified by
                    the ournets and ourdomains verbs described below.
                    Setting this option on is equivalent to specifying
                    the -f command line flag, but the list of networks
                    and domains can only be specified in this file.
          verifysenderdom [on|off]
                    When on, smtpd verifies that the first domain of
                    the sender's address exists.  The test is cursory;
                    it checks only that there is a DNS delegation for
                    the domain.  Setting the option on is equivalent
                    to specifying the -r command line option and is
                    useful for detecting some unreturnable messages as
                    well as messages with randomly generated domain
          saveblockedmsg [on|off]
                    When on, causes copies of blocked messages to be
                    saved in subdirectories of /mail/queue.dump.
                    Directories are named with the date and file names
                    are random numbers.  If this option is off blocked
                    messages are discarded.  Setting this option on is
                    equivalent to specifying the -s command line
          ournets IP address [, IP address, ..., IP address]
                    This option specifies trusted source networks that
                    are allowed to relay mail to external domains.
                    These are usually the internal networks of the
                    local domain, but they can also include friendly
                    external networks.  Addresses are in CIDR

     Page 2                       Plan 9             (printed 4/22/24)

     SMTPD(6)                                                 SMTPD(6)

          ourdomains domain [, domain, ..., domain]
                    This option specifies destination domains that are
                    allowed to receive relayed mail.  These are usu-
                    ally the domains served by a gateway system.
                    Domain specifications conform to the format for
                    sender addresses given above.

          When the norelay option is enabled or the -f command line
          option given, relaying is allowed only if the source IP
          address is in ournets or the destination domain is specified
          in ourdomains.

        Blocked Addresses
          Smtpd consults /mail/ratify (see ratfs(4)) for a list of
          banned addresses.  Messages received from these addresses
          are rejected with a 5xx-series SMTP error code.  There is no
          option to turn blocking on or off; if /mail/ratify is
          mounted, smtpd will use it, even for connections from
          trusted networks.

          The command line format and address specifications conform
          to the notation described above.  If the parameters of the
          verb is sender addresses in UUCP format, the line must begin
          with an * character; if the parameters are one or more IP
          addresses, the * must precede the verb.  Most verbs cause
          messages to be rejected; verbs of this class generally
          select different error messages.  The remaining verbs spec-
          ify addresses that are always accepted, in effect overriding
          blocked addresses.  The file is processed in order, so an
          override must precede its associated blocked address.  Sup-
          ported verbs are:
          dial IP address [,..., IP address]
                    The parameters are IP addresses associated with
                    dial-up ports.  The rejection message states that
                    connections from dial-up ports are not accepted.
                    Copies of messages are never saved.
          block address [, ... address]
                    Messages from addresses matching the parameters
                    are rejected with an error message saying that
                    spam is not accepted.  The message is saved if the
                    option is enabled.
          relay address [, ... address]
                    This verb is identical to block, but the error
                    message states that the message is rejected
                    because the sending system is being used as a spam
          deny address [, ... address]
                    The deny command rejects a message when the sender
                    address matches one of its parameters.  The rejec-
                    tion message asks the sender to contact
                    postmaster@ hostdomain for further information.

     Page 3                       Plan 9             (printed 4/22/24)

     SMTPD(6)                                                 SMTPD(6)

                    This verb is usually used to block inadvertently
                    abusive traffic, for example, mail loops and stuck
                    senders.  Messages are never saved.
          allow address [, ... address]
                    The allow verb negates the effect of subsequent
                    blocking commands.  It is useful when a large
                    range of addresses contains a few legitimate
                    addresses, for example, when a mail server is in a
                    Class C network block of modem ports.  Rather than
                    enumerate the dial ports, it is easier to block
                    the entire Class C with a dial command, and pre-
                    cede it with an override for the address of the
                    mail server.  Similarly, it is possible to block
                    mail from an entire domain while accepting mail
                    from a few friendly senders in the domain.  The
                    verb accept is a synonym for allow.

          Scanmail(8) describes spam detection software that works
          well with the capabilities described here and mail(1)
          defines additional smtpd command line arguments applicable
          to exposed systems.

          mail(1), ratfs(4), scanmail(8)

     Page 4                       Plan 9             (printed 4/22/24)