postfix/html/dnsblog.8.html

<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
        "https://www.w3.org/TR/html4/loose.dtd">
<html> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel='stylesheet' type='text/css' href='postfix-doc.css'>
<title> Postfix manual - dnsblog(8) </title>
</head> <body> <pre>
DNSBLOG(8)                                                          DNSBLOG(8)

<b><a name="name">NAME</a></b>
       dnsblog - Postfix DNS allow/denylist logger

<b><a name="synopsis">SYNOPSIS</a></b>
       <b>dnsblog</b> [generic Postfix daemon options]

<b><a name="description">DESCRIPTION</a></b>
       The  <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a>  server  implements an ad-hoc DNS allow/denylist lookup
       service. This may eventually be replaced by an UDP client that is built
       directly into the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server.

<b><a name="protocol">PROTOCOL</a></b>
       With   each   connection,   the   <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a>   server  receives  a  DNS
       allow/denylist domain name, an IP  address,  and  an  ID.   If  the  IP
       address  is  listed under the DNS allow/denylist, the <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a> server
       logs the match and replies with the query  arguments  plus  an  address
       list  with the resulting IP addresses, separated by whitespace, and the
       reply TTL.  Otherwise it replies with the query arguments plus an empty
       address  list  and  the  reply  TTL; the reply TTL is -1 if there is no
       reply, or a negative reply that contains no SOA record.   Finally,  the
       <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a> server closes the connection.

<b><a name="diagnostics">DIAGNOSTICS</a></b>
       Problems and transactions are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>.

<b><a name="configuration_parameters">CONFIGURATION PARAMETERS</a></b>
       Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a> processes
       run for only a limited amount of time. Use the command "<b>postfix reload</b>"
       to speed up a change.

       The  text  below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
       more details including examples.

       <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
              The default location of the Postfix <a href="postconf.5.html">main.cf</a> and  <a href="master.5.html">master.cf</a>  con-
              figuration files.

       <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
              How  much  time  a  Postfix  daemon process may take to handle a
              request before it is terminated by a built-in watchdog timer.

       <b><a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> (empty)</b>
              Optional list of patterns with DNS allow/denylist domains,  fil-
              ters and weight factors.

       <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
              The  time  limit  for  sending  or receiving information over an
              internal communication channel.

       <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
              The process ID of a Postfix command or daemon process.

       <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
              The process name of a Postfix command or daemon process.

       <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
              The location of the Postfix top-level queue directory.

       <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
              The syslog facility of Postfix logging.

       <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
              A prefix that  is  prepended  to  the  process  name  in  syslog
              records, so that, for example, "smtpd" becomes "prefix/smtpd".

       Available in Postfix 3.3 and later:

       <b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b>
              The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process.

<b><a name="see_also">SEE ALSO</a></b>
       <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server
       <a href="postconf.5.html">postconf(5)</a>, configuration parameters
       <a href="postlogd.8.html">postlogd(8)</a>, Postfix logging
       syslogd(8), system logging

<b><a name="license">LICENSE</a></b>
       The Secure Mailer license must be distributed with this software.

<b><a name="history">HISTORY</a></b>
       This service was introduced with Postfix version 2.8.

<b>AUTHOR(S)</b>
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

       Wietse Venema
       Google, Inc.
       111 8th Avenue
       New York, NY 10011, USA

                                                                    DNSBLOG(8)
</pre> </body> </html>