109 lines
3.1 KiB
Groff
109 lines
3.1 KiB
Groff
.TH DNSBLOG 8
|
|
.ad
|
|
.fi
|
|
.SH NAME
|
|
dnsblog
|
|
\-
|
|
Postfix DNS allow/denylist logger
|
|
.SH "SYNOPSIS"
|
|
.na
|
|
.nf
|
|
\fBdnsblog\fR [generic Postfix daemon options]
|
|
.SH DESCRIPTION
|
|
.ad
|
|
.fi
|
|
The \fBdnsblog\fR(8) server implements an ad\-hoc DNS
|
|
allow/denylist lookup service. This may eventually be
|
|
replaced by an UDP client that is built directly into the
|
|
\fBpostscreen\fR(8) server.
|
|
.SH "PROTOCOL"
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
With each connection, the \fBdnsblog\fR(8) server receives
|
|
a DNS allow/denylist domain name, an IP address, and an ID.
|
|
If the IP address is listed under the DNS allow/denylist, the
|
|
\fBdnsblog\fR(8) server logs the match and replies with the
|
|
query arguments plus an address list with the resulting IP
|
|
addresses, separated by whitespace, and the reply TTL.
|
|
Otherwise it replies with the query arguments plus an empty
|
|
address list and the reply TTL; the reply TTL is \-1 if there
|
|
is no reply, or a negative reply that contains no SOA record.
|
|
Finally, the \fBdnsblog\fR(8) server closes the connection.
|
|
.SH DIAGNOSTICS
|
|
.ad
|
|
.fi
|
|
Problems and transactions are logged to \fBsyslogd\fR(8)
|
|
or \fBpostlogd\fR(8).
|
|
.SH "CONFIGURATION PARAMETERS"
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
Changes to \fBmain.cf\fR are picked up automatically, as
|
|
\fBdnsblog\fR(8) processes run for only a limited amount
|
|
of time. Use the command "\fBpostfix reload\fR" to speed
|
|
up a change.
|
|
|
|
The text below provides only a parameter summary. See
|
|
\fBpostconf\fR(5) for more details including examples.
|
|
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
|
|
The default location of the Postfix main.cf and master.cf
|
|
configuration files.
|
|
.IP "\fBdaemon_timeout (18000s)\fR"
|
|
How much time a Postfix daemon process may take to handle a
|
|
request before it is terminated by a built\-in watchdog timer.
|
|
.IP "\fBpostscreen_dnsbl_sites (empty)\fR"
|
|
Optional list of patterns with DNS allow/denylist domains, filters
|
|
and weight
|
|
factors.
|
|
.IP "\fBipc_timeout (3600s)\fR"
|
|
The time limit for sending or receiving information over an internal
|
|
communication channel.
|
|
.IP "\fBprocess_id (read\-only)\fR"
|
|
The process ID of a Postfix command or daemon process.
|
|
.IP "\fBprocess_name (read\-only)\fR"
|
|
The process name of a Postfix command or daemon process.
|
|
.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
|
|
The location of the Postfix top\-level queue directory.
|
|
.IP "\fBsyslog_facility (mail)\fR"
|
|
The syslog facility of Postfix logging.
|
|
.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
|
|
A prefix that is prepended to the process name in syslog
|
|
records, so that, for example, "smtpd" becomes "prefix/smtpd".
|
|
.PP
|
|
Available in Postfix 3.3 and later:
|
|
.IP "\fBservice_name (read\-only)\fR"
|
|
The master.cf service name of a Postfix daemon process.
|
|
.SH "SEE ALSO"
|
|
.na
|
|
.nf
|
|
smtpd(8), Postfix SMTP server
|
|
postconf(5), configuration parameters
|
|
postlogd(8), Postfix logging
|
|
syslogd(8), system logging
|
|
.SH "LICENSE"
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
The Secure Mailer license must be distributed with this software.
|
|
.SH HISTORY
|
|
.ad
|
|
.fi
|
|
.ad
|
|
.fi
|
|
This service was introduced with Postfix version 2.8.
|
|
.SH "AUTHOR(S)"
|
|
.na
|
|
.nf
|
|
Wietse Venema
|
|
IBM T.J. Watson Research
|
|
P.O. Box 704
|
|
Yorktown Heights, NY 10598, USA
|
|
|
|
Wietse Venema
|
|
Google, Inc.
|
|
111 8th Avenue
|
|
New York, NY 10011, USA
|