summaryrefslogtreecommitdiffstats
path: root/html/postscreen.8.html
blob: 3511a9cabffe3b31b9dffe2ecfbbff9e570833da (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
        "http://www.w3.org/TR/html4/loose.dtd">
<html> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel='stylesheet' type='text/css' href='postfix-doc.css'>
<title> Postfix manual - postscreen(8) </title>
</head> <body> <pre>
POSTSCREEN(8)                                                    POSTSCREEN(8)

<b>NAME</b>
       postscreen - Postfix zombie blocker

<b>SYNOPSIS</b>
       <b>postscreen</b> [generic Postfix daemon options]

<b>DESCRIPTION</b>
       The Postfix <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server provides additional protection against
       mail  server  overload.  One  <a href="postscreen.8.html"><b>postscreen</b>(8)</a>  process  handles  multiple
       inbound SMTP connections, and decides which clients may talk to a Post-
       fix SMTP server  process.   By  keeping  spambots  away,  <a href="postscreen.8.html"><b>postscreen</b>(8)</a>
       leaves more SMTP server processes available for legitimate clients, and
       delays the onset of server overload conditions.

       This program should not be used on SMTP ports that  receive  mail  from
       end-user clients (MUAs). In a typical deployment, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> handles
       the MX service on TCP port 25, and <a href="smtpd.8.html"><b>smtpd</b>(8)</a> receives mail from MUAs  on
       the <b>submission</b> service (TCP port 587) which requires client authentica-
       tion.  Alternatively, a site could set up a dedicated,  non-postscreen,
       "port  25" server that provides <b>submission</b> service and client authenti-
       cation, but no MX service.

       <a href="postscreen.8.html"><b>postscreen</b>(8)</a> maintains a temporary allowlist  for  clients  that  have
       passed  a  number  of  tests.   When  an  SMTP  client  IP  address  is
       allowlisted, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> hands off the connection  immediately  to  a
       Postfix SMTP server process. This minimizes the overhead for legitimate
       mail.

       By default, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> logs statistics and hands off each connection
       to a Postfix SMTP server process, while excluding clients in <a href="postconf.5.html#mynetworks">mynetworks</a>
       from all tests (primarily, to avoid  problems  with  non-standard  SMTP
       implementations  in  network  appliances).  This default mode blocks no
       clients, and is useful for non-destructive testing.

       In a typical production setting, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> is configured to  reject
       mail  from  clients  that  fail  one  or more tests. <a href="postscreen.8.html"><b>postscreen</b>(8)</a> logs
       rejected mail with the  client  address,  helo,  sender  and  recipient
       information.

       <a href="postscreen.8.html"><b>postscreen</b>(8)</a>  is  not an SMTP proxy; this is intentional.  The purpose
       is to keep spambots away from Postfix SMTP server processes, while min-
       imizing overhead for legitimate traffic.

<b>SECURITY</b>
       The <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server is moderately security-sensitive.  It talks to
       untrusted clients on the network. The process can be  run  chrooted  at
       fixed low privilege.

<b>STANDARDS</b>
       <a href="https://tools.ietf.org/html/rfc821">RFC 821</a> (SMTP protocol)
       <a href="https://tools.ietf.org/html/rfc1123">RFC 1123</a> (Host requirements)
       <a href="https://tools.ietf.org/html/rfc1652">RFC 1652</a> (8bit-MIME transport)
       <a href="https://tools.ietf.org/html/rfc1869">RFC 1869</a> (SMTP service extensions)
       <a href="https://tools.ietf.org/html/rfc1870">RFC 1870</a> (Message Size Declaration)
       <a href="https://tools.ietf.org/html/rfc1985">RFC 1985</a> (ETRN command)
       <a href="https://tools.ietf.org/html/rfc2034">RFC 2034</a> (SMTP Enhanced Status Codes)
       <a href="https://tools.ietf.org/html/rfc2821">RFC 2821</a> (SMTP protocol)
       Not: <a href="https://tools.ietf.org/html/rfc2920">RFC 2920</a> (SMTP Pipelining)
       <a href="https://tools.ietf.org/html/rfc3030">RFC 3030</a> (CHUNKING without BINARYMIME)
       <a href="https://tools.ietf.org/html/rfc3207">RFC 3207</a> (STARTTLS command)
       <a href="https://tools.ietf.org/html/rfc3461">RFC 3461</a> (SMTP DSN Extension)
       <a href="https://tools.ietf.org/html/rfc3463">RFC 3463</a> (Enhanced Status Codes)
       <a href="https://tools.ietf.org/html/rfc5321">RFC 5321</a> (SMTP protocol, including multi-line 220 banners)

<b>DIAGNOSTICS</b>
       Problems and transactions are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>.

<b>BUGS</b>
       The  <a href="postscreen.8.html"><b>postscreen</b>(8)</a>  built-in  SMTP  protocol  engine currently does not
       announce support for AUTH, XCLIENT or XFORWARD.  If you  need  to  make
       these  services  available  on port 25, then do not enable the optional
       "after 220 server greeting" tests.

       The optional "after 220 server greeting" tests may result in unexpected
       delivery delays from senders that retry email delivery from a different
       IP address.  Reason: after passing these tests a new client  must  dis-
       connect,  and  reconnect from the same IP address before it can deliver
       mail. See <a href="POSTSCREEN_README.html">POSTSCREEN_README</a>, section "Tests after the 220  SMTP  server
       greeting", for a discussion.

<b>CONFIGURATION PARAMETERS</b>
       Changes  to  <a href="postconf.5.html">main.cf</a>  are not picked up automatically, as <a href="postscreen.8.html"><b>postscreen</b>(8)</a>
       processes may run for several hours.  Use the command "postfix  reload"
       after a configuration change.

       The  text  below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
       more details including examples.

       NOTE: Some <a href="postscreen.8.html"><b>postscreen</b>(8)</a> parameters implement  stress-dependent  behav-
       ior.   This  is  supported  only  when  the  default parameter value is
       stress-dependent (that is, it looks like ${stress?{X}:{Y}},  or  it  is
       the  $<i>name</i>  of  an  smtpd  parameter  with a stress-dependent default).
       Other parameters always evaluate as if the <b>stress</b>  parameter  value  is
       the empty string.

<b>COMPATIBILITY CONTROLS</b>
       <b><a href="postconf.5.html#postscreen_command_filter">postscreen_command_filter</a> ($<a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a>)</b>
              A mechanism to transform commands from remote SMTP clients.

       <b><a href="postconf.5.html#postscreen_discard_ehlo_keyword_address_maps">postscreen_discard_ehlo_keyword_address_maps</a>  ($<a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_key</a>-</b>
       <b><a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">word_address_maps</a>)</b>
              Lookup  tables,  indexed by the remote SMTP client address, with
              case insensitive lists of EHLO keywords  (pipelining,  starttls,
              auth,  etc.)  that the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server will not send in the
              EHLO response to a remote SMTP client.

       <b><a href="postconf.5.html#postscreen_discard_ehlo_keywords">postscreen_discard_ehlo_keywords</a> ($<a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a>)</b>
              A case insensitive list of EHLO keywords (pipelining,  starttls,
              auth,  etc.)  that the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server will not send in the
              EHLO response to a remote SMTP client.

       Available in Postfix version 3.1 and later:

       <b><a href="postconf.5.html#dns_ncache_ttl_fix_enable">dns_ncache_ttl_fix_enable</a> (no)</b>
              Enable a workaround for future libc incompatibility.

       Available in Postfix version 3.4 and later:

       <b><a href="postconf.5.html#postscreen_reject_footer_maps">postscreen_reject_footer_maps</a> ($<a href="postconf.5.html#smtpd_reject_footer_maps">smtpd_reject_footer_maps</a>)</b>
              Optional lookup table for information that is appended  after  a
              4XX or 5XX <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server response.

       Available in Postfix 3.6 and later:

       <b><a href="postconf.5.html#respectful_logging">respectful_logging</a> (see 'postconf -d' output)</b>
              Avoid logging that implies white is better than black.

<b>TROUBLE SHOOTING CONTROLS</b>
       <b><a href="postconf.5.html#postscreen_expansion_filter">postscreen_expansion_filter</a> (see 'postconf -d' output)</b>
              List     of     characters     that     are     permitted     in
              <a href="postconf.5.html#postscreen_reject_footer">postscreen_reject_footer</a> attribute expansions.

       <b><a href="postconf.5.html#postscreen_reject_footer">postscreen_reject_footer</a> ($<a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a>)</b>
              Optional information  that  is  appended  after  a  4XX  or  5XX
              <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server response.

       <b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
              Safety  net to keep mail queued that would otherwise be returned
              to the sender.

<b>BEFORE-POSTSCREEN PROXY AGENT</b>
       Available in Postfix version 2.10 and later:

       <b><a href="postconf.5.html#postscreen_upstream_proxy_protocol">postscreen_upstream_proxy_protocol</a> (empty)</b>
              The  name  of  the  proxy   protocol   used   by   an   optional
              before-postscreen proxy agent.

       <b><a href="postconf.5.html#postscreen_upstream_proxy_timeout">postscreen_upstream_proxy_timeout</a> (5s)</b>
              The  time  limit  for  the  proxy  protocol  specified  with the
              <a href="postconf.5.html#postscreen_upstream_proxy_protocol">postscreen_upstream_proxy_protocol</a> parameter.

<b>PERMANENT ALLOW/DENYLIST TEST</b>
       This test is executed immediately after a remote SMTP client  connects.
       If  a  client is permanently allowlisted, the client will be handed off
       immediately to a Postfix SMTP server process.

       <b><a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a> (<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>)</b>
              Permanent allow/denylist for remote SMTP client IP addresses.

       <b><a href="postconf.5.html#postscreen_blacklist_action">postscreen_blacklist_action</a> (ignore)</b>
              Renamed to <a href="postconf.5.html#postscreen_denylist_action">postscreen_denylist_action</a> in Postfix 3.6.

<b>MAIL EXCHANGER POLICY TESTS</b>
       When <a href="postscreen.8.html"><b>postscreen</b>(8)</a> is configured to monitor all primary and  backup  MX
       addresses,  it can refuse to allowlist clients that connect to a backup
       MX address only. For small sites, this requires configuring primary and
       backup  MX  addresses on the same MTA. Larger sites would have to share
       the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> cache between primary and backup  MTAs,  which  would
       introduce a common point of failure.

       <b><a href="postconf.5.html#postscreen_allowlist_interfaces">postscreen_allowlist_interfaces</a> (<a href="DATABASE_README.html#types">static</a>:all)</b>
              A  list  of  local  <a href="postscreen.8.html"><b>postscreen</b>(8)</a>  server  IP  addresses where a
              non-allowlisted remote SMTP client  can  obtain  <a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s
              temporary allowlist status.

<b>BEFORE 220 GREETING TESTS</b>
       These  tests  are  executed  before the remote SMTP client receives the
       "220 servername" greeting. If no tests remain after the successful com-
       pletion  of  this phase, the client will be handed off immediately to a
       Postfix SMTP server process.

       <b><a href="postconf.5.html#dnsblog_service_name">dnsblog_service_name</a> (dnsblog)</b>
              The name of the <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a> service entry in <a href="master.5.html">master.cf</a>.

       <b><a href="postconf.5.html#postscreen_dnsbl_action">postscreen_dnsbl_action</a> (ignore)</b>
              The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP  client's
              combined DNSBL score is equal to or greater than a threshold (as
              defined      with      the      <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a>       and
              <a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a> parameters).

       <b><a href="postconf.5.html#postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a> (empty)</b>
              A  mapping  from  an  actual  DNSBL domain name which includes a
              secret password, to the DNSBL domain name that  postscreen  will
              reply with when it rejects mail.

       <b><a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> (empty)</b>
              Optional  list of patterns with DNS allow/denylist domains, fil-
              ters and weight factors.

       <b><a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a> (1)</b>
              The inclusive lower bound for blocking  a  remote  SMTP  client,
              based   on   its  combined  DNSBL  score  as  defined  with  the
              <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> parameter.

       <b><a href="postconf.5.html#postscreen_greet_action">postscreen_greet_action</a> (ignore)</b>
              The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a  remote  SMTP  client
              speaks  before  its  turn  within  the  time  specified with the
              <a href="postconf.5.html#postscreen_greet_wait">postscreen_greet_wait</a> parameter.

       <b><a href="postconf.5.html#postscreen_greet_banner">postscreen_greet_banner</a> ($<a href="postconf.5.html#smtpd_banner">smtpd_banner</a>)</b>
              The <i>text</i> in the  optional  "220-<i>text</i>..."  server  response  that
              <a href="postscreen.8.html"><b>postscreen</b>(8)</a> sends ahead of the real Postfix SMTP server's "220
              text..." response, in an attempt to confuse bad SMTP clients  so
              that they speak before their turn (pre-greet).

       <b><a href="postconf.5.html#postscreen_greet_wait">postscreen_greet_wait</a> (normal: 6s, overload: 2s)</b>
              The  amount  of  time  that  <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will wait for an SMTP
              client to send a command before its turn, and for DNS  blocklist
              lookup results to arrive (default: up to 2 seconds under stress,
              up to 6 seconds otherwise).

       <b><a href="postconf.5.html#smtpd_service_name">smtpd_service_name</a> (smtpd)</b>
              The internal service that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> hands off  allowed  con-
              nections to.

       Available in Postfix version 2.11 and later:

       <b><a href="postconf.5.html#postscreen_dnsbl_whitelist_threshold">postscreen_dnsbl_whitelist_threshold</a> (0)</b>
              Renamed  to <a href="postconf.5.html#postscreen_dnsbl_allowlist_threshold">postscreen_dnsbl_allowlist_threshold</a> in Postfix 3.6.

       Available in Postfix version 3.0 and later:

       <b><a href="postconf.5.html#postscreen_dnsbl_timeout">postscreen_dnsbl_timeout</a> (10s)</b>
              The time limit for DNSBL or DNSWL lookups.

       Available in Postfix version 3.6 and later:

       <b><a href="postconf.5.html#postscreen_denylist_action">postscreen_denylist_action</a> (ignore)</b>
              The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client is
              permanently  denylisted  with the <a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a> parame-
              ter.

       <b><a href="postconf.5.html#postscreen_allowlist_interfaces">postscreen_allowlist_interfaces</a> (<a href="DATABASE_README.html#types">static</a>:all)</b>
              A list of  local  <a href="postscreen.8.html"><b>postscreen</b>(8)</a>  server  IP  addresses  where  a
              non-allowlisted  remote  SMTP  client can obtain <a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s
              temporary allowlist status.

       <b><a href="postconf.5.html#postscreen_dnsbl_allowlist_threshold">postscreen_dnsbl_allowlist_threshold</a> (0)</b>
              Allow a remote SMTP client  to  skip  "before"  and  "after  220
              greeting"  protocol  tests, based on its combined DNSBL score as
              defined with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> parameter.

<b>AFTER 220 GREETING TESTS</b>
       These tests are executed after the remote SMTP client receives the "220
       servername"  greeting.  If a client passes all tests during this phase,
       it will receive a 4XX response to  all  RCPT  TO  commands.  After  the
       client  reconnects,  it  will  be allowed to talk directly to a Postfix
       SMTP server process.

       <b><a href="postconf.5.html#postscreen_bare_newline_action">postscreen_bare_newline_action</a> (ignore)</b>
              The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a  remote  SMTP  client
              sends  a bare newline character, that is, a newline not preceded
              by carriage return.

       <b><a href="postconf.5.html#postscreen_bare_newline_enable">postscreen_bare_newline_enable</a> (no)</b>
              Enable "bare newline" SMTP protocol tests in  the  <a href="postscreen.8.html"><b>postscreen</b>(8)</a>
              server.

       <b><a href="postconf.5.html#postscreen_disable_vrfy_command">postscreen_disable_vrfy_command</a> ($<a href="postconf.5.html#disable_vrfy_command">disable_vrfy_command</a>)</b>
              Disable the SMTP VRFY command in the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> daemon.

       <b><a href="postconf.5.html#postscreen_forbidden_commands">postscreen_forbidden_commands</a> ($<a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a>)</b>
              List of commands that the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server considers in vio-
              lation of the SMTP protocol.

       <b><a href="postconf.5.html#postscreen_helo_required">postscreen_helo_required</a> ($<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a>)</b>
              Require that a remote SMTP client sends HELO or EHLO before com-
              mencing a MAIL transaction.

       <b><a href="postconf.5.html#postscreen_non_smtp_command_action">postscreen_non_smtp_command_action</a> (drop)</b>
              The  action  that  <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
              sends non-SMTP commands as specified with the <a href="postconf.5.html#postscreen_forbidden_commands">postscreen_forbid</a>-
              <a href="postconf.5.html#postscreen_forbidden_commands">den_commands</a> parameter.

       <b><a href="postconf.5.html#postscreen_non_smtp_command_enable">postscreen_non_smtp_command_enable</a> (no)</b>
              Enable "non-SMTP command" tests in the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server.

       <b><a href="postconf.5.html#postscreen_pipelining_action">postscreen_pipelining_action</a> (enforce)</b>
              The  action  that  <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
              sends multiple commands instead of sending one command and wait-
              ing for the server to respond.

       <b><a href="postconf.5.html#postscreen_pipelining_enable">postscreen_pipelining_enable</a> (no)</b>
              Enable  "pipelining"  SMTP  protocol  tests in the <a href="postscreen.8.html"><b>postscreen</b>(8)</a>
              server.

<b>CACHE CONTROLS</b>
       <b><a href="postconf.5.html#postscreen_cache_cleanup_interval">postscreen_cache_cleanup_interval</a> (12h)</b>
              The amount of time between <a href="postscreen.8.html"><b>postscreen</b>(8)</a> cache cleanup runs.

       <b><a href="postconf.5.html#postscreen_cache_map">postscreen_cache_map</a> (<a href="DATABASE_README.html#types">btree</a>:$<a href="postconf.5.html#data_directory">data_directory</a>/postscreen_cache)</b>
              Persistent storage for the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server decisions.

       <b><a href="postconf.5.html#postscreen_cache_retention_time">postscreen_cache_retention_time</a> (7d)</b>
              The amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will cache an expired tem-
              porary allowlist entry before it is removed.

       <b><a href="postconf.5.html#postscreen_bare_newline_ttl">postscreen_bare_newline_ttl</a> (30d)</b>
              The amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will use the result from a
              successful "bare newline" SMTP protocol test.

       <b><a href="postconf.5.html#postscreen_dnsbl_max_ttl">postscreen_dnsbl_max_ttl</a></b>
       <b>(${<a href="postconf.5.html#postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>?{$<a href="postconf.5.html#postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>}:{1}}h)</b>
              The maximum amount of  time  that  <a href="postscreen.8.html"><b>postscreen</b>(8)</a>  will  use  the
              result  from  a  successful  DNS-based  reputation test before a
              client IP address is required to pass that test again.

       <b><a href="postconf.5.html#postscreen_dnsbl_min_ttl">postscreen_dnsbl_min_ttl</a> (60s)</b>
              The minimum amount of  time  that  <a href="postscreen.8.html"><b>postscreen</b>(8)</a>  will  use  the
              result  from  a  successful  DNS-based  reputation test before a
              client IP address is required to pass that test again.

       <b><a href="postconf.5.html#postscreen_greet_ttl">postscreen_greet_ttl</a> (1d)</b>
              The amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will use the result from a
              successful PREGREET test.

       <b><a href="postconf.5.html#postscreen_non_smtp_command_ttl">postscreen_non_smtp_command_ttl</a> (30d)</b>
              The amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will use the result from a
              successful "non_smtp_command" SMTP protocol test.

       <b><a href="postconf.5.html#postscreen_pipelining_ttl">postscreen_pipelining_ttl</a> (30d)</b>
              The amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will use the result from a
              successful "pipelining" SMTP protocol test.

<b>RESOURCE CONTROLS</b>
       <b><a href="postconf.5.html#line_length_limit">line_length_limit</a> (2048)</b>
              Upon  input,  long  lines  are chopped up into pieces of at most
              this length; upon delivery, long lines are reconstructed.

       <b><a href="postconf.5.html#postscreen_client_connection_count_limit">postscreen_client_connection_count_limit</a>         ($<a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connec</a>-</b>
       <b><a href="postconf.5.html#smtpd_client_connection_count_limit">tion_count_limit</a>)</b>
              How many simultaneous connections  any  remote  SMTP  client  is
              allowed to have with the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> daemon.

       <b><a href="postconf.5.html#postscreen_command_count_limit">postscreen_command_count_limit</a> (20)</b>
              The  limit  on the total number of commands per SMTP session for
              <a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s built-in SMTP protocol engine.

       <b><a href="postconf.5.html#postscreen_command_time_limit">postscreen_command_time_limit</a> (normal: 300s, overload: 10s)</b>
              The  time  limit  to  read   an   entire   command   line   with
              <a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s built-in SMTP protocol engine.

       <b><a href="postconf.5.html#postscreen_post_queue_limit">postscreen_post_queue_limit</a> ($<a href="postconf.5.html#default_process_limit">default_process_limit</a>)</b>
              The  number  of  clients  that can be waiting for service from a
              real Postfix SMTP server process.

       <b><a href="postconf.5.html#postscreen_pre_queue_limit">postscreen_pre_queue_limit</a> ($<a href="postconf.5.html#default_process_limit">default_process_limit</a>)</b>
              The number of non-allowlisted clients that can be waiting for  a
              decision  whether  they will receive service from a real Postfix
              SMTP server process.

       <b><a href="postconf.5.html#postscreen_watchdog_timeout">postscreen_watchdog_timeout</a> (10s)</b>
              How much time a <a href="postscreen.8.html"><b>postscreen</b>(8)</a> process may take to respond  to  a
              remote  SMTP  client  command  or  to  perform a cache operation
              before it is terminated by a built-in watchdog timer.

<b>STARTTLS CONTROLS</b>
       <b><a href="postconf.5.html#postscreen_tls_security_level">postscreen_tls_security_level</a> ($<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a>)</b>
              The SMTP TLS security level for the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server; when a
              non-empty value is specified, this overrides the obsolete param-
              eters <a href="postconf.5.html#postscreen_use_tls">postscreen_use_tls</a> and <a href="postconf.5.html#postscreen_enforce_tls">postscreen_enforce_tls</a>.

       <b><a href="postconf.5.html#tlsproxy_service_name">tlsproxy_service_name</a> (tlsproxy)</b>
              The name of the <a href="tlsproxy.8.html"><b>tlsproxy</b>(8)</a> service entry in <a href="master.5.html">master.cf</a>.

<b>OBSOLETE STARTTLS SUPPORT CONTROLS</b>
       These parameters are supported for compatibility with  <a href="smtpd.8.html"><b>smtpd</b>(8)</a>  legacy
       parameters.

       <b><a href="postconf.5.html#postscreen_use_tls">postscreen_use_tls</a> ($<a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a>)</b>
              Opportunistic  TLS:  announce  STARTTLS  support  to remote SMTP
              clients, but do not require that clients use TLS encryption.

       <b><a href="postconf.5.html#postscreen_enforce_tls">postscreen_enforce_tls</a> ($<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>)</b>
              Mandatory TLS: announce STARTTLS support to remote SMTP clients,
              and require that clients use TLS encryption.

<b>MISCELLANEOUS CONTROLS</b>
       <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
              The  default  location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
              figuration files.

       <b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
              The maximal number of digits after the decimal point  when  log-
              ging sub-second delay values.

       <b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
              The location of all postfix administrative commands.

       <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
              The  maximum  amount of time that an idle Postfix daemon process
              waits for an incoming connection before terminating voluntarily.

       <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
              The process ID of a Postfix command or daemon process.

       <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
              The process name of a Postfix command or daemon process.

       <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
              The syslog facility of Postfix logging.

       <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
              A  prefix  that  is  prepended  to  the  process  name in syslog
              records, so that, for example, "smtpd" becomes "prefix/smtpd".

       Available in Postfix 3.3 and later:

       <b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b>
              The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process.

       Available in Postfix 3.5 and later:

       <b><a href="postconf.5.html#info_log_address_format">info_log_address_format</a> (external)</b>
              The email address form that will be used  in  non-debug  logging
              (info, warning, etc.).

<b>SEE ALSO</b>
       <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server
       <a href="tlsproxy.8.html">tlsproxy(8)</a>, Postfix TLS proxy server
       <a href="dnsblog.8.html">dnsblog(8)</a>, DNS allow/denylist logger
       <a href="postlogd.8.html">postlogd(8)</a>, Postfix logging
       syslogd(8), system logging

<b>README FILES</b>
       <a href="POSTSCREEN_README.html">POSTSCREEN_README</a>, Postfix Postscreen Howto

<b>LICENSE</b>
       The Secure Mailer license must be distributed with this software.

<b>HISTORY</b>
       This service was introduced with Postfix version 2.8.

       Many ideas in <a href="postscreen.8.html"><b>postscreen</b>(8)</a> were explored in earlier  work  by  Michael
       Tokarev, in OpenBSD spamd, and in MailChannels Traffic Control.

<b>AUTHOR(S)</b>
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

       Wietse Venema
       Google, Inc.
       111 8th Avenue
       New York, NY 10011, USA

                                                                 POSTSCREEN(8)
</pre> </body> </html>