diff options
Diffstat (limited to 'man/man8/dnsblog.8')
-rw-r--r-- | man/man8/dnsblog.8 | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/man/man8/dnsblog.8 b/man/man8/dnsblog.8 new file mode 100644 index 0000000..bf55548 --- /dev/null +++ b/man/man8/dnsblog.8 @@ -0,0 +1,108 @@ +.TH DNSBLOG 8 +.ad +.fi +.SH NAME +dnsblog +\- +Postfix DNS allow/denylist logger +.SH "SYNOPSIS" +.na +.nf +\fBdnsblog\fR [generic Postfix daemon options] +.SH DESCRIPTION +.ad +.fi +The \fBdnsblog\fR(8) server implements an ad\-hoc DNS +allow/denylist lookup service. This may eventually be +replaced by an UDP client that is built directly into the +\fBpostscreen\fR(8) server. +.SH "PROTOCOL" +.na +.nf +.ad +.fi +With each connection, the \fBdnsblog\fR(8) server receives +a DNS allow/denylist domain name, an IP address, and an ID. +If the IP address is listed under the DNS allow/denylist, the +\fBdnsblog\fR(8) server logs the match and replies with the +query arguments plus an address list with the resulting IP +addresses, separated by whitespace, and the reply TTL. +Otherwise it replies with the query arguments plus an empty +address list and the reply TTL; the reply TTL is \-1 if there +is no reply, or a negative reply that contains no SOA record. +Finally, the \fBdnsblog\fR(8) server closes the connection. +.SH DIAGNOSTICS +.ad +.fi +Problems and transactions are logged to \fBsyslogd\fR(8) +or \fBpostlogd\fR(8). +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +Changes to \fBmain.cf\fR are picked up automatically, as +\fBdnsblog\fR(8) processes run for only a limited amount +of time. Use the command "\fBpostfix reload\fR" to speed +up a change. + +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBdaemon_timeout (18000s)\fR" +How much time a Postfix daemon process may take to handle a +request before it is terminated by a built\-in watchdog timer. +.IP "\fBpostscreen_dnsbl_sites (empty)\fR" +Optional list of DNS allow/denylist domains, filters and weight +factors. +.IP "\fBipc_timeout (3600s)\fR" +The time limit for sending or receiving information over an internal +communication channel. +.IP "\fBprocess_id (read\-only)\fR" +The process ID of a Postfix command or daemon process. +.IP "\fBprocess_name (read\-only)\fR" +The process name of a Postfix command or daemon process. +.IP "\fBqueue_directory (see 'postconf -d' output)\fR" +The location of the Postfix top\-level queue directory. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.PP +Available in Postfix 3.3 and later: +.IP "\fBservice_name (read\-only)\fR" +The master.cf service name of a Postfix daemon process. +.SH "SEE ALSO" +.na +.nf +smtpd(8), Postfix SMTP server +postconf(5), configuration parameters +postlogd(8), Postfix logging +syslogd(8), system logging +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH HISTORY +.ad +.fi +.ad +.fi +This service was introduced with Postfix version 2.8. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA |