-DCMAIL_NO_TLS)make in cmail-smtpd/
Run the module without specifying a logfile in the configuration at first, in order to test its operation and track down any misconfigurations. Specifying a logfile allows the module to daemonize itself and detach from the starting shell.
| Directive |
Parameters
Comments
Verbatim
|
Description |
|---|---|---|
verbosity |
Integer between 0 and 4 |
Set log output verbosity. Higher values include messages
for lower values.
|
logfile |
Path to log file | If not specified, cmail-smtpd will log to stderr and will not be able to detach from the calling shell |
pidfile |
Path to pid file | Write the PID of the daemonized process to the specified file. If not specified, no file is created. PID files are used by daemon supervisors such as systemd for stopping services. |
user |
Username to switch to | The module will change its executing user to the one specified. Only works when started as root. This is one of the few options not immediately taking effect. |
group |
Group name to switch to | The module will change its executing group to the on specified. Only works when started as root. This is one of the few options not immediately taking effect. |
database |
Path to master database | The executing user needs read AND write access to the master database file as well as the folder containing it |
bind |
Address to bind to |
:: and * bind all interfaces for IPv6 and IPv4 respectively
|
| Port to listen on |
The widely-known ports for SMTP are
|
|
(optional)size= Maximum accepted mail size in bytes
|
Default is 0, indicating no limit | |
(optional)announce= Server name to announce to clients in the banner
|
The announced name should preferrably have a valid DNS record pointing to the machine | |
(optional, not available when compiled with CMAIL_NO_TLS)cert= TLS certificate file location
|
Specifying both cert and key automatically enables opportunistic encryption via STARTTLS |
|
(optional, not available when compiled with CMAIL_NO_TLS)key= TLS key file location
|
Specifying both cert and key automatically enables opportunistic encryption via STARTTLS |
|
(optional, not available when compiled with CMAIL_NO_TLS)ciphers= GnuTLS cipher priority listing
|
This parameter can be used to disable or force specific ciphers or protocol versions | |
(optional, not available when compiled with CMAIL_NO_TLS)dhparams= Diffie-Hellman parameter file location
|
Use this parameter to read the Diffie-Hellman parameters from a file instead of generating new parameters upon starting (which is time consuming). The file is expected to be in PEM format. | |
(optional, not available when compiled with CMAIL_NO_TLS)tlsonly
|
Connections on this port are expected to immediately negotiate a TLS session, never exchanging plain text data | |
(optional)authauth=strict,tlsonly,privateauth=fixed@ Name of user to automatically be authenticated on this port
|
Enable SMTP authentication on this port. Authentication is required for sending mail to non-local addresses.tlsonly requires the connection to be secured by TLS in order to be able to authenticate.private suppresses the reverse name of the submitting host being printed into the Received: header.strict requires authentication before allowing any mail-related commands to succeed (SMTP submission mode).fixed@user can potentially be used to create an open relay. Be careful when using it.
|
Authentication against the SMTP daemon and the handling of outbound mail can be configured with cmail-admin-smtpd.