Next: mfdbtool, Previous: MTA Configuration, Up: Top [Contents][Index]
calloutd
The callout verification is usually performed by a special instance of
mailfromd
(see callout server). However, it is also
possible to set up a dedicated callout server on a separate machine.
You can choose to do so, for instance, in order to reduce the load on
the server running mailfromd
.
This stand-alone callout facility is provided by the
calloutd
daemon.
• config-calloutd | Calloutd Configuration. | |
• invocation-calloutd | Calloutd Command-Line Options. | |
• protocol-calloutd | The Callout Protocol. |
Next: invocation-calloutd, Up: calloutd [Contents][Index]
Main configuration file /etc/mailfromd.conf is used
(see Mailfromd Configuration). The configuration statements are
basically the same as for mailfromd
.
The address to listen on is defined in the server
statement.
Basically, it is the only statement the configuration file is required
to have. The minimal configuration can look like:
program calloutd { server { listen inet://198.51.100.1:3535; } }
To instruct the mailfromd
daemon to use this server, the
following statement should be added to the /etc/mailfromd.conf
file:
program mailfromd { callout-url inet://198.51.100.1:3535; }
The server
statement differs a little from the similar
statement for mailfromd
. This and another
calloutd
-specific statements are described in detail in the
subsections that follow. The rest of statements is shared with
mailfromd
. The following table lists all supported
configuration statements along with cross-references to the
correspondent descriptions:
Statement | Reference |
---|---|
acl | See Mailutils Configuration File in GNU Mailutils Manual. |
auth | See Mailutils Configuration File in GNU Mailutils Manual. |
database | See conf-database. |
database-mode | See database-mode. |
database-type | See database-type. |
debug (section) | See Mailutils Configuration File in GNU Mailutils Manual. |
debug | See conf-calloutd-log. |
ehlo-domain | See ehlo-domain. |
enable-vrfy | See enable-vrfy. |
group | See group. |
include | See Mailutils Configuration File in GNU Mailutils Manual. |
io-timeout | See io-timeout. |
locking | See Mailutils Configuration File in GNU Mailutils Manual. |
lock-retry-count | See lock-retry-count. |
lock-retry-timeout | See lock-retry-timeout. |
logger | See conf-calloutd-log. |
logging | See Mailutils Configuration File in GNU Mailutils Manual. |
mailer | See Mailutils Configuration File in GNU Mailutils Manual. |
mail-from-address | See mail-from-address. |
pidfile | See pidfile. |
server | See conf-calloutd-server. |
source-ip | See source-ip. |
smtp-timeout | See conf-timeout. |
state-directory | See state-directory. |
transcript | See conf-calloutd-log, |
user | See user. |
• conf-calloutd-setup | calloutd General Setup.
| |
• conf-calloutd-server | The server Statement.
| |
• conf-calloutd-log | calloutd Logging.
|
Next: conf-calloutd-server, Up: config-calloutd [Contents][Index]
calloutd
General SetupSets source IP address for TCP connections.
Defines the name of the file to store PID value in.
Sets the name of the program state directory. See statedir.
Next: conf-calloutd-log, Previous: conf-calloutd-setup, Up: config-calloutd [Contents][Index]
server
statementThe server
statement configures how calloutd
will
communicate with the client mailfromd
server.
server { id name; listen url; backlog num; max-instances num; single-process bool; reuseaddr bool; default bool; callout url; acl { … } }
Define a server. Optional label may follow the server
keyword. The label is ignored.
The substatements in the server
block provide parameters for
configuring this server.
Assign an identifier to this server. This identifier is used as a suffix to syslog tag (see syslog tag) in messages related to this server. For example, if a server block had the following statement in it:
id main;
then all messages related to this server will be marked with tag ‘calloutd#main’.
The part before the ‘#’ is set using the tag
statement
in logging
block (see Mailutils
Configuration File in GNU Mailutils Manual).
Listen for connections on the given URL. See milter port specification, for a description of allowed url formats.
Example:
listen inet://10.10.10.1:3331;
Configures the size of the queue of pending connections. Default value is 8.
Sets the maximum number of instances allowed for this server.
When set to ‘yes’, this server will run in single-process
mode, i.e. it will not fork sub-processes to serve requests. This
option is meant exclusively to assist in debugging
calloutd
. Don’t use it for anything else but for
debugging!
When set to ‘yes’, calloutd
will attempt to reuse
existing socket addresses. This is the default behavior.
Defines access control list for this server. See Mailutils Configuration File in GNU Mailutils Manual, for a detailed discussion.
If the global ACL is defined as well, an incoming connection is checked against both lists: first the per-server ACL, then the global one. The connection will be permitted only if it passes both checks.
Previous: conf-calloutd-server, Up: config-calloutd [Contents][Index]
calloutd
loggingSet default logger mechanism. Allowed values for mech are:
Log everything to the standard error.
Log to syslog.
Log to syslog using the asynchronous syslog implementation.
See Logging and Debugging, for a detailed discussion. See also Using non-blocking syslog, for information on how to set default syslog implementation at compile time.
Set mailfromd
debug verbosity level. The spec
must be a valid debugging level specification (see debugging level specification).
If the boolean value bool is ‘true’, enables the transcript of call-out SMTP sessions.
Next: protocol-calloutd, Previous: config-calloutd, Up: calloutd [Contents][Index]
The calloutd
invocation syntax is:
calloutd [option...]
The following options are available:
Stay in foreground. When given this option, calloutd
will
not disconnect itself from the controlling terminal and will run in
the foreground.
Retain the group name when switching to user privileges. See Starting and Stopping.
Set pidfile name. Overrides the pidfile
configuration
statement, which you are advised to use instead (see pidfile).
Read resolver settings from file, instead of the default /etc/resolv.conf.
Set source address for TCP connections. Overrides the ‘source-ip’ configuration statement, which you are advised to use instead (see source-ip).
Do not fork sub-processes to serve requests. This option is meant to
assist in debugging calloutd
. Don’t use it for anything
else but for debugging, as it terribly degrades performance!
Set new program state directory. See Local state directory, for the description of this directory and its purposes.
Switch to this user’s privileges after startup. Overrides the user
configuration file statement, which you are advised to use instead
(see user). Default user is
‘mail’.
Set debugging level. See Logging and Debugging.
Output logs to syslog facility.
Tag syslog entries with the given string, instead of the program name.
Set logger mechanism (mech is one of ‘stderr’, ‘syslog’, ‘syslog:async’). See Logging and Debugging.
Selects default syslog mechanism for diagnostic output.
Directs all logging to standard output. Similar to --logger=stderr.
Set source address for TCP connections. Overrides the ‘source-ip’ configuration statement, which you are advised to use instead (see source-ip).
Set Mailutils debugging level. See http://mailutils.org/wiki/Debug_level, for a detailed discussion of level argument.
Include C source information in debugging messages. This is
similar to setting line-info yes
in the debug
configuration block (see line-info in GNU Mailutils Manual).
The --no-source-info can be used to cancel the effect of the
line-info yes
configuration statement.
You do not need this option, unless you are developing or debugging
calloutd
.
Enable or disable transcript of the SMTP sessions to the log channel. See Logging and Debugging.
Load this configuration file.
Check syntax of configuration files and exit. Exit code is 0 if the file or files are OK, and 78 otherwise.
Verbosely log parsing of the configuration files.
Don’t load site-wide configuration file.
Set configuration parameter
Show configuration file summary.
Show compilation options.
Give a short help list.
Give a short usage message.
Print program version
Previous: invocation-calloutd, Up: calloutd [Contents][Index]
This section describes the protocol used to communicate with the
calloutd
server.
The protocol works over stream-oriented TCP/IP transport. Either UNIX or IPv4 socket can be used. Commands and responses are terminated by a single CR LF pair. Each command occupies exactly one line. If the server succeeded in executing the command, it replies with a line starting with the word ‘OK’. Depending on the command, this keyword may be followed by a single space character and additional information. More information can be returned in unsolicited replies before the ‘OK’ line. Each unsolicited reply line starts with and asterisk followed by a single horizontal space character.
On error, the server replies with ‘NO’ followed by a horizontal space character and human-readable description of the problem.
The valid commands are discussed below. In examples illustrating the commands, the lines sent by the client are prefixed with C:, and lines sent by the server are prefixed with S:.
Adds email to the queue of email addresses to be verified. Available parameters are:
Sets verification mode for this email address. Available modes are:
mxfirst
default
The default mode.
If the host
option is also given, its argument is taken as
the domain name. Otherwise, domain part of email is used.
The verification goes as follows. First, determine MX servers for that domain. Query each of them in order of increasing priority. First of them that replies determines the result of the test.
If no MX servers are defined for that domain, look for its ‘A’ record. If available, run SMTP probe on that IP.
mxonly
Query MX servers for the domain specified with the host
option.
hostonly
Query the server whose name or IP address is supplied with the
host
option.
hostfirst
The reverse of mxfirst
: first query the host, then the MX
servers. The domain must be specified using the host
option.
Supplies the domain name for mode=mxonly
, and host name or
IP address for mode=hostfirst
and mode=hostonly
. The use of
this keyword with any of these modes is mandatory.
Supplies the value to use as the argument to the SMTP EHLO
command.
Supplies the value to use in the SMTP MAIL FROM
command.
Controls whether to use SMTP STARTTLS
command if the server
offers it. Allowed values are:
never
Never use STARTTLS
.
always
Always use STARTTLS
.
ondemand
Use STARTTLS
only if MAIL FROM:
command fails with code
530 (authorization failed). This is the default.
On success, the server replies with ‘OK’, followed by a non-negative session ID for that email:
C: VRFY gray@example.org S: OK 0000000001
Query value of internal callout parameters. Valid values for arg are:
Return the string used as argument to the SMTP EHLO
command.
Return the email address that is used in the SMTP MAIL FROM
command.
On success, the server returns the requested value (if found) in an unsolicited reply:
C: GET ehlo timeout S: * ehlo=example.net S: OK
Sets string as session identifier for that session. Example:
C: SID deadbeef S: OK
Sets timeouts for various stages of SMTP session. On success, ‘OK’ is returned.
C: timeout 300 300 300 600 300 300 120 S: OK timeouts set
Runs callout session for emails registered with the vrfy
command. On success, results of the check are returned after the
‘OK’ keyword in a whitespace-separated list of
‘id=result’ pairs. In each pair, id is its
identifier as returned in the reply to the VRFY
command and
result is one of the following result strings: ‘success’,
‘not_found’, ‘failure’, ‘temp_failure’, ‘timeout’.
Additional information about each callout session is returned in unsolicited replies. Each such reply is prefixed with the email identifier and callout stage name. Stage names are:
INIT remote_name
The calloutd
server is establishing communication with the
remote SMTP server remote_name.
GRTNG line
calloutd
received initial response from the remote server.
line is the first line of the reply.
HELO line
calloutd
received response to the EHLO
(or
HELO
) command. In case of multiline response, line is
the first line.
SENT command
The SMTP command command has been sent to the remote server.
RECV line
The remote server returned line in response. In case of multiline response, line is the first line.
Example of verification session:
C: RUN S: * 0000000000 INIT mx.example.org S: * 0000000000 GRTNG 220 mx.example.org ESMTP Ready S: * 0000000000 HELO 250-mx.example.org Hello tester S: * 0000000000 SENT RCPT TO:<gray@example.org> S: * 0000000000 RECV 250 Accepted S: * 0000000001 INIT foo.example.net S: * 0000000001 GRTNG 220 foo ESMTP server ready S: * 0000000001 HELO 250-foo.example.net Hello S: * 0000000001 SENT RCPT TO:<gray@example.net> S: * 0000000001 RECV 450 4.7.0 You are greylisted for 3600 seconds OK 0000000000=success 0000000001=temp_failure
Drop the email with the given serial number from the verification queue. Example:
C: DROP 0000000002 S: OK
Finishes the current session and disconnects from the callout server.
C: QUIT S: OK bye
Previous: invocation-calloutd, Up: calloutd [Contents][Index]