diff options
Diffstat (limited to 'doc/clamsmtpd.8')
-rw-r--r-- | doc/clamsmtpd.8 | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/doc/clamsmtpd.8 b/doc/clamsmtpd.8 new file mode 100644 index 0000000..8ee3d80 --- /dev/null +++ b/doc/clamsmtpd.8 @@ -0,0 +1,135 @@ +.\" +.\" Copyright (c) 2004, Nate Nielsen +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" * Redistributions of source code must retain the above +.\" copyright notice, this list of conditions and the +.\" following disclaimer. +.\" * Redistributions in binary form must reproduce the +.\" above copyright notice, this list of conditions and +.\" the following disclaimer in the documentation and/or +.\" other materials provided with the distribution. +.\" * The names of contributors to this software may not be +.\" used to endorse or promote products derived from this +.\" software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +.\" FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +.\" COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS +.\" OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED +.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +.\" THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH +.\" DAMAGE. +.\" +.\" +.\" CONTRIBUTORS +.\" Nate Nielsen <nielsen@memberwebs.com> +.\" +.Dd September, 2004 +.Dt clamsmtpd 8 +.Os clamsmtp +.Sh NAME +.Nm clamsmtpd +.Nd an SMTP server for scanning viruses via clamd +.Sh SYNOPSIS +.Nm +.Op Fl d Ar level +.Op Fl f Ar configfile +.Nm +.Fl v +.Sh DESCRIPTION +.Nm +is an SMTP filter that allows you to check for viruses using the ClamAV +anti-virus software. It accepts SMTP connections and forwards the SMTP commands +and responses to another SMTP server. +.Pp +The DATA email body is intercepted and scanned before forwarding. By default email +with viruses are dropped silently and logged without any additional action taken. +.Pp +.Nm +aims to be lightweight and simple rather than have a myriad of options. The options +it does have are configured by editing the +.Xr clamsmtpd.conf 5 +file. See the man page for +.Xr clamsmtpd.conf 5 +for more info on the default location of the configuration file. +.Sh OPTIONS +Previous versions had more options. These still work for now but have equivalents in +.Xr clamsmtpd.conf 5 +and are not documented here. The options are as follows. +.Bl -tag -width Fl +.It Fl d +Don't detach from the console and run as a daemon. In addition the +.Ar level +argument specifies what level of error messages to display. 0 being +the least, 4 the most. +.It Fl f +.Ar configfile +specifies an alternate location for the +.Nm +configuration file. See +.Xr clamsmtpd.conf 5 +for more details on where the configuration file is located by default. +.It Fl v +Prints the clamsmtp version number and exits. +.El +.Sh LOGGING +.Nm +logs to +.Xr syslogd +by default under the 'mail' facility. You can also output logs to the console +using the +.Fl d +option. +.Sh LOOPBACK FEATURE +In some cases it's advantagous to consolidate the virus scanning and filtering +for several mail servers on one machine. +.Nm +allows this by providing a loopback feature to connect back to the IP that an +SMTP connection comes in from. +.Pp +To use this feature specify only a port number (no IP address) for the +.Ar OutAddress +setting in the configuration file. This will cause +.Nm +to pass the email back to the said port on the incoming IP address. +.Pp +Make sure the +.Ar MaxConnections +setting is set high enough to handle the mail from all the servers without refusing +connections. +.Sh SECURITY +There's no reason to run this daemon as root. It is meant as a filter and should +listen on a high TCP port. It's probably a good idea to run it using the same +user as the +.Xr clamd 8 +daemon. This way the temporary files it writes are accessible to +.Xr clamd 8 +.Pp +Care should be taken with the directory that +.Nm +writes its temporary files to. In order to be secure, it should not be a world +writeable location. Specify the directory using the +.Ar TempDirectory +setting. +.Pp +If running +.Nm +on a publicly accessible IP address or without a firewall please be sure to +understand all the possible security issues. This is especially true if the +loopback feature is used (see above). +.Sh SEE ALSO +.Xr clamsmtpd.conf 5 +.Xr clamd 8 , +.Xr clamdscan 1 +.Sh AUTHOR +.An Nate Nielsen Aq nielsen@memberwebs.com |