DragonFly On-Line Manual Pages
smtp-gated(1) DragonFly General Commands Manual smtp-gated(1)
NAME
smtp-gated - transparently block viruses during SMTP connections
VERSION
This manual describes smtp-gated v. 1.4.20.0
SYNOPSIS
smtp-gated [-f] [ -h | -s | -S | -r | -t | -T | -v | -V ] config_file
DESCRIPTION
smtp-gated checks SMTP traffic and blocks any viruses found. It can
also spam-check messages. E-mail containing virus is blocked
(SMTP-server session is brought down), and a proper message is sent to
client software. E-mails found to be a SPAM, can also be blocked, or
just the fact is logged.
smtp-gated uses netfilter framework to forward connections to
destination MTA. It's meant to be transparent, so any
SMTP-authentication works ok. Also pipelining extension is supported.
Daemonised scanning engines support is integrated, so there is minimal
performance hit on scanning.
CONFIGURATION
Configuration is done with config_file. There is no default path for
it. If you would like to create configuration template, see -t option:
smtp-gated -t | sed -e 's/^[a-z]/;&/' >/etc/smtp-gated.conf
To make upgrades easier, be sure not to uncomment unneccesary options.
OPTIONS
Options marked with CONFIG require config file on command line. For
others, no config file means default configuration.
-C name [CONFIG]
show value for configuration variable "name"
-f run foreground, use for debugging
-h command reference
-K [CONFIG]
kill running process (TERM in SIGNALS)
-s [CONFIG]
prepare & show process status (USR1 in SIGNALS)
-S [CONFIG]
prepare & show process status file name
-r [CONFIG]
reload configuration (HUP in SIGNALS)
-t syntax check & dump configuration (except messages)
-T [CONFIG]
syntax check & dump configuration (including messages)
-v show version
-V show version & compiled-in options
config_file
required for most commands, except -t and -T.
SIGNALS
HUP reload configuration
USR1 dump statistics (see -s in OPTIONS)
TERM close server socket and wait for existing sessions to finish.
QUIT same as above
RELAYING
Listening port MUST be protected from world-access or proxy will act as
open-relay. This can be achieved either by setting bind_address to
internal IP, or by denying listen-port access from outside world using
iptables.
STATUS
You can request status dump, by using smtp-gated -s config_file or by
sending SIGUSR1 to daemon process. This will write status to the
statusfile.
It will contain the following (may change in further versions):
Start time: Thu Mar 3 17:06:21 2005
daemon start time
Restart time: Tue Mar 15 14:34:41 2005
daemon last SIGHUP time
Uptime: 11d 21h 28m 22s
time since 'Start time'
Found: 43/0 (viruses/spam)
number of [viruses/spam] found so far; this *does not count* any
virus/spam avoided with client-lock (see: Rejects: lock)
Children: 1/18 (current/max)
current/maximum number of user sessions
Requests: 25238/113/7506 (total/direct/empty)
total number of sessions/direct (=TLS) sessions/empty sessions
(=without transaction).
Rejects: 0/458/10421/0 (host/ident/lock/other)
Rejected requests; because of
per-host-limit/per-ident-limit/client-locked/other reason.
Next, current running sessions:
slot internal connection table client slot
pid serving process ID
state SMTP session state
flags session flags:
AUTH: a=supported, A=accepted
time session running time
source source (client) IP
target destination (server/MTA) IP
trns number of current transaction
cli_rx client-received byte count
srv_rx server-received byte count
kbps average speed (since connection started) in kbits/second
ident client ident*
SEE ALSO
smtp-gated.conf(5)
BUGS
See http://smtp-proxy.klolik.org/#bugs for details.
HOMEPAGE
http://smtp-proxy.klolik.org
AUTHOR
Bartlomiej Korupczynski <smtp-proxy@klolik.org>
Bartlomiej Korupczynski 2013-02-26 smtp-gated(1)