Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

ENMA(1)			  BSD General Commands Manual		       ENMA(1)

NAME
     enma — A milter program for domain authentication technologies

SYNOPSIS
     enma [-cvh] [-o key=value]

DESCRIPTION
     enma is a program of domain authentication technologies. It authenticates
     message senders with SPF, Sender ID, DKIM and/or DKIM ADSP and inserts
     the Authentication-Results: field with authentication results.

     Configurations have order of preference as follows:

	   1.	The command line options
	   2.	The configuration file
	   3.	The default values

OPTIONS
     -h	     Displays available options.

     -v	     Verbose mode.

     -c filename
	     Specifies a configuration file.

     -o key=value
	     Specifies configuration below.

CONFIGURATION FILE
     Each line is in the format of "key:value". Spaces between "key:" and
     "value" are ignored. Lines begging with '#' and empty lines are ignored.
     If there is no configuration of a given "key:", its default value is
     used.  Absolute paths must be used when specified.

     milter.verbose (-v)
	     If true, log is recorded in detail. (Default value: false)

     milter.conffile (-c)
	     Specifies the path to the configration file. If ommited, no con‐
	     figuration file is read and the default values are used.  The -c
	     option should be used usually instead. (Default value: no value)

     milter.user
	     Specifies a user name. If not specified, the user name of execu‐
	     tion is used. This is typically used to step down the user
	     authority of enma executed in a start-up script.  (Default value:
	     no value)

     milter.pidfile
	     Specify the path to the PID file. If milter.user is specified,
	     the PID file is written as the user. So, appropriate permission
	     should be given to the directory. (Default value:
	     /var/run/enma/enma.pid)

     milter.chdir
	     Specified a working directory after execution. If ommited, noth‐
	     ing happens. (Default value: no value)

     milter.socket
	     Specifies socket type of milter communication from MTA.  Choose
	     one of the followings:
		   1.	inet:<port number>@<IP adddress or hostname>
		   2.	unix:<a path to UNIX domain socket>
	     For more information, refer to "cf/README" contained in the Send‐
	     mail package. (Default value: inet:10025@127.0.0.1)

     milter.timeout
	     Specifies timeout of milter communication with MTA in seconds.
	     (Default value: 7210)

     milter.loglevel
	     Specifies log level of libmilter (not enma). This should be used
	     for debugging purpose.  For more information, please refer to
	     "libmilter/docs/smfi_setdbg.html" in the Sendmail package.
	     (Default value: 0)

     milter.sendmail813
	     If the version of Sendmail is 8.13 or earlier, specify "true",
	     Otherwise, specify "false". (Default value: false)

     milter.postfix
	     If true, MTA is Postfix. If false, MTA is Sendmail. (Default
	     value: false)

     syslog.ident
	     Specified an identifier labeled to syslog messages. (Default
	     value: enma)

     syslog.facility
	     Specifies facility of syslog. (Default value: local4)

     syslog.logmask
	     Specifies mask of syslog.	Messages which level is over this
	     value are printed to syslog. Usually "info" should be specified.
	     (Default value: info)

     common.exclusion_addresses
	     Specifies IP address ranges which are exception of domain authen‐
	     tication. If the source IP address of the peer matches the
	     ranges, domain authentication process is omitted. Multiple ranges
	     can be enumerated with the comma separator. (Default value:
	     127.0.0.1,::1)

     spf.auth
	     If true, SPF authentication is processed.	(Default value: true)

     spf.explog
	     If true, the "exp" modifier is evaluated in the case where SPF
	     authentication result is "hardfail".  For more information about
	     the "exp" modifier, refer to Section 6.2 of RFC4408.  (Default
	     value: true)

     sidf.auth
	     If true, Sender ID authentication is processed. (Default value:
	     true)

     sidf.explog
	     If true, the "exp" modifier is evaluated in the case where Sender
	     ID authentication result is "hardfail".  For more information
	     about the "exp" modifier, refer to Section 6.2 of RFC4408.
	     (Default value: true)

     dkim.auth
	     If true, DKIM authentication is processed. (Default value: true)

     dkim.signheader_limit
	     Specifies a limit number of the DKIM-Signature: fields.  They are
	     evaluated from the top, and are ignored if the number reaches the
	     limit.  (Default value: 10)

     dkim.accept_expired_signature
	     If true, expired DKIM signatures are treated as valid. This value
	     should be false in normal case. (Default value: false)

     dkimadsp.auth
	     If turu, DKIM ADSP check is processed. (Default value: true)

     authresult.identifier
	     Specifies the hostname to identity the Authentication-Results:
	     field. If the Authentication-Results: field which has the same
	     identifier exists, the entire field is removed. Also, this iden‐
	     tifier is used when the Authentication-Results: field is inserted
	     to record authentication result.  (Default value: localhost)

LOG
     Log is recored to syslog. facility and mask of syslog are specified with
     "syslog.facility" and "syslog.logmask", respectively.

EXAMPLE OF LOG
     The case where authentication process was normally done:

     [m75AKEOh009630] [SPF-auth] ipaddr=192.168.1.1, eval=smtp.mailfrom, helo=example.jp, envfrom=<user@example.jp>, score=pass
     [m75AKEOh009630] [SIDF-auth] ipaddr=192.168.1.1, header.From=user@example.jp, score=pass
     [m75AKEOh009630] [DKIM-auth] header.i=user@example.jp, score=pass
     [m75AKEOh009630] [DKIM-ADSP-auth] header.from=user@example.jp, score=pass

     The case where authentication process was skipped because of lack of
     authentication information:

     [m75AKEOh009630] [SPF-auth] score=permerror
     [m75AKEOh009630] [SIDF-auth] score=permerror
     [m75AKEOh009630] [DKIM-auth] score=permerror
     [m75AKEOh009630] [DKIM-ADSP-auth] score=permerror

     The case where no signature exists:

     [m75AKEOh009630] [DKIM-auth] score=none

DESCRIPTION OF LOG ITEM
     Common

     [m75AKEOh009630]
	     Queue ID to identify SMTP transaction labeled by MTA

     [SIDF-auth], [SPF-auth], [DKIM-auth], [DKIM-ADSP-auth]
	     These indicates Sender ID, SPF, DKIM, DKIM ADSP, respectively.

     ipaddr=192.168.1.1
	     The IP address of the sender

     score=pass
	     Score of authentication result
     SPF

     eval=smtp.mailfrom
	     Which authentication information was used, either MAIL FROM or
	     EHLO/HELO.

     helo=example.jp
	     EHLO/HELO provided by the sender

     envfrom=<user@example.jp>
	     MAIL FROM provided by the sender
     Sender ID

     header.From=user@example.jp
	     The field name and the mail address used for authentication.
     DKIM

     header.i=user@example.jp
	     The mail address or domain of a signer.
     DKIM ADSP

     header.From=user@example.jp
	     The field name and the mail address used for authentication.

SCORE
     See RFC5451.

				 Apr 03, 2009

Vote for polarhome