Provided by: postfix_3.7.4-2build1_amd64
NAME
dnsblog - Postfix DNS allow/denylist logger
SYNOPSIS
dnsblog [generic Postfix daemon options]
DESCRIPTION
The dnsblog(8) server implements an ad-hoc DNS allow/denylist lookup service. This may eventually be replaced by an UDP client that is built directly into the postscreen(8) server.
PROTOCOL
With each connection, the dnsblog(8) server receives a DNS allow/denylist domain name, an IP address, and an ID. If the IP address is listed under the DNS allow/denylist, the dnsblog(8) server logs the match and replies with the query arguments plus an address list with the resulting IP addresses, separated by whitespace, and the reply TTL. Otherwise it replies with the query arguments plus an empty address list and the reply TTL; the reply TTL is -1 if there is no reply, or a negative reply that contains no SOA record. Finally, the dnsblog(8) server closes the connection.
DIAGNOSTICS
Problems and transactions are logged to syslogd(8) or postlogd(8).
CONFIGURATION PARAMETERS
Changes to main.cf are picked up automatically, as dnsblog(8) processes run for only a limited amount of time. Use the command "postfix reload" to speed up a change. The text below provides only a parameter summary. See postconf(5) for more details including examples. config_directory (see 'postconf -d' output) The default location of the Postfix main.cf and master.cf configuration files. daemon_timeout (18000s) How much time a Postfix daemon process may take to handle a request before it is terminated by a built-in watchdog timer. postscreen_dnsbl_sites (empty) Optional list of DNS allow/denylist domains, filters and weight factors. ipc_timeout (3600s) The time limit for sending or receiving information over an internal communication channel. process_id (read-only) The process ID of a Postfix command or daemon process. process_name (read-only) The process name of a Postfix command or daemon process. queue_directory (see 'postconf -d' output) The location of the Postfix top-level queue directory. syslog_facility (mail) The syslog facility of Postfix logging. syslog_name (see 'postconf -d' output) A prefix that is prepended to the process name in syslog records, so that, for example, "smtpd" becomes "prefix/smtpd". Available in Postfix 3.3 and later: service_name (read-only) The master.cf service name of a Postfix daemon process.
SEE ALSO
smtpd(8), Postfix SMTP server postconf(5), configuration parameters postlogd(8), Postfix logging syslogd(8), system logging
LICENSE
The Secure Mailer license must be distributed with this software.
HISTORY
This service was introduced with Postfix version 2.8.
AUTHOR(S)
Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Heights, NY 10598, USA Wietse Venema Google, Inc. 111 8th Avenue New York, NY 10011, USA DNSBLOG(8postfix)