* The list of domains that are a member of the class: for example, all local
domains, or all relay domains.
- * The default delivery transport. For example, the local or relay delivery
- transport (delivery transports are defined in master.cf). This helps to
- keep Postfix configurations simple.
+ * The default delivery transport. For example, the local, virtual or relay
+ delivery transport (delivery transports are defined in master.cf). This
+ helps to keep Postfix configurations simple, by avoiding the need for
+ explicit routing information in transport maps.
* The list of valid recipient addresses for that address class. The Postfix
SMTP server rejects invalid recipients with "User unknown in <name of
connection cache. With Postfix version 2.2, only the smtp(8) client has support
to access this cache.
- smtp(8) --> Internet
-
-
- |
- |
- |
- | smtp(8) --> Internet
- |
- |
- v ^
- |
-
- scache(8)
-
+ /-- smtp(8) --> Internet
+
+ qmgr(8) |
+ |
+ \-- | smtp(8) --> Internet
+ |
+ ^
+ |
+
+ scache(8)
When SMTP connection caching is enabled (see next section), the smtp(8) client
does not disconnect after a mail transaction, but gives the connection to the
1\b1 -\b- P\bPu\bur\brp\bpo\bos\bse\be o\bof\bf t\bth\bhi\bis\bs d\bdo\boc\bcu\bum\bme\ben\bnt\bt
-This is a bootstrap document that helps you get Postfix up and running from
-scratch with the minimal number of steps. If you are using a pre-compiled
-version of Postfix, you should be reading the general Postfix documentation
-which aims to describe the system in more detail. This bootstrap document
-should not be considered part of the general Postfix documentation.
+If you are using a pre-compiled version of Postfix, you should start with
+BASIC_CONFIGURATION_README and the general documentation referenced by it.
+INSTALL is only a bootstrap document to get Postfix up and running from scratch
+with the minimal number of steps; it should not be considered part of the
+general documentation.
This document describes how to build, install and configure a Postfix system so
that it can do one of the following:
% export MANPATH; MANPATH="`pwd`/man:$MANPATH"
% setenv MANPATH "`pwd`/man:$MANPATH"
-Of particular interest is the postconf(5) manual page that lists all the 400+
+Of particular interest is the postconf(5) manual page that lists all the 500+
configuration parameters. The HTML version of this text makes it easy to
navigate around.
OSF1.V3 - OSF1.V5 (Digital UNIX)
Reliant UNIX 5.x
Rhapsody 5.x
- SunOS 4.1.4 (July 2006)
- SunOS 5.4 - 5.9 (Solaris 2.4..9)
+ SunOS 4.1.4 (March 2007)
+ SunOS 5.4 - 5.10 (Solaris 2.4..10)
Ultrix 4.x (well, that was long ago)
or something closely resemblant.
4\b4.\b.1\b1 -\b- G\bGe\bet\btt\bti\bin\bng\bg s\bst\bta\bar\brt\bte\bed\bd
On Solaris, the "make" command and other utilities for software development are
-in /usr/ccs/bin, so you MUST have /usr/ccs/bin in your command search path.
+in /usr/ccs/bin, so you MUST have /usr/ccs/bin in your command search path. If
+these files do not exist, install the development packages first. See the
+Solaris FAQ item "Which packages do I need to install to support a C
+compiler?".
If you need to build Postfix for multiple architectures, use the "lndir"
command to build a shadow tree with symbolic links to the source files. "lndir"
4\b4.\b.5\b5 -\b- S\bSu\bup\bpp\bpo\bor\brt\bt f\bfo\bor\br t\bth\bho\bou\bus\bsa\ban\bnd\bds\bs o\bof\bf p\bpr\bro\boc\bce\bes\bss\bse\bes\bs
-In order to build Postfix for very large applications, where you expect to run
-more than 1000 mail delivery processes, you may need to override the definition
-of the FD_SETSIZE macro to make select() work correctly:
+The number of connections that Postfix can manage simultaneously is limited by
+the number of processes that it can run. This number in turn is limited by the
+number of files and sockets that a single process can open. For example, the
+Postfix queue manager has a separate connection to each delivery process, and
+the anvil(8) server has one connection per smtpd(8) process.
+
+Postfix version 2.4 and later have no built-in limits on the number of open
+files or sockets, when compiled on systems that support one of the following:
+
+ * BSD kqueue(2) (FreeBSD 4.1, NetBSD 2.0, OpenBSD 2.9),
+ * Solaris 8 /dev/poll,
+ * Linux 2.6 epoll(4).
+
+With other Postfix versions or operating systems, the number of file
+descriptors per process is limited by the value of the FD_SETSIZE macro. If you
+expect to run more than 1000 mail delivery processes, you may need to override
+the definition of the FD_SETSIZE macro to make select() work correctly:
% make makefiles CCARGS=-DFD_SETSIZE=2048
not allowed) and overriding the __FD_SETSIZE macro. Beware, undocumented
interfaces can change at any time and without warning.
+But wait, there is more: none of this will work unless the operating system is
+configured to handle thousands of connections. See the TUNING_README guide for
+examples of how to increase the number of open sockets or files.
+
4\b4.\b.6\b6 -\b- C\bCo\bom\bmp\bpi\bil\bli\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx,\b, a\bat\bt l\bla\bas\bst\bt
If the command
This text describes how to install Postfix from source code. See the
PACKAGE_README file if you are building a package for distribution to other
-systems. See auxiliary/MacOSX/README-INSTALL.OSX for information about
-installing Postfix from source on Mac OS X.
+systems.
6\b6.\b.1\b1 -\b- S\bSa\bav\bve\be e\bex\bxi\bis\bst\bti\bin\bng\bg S\bSe\ben\bnd\bdm\bma\bai\bil\bl b\bbi\bin\bna\bar\bri\bie\bes\bs
IMPORTANT: if you are REPLACING an existing Sendmail installation with Postfix,
you may need to keep the old sendmail program running for some time in order to
-flush the mail queue. As superuser, execute the following commands (your
-sendmail, newaliases and mailq programs may be in a different place):
+flush the mail queue.
+
+ * Some systems implement a mail switch mechanism where different MTAs
+ (Postfix, Sendmail, etc.) can be installed at the same time, while only one
+ of them is actually being used. Examples of such switching mechanisms are
+ the FreeBSD mailwrapper(8) or the Linux mail switch. In this case you
+ should try to "flip" the switch to "Postfix" before installing Postfix.
+
+ * If your system has no mail switch mechanism, execute the following commands
+ (your sendmail, newaliases and mailq programs may be in a different place):
# mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF
# mv /usr/bin/newaliases /usr/bin/newaliases.OFF
# make upgrade (non-interactive version, for upgrades)
+ * The interactive version ("make install") asks for pathnames for Postfix
+ data and program files, and stores your preferences in the main.cf file. I\bIf\bf
+ y\byo\bou\bu d\bdo\bon\bn'\b't\bt w\bwa\ban\bnt\bt P\bPo\bos\bst\btf\bfi\bix\bx t\bto\bo o\bov\bve\ber\brw\bwr\bri\bit\bte\be n\bno\bon\bn-\b-P\bPo\bos\bst\btf\bfi\bix\bx "\b"s\bse\ben\bnd\bdm\bma\bai\bil\bl"\b",\b, "\b"m\bma\bai\bil\blq\bq"\b" a\ban\bnd\bd
+ "\b"n\bne\bew\bwa\bal\bli\bia\bas\bse\bes\bs"\b" f\bfi\bil\ble\bes\bs,\b, s\bsp\bpe\bec\bci\bif\bfy\by p\bpa\bat\bth\bhn\bna\bam\bme\bes\bs t\bth\bha\bat\bt e\ben\bnd\bd i\bin\bn "\b".\b.p\bpo\bos\bst\btf\bfi\bix\bx"\b".
+
* The non-interactive version ("make upgrade") needs the /etc/postfix/main.cf
file from a previous installation. If the file does not exist, use
interactive installation ("make install") instead.
- * The interactive version offers suggestions for pathnames that you can
- override interactively, and stores your preferences in /etc/postfix/main.cf
- for convenient future upgrades.
-
6\b6.\b.4\b4 -\b- C\bCo\bon\bnf\bfi\big\bgu\bur\bre\be P\bPo\bos\bst\btf\bfi\bix\bx
Proceed to the section on how you wish to run Postfix on your particular
address. Simply configure your mail user agent to directly invoke the Postfix
sendmail program.
+To create a virtual network interface address, study your system ifconfig
+manual page. The command syntax could be any of:
+
+ # i
\bif
\bfc
\bco
\bon
\bnf
\bfi
\big
\bg l
\ble
\be0
\b0:
\b:1
\b1 <
\b<a
\bad
\bdd
\bdr
\bre
\bes
\bss
\bs>
\b> n
\bne
\bet
\btm
\bma
\bas
\bsk
\bk <
\b<m
\bma
\bas
\bsk
\bk>
\b> u
\bup
\bp
+ # i
\bif
\bfc
\bco
\bon
\bnf
\bfi
\big
\bg e
\ben
\bn0
\b0 a
\bal
\bli
\bia
\bas
\bs <
\b<a
\bad
\bdd
\bdr
\bre
\bes
\bss
\bs>
\b> n
\bne
\bet
\btm
\bma
\bas
\bsk
\bk 2
\b25
\b55
\b5.
\b.2
\b25
\b55
\b5.
\b.2
\b25
\b55
\b5.
\b.2
\b25
\b55
\b5
+
In the /etc/postfix/main.cf file, I would specify
/etc/postfix/main.cf:
E\bEx\bxa\bam\bmp\bpl\ble\be:\b: e\bex\bxp\bpa\ban\bnd\bdi\bin\bng\bg L\bLD\bDA\bAP\bP g\bgr\bro\bou\bup\bps\bs
-LDAP is frequently used to store group member information, and Postfix supports
-expanding a group's email address to the list of email addresses of the group
-members. There are a number of ways of handling LDAP groups, which will be
-illustrated via the mock LDAP entries and implied schema below. This shows two
-group entries "agroup" and "bgroup" and four user entries "auser", "buser",
-"cuser" and "duser". The group "agroup" has the users "auser" (1) and "buser"
-(2) as members via DN references in the multi-valued attribute "memberdn", and
-direct email addresses of two external users "auser@example.org" (3) and
+LDAP is frequently used to store group member information. There are a number
+of ways of handling LDAP groups. We will show a few examples in order of
+increasing complexity, but owing to the number of independent variables, we can
+only present a tiny portion of the solution space. We show how to:
+
+ 1. query groups as lists of addresses;
+
+ 2. query groups as lists of user objects containing addresses;
+
+ 3. forward special lists unexpanded to a separate list server, for moderation
+ or other processing;
+
+ 4. handle complex schemas by controlling expansion and by treating leaf nodes
+ specially, using features that are new in Postfix 2.4.
+
+The example LDAP entries and implied schema below show two group entries
+("agroup" and "bgroup") and four user entries ("auser", "buser", "cuser" and
+"duser"). The group "agroup" has the users "auser" (1) and "buser" (2) as
+members via DN references in the multi-valued attribute "memberdn", and direct
+email addresses of two external users "auser@example.org" (3) and
"buser@example.org" (4) stored in the multi-valued attribute "memberaddr". The
same is true of "bgroup" and "cuser"/"duser" (6)/(7)/(8)/(9), but "bgroup" also
has a "maildrop" attribute of "bgroup@mlm.example.com" (5):
tables using postmap(1) with the "-q" option, before deploying them into
production use in main.cf.
-Our second use case also expands "memberdn" attributes (1), (2), (6) and (7),
-follows the DN references and returns the "maildrop" of the referenced user
-entries. Here we use the "special_result_attribute" setting from ldap_table(5)
-to designate the "memberdn" attribute as holding DNs of the desired member
-entries. The "result_attribute" setting selects which attributes are returned
-from the selected DNs. It is important to choose a result attribute that is not
-also present in the group object, because result attributes are collected from
-both the group and the member DNs. In this case we choose "maildrop" and assume
-for the moment that groups never have a "maildrop" (the "bgroup" "maildrop"
-attribute is for a different use case). The returned data for "auser" and
-"buser" is from items (11) and (13) in the mock data.
+Our second use case instead expands "memberdn" attributes (1), (2), (6) and
+(7), follows the DN references and returns the "maildrop" of the referenced
+user entries. Here we use the "special_result_attribute" setting from
+ldap_table(5) to designate the "memberdn" attribute as holding DNs of the
+desired member entries. The "result_attribute" setting selects which attributes
+are returned from the selected DNs. It is important to choose a result
+attribute that is not also present in the group object, because result
+attributes are collected from both the group and the member DNs. In this case
+we choose "maildrop" and assume for the moment that groups never have a
+"maildrop" (the "bgroup" "maildrop" attribute is for a different use case). The
+returned data for "auser" and "buser" is from items (11) and (13) in the
+example data.
special.cf:
...
search_base = dc=example, dc=com
query_filter = mail=%s
- result_attribute = memberaddr, maildrop
+ result_attribute = maildrop
special_result_attribute = memberdn
$ postmap -q agroup@example.com ldap:special.cf
-
- auser@mailhub.example.com,buser@mailhub.example.com,auser@example.org,buser@example.org
+ auser@mailhub.example.com,buser@mailhub.example.com
Note: if the desired member object result attribute is always also present in
-the group, you get surprising results, the expansion also returns the address
+the group, you get surprising results: the expansion also returns the address
of the group. This is a known limitation of Postfix releases prior to 2.4, and
is addressed in the new with Postfix 2.4 "leaf_result_attribute" feature
described in ldap_table(5).
...
search_base = dc=example, dc=com
query_filter = mail=%s
- result_attribute = memberaddr, maildrop
+ result_attribute = maildrop
special_result_attribute = memberdn
$ postmap -q auser@example.com ldap:no_expand.cf ldap:expand.cf
auser@mailhub.example.com
$ postmap -q agroup@example.com ldap:no_expand.cf ldap:expand.cf
-
- auser@mailhub.example.com,buser@mailhub.example.com,auser@example.org,buser@example.org
+ auser@mailhub.example.com,buser@mailhub.example.com
$ postmap -q bgroup@example.com ldap:no_expand.cf ldap:expand.cf
bgroup@mlm.example.com
* Liviu Daia with further refinements from Jose Luis Tallon and Victor
Duchovni developed the common query, result_format, domain and
expansion_limit interface for LDAP, MySQL and PosgreSQL.
+ * Gunnar Wrobel provided a first implementation of a feature to limit LDAP
+ search results to leaf nodes only. Victor generalized this into the Postfix
+ 2.4 "leaf_result_attribute" feature.
And of course Wietse.
B\bBe\ber\brk\bke\bel\ble\bey\by D\bDB\bB i\bis\bss\bsu\bue\bes\bs
-Warning: if you can't compile Postfix because the file "db.h" isn't found, then
-you MUST install the Berkeley DB development package (name: db???-devel-???)
-that matches your system library. You can find out what is installed with the
-rpm command. For example:
+If you can't compile Postfix because the file "db.h" isn't found, then you MUST
+install the Berkeley DB development package (name: db???-devel-???) that
+matches your system library. You can find out what is installed with the rpm
+command. For example:
$ r\brp\bpm\bm -\b-q\bqf\bf /\b/u\bus\bsr\br/\b/l\bli\bib\bb/\b/l\bli\bib\bbd\bdb\bb.\b.s\bso\bo
db4-4.3.29-2
This means that you need to install db4-devel-4.3.29-2 (on some systems,
-specify /lib/libdb.so in the rpm query).
+specify "r\brp\bpm\bm -\b-q\bqf\bf /\b/l\bli\bib\bb/\b/l\bli\bib\bbd\bdb\bb.\b.s\bso\bo" instead).
DO NOT download some Berkeley DB version from the network. Every Postfix
program will dump core when it is built with a different Berkeley DB version
P\bPr\bro\boc\bcm\bma\bai\bil\bl i\bis\bss\bsu\bue\bes\bs
On RedHat Linux 7.1 and later p\bpr\bro\boc\bcm\bma\bai\bil\bl no longer has permission to write the
-mail spool directory. Workaround: chmod 1777 /var/spool/mail.
+mail spool directory. Workaround:
+
+ # chmod 1777 /var/spool/mail
S\bSy\bys\bsl\blo\bog\bgd\bd p\bpe\ber\brf\bfo\bor\brm\bma\ban\bnc\bce\be
local_recipient_maps =
That is, an empty value. With this setting, the Postfix SMTP server will not
-reject mail with "User unknown in local recipient table".
+reject mail with "User unknown in local recipient table". D\bDo\bon\bn'\b't\bt d\bdo\bo t\bth\bhi\bis\bs o\bon\bn
+s\bsy\bys\bst\bte\bem\bms\bs t\bth\bha\bat\bt r\bre\bec\bce\bei\biv\bve\be m\bma\bai\bil\bl d\bdi\bir\bre\bec\bct\btl\bly\by f\bfr\bro\bom\bm t\bth\bhe\be I\bIn\bnt\bte\ber\brn\bne\bet\bt.\b. W\bWi\bit\bth\bh t\bto\bod\bda\bay\by'\b's\bs w\bwo\bor\brm\bms\bs a\ban\bnd\bd
+v\bvi\bir\bru\bus\bse\bes\bs,\b, P\bPo\bos\bst\btf\bfi\bix\bx w\bwi\bil\bll\bl b\bbe\bec\bco\bom\bme\be a\ba b\bba\bac\bck\bks\bsc\bca\bat\btt\bte\ber\br s\bso\bou\bur\brc\bce\be:\b: i\bit\bt a\bac\bcc\bce\bep\bpt\bts\bs m\bma\bai\bil\bl f\bfo\bor\br n\bno\bon\bn-\b-
+e\bex\bxi\bis\bst\bte\ben\bnt\bt r\bre\bec\bci\bip\bpi\bie\ben\bnt\bts\bs a\ban\bnd\bd t\bth\bhe\ben\bn t\btr\bri\bie\bes\bs t\bto\bo r\bre\bet\btu\bur\brn\bn t\bth\bha\bat\bt m\bma\bai\bil\bl a\bas\bs "\b"u\bun\bnd\bde\bel\bli\biv\bve\ber\bra\bab\bbl\ble\be"\b" t\bto\bo
+t\bth\bhe\be o\bof\bft\bte\ben\bn f\bfo\bor\brg\bge\bed\bd s\bse\ben\bnd\bde\ber\br a\bad\bdd\bdr\bre\bes\bss\bs.
W\bWh\bhe\ben\bn y\byo\bou\bu n\bne\bee\bed\bd t\bto\bo c\bch\bha\ban\bng\bge\be t\bth\bhe\be l\blo\boc\bca\bal\bl_\b_r\bre\bec\bci\bip\bpi\bie\ben\bnt\bt_\b_m\bma\bap\bps\bs s\bse\bet\btt\bti\bin\bng\bg i\bin\bn m\bma\bai\bin\bn.\b.c\bcf\bf
directories.
The following example shows how to use maildrop for some.domain and for
-someother.domain.
+someother.domain. The example comes in two parts.
+
+Part 1 describes changes to the main.cf file:
1 /etc/postfix/main.cf:
2 maildrop_destination_recipient_limit = 1
Note: Do not use the postfix user as the maildrop user.
+Part 2 describes changes to the master.cf file:
+
/etc/postfix/master.cf:
maildrop unix - n n - - pipe
flags=ODRhu user=vmail argv=/path/to/maildrop -d ${recipient}
the file is created; if multiple messages were to use the same queue ID
simultaneously, mail would be lost).
-Fixing the ugly header maybe as simple as upgrading to a recent version of the
-Milter application. For example, current versions of dkim-filter and dk-filter
-have code that looks up the Postfix queue ID at a later protocol stage.
+If you experience the ugly header problem, see if a recent version of the
+Milter application fixes it. For example, current versions of dkim-filter and
+dk-filter already have code that looks up the Postfix queue ID at a later
+protocol stage.
To fix the ugly message header with sid-filter applications, we change the
source code, so that it does the queue ID lookup after Postfix receives the end
application name: st_optionneg[134563840]: 0x3d does not fulfill action
requirements 0x1e
- The solution is to use a Postfix version that supports the missing
- functionality.
+ The solution is to use Postfix version 2.4 or later.
* Most Milter configuration options are global. Future Postfix versions may
support per-Milter timeouts, per-Milter error handling, etc.
When delivering mail to a destination with multiple mail servers,
connection caching can help to skip over a non-responding server, and thus
- dramatically speed up delivery.
+ dramatically speed up delivery. SMTP connection caching is available in
+ Postfix version 2.2 and later. More information about this feature is in
+ the CONNECTION_CACHE_README document.
- smtp(8) <-> scache(8) <-> smtp(8)
-
+ /-- smtp(8) --> Internet
+
+ qmgr(8) |
+ |
+ \-- | smtp(8) --> Internet
+ |
+ ^
+ |
+
+ scache(8)
* The showq(8) servers list the Postfix queue status. This is the queue
listing service that does the work for the mailq(1) and postqueue(1)
www.openspf.org/Software.
Policy delegation is now the preferred method for adding policies to Postfix.
-It's much easier to develop a new feature in few lines of Perl, than trying to
-do the same in C code. The difference in performance will be unnoticeable
-except in the most demanding environments. On active systems a policy daemon
-process is used multiple times, for up to $max_use incoming SMTP connections.
+It's much easier to develop a new feature in few lines of Perl, Python, Ruby,
+or TCL, than trying to do the same in C code. The difference in performance
+will be unnoticeable except in the most demanding environments. On active
+systems a policy daemon process is used multiple times, for up to $max_use
+incoming SMTP connections.
This document covers the following topics:
1. Re-inject the mail back into Postfix via SMTP, perhaps after changing its
content and/or destination.
- 2. Reject the mail by sending a suitable SMTP status code back to Postfix.
+ 2. Discard or quarantine the mail.
+
+ 3. Reject the mail by sending a suitable SMTP status code back to Postfix.
Postfix passes the status back to the remote SMTP client. This way, Postfix
does not have to send a bounce message.
from using up all 20 SMTP server processes. This limit is not necessary if
you receive all mail from a trusted relay host.
- Note: this setting is ignored by the stable Postfix 2.1 release. The
- feature will be available only in the experimental release until Postfix
- 2.2.
+ Note: this setting is available in Postfix version 2.2 and later. Earlier
+ Postfix versions will ignore it.
* The "-o smtpd_proxy_filter=127.0.0.1:10025" tells the before filter SMTP
server that it should give incoming mail to the content filter that listens
is used selectively, only with destinations explicitly configured for TLS.
You can disable TLS for a subset of destinations, while leaving it enabled for
-the rest. With the Postfix 2.3+ TLS policy table, specify the "none" security
-level. With the obsolete per-site table, specify the "NONE" keyword.
+the rest. With the Postfix 2.3 and later TLS policy table, specify the "none"
+security level. With the obsolete per-site table, specify the "NONE" keyword.
O\bOp\bpp\bpo\bor\brt\btu\bun\bni\bis\bst\bti\bic\bc T\bTL\bLS\bS
warning written to the mail logs.
You can enable opportunistic TLS just for selected destinations. With the
-Postfix 2.3+ TLS policy table, specify the "may" security level. With the
-obsolete per-site table, specify the "MAY" keyword.
+Postfix 2.3 and later TLS policy table, specify the "may" security level. With
+the obsolete per-site table, specify the "MAY" keyword.
This is the most common security level for TLS protected SMTP sessions,
stronger security is not generally available and, if needed, is typically only
security level.
You can enable mandatory TLS encryption just for specific destinations. With
-the Postfix 2.3+ TLS policy table, specify the "encrypt" security level. With
-the obsolete per-site table, specify the "MUST_NOPEERMATCH" keyword. While the
-obsolete approach still works with Postfix 2.3, it is strongly discouraged:
-users of Postfix 2.3+ should use the new TLS policy settings.
+the Postfix 2.3 and later TLS policy table, specify the "encrypt" security
+level. With the obsolete per-site table, specify the "MUST_NOPEERMATCH"
+keyword. While the obsolete approach still works with Postfix 2.3, it is
+strongly discouraged: users of Postfix 2.3 and later should use the new TLS
+policy settings.
Examples:
.example.com encrypt
Postfix 2.2 syntax (no support for sub-domains without resorting to regexp
-tables). With Postfix 2.3+, do not use the obsolete per-site table.
+tables). With Postfix 2.3 and later, do not use the obsolete per-site table.
/etc/postfix/main.cf:
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
Instead, use the destination (for example, "[example.net]:587"), as the per-
site table lookup key (a recipient domain or MX-enabled transport nexthop with
no port suffix may look like a bare hostname, but is still a suitable
-destination). With Postfix 2.3+, do not use the obsolete per-site table; use
-the new policy table instead.
+destination). With Postfix 2.3 and later, do not use the obsolete per-site
+table; use the new policy table instead.
/etc/postfix/main.cf:
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
configuration instead.
You can enable mandatory server certificate verification just for specific
-destinations. With the Postfix 2.3+ TLS policy table, specify the "verify"
-security level. With the obsolete per-site table, specify the "MUST" keyword.
-While the obsolete approach still works with Postfix 2.3, it is strongly
-discouraged: users of Postfix 2.3+ should use the new TLS policy settings.
+destinations. With the Postfix 2.3 and later TLS policy table, specify the
+"verify" security level. With the obsolete per-site table, specify the "MUST"
+keyword. While the obsolete approach still works with Postfix 2.3, it is
+strongly discouraged: users of Postfix 2.3 and later should use the new TLS
+policy settings.
Example:
necessary STARTTLS support.
You can enable secure TLS verification just for specific destinations. With the
-Postfix 2.3+ TLS policy table, specify the "secure" security level. With the
-obsolete per-site table, specify the "MUST" keyword and harden the certificate
-verification against DNS forgery. While the obsolete approach still works with
-Postfix 2.3, it is strongly discouraged: users of Postfix 2.3+ should use the
-new TLS policy settings.
+Postfix 2.3 and later TLS policy table, specify the "secure" security level.
+With the obsolete per-site table, specify the "MUST" keyword and harden the
+certificate verification against DNS forgery. While the obsolete approach still
+works with Postfix 2.3, it is strongly discouraged: users of Postfix 2.3 and
+later should use the new TLS policy settings.
Examples:
/etc/postfix/tls_policy:
[tls.example.com] secure match=tls.example.com
-Postfix 2.2.9+ syntax:
+Postfix 2.2.9 and later syntax:
N\bNo\bot\bte\be:\b: Avoid policy lookups with the bare hostname (for example,
"tls.example.com"). Instead, use the destination (for example, "
[tls.example.com]") as the per-site table lookup key (a recipient domain or MX-
enabled transport nexthop with no port suffix may look like a bare hostname,
-but is still a suitable destination). With Postfix 2.3+, do not use the
-obsolete per-site table; use the new policy table instead.
+but is still a suitable destination). With Postfix 2.3 and later, do not use
+the obsolete per-site table; use the new policy table instead.
/etc/postfix/main.cf:
smtp_cname_overrides_servername = no
nexthop (enclosed in [] with a possible ":port" suffix) as the per-site table
lookup key (a recipient domain or MX-enabled transport nexthop with no port
suffix may look like a bare hostname, but is still a suitable destination).
-With Postfix 2.3+, use of the obsolete approach documented here is strongly
-discouraged: use the new policy table instead.
+With Postfix 2.3 and later, use of the obsolete approach documented here is
+strongly discouraged: use the new policy table instead.
Starting with Postfix 2.3, the underlying TLS enforcement levels are common to
the obsolete per-site table and the new policy table. The main.cf
For a general discussion of TLS security for SMTP see TLS limitations above.
What follows applies only to Postfix 2.2.9 and subsequent Postfix 2.2 patch
-levels. Do not use this approach with Postfix 2.3+; instead see the
+levels. Do not use this approach with Postfix 2.3 and later; instead see the
instructions under secure server certificate verification.
As long as no secure DNS lookup mechanism is available, false hostnames in MX
version 2.2.
The Postfix smtpd(8) server can limit the number of simultaneous connections
-from the same SMTP client, as well as the number of connections that a client
-is allowed to make per unit time. These statistics are maintained by the anvil
-(8) server (translation: if anvil(8) breaks, then connection limits stop
-working).
+from the same SMTP client, as well as the connection rate and the rate of
+certain SMTP commands from the same client. These statistics are maintained by
+the anvil(8) server (translation: if anvil(8) breaks, then connection limits
+stop working).
IMPORTANT: These limits must not be used to regulate legitimate traffic: mail
will suffer grotesque delays if you do so. The limits are designed to protect
- Update BACKSCATTER_README with PCRE rules.
-- Otherwise done up to and including FILTER_README
-
- Truncate wish list from HISTORY.
- Spell check and double word check the proto files.
# string until a match is found in the access table,
# or until further truncation is not possible.
#
-# NOTE 1: The information in the access map should be
-# in canonical form, with unnecessary null characters
-# eliminated. Address information must not be
-# enclosed with "[]" characters.
+# NOTE 1: The access map lookup key must be in canon-
+# ical form: do not specify unnecessary null charac-
+# ters, and do not enclose network address informa-
+# tion with "[]" characters.
#
# NOTE 2: use the cidr lookup table type to specify
# network/netmask patterns. See cidr_table(5) for
# the string representation of the IPv6 host address.
# Thus, not all the ":" subnetworks will be tried.
#
-# NOTE 2: The information in the access map should be
-# in canonical form, with unnecessary null characters
-# eliminated. Address information must not be
-# enclosed with "[]" characters.
+# NOTE 2: The access map lookup key must be in canon-
+# ical form: do not specify unnecessary null charac-
+# ters, and do not enclose network address informa-
+# tion with "[]" characters.
#
# NOTE 3: use the cidr lookup table type to specify
# network/netmask patterns. See cidr_table(5) for
# nested_header_checks = pcre:/etc/postfix/nested_header_checks
# body_checks = pcre:/etc/postfix/body_checks
#
-# postmap -fq "string" pcre:/etc/postfix/filename
-# postmap -fq - pcre:/etc/postfix/filename <inputfile
+# postmap -q "string" pcre:/etc/postfix/filename
+# postmap -q - pcre:/etc/postfix/filename <inputfile
#
# DESCRIPTION
# This document describes access control on the content of
$readme_directory/PACKAGE_README:f:root:-:644
$readme_directory/PCRE_README:f:root:-:644
$readme_directory/PGSQL_README:f:root:-:644
-$readme_directory/QMQP_README:f:root:-:644
+$readme_directory/QMQP_README:f:root:-:644:o
$readme_directory/QSHAPE_README:f:root:-:644
$readme_directory/RELEASE_NOTES:f:root:-:644
$readme_directory/RESTRICTION_CLASS_README:f:root:-:644
$html_directory/PACKAGE_README.html:f:root:-:644
$html_directory/PCRE_README.html:f:root:-:644
$html_directory/PGSQL_README.html:f:root:-:644
-$html_directory/QMQP_README.html:f:root:-:644
+$html_directory/QMQP_README.html:f:root:-:644:o
$html_directory/QSHAPE_README.html:f:root:-:644
$html_directory/RESTRICTION_CLASS_README.html:f:root:-:644
$html_directory/SASL_README.html:f:root:-:644
$html_directory/canonical.5.html:f:root:-:644
$html_directory/cidr_table.5.html:f:root:-:644
$html_directory/cleanup.8.html:f:root:-:644
-$html_directory/defer.8.html:f:root:-:644
+$html_directory/defer.8.html:h:$html_directory/bounce.8.html:-:644
$html_directory/discard.8.html:f:root:-:644
$html_directory/error.8.html:f:root:-:644
$html_directory/flush.8.html:f:root:-:644
$html_directory/master.8.html:f:root:-:644
$html_directory/mysql_table.5.html:f:root:-:644
$html_directory/nisplus_table.5.html:f:root:-:644
-$html_directory/newaliases.1.html:f:root:-:644
+$html_directory/newaliases.1.html:h:$html_directory/mailq.1.html:-:644
$html_directory/oqmgr.8.html:f:root:-:644
$html_directory/pcre_table.5.html:f:root:-:644
$html_directory/pgsql_table.5.html:f:root:-:644
$html_directory/qmqpd.8.html:f:root:-:644
$html_directory/regexp_table.5.html:f:root:-:644
$html_directory/relocated.5.html:f:root:-:644
-$html_directory/sendmail.1.html:f:root:-:644
+$html_directory/sendmail.1.html:h:$html_directory/mailq.1.html:-:644
$html_directory/showq.8.html:f:root:-:644
$html_directory/smtp-sink.1.html:f:root:-:644
$html_directory/smtp-source.1.html:f:root:-:644
-$html_directory/smtp.8.html:f:root:-:644
+$html_directory/smtp.8.html:h:$html_directory/lmtp.8.html:-:644
$html_directory/smtpd.8.html:f:root:-:644
$html_directory/spawn.8.html:f:root:-:644
$html_directory/tcp_table.5.html:f:root:-:644
-$html_directory/trace.8.html:f:root:-:644
+$html_directory/trace.8.html:h:$html_directory/bounce.8.html:-:644
$html_directory/transport.5.html:f:root:-:644
$html_directory/trivial-rewrite.8.html:f:root:-:644
$html_directory/verify.8.html:f:root:-:644
}
$INFO stopping the Postfix mail system
kill `sed 1q pid/master.pid`
- for i in 6 5 4 3 2 1
+ for i in 5 4 3 2 1
do
$daemon_directory/master -t && exit 0
- $INFO waiting for the Postfix mail system to terminate - $i
+ $INFO waiting for the Postfix mail system to terminate
sleep 1
done
$WARN stopping the Postfix mail system with force
<li> <p> The list of domains that are a member of the class: for
example, all <a href="ADDRESS_CLASS_README.html#local_domain_class">local domains</a>, or all <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a>. </p>
-<li> <p> The default delivery transport. For example, the local or
-relay delivery transport (delivery transports are defined in
-<a href="master.5.html">master.cf</a>). This helps to keep Postfix configurations
-simple. </p>
+<li> <p> The default delivery transport. For example, the local,
+virtual or relay delivery transport (delivery transports are defined
+in <a href="master.5.html">master.cf</a>). This helps to keep Postfix configurations simple,
+by avoiding the need for explicit routing information in transport
+maps. </p>
<li> <p> The list of valid recipient addresses for that address
class. The Postfix SMTP server rejects invalid recipients with
<table>
-<tr> <td align="center" colspan="3" bgcolor="#f0f0ff"> <br> <a href="smtp.8.html">smtp(8)</a>
-<br> </td> <td colspan="2"> --> Internet </td> </tr>
+<tr> <td> </td> <td> <tt> /-- </tt> </td> <td align="center"
+colspan="3" bgcolor="#f0f0ff"> <a href="smtp.8.html">smtp(8)</a> </td> <td colspan="2"> <tt>
+--> </tt> Internet </td> </tr>
-<tr> <td align="center" rowspan="3"> </td> <td align="center"
-rowspan="3"><tt>|<br>|<br>|<br>|<br>|<br>|<br>v</tt></td>
-<td> </td> </tr>
+<tr> <td align="center" bgcolor="#f0f0ff"> <a href="qmgr.8.html">qmgr(8)</a> </td> <td> </td>
+<td align="center" rowspan="3"> </td> <td align="center"
+rowspan="3"><tt>|<br>|<br>|<br>|<br>v</tt></td> <td> </td>
+</tr>
-<tr> <td align="center"
-colspan="2" bgcolor="#f0f0ff"> <br> <a href="smtp.8.html">smtp(8)</a> <br> </td> <td
-align="left"> --> Internet </td> </tr>
+<tr> <td> </td> <td> <tt> \-- </tt> </td> <td align="center"
+colspan="2" bgcolor="#f0f0ff"> <a href="smtp.8.html">smtp(8)</a> </td> <td align="left"> <tt>
+--> </tt> Internet </td> </tr>
-<tr> <td align="center"><tt>^<br>|</tt></td> <td> </td> </tr>
+<tr> <td colspan="3"> </td> <td align="center"><tt>^<br>|</tt></td>
+<td> </td> </tr>
-<tr> <td align="center" colspan="3" bgcolor="#f0f0ff"> <br> <a href="scache.8.html">scache(8)</a>
-<br> </td> </tr>
+<tr> <td colspan="3"> </td> <td align="center" colspan="3"
+bgcolor="#f0f0ff"> <a href="scache.8.html">scache(8)</a> </td> </tr>
</table>
<h2> <a name="1">1 - Purpose of this document</a> </h2>
-<p> This is a bootstrap document that helps you get Postfix up and
-running from scratch with the minimal number of steps. If you are
-using a pre-compiled version of Postfix, you should be reading the
-general Postfix documentation which aims to describe the system in
-more detail. This bootstrap document should not be considered part
-of the general Postfix documentation. </p>
+<p> If you are using a pre-compiled version of Postfix, you should
+start with <a href="BASIC_CONFIGURATION_README.html">BASIC_CONFIGURATION_README</a> and the general documentation
+referenced by it. <a href="INSTALL.html">INSTALL</a> is only a bootstrap document to get
+Postfix up and running from scratch with the minimal number of
+steps; it should not be considered part of the general documentation.
+</p>
<p> This document describes how to build, install and configure a
Postfix system so that it can do one of the following: </p>
</blockquote>
<p> Of particular interest is the <a href="postconf.5.html">postconf(5)</a> manual page that
-lists all the 400+ configuration parameters. The HTML version of
+lists all the 500+ configuration parameters. The HTML version of
this text makes it easy to navigate around. </p>
<p> All Postfix source files have their own built-in manual page.
OSF1.V3 - OSF1.V5 (Digital UNIX) <br>
Reliant UNIX 5.x <br>
Rhapsody 5.x <br>
-SunOS 4.1.4 (July 2006) <br>
-SunOS 5.4 - 5.9 (Solaris 2.4..9) <br>
+SunOS 4.1.4 (March 2007) <br>
+SunOS 5.4 - 5.10 (Solaris 2.4..10) <br>
Ultrix 4.x (well, that was long ago) <br>
</p>
</blockquote>
<p> On Solaris, the "make" command and other utilities for software
development are in /usr/ccs/bin, so you MUST have /usr/ccs/bin in
-your command search path. </p>
+your command search path. If these files do not exist, install the
+development packages first. See the Solaris FAQ item "<a
+href="http://www.science.uva.nl/pub/solaris/solaris2.html#q6.2">Which
+packages do I need to install to support a C compiler?</a>". </p>
<p> If you need to build Postfix for multiple architectures, use the
"lndir" command to build a shadow tree with symbolic links to the
<h3>4.5 - Support for thousands of processes</h3>
-<p> In order to build Postfix for very large applications, where you
-expect to run more than 1000 mail delivery processes, you may need to
-override the definition of the FD_SETSIZE macro to make select()
-work correctly: </p>
+<p> The number of connections that Postfix can manage simultaneously
+is limited by the number of processes that it can run. This number
+in turn is limited by the number of files and sockets that a single
+process can open. For example, the Postfix queue manager has a
+separate connection to each delivery process, and the <a href="anvil.8.html">anvil(8)</a>
+server has one connection per <a href="smtpd.8.html">smtpd(8)</a> process. </p>
+
+<p> Postfix version 2.4 and later have no built-in limits on the
+number of open files or sockets, when compiled on systems that
+support one of the following: </p>
+
+<ul>
+
+<li> BSD kqueue(2) (FreeBSD 4.1, NetBSD 2.0, OpenBSD 2.9),
+
+<li> Solaris 8 /dev/poll,
+
+<li> Linux 2.6 epoll(4).
+
+</ul>
+
+
+<p> With other Postfix versions or operating systems, the number
+of file descriptors per process is limited by the value of the
+FD_SETSIZE macro. If you expect to run more than 1000 mail delivery
+processes, you may need to override the definition of the FD_SETSIZE
+macro to make select() work correctly: </p>
<blockquote>
<pre>
overriding the __FD_SETSIZE macro. Beware, undocumented interfaces
can change at any time and without warning. </p>
+<p> But wait, there is more: none of this will work unless the
+operating system is configured to handle thousands of connections.
+See the <a href="TUNING_README.html">TUNING_README</a> guide for examples of how to increase the
+number of open sockets or files. </p>
+
<h3>4.6 - Compiling Postfix, at last</h3>
<p> If the command </p>
<p> This text describes how to install Postfix from source code.
See the <a href="PACKAGE_README.html">PACKAGE_README</a> file if you are building a package for
-distribution to other systems. See auxiliary/MacOSX/README-<a href="INSTALL.html">INSTALL</a>.OSX
-for information about installing Postfix from source on Mac OS X.
-</p>
+distribution to other systems. </p>
<h3>6.1 - Save existing Sendmail binaries</h3>
<p> <a name="save">IMPORTANT</a>: if you are REPLACING an existing
Sendmail installation with Postfix, you may need to keep the old
sendmail program running for some time in order to flush the mail
-queue. As superuser, execute the following commands (your sendmail,
-newaliases and mailq programs may be in a different place): </p>
+queue. </p>
+
+<ul>
+
+<li> <p> Some systems implement a mail switch mechanism where
+different MTAs (Postfix, Sendmail, etc.) can be installed at the
+same time, while only one of them is actually being used. Examples
+of such switching mechanisms are the FreeBSD mailwrapper(8) or the
+Linux mail switch. In this case you should try to "flip" the switch
+to "Postfix" before installing Postfix. </p>
+
+<li> <p> If your system has no mail switch mechanism, execute the
+following commands (your sendmail, newaliases and mailq programs
+may be in a different place): </p>
-<blockquote>
<pre>
# mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF
# mv /usr/bin/newaliases /usr/bin/newaliases.OFF
# chmod 755 /usr/sbin/sendmail.OFF /usr/bin/newaliases.OFF \
/usr/bin/mailq.OFF
</pre>
-</blockquote>
+
+</ul>
<h3>6.2 - Create account and groups</h3>
<ul>
+<li> <p> The interactive version ("make install") asks for pathnames
+for Postfix data and program files, and stores your preferences in
+the <a href="postconf.5.html">main.cf</a> file. <b> If you don't want Postfix to overwrite
+non-Postfix "sendmail", "mailq" and "newaliases" files, specify
+pathnames that end in ".postfix"</b>. </p>
+
<li> <p> The non-interactive version ("make upgrade") needs the
/etc/postfix/<a href="postconf.5.html">main.cf</a> file from a previous installation. If the file
does not exist, use interactive installation ("make install")
instead. </p>
-<li> <p> The interactive version offers suggestions for pathnames
-that you can override interactively, and stores your preferences
-in /etc/postfix/<a href="postconf.5.html">main.cf</a> for convenient future upgrades. </p>
-
</ul>
<h3>6.4 - Configure Postfix</h3>
Postfix on a virtual interface address. Simply configure your mail
user agent to directly invoke the Postfix sendmail program. </p>
+<p> To create a virtual network interface address, study your
+system ifconfig manual page. The command syntax could be any
+of: </p>
+
+<blockquote>
+<pre>
+# <b>ifconfig le0:1 <address> netmask <mask> up</b>
+# <b>ifconfig en0 alias <address> netmask 255.255.255.255</b>
+</pre>
+</blockquote>
+
<p> In the /etc/postfix/<a href="postconf.5.html">main.cf</a> file, I would specify </p>
<blockquote>
<h2><a name="example_group">Example: expanding LDAP groups</a></h2>
-<p> LDAP is frequently used to store group member information, and Postfix
-supports expanding a group's email address to the list of email addresses
-of the group members. There are a number of ways of handling LDAP groups,
-which will be illustrated via the mock LDAP entries and implied schema
-below. This shows two group entries "agroup" and "bgroup" and four
-user entries "auser", "buser", "cuser" and "duser". The group "agroup"
-has the users "auser" (1) and "buser" (2) as members via DN references
-in the multi-valued attribute "memberdn", and direct email addresses of
-two external users "auser@example.org" (3) and "buser@example.org" (4)
-stored in the multi-valued attribute "memberaddr". The same is true of
-"bgroup" and "cuser"/"duser" (6)/(7)/(8)/(9), but "bgroup" also has a
-"maildrop" attribute of "bgroup@mlm.example.com" (5): </p>
+<p>
+LDAP is frequently used to store group member information. There are a
+number of ways of handling LDAP groups. We will show a few examples in
+order of increasing complexity, but owing to the number of independent
+variables, we can only present a tiny portion of the solution space.
+We show how to:
+</p>
+
+<ol>
+
+<li> <p> query groups as lists of addresses; </p>
+
+<li> <p> query groups as lists of user objects containing addresses; </p>
+
+<li> <p> forward special lists unexpanded to a separate list server,
+for moderation or other processing; </p>
+
+<li> <p> handle complex schemas by controlling expansion and by treating
+leaf nodes specially, using features that are new in Postfix 2.4. </p>
+
+</ol>
+
+<p>
+The example LDAP entries and implied schema below show two group entries
+("agroup" and "bgroup") and four user entries ("auser", "buser", "cuser"
+and "duser"). The group "agroup" has the users "auser" (1) and "buser" (2)
+as members via DN references in the multi-valued attribute "memberdn", and
+direct email addresses of two external users "auser@example.org" (3) and
+"buser@example.org" (4) stored in the multi-valued attribute "memberaddr".
+The same is true of "bgroup" and "cuser"/"duser" (6)/(7)/(8)/(9), but
+"bgroup" also has a "maildrop" attribute of "bgroup@mlm.example.com"
+(5): </p>
<blockquote>
<pre>
Always check tables using <a href="postmap.1.html">postmap(1)</a> with the "-q" option, before
deploying them into production use in <a href="postconf.5.html">main.cf</a>. </p>
-<p> Our second use case also expands "memberdn" attributes (1), (2),
+<p> Our second use case instead expands "memberdn" attributes (1), (2),
(6) and (7), follows the DN references and returns the "maildrop" of the
referenced user entries. Here we use the "special_result_attribute"
setting from <a href="ldap_table.5.html">ldap_table(5)</a> to designate the "memberdn" attribute
the group and the member DNs. In this case we choose "maildrop" and
assume for the moment that groups never have a "maildrop" (the "bgroup"
"maildrop" attribute is for a different use case). The returned data for
-"auser" and "buser" is from items (11) and (13) in the mock data. </p>
+"auser" and "buser" is from items (11) and (13) in the example data. </p>
<blockquote>
<pre>
...
search_base = dc=example, dc=com
query_filter = mail=%s
- result_attribute = memberaddr, maildrop
+ result_attribute = maildrop
special_result_attribute = memberdn
$ postmap -q agroup@example.com <a href="ldap_table.5.html">ldap</a>:special.cf
- auser@mailhub.example.com,buser@mailhub.example.com,auser@example.org,buser@example.org
+ auser@mailhub.example.com,buser@mailhub.example.com
</pre>
</blockquote>
<p> Note: if the desired member object result attribute is always also
-present in the group, you get surprising results, the expansion also
+present in the group, you get surprising results: the expansion also
returns the address of the group. This is a known limitation of Postfix
releases prior to 2.4, and is addressed in the new with Postfix 2.4
"leaf_result_attribute" feature described in <a href="ldap_table.5.html">ldap_table(5)</a>. </p>
...
search_base = dc=example, dc=com
query_filter = mail=%s
- result_attribute = memberaddr, maildrop
+ result_attribute = maildrop
special_result_attribute = memberdn
$ postmap -q auser@example.com <a href="ldap_table.5.html">ldap</a>:no_expand.cf <a href="ldap_table.5.html">ldap</a>:expand.cf
auser@mailhub.example.com
$ postmap -q agroup@example.com <a href="ldap_table.5.html">ldap</a>:no_expand.cf <a href="ldap_table.5.html">ldap</a>:expand.cf
- auser@mailhub.example.com,buser@mailhub.example.com,auser@example.org,buser@example.org
+ auser@mailhub.example.com,buser@mailhub.example.com
$ postmap -q bgroup@example.com <a href="ldap_table.5.html">ldap</a>:no_expand.cf <a href="ldap_table.5.html">ldap</a>:expand.cf
bgroup@mlm.example.com
</pre>
Victor Duchovni developed the common query, result_format, domain and
expansion_limit interface for LDAP, MySQL and PosgreSQL.</li>
+<li>Gunnar Wrobel provided a first implementation of a feature to
+limit LDAP search results to leaf nodes only. Victor generalized
+this into the Postfix 2.4 "leaf_result_attribute" feature. </li>
+
</ul>
And of course Wietse.
<h2>Berkeley DB issues</h2>
-<p> Warning: if you can't compile Postfix because the file "db.h"
+<p> If you can't compile Postfix because the file "db.h"
isn't found, then you MUST install the Berkeley DB development
package (name: db???-devel-???) that matches your system library.
You can find out what is installed with the rpm command. For example:
</blockquote>
<p> This means that you need to install db4-devel-4.3.29-2 (on
-some systems, specify <tt>/lib/libdb.so</tt> in the rpm query). </p>
+some systems, specify "<b>rpm -qf /lib/libdb.so</b>" instead). </p>
<p> DO NOT download some Berkeley DB version from the network.
Every Postfix program will dump core when it is built with a different
<p> On RedHat Linux 7.1 and later <b>procmail</b> no longer has
permission
-to write the mail spool directory. Workaround: chmod 1777
-/var/spool/mail.
-</p>
+to write the mail spool directory. Workaround: </p>
+
+<blockquote>
+<pre>
+# chmod 1777 /var/spool/mail
+</pre>
+</blockquote>
<h2>Syslogd performance</h2>
<blockquote>
<pre>
-/etc/postfix/main.cf:
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> = <a href="proxymap.8.html">proxy</a>:unix:passwd.byname $<a href="postconf.5.html#alias_maps">alias_maps</a>
</pre>
</blockquote>
<blockquote>
<pre>
-/etc/postfix/main.cf:
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =
</pre>
</blockquote>
<p> That is, an empty value. With this setting, the Postfix SMTP
server will not reject mail with "User unknown in local recipient
-table". </p>
+table". <b> Don't do this on systems that receive mail directly
+from the Internet. With today's worms and viruses, Postfix will
+become a backscatter source: it accepts mail for non-existent
+recipients and then tries to return that mail as "undeliverable"
+to the often forged sender address</b>. </p>
<h2><a name="change">When you need to change the local_recipient_maps
setting in main.cf</a></h2>
<li> <p> Problem: you don't use the default Postfix <a href="local.8.html">local(8)</a>
delivery agent for domains matching $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>,
or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. For example, you redefined the
- "<a href="postconf.5.html#local_transport">local_transport</a>" setting in main.cf. </p>
+ "<a href="postconf.5.html#local_transport">local_transport</a>" setting in <a href="postconf.5.html">main.cf</a>. </p>
<p> Solution: your <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> setting needs to specify
a database that lists all the known user names or addresses
specify: </p>
<pre>
-/etc/postfix/main.cf
+/etc/postfix/<a href="postconf.5.html">main.cf</a>
<a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a> localhost.$<a href="postconf.5.html#mydomain">mydomain</a> localhost ...
<a href="postconf.5.html#local_transport">local_transport</a> = virtual
<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> = $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
non-UNIX users: </p>
<pre>
-/etc/postfix/main.cf
+/etc/postfix/<a href="postconf.5.html">main.cf</a>
<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> = <a href="proxymap.8.html">proxy</a>:unix:passwd.byname, $<a href="postconf.5.html#alias_maps">alias_maps</a>,
<the database with non-UNIX accounts>
</pre>
</p>
<pre>
-/etc/postfix/main.cf
+/etc/postfix/<a href="postconf.5.html">main.cf</a>
<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =
</pre>
recipients that don't have UNIX home directories. </p>
<p> The following example shows how to use maildrop for some.domain
-and for someother.domain. </p>
+and for someother.domain. The example comes in two parts. </p>
+
+<p> Part 1 describes changes to the <a href="postconf.5.html">main.cf</a> file: </p>
<blockquote>
<pre>
<p> Note: Do not use the postfix user as the maildrop user. </p>
+<p> Part 2 describes changes to the <a href="master.5.html">master.cf</a> file: </p>
+
<blockquote>
<pre>
/etc/postfix/<a href="master.5.html">master.cf</a>:
</ul>
-<p> Fixing the ugly header maybe as simple as upgrading to a recent
-version of the Milter application. For example, current versions
-of dkim-filter and dk-filter have code that looks up the Postfix
-queue ID at a later protocol stage. </p>
+<p> If you experience the ugly header problem, see if a recent
+version of the Milter application fixes it. For example, current
+versions of dkim-filter and dk-filter already have code that looks
+up the Postfix queue ID at a later protocol stage. </p>
<p> To fix the ugly message header with sid-filter applications,
we change the source code, so that it does the queue ID lookup after
</pre>
</blockquote>
-<p> The solution is to use a Postfix version that supports the
-missing functionality. </p>
+<p> The solution is to use Postfix version 2.4 or later. </p>
<li> <p> Most Milter configuration options are global. Future Postfix
versions may support per-Milter timeouts, per-Milter error handling,
defer.8.html: bounce.8.html
rm -f $@
- ln -s $? $@
+ ln $? $@
discard.8.html: ../src/discard/discard.c
PATH=../mantools:$$PATH; \
lmtp.8.html: smtp.8.html
rm -f $@
- ln -s $? $@
+ ln $? $@
local.8.html: ../src/local/local.c
PATH=../mantools:$$PATH; \
trace.8.html: bounce.8.html
rm -f $@
- ln -s $? $@
+ ln $? $@
trivial-rewrite.8.html: ../src/trivial-rewrite/trivial-rewrite.c
PATH=../mantools:$$PATH; \
mailq.1.html: sendmail.1.html
rm -f $@
- ln -s $? $@
+ ln $? $@
newaliases.1.html: sendmail.1.html
PATH=../mantools:$$PATH; \
rm -f $@
- ln -s $? $@
+ ln $? $@
smtp-source.1.html: ../src/smtpstone/smtp-source.c
PATH=../mantools:$$PATH; \
<p> When delivering mail to a destination with multiple mail servers,
connection caching can help to skip over a non-responding server,
-and thus dramatically speed up delivery. </p>
+and thus dramatically speed up delivery. SMTP connection caching
+is available in Postfix version 2.2 and later. More information
+about this feature is in the <a href="CONNECTION_CACHE_README.html">CONNECTION_CACHE_README</a> document. </p>
<table>
-<tr> <td align="center" bgcolor="#f0f0ff"> <br> <a href="smtp.8.html">smtp(8)</a> <br>
- </td> <td> <tt> <-> </tt> </td> <td align="center"
-bgcolor="#f0f0ff"> <br> <a href="scache.8.html">scache(8)</a> <br> </td> <td> <tt>
-<-> </tt> </td> <td align="center" bgcolor="#f0f0ff"> <br>
-<a href="smtp.8.html">smtp(8)</a> <br> </td>
+<tr> <td> </td> <td> <tt> /-- </tt> </td> <td align="center"
+colspan="3" bgcolor="#f0f0ff"> <a href="smtp.8.html">smtp(8)</a> </td> <td colspan="2"> <tt>
+--> </tt> Internet </td> </tr>
+
+<tr> <td align="center" bgcolor="#f0f0ff"> <a href="qmgr.8.html">qmgr(8)</a> </td> <td> </td>
+<td align="center" rowspan="3"> </td> <td align="center"
+rowspan="3"><tt>|<br>|<br>|<br>|<br>v</tt></td> <td> </td>
+</tr>
+
+<tr> <td> </td> <td> <tt> \-- </tt> </td> <td align="center"
+colspan="2" bgcolor="#f0f0ff"> <a href="smtp.8.html">smtp(8)</a> </td> <td align="left"> <tt>
+--> </tt> Internet </td> </tr>
+
+<tr> <td colspan="3"> </td> <td align="center"><tt>^<br>|</tt></td>
+<td> </td> </tr>
+
+<tr> <td colspan="3"> </td> <td align="center" colspan="3"
+bgcolor="#f0f0ff"> <a href="scache.8.html">scache(8)</a> </td> </tr>
</table>
+++ /dev/null
-<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
- "http://www.w3.org/TR/html4/loose.dtd">
-
-<html>
-
-<head>
-
-<title>Postfix qmail and ezmlm support</title>
-
-<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
-
-</head>
-
-<body>
-
-<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix qmail and ezmlm support</h1>
-
-<hr>
-
-<p> This document will be made available via <a href="http://www.postfix.org/">http://www.postfix.org/</a>. </p>
-
-</body>
-
-</html>
<p> Policy delegation is now the preferred method for adding policies
to Postfix. It's much easier to develop a new feature in few lines
-of Perl, than trying to do the same in C code. The difference in
+of Perl, Python, Ruby, or TCL, than trying to do the same in C code.
+The difference in
performance will be unnoticeable except in the most demanding
environments. On active systems a policy daemon process is used
multiple times, for up to $<a href="postconf.5.html#max_use">max_use</a> incoming SMTP connections. </p>
<li> <p> Re-inject the mail back into Postfix via SMTP, perhaps
after changing its content and/or destination. </p>
+ <li> <p> Discard or quarantine the mail. </p>
+
<li> <p> Reject the mail by sending a suitable SMTP status code
back to Postfix. Postfix passes the status back to the remote
SMTP client. This way, Postfix does not have to send a bounce
This limit is not necessary if you receive all mail from a
trusted <a href="postconf.5.html#relayhost">relay host</a>. </p>
- <p> Note: this setting is ignored by the stable Postfix 2.1
- release. The feature will be available only in the experimental
- release until Postfix 2.2. </p>
+ <p> Note: this setting is available in Postfix version 2.2 and
+ later. Earlier Postfix versions will ignore it. </p>
<li> <p> The "-o <a href="postconf.5.html#smtpd_proxy_filter">smtpd_proxy_filter</a>=127.0.0.1:10025" tells the
before filter SMTP server that it should give incoming mail to
for TLS. </p>
<p> You can disable TLS for a subset of destinations, while leaving
-it enabled for the rest. With the Postfix 2.3
+ TLS <a
+it enabled for the rest. With the Postfix 2.3
and later TLS <a
href="#client_tls_policy">policy table</a>, specify the "none"
security level. With the obsolete <a href="#client_tls_obs">per-site</a>
table, specify the "NONE" keyword. </p>
be ignored with a warning written to the mail logs. </p>
<p> You can enable opportunistic TLS just for selected destinations. With
-the Postfix 2.3
+ TLS <a href="#client_tls_policy">policy table</a>,
+the Postfix 2.3
and later TLS <a href="#client_tls_policy">policy table</a>,
specify the "may" security level. With the obsolete <a
href="#client_tls_obs">per-site</a> table, specify the "MAY" keyword.</p>
TLS encryption as the default security level. </p>
<p> You can enable mandatory TLS encryption just for specific destinations.
-With the Postfix 2.3
+ TLS <a href="#client_tls_policy">policy
+With the Postfix 2.3
and later TLS <a href="#client_tls_policy">policy
table</a>, specify the "encrypt" security level. With the
obsolete <a href="#client_tls_obs">per-site</a> table, specify the
"MUST_NOPEERMATCH" keyword. While the obsolete approach still works
-with Postfix 2.3, it is strongly discouraged: users of Postfix 2.3+
+with Postfix 2.3, it is strongly discouraged: users of Postfix 2.3 and later
should use the new TLS policy settings. </p>
<p> Examples: </p>
</blockquote>
<p> Postfix 2.2 syntax (no support for sub-domains without resorting to
-regexp tables). With Postfix 2.3
+, do not use the obsolete <a
+regexp tables). With Postfix 2.3
and later, do not use the obsolete <a
href="#client_tls_obs">per-site</a> table. </p>
<blockquote>
use the destination (for example, "[example.net]:587"), as the <a
href="#client_tls_obs">per-site</a> table lookup key (a recipient domain
or MX-enabled transport nexthop with no port suffix may look like a bare
-hostname, but is still a suitable <i>destination</i>). With Postfix 2.3+,
+hostname, but is still a suitable <i>destination</i>). With Postfix 2.3
+and later,
do not use the obsolete <a href="#client_tls_obs">per-site</a> table;
use the new <a href="#client_tls_policy">policy table</a> instead. </p>
</p>
<p> You can enable mandatory server certificate verification just
-for specific destinations. With the Postfix 2.3
+ TLS <a
+for specific destinations. With the Postfix 2.3
and later TLS <a
href="#client_tls_policy">policy table</a>, specify the "verify"
security level. With the obsolete <a href="#client_tls_obs">per-site</a>
table, specify the "MUST" keyword. While the obsolete approach
still works with Postfix 2.3, it is strongly discouraged: users of
-Postfix 2.3+ should use the new TLS policy settings. </p>
+Postfix 2.3 and later should use the new TLS policy settings. </p>
<p> Example: </p>
STARTTLS support. </p>
<p> You can enable secure TLS verification just for specific destinations.
-With the Postfix 2.3
+ TLS <a href="#client_tls_policy">policy table</a>,
+With the Postfix 2.3
and later TLS <a href="#client_tls_policy">policy table</a>,
specify the "secure" security level. With the obsolete
<a href="#client_tls_obs">per-site</a> table, specify the "MUST"
keyword and <a href="#client_tls_harden">harden</a> the certificate
verification against DNS forgery. While the obsolete approach still
-works with Postfix 2.3, it is strongly discouraged: users of Postfix 2.3+
+works with Postfix 2.3, it is strongly discouraged: users of Postfix 2.3
+and later
should use the new TLS policy settings. </p>
<p> Examples: </p>
</pre>
</blockquote>
-<p> Postfix 2.2.9+ syntax: </p>
+<p> Postfix 2.2.9 and later syntax: </p>
<p> <b>Note:</b> Avoid policy lookups with the bare hostname (for
example, "tls.example.com"). Instead, use the destination (for
example, "[tls.example.com]") as the <a
href="#client_tls_obs">per-site</a> table lookup key (a recipient domain
or MX-enabled transport nexthop with no port suffix may look like a bare
-hostname, but is still a suitable <i>destination</i>). With Postfix 2.3+,
+hostname, but is still a suitable <i>destination</i>). With Postfix 2.3
+and later,
do not use the obsolete <a href="#client_tls_obs">per-site</a> table;
use the new <a href="#client_tls_policy">policy table</a> instead. </p>
full destination nexthop (enclosed in [] with a possible ":port"
suffix) as the per-site table lookup key (a recipient domain or
MX-enabled transport nexthop with no port suffix may look like a bare
-hostname, but is still a suitable <i>destination</i>). With Postfix 2.3+,
+hostname, but is still a suitable <i>destination</i>). With Postfix 2.3
+and later,
use of the obsolete approach documented here is strongly discouraged:
use the new <a href="#client_tls_policy">policy table</a> instead. </p>
<p> For a general discussion of TLS security for SMTP see <a
href="#client_tls_limits">TLS limitations</a> above. What follows applies
only to Postfix 2.2.9 and subsequent Postfix 2.2 patch levels. Do
-not use this approach with Postfix 2.3+; instead see the instructions under <a
+not use this approach with Postfix 2.3
+and later; instead see the instructions under <a
href="#client_tls_secure">secure</a> server certificate verification. </p>
<p> As long as no secure DNS lookup mechanism is available, false
with Postfix version 2.2. </p>
<p> The Postfix <a href="smtpd.8.html">smtpd(8)</a> server can limit the number of simultaneous
-connections from the same SMTP client, as well as the number of
-connections that a client is allowed to make per unit time.
+connections from the same SMTP client, as well as the connection
+rate and the rate of certain SMTP commands from the same client.
These statistics are maintained by the <a href="anvil.8.html">anvil(8)</a> server (translation:
if <a href="anvil.8.html">anvil(8)</a> breaks, then connection limits stop working). </p>
string until a match is found in the access table,
or until further truncation is not possible.
- NOTE 1: The information in the access map should be
- in canonical form, with unnecessary null characters
- eliminated. Address information must not be
- enclosed with "[]" characters.
+ NOTE 1: The access map lookup key must be in canon-
+ ical form: do not specify unnecessary null charac-
+ ters, and do not enclose network address informa-
+ tion with "[]" characters.
NOTE 2: use the <b>cidr</b> lookup table type to specify
network/netmask patterns. See <a href="cidr_table.5.html"><b>cidr_table</b>(5)</a> for
the string representation of the IPv6 host address.
Thus, not all the ":" subnetworks will be tried.
- NOTE 2: The information in the access map should be
- in canonical form, with unnecessary null characters
- eliminated. Address information must not be
- enclosed with "[]" characters.
+ NOTE 2: The access map lookup key must be in canon-
+ ical form: do not specify unnecessary null charac-
+ ters, and do not enclose network address informa-
+ tion with "[]" characters.
NOTE 3: use the <b>cidr</b> lookup table type to specify
network/netmask patterns. See <a href="cidr_table.5.html"><b>cidr_table</b>(5)</a> for
In this preliminary implementation, a count (or rate) lim-
ited server can have only one remote client at a time. If
- a server reports multiple simultaneous clients, all but
- the last reported client are ignored.
+ a server reports multiple simultaneous clients, state is
+ kept only for the last reported client.
The <a href="anvil.8.html"><b>anvil</b>(8)</a> server automatically discards client request
information after it expires. To prevent the <a href="anvil.8.html"><b>anvil</b>(8)</a>
<b>o</b> Append a recipient (non-)delivery status record to
a per-message log file.
- <b>o</b> Enqueue a bounce message, with a copy of a per-mes-
- sage log file and of the corresponding message.
- When the bounce message is enqueued successfully,
- the per-message log file is deleted.
+ <b>o</b> Enqueue a delivery status notification message,
+ with a copy of a per-message log file and of the
+ corresponding message. When the delivery status
+ notification message is enqueued successfully, the
+ per-message log file is deleted.
The software does a best notification effort. A non-deliv-
- ery notification is sent even when the log file or the
+ ery notification is sent even when the log file or the
original message cannot be read.
- Optionally, a bounce (defer, trace) client can request
- that the per-message log file be deleted when the
- requested operation fails. This is used by clients that
- cannot retry transactions by themselves, and that depend
+ Optionally, a bounce (defer, trace) client can request
+ that the per-message log file be deleted when the
+ requested operation fails. This is used by clients that
+ cannot retry transactions by themselves, and that depend
on retry logic in their own client.
<b>STANDARDS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
<b>CONFIGURATION PARAMETERS</b>
- Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as
+ Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as
<a href="bounce.8.html"><b>bounce</b>(8)</a> processes run for only a limited amount of time.
Use the command "<b>postfix reload</b>" to speed up a change.
- The text below provides only a parameter summary. See
+ The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#2bounce_notice_recipient">2bounce_notice_recipient</a> (postmaster)</b>
- The recipient of undeliverable mail that cannot be
+ The recipient of undeliverable mail that cannot be
returned to the sender.
<b><a href="postconf.5.html#backwards_bounce_logfile_compatibility">backwards_bounce_logfile_compatibility</a> (yes)</b>
- Produce additional <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile records that
+ Produce additional <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile records that
can be read by Postfix versions before 2.0.
<b><a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> (postmaster)</b>
- The recipient of postmaster notifications with the
+ The recipient of postmaster notifications with the
message headers of mail that Postfix did not
- deliver and of SMTP conversation transcripts of
+ deliver and of SMTP conversation transcripts of
mail that Postfix did not receive.
<b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
sent in a non-delivery notification.
<b><a href="postconf.5.html#bounce_template_file">bounce_template_file</a> (empty)</b>
- Pathname of a configuration file with bounce mes-
+ Pathname of a configuration file with bounce mes-
sage templates.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#delay_notice_recipient">delay_notice_recipient</a> (postmaster)</b>
- The recipient of postmaster notifications with the
- message headers of mail that cannot be delivered
+ The recipient of postmaster notifications with the
+ message headers of mail that cannot be delivered
within $<a href="postconf.5.html#delay_warning_time">delay_warning_time</a> time units.
<b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b>
sive lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
- The time between attempts to acquire an exclusive
+ The time between attempts to acquire an exclusive
lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
- What categories of Postfix-generated mail are sub-
- ject to before-queue content inspection by
+ What categories of Postfix-generated mail are sub-
+ ject to before-queue content inspection by
<a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
<b><a href="postconf.5.html#mail_name">mail_name</a> (Postfix)</b>
bounced mail.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for an incoming connection
+ The maximum amount of time that an idle Postfix
+ daemon process waits for an incoming connection
before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of incoming connections that a
- Postfix daemon process will service before termi-
+ The maximal number of incoming connections that a
+ Postfix daemon process will service before termi-
nating voluntarily.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
- The list of error classes that are reported to the
+ The list of error classes that are reported to the
postmaster.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon
+ The process ID of a Postfix command or daemon
process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
syslogd(8), system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
redundant zero characters.
Note: address information may be enclosed inside
- "[]" but this form is not recommended.
+ "[]" but this form is not required.
IPv6 support is available in Postfix 2.2 and later.
+++ /dev/null
-bounce.8.html
\ No newline at end of file
--- /dev/null
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+<html> <head>
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+<title> Postfix manual - bounce(8) </title>
+</head> <body> <pre>
+BOUNCE(8) BOUNCE(8)
+
+<b>NAME</b>
+ bounce - Postfix delivery status reports
+
+<b>SYNOPSIS</b>
+ <b>bounce</b> [generic Postfix daemon options]
+
+<b>DESCRIPTION</b>
+ The <a href="bounce.8.html"><b>bounce</b>(8)</a> daemon maintains per-message log files with
+ delivery status information. Each log file is named after
+ the queue file that it corresponds to, and is kept in a
+ queue subdirectory named after the service name in the
+ <a href="master.5.html"><b>master.cf</b></a> file (either <b>bounce</b>, <b>defer</b> or <b>trace</b>). This pro-
+ gram expects to be run from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
+
+ The <a href="bounce.8.html"><b>bounce</b>(8)</a> daemon processes two types of service
+ requests:
+
+ <b>o</b> Append a recipient (non-)delivery status record to
+ a per-message log file.
+
+ <b>o</b> Enqueue a delivery status notification message,
+ with a copy of a per-message log file and of the
+ corresponding message. When the delivery status
+ notification message is enqueued successfully, the
+ per-message log file is deleted.
+
+ The software does a best notification effort. A non-deliv-
+ ery notification is sent even when the log file or the
+ original message cannot be read.
+
+ Optionally, a bounce (defer, trace) client can request
+ that the per-message log file be deleted when the
+ requested operation fails. This is used by clients that
+ cannot retry transactions by themselves, and that depend
+ on retry logic in their own client.
+
+<b>STANDARDS</b>
+ <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
+ <a href="http://www.faqs.org/rfcs/rfc2045.html">RFC 2045</a> (Format of Internet Message Bodies)
+ <a href="http://www.faqs.org/rfcs/rfc2822.html">RFC 2822</a> (ARPA Internet Text Messages)
+ <a href="http://www.faqs.org/rfcs/rfc3462.html">RFC 3462</a> (Delivery Status Notifications)
+ <a href="http://www.faqs.org/rfcs/rfc3464.html">RFC 3464</a> (Delivery Status Notifications)
+ <a href="http://www.faqs.org/rfcs/rfc3834.html">RFC 3834</a> (Auto-Submitted: message header)
+
+<b>DIAGNOSTICS</b>
+ Problems and transactions are logged to <b>syslogd</b>(8).
+
+<b>CONFIGURATION PARAMETERS</b>
+ Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as
+ <a href="bounce.8.html"><b>bounce</b>(8)</a> processes run for only a limited amount of time.
+ Use the command "<b>postfix reload</b>" to speed up a change.
+
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
+
+ <b><a href="postconf.5.html#2bounce_notice_recipient">2bounce_notice_recipient</a> (postmaster)</b>
+ The recipient of undeliverable mail that cannot be
+ returned to the sender.
+
+ <b><a href="postconf.5.html#backwards_bounce_logfile_compatibility">backwards_bounce_logfile_compatibility</a> (yes)</b>
+ Produce additional <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile records that
+ can be read by Postfix versions before 2.0.
+
+ <b><a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> (postmaster)</b>
+ The recipient of postmaster notifications with the
+ message headers of mail that Postfix did not
+ deliver and of SMTP conversation transcripts of
+ mail that Postfix did not receive.
+
+ <b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
+ The maximal amount of original message text that is
+ sent in a non-delivery notification.
+
+ <b><a href="postconf.5.html#bounce_template_file">bounce_template_file</a> (empty)</b>
+ Pathname of a configuration file with bounce mes-
+ sage templates.
+
+ <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
+
+ <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
+ built-in watchdog timer.
+
+ <b><a href="postconf.5.html#delay_notice_recipient">delay_notice_recipient</a> (postmaster)</b>
+ The recipient of postmaster notifications with the
+ message headers of mail that cannot be delivered
+ within $<a href="postconf.5.html#delay_warning_time">delay_warning_time</a> time units.
+
+ <b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b>
+ The maximal number of attempts to acquire an exclu-
+ sive lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
+
+ <b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
+ The time between attempts to acquire an exclusive
+ lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
+
+ <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
+ The time limit for sending or receiving information
+ over an internal communication channel.
+
+ <b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
+ What categories of Postfix-generated mail are sub-
+ ject to before-queue content inspection by
+ <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
+
+ <b><a href="postconf.5.html#mail_name">mail_name</a> (Postfix)</b>
+ The mail system name that is displayed in Received:
+ headers, in the SMTP greeting banner, and in
+ bounced mail.
+
+ <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
+ The maximum amount of time that an idle Postfix
+ daemon process waits for an incoming connection
+ before terminating voluntarily.
+
+ <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
+ The maximal number of incoming connections that a
+ Postfix daemon process will service before termi-
+ nating voluntarily.
+
+ <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
+ The list of error classes that are reported to the
+ postmaster.
+
+ <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
+ The process ID of a Postfix command or daemon
+ process.
+
+ <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
+ The process name of a Postfix command or daemon
+ process.
+
+ <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
+ The location of the Postfix top-level queue direc-
+ tory.
+
+ <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
+ The syslog facility of Postfix logging.
+
+ <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
+ becomes, for example, "postfix/smtpd".
+
+<b>FILES</b>
+ /var/spool/postfix/bounce/* non-delivery records
+ /var/spool/postfix/defer/* non-delivery records
+ /var/spool/postfix/trace/* delivery status records
+
+<b>SEE ALSO</b>
+ <a href="bounce.5.html">bounce(5)</a>, bounce message template format
+ <a href="qmgr.8.html">qmgr(8)</a>, queue manager
+ <a href="postconf.5.html">postconf(5)</a>, configuration parameters
+ <a href="master.5.html">master(5)</a>, generic daemon options
+ <a href="master.8.html">master(8)</a>, process manager
+ syslogd(8), system logging
+
+<b>LICENSE</b>
+ The Secure Mailer license must be distributed with this
+ software.
+
+<b>AUTHOR(S)</b>
+ Wietse Venema
+ IBM T.J. Watson Research
+ P.O. Box 704
+ Yorktown Heights, NY 10598, USA
+
+ BOUNCE(8)
+</pre> </body> </html>
<b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/nested_header_checks</b>
<b><a href="postconf.5.html#body_checks">body_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/body_checks</b>
- <b>postmap -
fq "</b><i>string</i><b>" <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i>
- <b>postmap -
fq - <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i>
+ <b>postmap -q "</b><i>string</i><b>" <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i>
+ <b>postmap -q - <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i>
<b>DESCRIPTION</b>
This document describes access control on the content of
key does not add unexpected metacharacters.
<b>%u</b> When the input key is an address of the form
- user@domain, <b>%u</b> is replaced by the (RFC
- 2253) quoted local part of the address.
+ user@domain, <b>%u</b> is replaced by the (<a href="http://www.faqs.org/rfcs/rfc2253.html">RFC</a>
+ <a href="http://www.faqs.org/rfcs/rfc2253.html">2253</a>) quoted local part of the address.
Otherwise, <b>%u</b> is replaced by the entire
search string. If the localpart is empty,
the search is suppressed and returns no
results.
<b>%d</b> When the input key is an address of the form
- user@domain, <b>%d</b> is replaced by the (RFC
- 2253) quoted domain part of the address.
+ user@domain, <b>%d</b> is replaced by the (<a href="http://www.faqs.org/rfcs/rfc2253.html">RFC</a>
+ <a href="http://www.faqs.org/rfcs/rfc2253.html">2253</a>) quoted domain part of the address.
Otherwise, the search is suppressed and
returns no results.
key does not add unexpected metacharacters.
<b>%u</b> When the input key is an address of the form
- user@domain, <b>%u</b> is replaced by the (RFC
- 2254) quoted local part of the address.
+ user@domain, <b>%u</b> is replaced by the (<a href="http://www.faqs.org/rfcs/rfc2254.html">RFC</a>
+ <a href="http://www.faqs.org/rfcs/rfc2254.html">2254</a>) quoted local part of the address.
Otherwise, <b>%u</b> is replaced by the entire
search string. If the localpart is empty,
the search is suppressed and returns no
results.
<b>%d</b> When the input key is an address of the form
- user@domain, <b>%d</b> is replaced by the (RFC
- 2254) quoted domain part of the address.
+ user@domain, <b>%d</b> is replaced by the (<a href="http://www.faqs.org/rfcs/rfc2254.html">RFC</a>
+ <a href="http://www.faqs.org/rfcs/rfc2254.html">2254</a>) quoted domain part of the address.
Otherwise, the search is suppressed and
returns no results.
is <b>example</b> and %3 is <b>mail</b>. If the input key
is unqualified or does not have enough
domain components to satisfy all the speci-
- fied patterns, the saerch is suppressed and
+ fied patterns, the search is suppressed and
returns no results.
The above %1, ..., %9 expansions are avail-
+++ /dev/null
-smtp.8.html
\ No newline at end of file
--- /dev/null
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+<html> <head>
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+<title> Postfix manual - smtp(8) </title>
+</head> <body> <pre>
+SMTP(8) SMTP(8)
+
+<b>NAME</b>
+ smtp - Postfix SMTP+LMTP client
+
+<b>SYNOPSIS</b>
+ <b>smtp</b> [generic Postfix daemon options]
+
+<b>DESCRIPTION</b>
+ The Postfix SMTP+LMTP client implements the SMTP and LMTP
+ mail delivery protocols. It processes message delivery
+ requests from the queue manager. Each request specifies a
+ queue file, a sender address, a domain or host to deliver
+ to, and recipient information. This program expects to be
+ run from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
+
+ The SMTP+LMTP client updates the queue file and marks
+ recipients as finished, or it informs the queue manager
+ that delivery should be tried again at a later time.
+ Delivery status reports are sent to the <a href="bounce.8.html"><b>bounce</b>(8)</a>,
+ <a href="defer.8.html"><b>defer</b>(8)</a> or <a href="trace.8.html"><b>trace</b>(8)</a> daemon as appropriate.
+
+ The SMTP+LMTP client looks up a list of mail exchanger
+ addresses for the destination host, sorts the list by
+ preference, and connects to each listed address until it
+ finds a server that responds.
+
+ When a server is not reachable, or when mail delivery
+ fails due to a recoverable error condition, the SMTP+LMTP
+ client will try to deliver the mail to an alternate host.
+
+ After a successful mail transaction, a connection may be
+ saved to the <a href="scache.8.html"><b>scache</b>(8)</a> connection cache server, so that it
+ may be used by any SMTP+LMTP client for a subsequent
+ transaction.
+
+ By default, connection caching is enabled temporarily for
+ destinations that have a high volume of mail in the active
+ queue. Connection caching can be enabled permanently for
+ specific destinations.
+
+<b>SMTP DESTINATION SYNTAX</b>
+ SMTP destinations have the following form:
+
+ <i>domainname</i>
+
+ <i>domainname</i>:<i>port</i>
+ Look up the mail exchangers for the specified
+ domain, and connect to the specified port (default:
+ <b>smtp</b>).
+
+ [<i>hostname</i>]
+
+ [<i>hostname</i>]:<i>port</i>
+ Look up the address(es) of the specified host, and
+ connect to the specified port (default: <b>smtp</b>).
+
+ [<i>address</i>]
+
+ [<i>address</i>]:<i>port</i>
+ Connect to the host at the specified address, and
+ connect to the specified port (default: <b>smtp</b>). An
+ IPv6 address must be formatted as [<b>ipv6</b>:<i>address</i>].
+
+<b>LMTP DESTINATION SYNTAX</b>
+ LMTP destinations have the following form:
+
+ <b>unix</b>:<i>pathname</i>
+ Connect to the local UNIX-domain server that is
+ bound to the specified <i>pathname</i>. If the process
+ runs chrooted, an absolute pathname is interpreted
+ relative to the Postfix queue directory.
+
+ <b>inet</b>:<i>hostname</i>
+
+ <b>inet:</b><i>hostname</i>:<i>port</i>
+
+ <b>inet</b>:[<i>address</i>]
+
+ <b>inet</b>:[<i>address</i>]:<i>port</i>
+ Connect to the specified TCP port on the specified
+ local or remote host. If no port is specified, con-
+ nect to the port defined as <b>lmtp</b> in <b>services</b>(4).
+ If no such service is found, the <b><a href="postconf.5.html#lmtp_tcp_port">lmtp_tcp_port</a></b> con-
+ figuration parameter (default value of 24) will be
+ used. An IPv6 address must be formatted as
+ [<b>ipv6</b>:<i>address</i>].
+
+<b>SECURITY</b>
+ The SMTP+LMTP client is moderately security-sensitive. It
+ talks to SMTP or LMTP servers and to DNS servers on the
+ network. The SMTP+LMTP client can be run chrooted at fixed
+ low privilege.
+
+<b>STANDARDS</b>
+ <a href="http://www.faqs.org/rfcs/rfc821.html">RFC 821</a> (SMTP protocol)
+ <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
+ <a href="http://www.faqs.org/rfcs/rfc1651.html">RFC 1651</a> (SMTP service extensions)
+ <a href="http://www.faqs.org/rfcs/rfc1652.html">RFC 1652</a> (8bit-MIME transport)
+ <a href="http://www.faqs.org/rfcs/rfc1870.html">RFC 1870</a> (Message Size Declaration)
+ <a href="http://www.faqs.org/rfcs/rfc2033.html">RFC 2033</a> (LMTP protocol)
+ <a href="http://www.faqs.org/rfcs/rfc2034.html">RFC 2034</a> (SMTP Enhanced Error Codes)
+ <a href="http://www.faqs.org/rfcs/rfc2045.html">RFC 2045</a> (MIME: Format of Internet Message Bodies)
+ <a href="http://www.faqs.org/rfcs/rfc2046.html">RFC 2046</a> (MIME: Media Types)
+ <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a> (AUTH command)
+ <a href="http://www.faqs.org/rfcs/rfc2821.html">RFC 2821</a> (SMTP protocol)
+ <a href="http://www.faqs.org/rfcs/rfc2920.html">RFC 2920</a> (SMTP Pipelining)
+ <a href="http://www.faqs.org/rfcs/rfc3207.html">RFC 3207</a> (STARTTLS command)
+ <a href="http://www.faqs.org/rfcs/rfc3461.html">RFC 3461</a> (SMTP DSN Extension)
+ <a href="http://www.faqs.org/rfcs/rfc3463.html">RFC 3463</a> (Enhanced Status Codes)
+
+<b>DIAGNOSTICS</b>
+ Problems and transactions are logged to <b>syslogd</b>(8). Cor-
+ rupted message files are marked so that the queue manager
+ can move them to the <b>corrupt</b> queue for further inspection.
+
+ Depending on the setting of the <b><a href="postconf.5.html#notify_classes">notify_classes</a></b> parameter,
+ the postmaster is notified of bounces, protocol problems,
+ and of other trouble.
+
+<b>BUGS</b>
+ SMTP and LMTP connection caching does not work with TLS.
+ The necessary support for TLS object passivation and re-
+ activation does not exist without closing the session,
+ which defeats the purpose.
+
+ SMTP and LMTP connection caching assumes that SASL creden-
+ tials are valid for all destinations that map onto the
+ same IP address and TCP port.
+
+<b>CONFIGURATION PARAMETERS</b>
+ Before Postfix version 2.3, the LMTP client is a separate
+ program that implements only a subset of the functionality
+ available with SMTP: there is no support for TLS, and con-
+ nections are cached in-process, making it ineffective when
+ the client is used for multiple domains.
+
+ Most smtp_<i>xxx</i> configuration parameters have an lmtp_<i>xxx</i>
+ "mirror" parameter for the equivalent LMTP feature. This
+ document describes only those LMTP-related parameters that
+ aren't simply "mirror" parameters.
+
+ Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as <a href="smtp.8.html"><b>smtp</b>(8)</a>
+ processes run for only a limited amount of time. Use the
+ command "<b>postfix reload</b>" to speed up a change.
+
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
+
+<b>COMPATIBILITY CONTROLS</b>
+ <b><a href="postconf.5.html#ignore_mx_lookup_error">ignore_mx_lookup_error</a> (no)</b>
+ Ignore DNS MX lookups that produce no response.
+
+ <b><a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> (yes)</b>
+ Always send EHLO at the start of an SMTP session.
+
+ <b><a href="postconf.5.html#smtp_never_send_ehlo">smtp_never_send_ehlo</a> (no)</b>
+ Never send EHLO at the start of an SMTP session.
+
+ <b><a href="postconf.5.html#smtp_defer_if_no_mx_address_found">smtp_defer_if_no_mx_address_found</a> (no)</b>
+ Defer mail delivery when no MX record resolves to
+ an IP address.
+
+ <b><a href="postconf.5.html#smtp_line_length_limit">smtp_line_length_limit</a> (990)</b>
+ The maximal length of message header and body lines
+ that Postfix will send via SMTP.
+
+ <b><a href="postconf.5.html#smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a> (10s)</b>
+ How long the Postfix SMTP client pauses before
+ sending ".<CR><LF>" in order to work around the PIX
+ firewall "<CR><LF>.<CR><LF>" bug.
+
+ <b><a href="postconf.5.html#smtp_pix_workaround_threshold_time">smtp_pix_workaround_threshold_time</a> (500s)</b>
+ How long a message must be queued before the Post-
+ fix SMTP client turns on the PIX firewall
+ "<CR><LF>.<CR><LF>" bug workaround for delivery
+ through firewalls with "smtp fixup" mode turned on.
+
+ <b><a href="postconf.5.html#smtp_pix_workarounds">smtp_pix_workarounds</a> (disable_esmtp, delay_dotcrlf)</b>
+ A list that specifies zero or more workarounds for
+ CISCO PIX firewall bugs.
+
+ <b><a href="postconf.5.html#smtp_pix_workaround_maps">smtp_pix_workaround_maps</a> (empty)</b>
+ Lookup tables, indexed by the remote SMTP server
+ address, with per-destination workarounds for CISCO
+ PIX firewall bugs.
+
+ <b><a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a> (yes)</b>
+ Quote addresses in SMTP MAIL FROM and RCPT TO com-
+ mands as required by <a href="http://www.faqs.org/rfcs/rfc821.html">RFC 821</a>.
+
+ <b><a href="postconf.5.html#smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a> (yes)</b>
+ Skip SMTP servers that greet with a 5XX status code
+ (go away, do not try again later).
+
+ <b><a href="postconf.5.html#smtp_skip_quit_response">smtp_skip_quit_response</a> (yes)</b>
+ Do not wait for the response to the SMTP QUIT com-
+ mand.
+
+ Available in Postfix version 2.0 and earlier:
+
+ <b><a href="postconf.5.html#smtp_skip_4xx_greeting">smtp_skip_4xx_greeting</a> (yes)</b>
+ Skip SMTP servers that greet with a 4XX status code
+ (go away, try again later).
+
+ Available in Postfix version 2.2 and later:
+
+ <b><a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a> (empty)</b>
+ Lookup tables, indexed by the remote SMTP server
+ address, with case insensitive lists of EHLO key-
+ words (pipelining, starttls, auth, etc.) that the
+ Postfix SMTP client will ignore in the EHLO
+ response from a remote SMTP server.
+
+ <b><a href="postconf.5.html#smtp_discard_ehlo_keywords">smtp_discard_ehlo_keywords</a> (empty)</b>
+ A case insensitive list of EHLO keywords (pipelin-
+ ing, starttls, auth, etc.) that the Postfix SMTP
+ client will ignore in the EHLO response from a
+ remote SMTP server.
+
+ <b><a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a> (empty)</b>
+ Optional lookup tables that perform address rewrit-
+ ing in the SMTP client, typically to transform a
+ locally valid address into a globally valid address
+ when sending mail across the Internet.
+
+ Available in Postfix version 2.2.9 and later:
+
+ <b><a href="postconf.5.html#smtp_cname_overrides_servername">smtp_cname_overrides_servername</a> (version dependent)</b>
+ Allow DNS CNAME records to override the servername
+ that the Postfix SMTP client uses for logging, SASL
+ password lookup, TLS policy decisions, or TLS cer-
+ tificate verification.
+
+ Available in Postfix version 2.3 and later:
+
+ <b><a href="postconf.5.html#lmtp_discard_lhlo_keyword_address_maps">lmtp_discard_lhlo_keyword_address_maps</a> (empty)</b>
+ Lookup tables, indexed by the remote LMTP server
+ address, with case insensitive lists of LHLO key-
+ words (pipelining, starttls, auth, etc.) that the
+ LMTP client will ignore in the LHLO response from a
+ remote LMTP server.
+
+ <b><a href="postconf.5.html#lmtp_discard_lhlo_keywords">lmtp_discard_lhlo_keywords</a> (empty)</b>
+ A case insensitive list of LHLO keywords (pipelin-
+ ing, starttls, auth, etc.) that the LMTP client
+ will ignore in the LHLO response from a remote LMTP
+ server.
+
+<b>MIME PROCESSING CONTROLS</b>
+ Available in Postfix version 2.0 and later:
+
+ <b><a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a> (no)</b>
+ Disable the conversion of 8BITMIME format to 7BIT
+ format.
+
+ <b><a href="postconf.5.html#mime_boundary_length_limit">mime_boundary_length_limit</a> (2048)</b>
+ The maximal length of MIME multipart boundary
+ strings.
+
+ <b><a href="postconf.5.html#mime_nesting_limit">mime_nesting_limit</a> (100)</b>
+ The maximal recursion level that the MIME processor
+ will handle.
+
+<b>EXTERNAL CONTENT INSPECTION CONTROLS</b>
+ Available in Postfix version 2.1 and later:
+
+ <b><a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a> (no)</b>
+ Send the non-standard XFORWARD command when the
+ Postfix SMTP server EHLO response announces XFOR-
+ WARD support.
+
+<b>SASL AUTHENTICATION CONTROLS</b>
+ <b><a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> (no)</b>
+ Enable SASL authentication in the Postfix SMTP
+ client.
+
+ <b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b>
+ Optional SMTP client lookup tables with one user-
+ name:password entry per remote hostname or domain,
+ or sender address when sender-dependent authentica-
+ tion is enabled.
+
+ <b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b>
+ SASL security options; as of Postfix 2.3 the list
+ of available features depends on the SASL client
+ implementation that is selected with
+ <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.
+
+ Available in Postfix version 2.2 and later:
+
+ <b><a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> (empty)</b>
+ If non-empty, a Postfix SMTP client filter for the
+ remote SMTP server's list of offered SASL mecha-
+ nisms.
+
+ Available in Postfix version 2.3 and later:
+
+ <b><a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> (no)</b>
+ Enable sender-dependent authentication in the Post-
+ fix SMTP client; this is available only with SASL
+ authentication, and disables SMTP connection
+ caching to ensure that mail from different senders
+ will use the appropriate credentials.
+
+ <b><a href="postconf.5.html#smtp_sasl_path">smtp_sasl_path</a> (empty)</b>
+ Implementation-specific information that is passed
+ through to the SASL plug-in implementation that is
+ selected with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.
+
+ <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a> (cyrus)</b>
+ The SASL plug-in type that the Postfix SMTP client
+ should use for authentication.
+
+<b>STARTTLS SUPPORT CONTROLS</b>
+ Detailed information about STARTTLS configuration may be
+ found in the <a href="TLS_README.html">TLS_README</a> document.
+
+ <b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
+ The default SMTP TLS security level for the Postfix
+ SMTP client; when a non-empty value is specified,
+ this overrides the obsolete parameters
+ <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>, and
+ <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
+
+ <b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_secu</a>-</b>
+ <b><a href="postconf.5.html#smtp_sasl_security_options">rity_options</a>)</b>
+ The SASL authentication security options that the
+ Postfix SMTP client uses for TLS encrypted SMTP
+ sessions.
+
+ <b><a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> (300s)</b>
+ Time limit for Postfix SMTP client write and read
+ operations during TLS startup and shutdown hand-
+ shake procedures.
+
+ <b><a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> (empty)</b>
+ The file with the certificate of the certification
+ authority (CA) that issued the Postfix SMTP client
+ certificate.
+
+ <b><a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> (empty)</b>
+ Directory with PEM format certificate authority
+ certificates that the Postfix SMTP client uses to
+ verify a remote SMTP server certificate.
+
+ <b><a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> (empty)</b>
+ File with the Postfix SMTP client RSA certificate
+ in PEM format.
+
+ <b><a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> (medium)</b>
+ The minimum TLS cipher grade that the Postfix SMTP
+ client will use with mandatory TLS encryption.
+
+ <b><a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> (empty)</b>
+ List of ciphers or cipher types to exclude from the
+ Postfix SMTP client cipher list at all TLS security
+ levels.
+
+ <b><a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> (empty)</b>
+ Additional list of ciphers or cipher types to
+ exclude from the SMTP client cipher list at manda-
+ tory TLS security levels.
+
+ <b><a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> (empty)</b>
+ File with the Postfix SMTP client DSA certificate
+ in PEM format.
+
+ <b><a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a> ($<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>)</b>
+ File with the Postfix SMTP client DSA private key
+ in PEM format.
+
+ <b><a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> ($<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>)</b>
+ File with the Postfix SMTP client RSA private key
+ in PEM format.
+
+ <b><a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> (0)</b>
+ Enable additional Postfix SMTP client logging of
+ TLS activity.
+
+ <b><a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a> (no)</b>
+ Log the hostname of a remote SMTP server that
+ offers STARTTLS, when TLS is not already enabled
+ for that server.
+
+ <b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> (empty)</b>
+ Optional lookup tables with the Postfix SMTP client
+ TLS security policy by next-hop destination; when a
+ non-empty value is specified, this overrides the
+ obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.
+
+ <b><a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> (SSLv3, TLSv1)</b>
+ List of TLS protocols that the Postfix SMTP client
+ will use with mandatory TLS encryption.
+
+ <b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (5)</b>
+ The verification depth for remote SMTP server cer-
+ tificates.
+
+ <b><a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> (nexthop, dot-nexthop)</b>
+ The server certificate peername verification method
+ for the "secure" TLS security level.
+
+ <b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
+ Name of the file containing the optional Postfix
+ SMTP client TLS session cache.
+
+ <b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b>
+ The expiration time of Postfix SMTP client TLS ses-
+ sion cache information.
+
+ <b><a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> (hostname)</b>
+ The server certificate peername verification method
+ for the "verify" TLS security level.
+
+ <b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
+ The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
+ or <a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
+ server in order to seed its internal pseudo random
+ number generator (PRNG).
+
+ <b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a></b>
+ <b>(ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b>
+ The OpenSSL cipherlist for "HIGH" grade ciphers.
+
+ <b><a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)</b>
+ The OpenSSL cipherlist for "MEDIUM" or higher grade
+ ciphers.
+
+ <b><a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> (ALL:!EXPORT:+RC4:@STRENGTH)</b>
+ The OpenSSL cipherlist for "LOW" or higher grade
+ ciphers.
+
+ <b><a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> (ALL:+RC4:@STRENGTH)</b>
+ The OpenSSL cipherlist for "EXPORT" or higher grade
+ ciphers.
+
+ <b><a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> (eNULL:!aNULL)</b>
+ The OpenSSL cipherlist for "NULL" grade ciphers
+ that provide authentication without encryption.
+
+ Available in Postfix version 2.4 and later:
+
+ <b><a href="postconf.5.html#smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a></b>
+ <b>($<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>)</b>
+ The SASL authentication security options that the
+ Postfix SMTP client uses for TLS encrypted SMTP
+ sessions with a verified server certificate.
+
+<b>OBSOLETE STARTTLS CONTROLS</b>
+ The following configuration parameters exist for compati-
+ bility with Postfix versions before 2.3. Support for these
+ will be removed in a future release.
+
+ <b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
+ Opportunistic mode: use TLS when a remote SMTP
+ server announces STARTTLS support, otherwise send
+ the mail in the clear.
+
+ <b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
+ Enforcement mode: require that remote SMTP servers
+ use TLS encryption, and never send mail in the
+ clear.
+
+ <b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
+ With mandatory TLS encryption, require that the
+ remote SMTP server hostname matches the information
+ in the remote SMTP server certificate.
+
+ <b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
+ Optional lookup tables with the Postfix SMTP client
+ TLS usage policy by next-hop destination and by
+ remote SMTP server hostname.
+
+ <b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
+ Obsolete Postfix < 2.3 control for the Postfix SMTP
+ client TLS cipher list.
+
+<b>RESOURCE AND RATE CONTROLS</b>
+ <b><a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b>
+ <b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b>
+ The maximal number of parallel deliveries to the
+ same destination via the smtp message delivery
+ transport.
+
+ <b><a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b>
+ <b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b>
+ The maximal number of recipients per delivery via
+ the smtp message delivery transport.
+
+ <b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
+ The SMTP client time limit for completing a TCP
+ connection, or zero (use the operating system
+ built-in time limit).
+
+ <b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
+ The SMTP client time limit for sending the HELO or
+ EHLO command, and for receiving the initial server
+ response.
+
+ <b><a href="postconf.5.html#lmtp_lhlo_timeout">lmtp_lhlo_timeout</a> (300s)</b>
+ The LMTP client time limit for sending the LHLO
+ command, and for receiving the initial server
+ response.
+
+ <b><a href="postconf.5.html#smtp_xforward_timeout">smtp_xforward_timeout</a> (300s)</b>
+ The SMTP client time limit for sending the XFORWARD
+ command, and for receiving the server response.
+
+ <b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
+ The SMTP client time limit for sending the MAIL
+ FROM command, and for receiving the server
+ response.
+
+ <b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
+ The SMTP client time limit for sending the SMTP
+ RCPT TO command, and for receiving the server
+ response.
+
+ <b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
+ The SMTP client time limit for sending the SMTP
+ DATA command, and for receiving the server
+ response.
+
+ <b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
+ The SMTP client time limit for sending the SMTP
+ message content.
+
+ <b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
+ The SMTP client time limit for sending the SMTP
+ ".", and for receiving the server response.
+
+ <b><a href="postconf.5.html#smtp_quit_timeout">smtp_quit_timeout</a> (300s)</b>
+ The SMTP client time limit for sending the QUIT
+ command, and for receiving the server response.
+
+ Available in Postfix version 2.1 and later:
+
+ <b><a href="postconf.5.html#smtp_mx_address_limit">smtp_mx_address_limit</a> (5)</b>
+ The maximal number of MX (mail exchanger) IP
+ addresses that can result from mail exchanger
+ lookups, or zero (no limit).
+
+ <b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
+ The maximal number of SMTP sessions per delivery
+ request before giving up or delivering to a fall-
+ back <a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
+
+ <b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
+ The SMTP client time limit for sending the RSET
+ command, and for receiving the server response.
+
+ Available in Postfix version 2.2 and earlier:
+
+ <b><a href="postconf.5.html#lmtp_cache_connection">lmtp_cache_connection</a> (yes)</b>
+ Keep Postfix LMTP client connections open for up to
+ $<a href="postconf.5.html#max_idle">max_idle</a> seconds.
+
+ Available in Postfix version 2.2 and later:
+
+ <b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
+ Permanently enable SMTP connection caching for the
+ specified destinations.
+
+ <b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
+ Temporarily enable SMTP connection caching while a
+ destination has a high volume of mail in the active
+ queue.
+
+ <b><a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a> (300s)</b>
+ The amount of time during which Postfix will use an
+ SMTP connection repeatedly.
+
+ <b><a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> (2s)</b>
+ When SMTP connection caching is enabled, the amount
+ of time that an unused SMTP client socket is kept
+ open before it is closed.
+
+ Available in Postfix version 2.3 and later:
+
+ <b><a href="postconf.5.html#connection_cache_protocol_timeout">connection_cache_protocol_timeout</a> (5s)</b>
+ Time limit for connection cache connect, send or
+ receive operations.
+
+<b>TROUBLE SHOOTING CONTROLS</b>
+ <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
+ <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
+
+ <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
+ in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
+
+ <b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
+ The recipient of postmaster notifications about
+ mail delivery problems that are caused by policy,
+ resource, software or protocol errors.
+
+ <b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
+ What categories of Postfix-generated mail are sub-
+ ject to before-queue content inspection by
+ <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
+
+ <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
+ The list of error classes that are reported to the
+ postmaster.
+
+<b>MISCELLANEOUS CONTROLS</b>
+ <b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
+ Where the Postfix SMTP client should deliver mail
+ when it detects a "mail loops back to myself" error
+ condition.
+
+ <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
+
+ <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
+ built-in watchdog timer.
+
+ <b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
+ The maximal number of digits after the decimal
+ point when logging sub-second delay values.
+
+ <b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
+ Disable DNS lookups in the Postfix SMTP and LMTP
+ clients.
+
+ <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
+ The network interface addresses that this mail sys-
+ tem receives mail on.
+
+ <b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (ipv4)</b>
+ The Internet protocols Postfix will attempt to use
+ when making or accepting connections.
+
+ <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
+ The time limit for sending or receiving information
+ over an internal communication channel.
+
+ <b><a href="postconf.5.html#lmtp_tcp_port">lmtp_tcp_port</a> (24)</b>
+ The default TCP port that the Postfix LMTP client
+ connects to.
+
+ <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
+ The maximum amount of time that an idle Postfix
+ daemon process waits for an incoming connection
+ before terminating voluntarily.
+
+ <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
+ The maximal number of incoming connections that a
+ Postfix daemon process will service before termi-
+ nating voluntarily.
+
+ <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
+ The process ID of a Postfix command or daemon
+ process.
+
+ <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
+ The process name of a Postfix command or daemon
+ process.
+
+ <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
+ The network interface addresses that this mail sys-
+ tem receives mail on by way of a proxy or network
+ address translation unit.
+
+ <b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
+ An optional numerical network address that the
+ Postfix SMTP client should bind to when making an
+ IPv4 connection.
+
+ <b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
+ An optional numerical network address that the
+ Postfix SMTP client should bind to when making an
+ IPv6 connection.
+
+ <b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
+ The hostname to send in the SMTP EHLO or HELO com-
+ mand.
+
+ <b><a href="postconf.5.html#lmtp_lhloname">lmtp_lhlo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
+ The hostname to send in the LMTP LHLO command.
+
+ <b><a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a> (dns)</b>
+ What mechanisms when the Postfix SMTP client uses
+ to look up a host's IP address.
+
+ <b><a href="postconf.5.html#smtp_randomize_addresses">smtp_randomize_addresses</a> (yes)</b>
+ Randomize the order of equal-preference MX host
+ addresses.
+
+ <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
+ The syslog facility of Postfix logging.
+
+ <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
+ becomes, for example, "postfix/smtpd".
+
+ Available with Postfix 2.2 and earlier:
+
+ <b><a href="postconf.5.html#fallback_relay">fallback_relay</a> (empty)</b>
+ Optional list of relay hosts for SMTP destinations
+ that can't be found or that are unreachable.
+
+ Available with Postfix 2.3 and later:
+
+ <b><a href="postconf.5.html#smtp_fallback_relay">smtp_fallback_relay</a> ($<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b>
+ Optional list of relay hosts for SMTP destinations
+ that can't be found or that are unreachable.
+
+<b>SEE ALSO</b>
+ <a href="qmgr.8.html">qmgr(8)</a>, queue manager
+ <a href="bounce.8.html">bounce(8)</a>, delivery status reports
+ <a href="scache.8.html">scache(8)</a>, connection cache server
+ <a href="postconf.5.html">postconf(5)</a>, configuration parameters
+ <a href="master.5.html">master(5)</a>, generic daemon options
+ <a href="master.8.html">master(8)</a>, process manager
+ <a href="tlsmgr.8.html">tlsmgr(8)</a>, TLS session and PRNG management
+ syslogd(8), system logging
+
+<b>README FILES</b>
+ <a href="SASL_README.html">SASL_README</a>, Postfix SASL howto
+ <a href="TLS_README.html">TLS_README</a>, Postfix STARTTLS howto
+
+<b>LICENSE</b>
+ The Secure Mailer license must be distributed with this
+ software.
+
+<b>AUTHOR(S)</b>
+ Wietse Venema
+ IBM T.J. Watson Research
+ P.O. Box 704
+ Yorktown Heights, NY 10598, USA
+
+ Command pipelining in cooperation with:
+ Jon Ribbens
+ Oaktree Internet Solutions Ltd.,
+ Internet House,
+ Canal Basin,
+ Coventry,
+ CV1 4LY, United Kingdom.
+
+ SASL support originally by:
+ Till Franke
+ SuSE Rhein/Main AG
+ 65760 Eschborn, Germany
+
+ Connection caching in cooperation with:
+ Victor Duchovni
+ Morgan Stanley
+
+ TLS support originally by:
+ Lutz Jaenicke
+ BTU Cottbus
+ Allgemeine Elektrotechnik
+ Universitaetsplatz 3-4
+ D-03044 Cottbus, Germany
+
+ SMTP(8)
+</pre> </body> </html>
+++ /dev/null
-sendmail.1.html
\ No newline at end of file
--- /dev/null
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+<html> <head>
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+<title> Postfix manual - sendmail(1) </title>
+</head> <body> <pre>
+SENDMAIL(1) SENDMAIL(1)
+
+<b>NAME</b>
+ sendmail - Postfix to Sendmail compatibility interface
+
+<b>SYNOPSIS</b>
+ <b>sendmail</b> [<i>option ...</i>] [<i>recipient ...</i>]
+
+ <b>mailq</b>
+ <b>sendmail -bp</b>
+
+ <b>newaliases</b>
+ <b>sendmail -I</b>
+
+<b>DESCRIPTION</b>
+ The Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command implements the Postfix to
+ Sendmail compatibility interface. For the sake of compat-
+ ibility with existing applications, some Sendmail command-
+ line options are recognized but silently ignored.
+
+ By default, Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> reads a message from stan-
+ dard input until EOF or until it reads a line with only a
+ <b>.</b> character, and arranges for delivery. Postfix <a href="sendmail.1.html"><b>send-</b></a>
+ <a href="sendmail.1.html"><b>mail</b>(1)</a> relies on the <a href="postdrop.1.html"><b>postdrop</b>(1)</a> command to create a
+ queue file in the <b>maildrop</b> directory.
+
+ Specific command aliases are provided for other common
+ modes of operation:
+
+ <b>mailq</b> List the mail queue. Each entry shows the queue
+ file ID, message size, arrival time, sender, and
+ the recipients that still need to be delivered. If
+ mail could not be delivered upon the last attempt,
+ the reason for failure is shown. This mode of oper-
+ ation is implemented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a>
+ command.
+
+ <b>newaliases</b>
+ Initialize the alias database. If no input file is
+ specified (with the <b>-oA</b> option, see below), the
+ program processes the file(s) specified with the
+ <b><a href="postconf.5.html#alias_database">alias_database</a></b> configuration parameter. If no
+ alias database type is specified, the program uses
+ the type specified with the <b><a href="postconf.5.html#default_database_type">default_database_type</a></b>
+ configuration parameter. This mode of operation is
+ implemented by running the <a href="postalias.1.html"><b>postalias</b>(1)</a> command.
+
+ Note: it may take a minute or so before an alias
+ database update becomes visible. Use the "<b>postfix</b>
+ <b>reload</b>" command to eliminate this delay.
+
+ These and other features can be selected by specifying the
+ appropriate combination of command-line options. Some fea-
+ tures are controlled by parameters in the <a href="postconf.5.html"><b>main.cf</b></a> configu-
+ ration file.
+
+ The following options are recognized:
+
+ <b>-Am</b> (ignored)
+
+ <b>-Ac</b> (ignored)
+ Postfix sendmail uses the same configuration file
+ regardless of whether or not a message is an ini-
+ tial submission.
+
+ <b>-B</b> <i>body</i><b>_</b><i>type</i>
+ The message body MIME type: <b>7BIT</b> or <b>8BITMIME</b>.
+
+ <b>-bd</b> Go into daemon mode. This mode of operation is
+ implemented by executing the "<b>postfix start</b>" com-
+ mand.
+
+ <b>-bh</b> (ignored)
+
+ <b>-bH</b> (ignored)
+ Postfix has no persistent host status database.
+
+ <b>-bi</b> Initialize alias database. See the <b>newaliases</b> com-
+ mand above.
+
+ <b>-bm</b> Read mail from standard input and arrange for
+ delivery. This is the default mode of operation.
+
+ <b>-bp</b> List the mail queue. See the <b>mailq</b> command above.
+
+ <b>-bs</b> Stand-alone SMTP server mode. Read SMTP commands
+ from standard input, and write responses to stan-
+ dard output. In stand-alone SMTP server mode, mail
+ relaying and other access controls are disabled by
+ default. To enable them, run the process as the
+ <b><a href="postconf.5.html#mail_owner">mail_owner</a></b> user.
+
+ This mode of operation is implemented by running
+ the <a href="smtpd.8.html"><b>smtpd</b>(8)</a> daemon.
+
+ <b>-bv</b> Do not collect or deliver a message. Instead, send
+ an email report after verifying each recipient
+ address. This is useful for testing address
+ rewriting and routing configurations.
+
+ This feature is available in Postfix version 2.1
+ and later.
+
+ <b>-C</b> <i>config</i><b>_</b><i>file</i>
+
+ <b>-C</b> <i>config</i><b>_</b><i>dir</i>
+ The path name of the Postfix <a href="postconf.5.html"><b>main.cf</b></a> file, or of
+ its parent directory. This information is ignored
+ with Postfix versions before 2.3.
+
+ With all Postfix versions, you can specify a direc-
+ tory pathname with the MAIL_CONFIG environment
+ variable to override the location of configuration
+ files.
+
+ <b>-F</b> <i>full</i><b>_</b><i>name</i>
+ Set the sender full name. This overrides the NAME
+ environment variable, and is used only with mes-
+ sages that have no <b>From:</b> message header.
+
+ <b>-f</b> <i>sender</i>
+ Set the envelope sender address. This is the
+ address where delivery problems are sent to. With
+ Postfix versions before 2.1, the <b>Errors-To:</b> message
+ header overrides the error return address.
+
+ <b>-G</b> Gateway (relay) submission, as opposed to initial
+ user submission. Either do not rewrite addresses
+ at all, or update incomplete addresses with the
+ domain information specified with <b>remote_header_re-</b>
+ <b>write_domain</b>.
+
+ This option is ignored before Postfix version 2.3.
+
+ <b>-h</b> <i>hop</i><b>_</b><i>count</i> (ignored)
+ Hop count limit. Use the <b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a></b> configura-
+ tion parameter instead.
+
+ <b>-I</b> Initialize alias database. See the <b>newaliases</b> com-
+ mand above.
+
+ <b>-i</b> When reading a message from standard input, don't
+ treat a line with only a <b>.</b> character as the end of
+ input.
+
+ <b>-L</b> <i>label</i> (ignored)
+ The logging label. Use the <b><a href="postconf.5.html#syslog_name">syslog_name</a></b> configura-
+ tion parameter instead.
+
+ <b>-m</b> (ignored)
+ Backwards compatibility.
+
+ <b>-N</b> <i>dsn</i> (default: 'delay, failure')
+ Delivery status notification control. Specify
+ either a comma-separated list with one or more of
+ <b>failure</b> (send notification when delivery fails),
+ <b>delay</b> (send notification when delivery is delayed),
+ or <b>success</b> (send notification when the message is
+ delivered); or specify <b>never</b> (don't send any noti-
+ fications at all).
+
+ This feature is available in Postfix 2.3 and later.
+
+ <b>-n</b> (ignored)
+ Backwards compatibility.
+
+ <b>-oA</b><i>alias</i><b>_</b><i>database</i>
+ Non-default alias database. Specify <i>pathname</i> or
+ <i>type</i>:<i>pathname</i>. See <a href="postalias.1.html"><b>postalias</b>(1)</a> for details.
+
+ <b>-O</b> <i>option=value</i> (ignored)
+ Backwards compatibility.
+
+ <b>-o7</b> (ignored)
+
+ <b>-o8</b> (ignored)
+ To send 8-bit or binary content, use an appropriate
+ MIME encapsulation and specify the appropriate <b>-B</b>
+ command-line option.
+
+ <b>-oi</b> When reading a message from standard input, don't
+ treat a line with only a <b>.</b> character as the end of
+ input.
+
+ <b>-om</b> (ignored)
+ The sender is never eliminated from alias etc.
+ expansions.
+
+ <b>-o</b> <i>x value</i> (ignored)
+ Set option <i>x</i> to <i>value</i>. Use the equivalent configu-
+ ration parameter in <a href="postconf.5.html"><b>main.cf</b></a> instead.
+
+ <b>-r</b> <i>sender</i>
+ Set the envelope sender address. This is the
+ address where delivery problems are sent to. With
+ Postfix versions before 2.1, the <b>Errors-To:</b> message
+ header overrides the error return address.
+
+ <b>-R</b> <i>return</i><b>_</b><i>limit</i> (ignored)
+ Limit the size of bounced mail. Use the
+ <b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a></b> configuration parameter instead.
+
+ <b>-q</b> Attempt to deliver all queued mail. This is imple-
+ mented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command.
+
+ Warning: flushing undeliverable mail frequently
+ will result in poor delivery performance of all
+ other mail.
+
+ <b>-q</b><i>interval</i> (ignored)
+ The interval between queue runs. Use the
+ <b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a></b> configuration parameter instead.
+
+ <b>-qI</b><i>queueid</i>
+ Schedule immediate delivery of mail with the speci-
+ fied queue ID. This option is implemented by exe-
+ cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command, and is available
+ with Postfix version 2.4 and later.
+
+ <b>-qR</b><i>site</i>
+ Schedule immediate delivery of all mail that is
+ queued for the named <i>site</i>. This option accepts only
+ <i>site</i> names that are eligible for the "fast flush"
+ service, and is implemented by executing the
+ <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command. See <a href="flush.8.html"><b>flush</b>(8)</a> for more infor-
+ mation about the "fast flush" service.
+
+ <b>-qS</b><i>site</i>
+ This command is not implemented. Use the slower
+ "<b>sendmail -q</b>" command instead.
+
+ <b>-t</b> Extract recipients from message headers. These are
+ added to any recipients specified on the command
+ line.
+
+ With Postfix versions prior to 2.1, this option
+ requires that no recipient addresses are specified
+ on the command line.
+
+ <b>-U</b> (ignored)
+ Initial user submission.
+
+ <b>-V</b> <i>envid</i>
+ Specify the envelope ID for notification by servers
+ that support DSN.
+
+ This feature is available in Postfix 2.3 and later.
+
+ <b>-XV</b> (Postfix 2.2 and earlier: <b>-V</b>)
+ Variable Envelope Return Path. Given an envelope
+ sender address of the form <i>owner-listname</i>@<i>origin</i>,
+ each recipient <i>user</i>@<i>domain</i> receives mail with a
+ personalized envelope sender address.
+
+ By default, the personalized envelope sender
+ address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
+ default <b>+</b> and <b>=</b> characters are configurable with
+ the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
+ ter.
+
+ <b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
+ As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
+ characters, instead of the characters specified
+ with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
+ parameter.
+
+ <b>-v</b> Send an email report of the first delivery attempt
+ (Postfix versions 2.1 and later). Mail delivery
+ always happens in the background. When multiple <b>-v</b>
+ options are given, enable verbose logging for
+ debugging purposes.
+
+ <b>-X</b> <i>log</i><b>_</b><i>file</i> (ignored)
+ Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
+ <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
+
+<b>SECURITY</b>
+ By design, this program is not set-user (or group) id.
+ However, it must handle data from untrusted, possibly
+ remote, users. Thus, the usual precautions need to be
+ taken against malicious inputs.
+
+<b>DIAGNOSTICS</b>
+ Problems are logged to <b>syslogd</b>(8) and to the standard
+ error stream.
+
+<b>ENVIRONMENT</b>
+ <b>MAIL_CONFIG</b>
+ Directory with Postfix configuration files.
+
+ <b>MAIL_VERBOSE</b> (value does not matter)
+ Enable verbose logging for debugging purposes.
+
+ <b>MAIL_DEBUG</b> (value does not matter)
+ Enable debugging with an external command, as spec-
+ ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
+ parameter.
+
+ <b>NAME</b> The sender full name. This is used only with mes-
+ sages that have no <b>From:</b> message header. See also
+ the <b>-F</b> option above.
+
+<b>CONFIGURATION PARAMETERS</b>
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
+ to this program. The text below provides only a parameter
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
+ ples.
+
+<b>TROUBLE SHOOTING CONTROLS</b>
+ The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
+ shoot a Postfix system.
+
+ <b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
+ The external command to execute when a Postfix dae-
+ mon program is invoked with the -D option.
+
+ <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
+ <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
+
+ <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
+ in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
+
+<b>ACCESS CONTROLS</b>
+ Available in Postfix version 2.2 and later:
+
+ <b><a href="postconf.5.html#authorized_flush_users">authorized_flush_users</a> (static:anyone)</b>
+ List of users who are authorized to flush the
+ queue.
+
+ <b><a href="postconf.5.html#authorized_mailq_users">authorized_mailq_users</a> (static:anyone)</b>
+ List of users who are authorized to view the queue.
+
+ <b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (static:anyone)</b>
+ List of users who are authorized to submit mail
+ with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
+ leged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper command).
+
+<b>RESOURCE AND RATE CONTROLS</b>
+ <b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
+ The maximal amount of original message text that is
+ sent in a non-delivery notification.
+
+ <b><a href="postconf.5.html#fork_attempts">fork_attempts</a> (5)</b>
+ The maximal number of attempts to fork() a child
+ process.
+
+ <b><a href="postconf.5.html#fork_delay">fork_delay</a> (1s)</b>
+ The delay between attempts to fork() a child
+ process.
+
+ <b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
+ The maximal number of Received: message headers
+ that is allowed in the primary message headers.
+
+ <b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (version dependent)</b>
+ The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
+ manager.
+
+<b>FAST FLUSH CONTROLS</b>
+ The <a href="ETRN_README.html">ETRN_README</a> file describes configuration and operation
+ details for the Postfix "fast flush" service.
+
+ <b><a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> ($<a href="postconf.5.html#relay_domains">relay_domains</a>)</b>
+ Optional list of destinations that are eligible for
+ per-destination logfiles with mail that is queued
+ to those destinations.
+
+<b>VERP CONTROLS</b>
+ The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation
+ details of Postfix support for variable envelope return
+ path addresses.
+
+ <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
+ The two default VERP delimiter characters.
+
+ <b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
+ and in SMTP commands.
+
+<b>MISCELLANEOUS CONTROLS</b>
+ <b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
+ The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
+ updated with "<b>newaliases</b>" or with "<b>sendmail -bi</b>".
+
+ <b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
+ The location of all postfix administrative com-
+ mands.
+
+ <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
+
+ <b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
+ The directory with Postfix support programs and
+ daemon programs.
+
+ <b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
+ The default database type for use in <a href="newaliases.1.html"><b>newaliases</b>(1)</a>,
+ <a href="postalias.1.html"><b>postalias</b>(1)</a> and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
+
+ <b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
+ The time after which the sender receives the mes-
+ sage headers of mail that is still queued.
+
+ <b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix version 2.2,
+ is turned off by default with Postfix version 2.1,
+ and is always turned on with older Postfix ver-
+ sions).
+
+ <b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
+ The UNIX system account that owns the Postfix queue
+ and most Postfix daemon processes.
+
+ <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
+ The location of the Postfix top-level queue direc-
+ tory.
+
+ <b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
+ Don't rewrite message headers from remote clients
+ at all when this parameter is empty; otherwise, re-
+ write message headers and append the specified
+ domain name to incomplete addresses.
+
+ <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
+ The syslog facility of Postfix logging.
+
+ <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
+ becomes, for example, "postfix/smtpd".
+
+<b>FILES</b>
+ /var/spool/postfix, mail queue
+ /etc/postfix, configuration files
+
+<b>SEE ALSO</b>
+ <a href="pickup.8.html">pickup(8)</a>, mail pickup daemon
+ <a href="qmgr.8.html">qmgr(8)</a>, queue manager
+ <a href="smtpd.8.html">smtpd(8)</a>, SMTP server
+ <a href="flush.8.html">flush(8)</a>, fast flush service
+ <a href="postsuper.1.html">postsuper(1)</a>, queue maintenance
+ <a href="postalias.1.html">postalias(1)</a>, create/update/query alias database
+ <a href="postdrop.1.html">postdrop(1)</a>, mail posting utility
+ <a href="postfix.1.html">postfix(1)</a>, mail system control
+ <a href="postqueue.1.html">postqueue(1)</a>, mail queue control
+ syslogd(8), system logging
+
+<b>README_FILES</b>
+ <a href="DEBUG_README.html">DEBUG_README</a>, Postfix debugging howto
+ <a href="ETRN_README.html">ETRN_README</a>, Postfix ETRN howto
+ <a href="VERP_README.html">VERP_README</a>, Postfix VERP howto
+
+<b>LICENSE</b>
+ The Secure Mailer license must be distributed with this
+ software.
+
+<b>AUTHOR(S)</b>
+ Wietse Venema
+ IBM T.J. Watson Research
+ P.O. Box 704
+ Yorktown Heights, NY 10598, USA
+
+ SENDMAIL(1)
+</pre> </body> </html>
+++ /dev/null
-sendmail.1.html
\ No newline at end of file
--- /dev/null
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+<html> <head>
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+<title> Postfix manual - sendmail(1) </title>
+</head> <body> <pre>
+SENDMAIL(1) SENDMAIL(1)
+
+<b>NAME</b>
+ sendmail - Postfix to Sendmail compatibility interface
+
+<b>SYNOPSIS</b>
+ <b>sendmail</b> [<i>option ...</i>] [<i>recipient ...</i>]
+
+ <b>mailq</b>
+ <b>sendmail -bp</b>
+
+ <b>newaliases</b>
+ <b>sendmail -I</b>
+
+<b>DESCRIPTION</b>
+ The Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command implements the Postfix to
+ Sendmail compatibility interface. For the sake of compat-
+ ibility with existing applications, some Sendmail command-
+ line options are recognized but silently ignored.
+
+ By default, Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> reads a message from stan-
+ dard input until EOF or until it reads a line with only a
+ <b>.</b> character, and arranges for delivery. Postfix <a href="sendmail.1.html"><b>send-</b></a>
+ <a href="sendmail.1.html"><b>mail</b>(1)</a> relies on the <a href="postdrop.1.html"><b>postdrop</b>(1)</a> command to create a
+ queue file in the <b>maildrop</b> directory.
+
+ Specific command aliases are provided for other common
+ modes of operation:
+
+ <b>mailq</b> List the mail queue. Each entry shows the queue
+ file ID, message size, arrival time, sender, and
+ the recipients that still need to be delivered. If
+ mail could not be delivered upon the last attempt,
+ the reason for failure is shown. This mode of oper-
+ ation is implemented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a>
+ command.
+
+ <b>newaliases</b>
+ Initialize the alias database. If no input file is
+ specified (with the <b>-oA</b> option, see below), the
+ program processes the file(s) specified with the
+ <b><a href="postconf.5.html#alias_database">alias_database</a></b> configuration parameter. If no
+ alias database type is specified, the program uses
+ the type specified with the <b><a href="postconf.5.html#default_database_type">default_database_type</a></b>
+ configuration parameter. This mode of operation is
+ implemented by running the <a href="postalias.1.html"><b>postalias</b>(1)</a> command.
+
+ Note: it may take a minute or so before an alias
+ database update becomes visible. Use the "<b>postfix</b>
+ <b>reload</b>" command to eliminate this delay.
+
+ These and other features can be selected by specifying the
+ appropriate combination of command-line options. Some fea-
+ tures are controlled by parameters in the <a href="postconf.5.html"><b>main.cf</b></a> configu-
+ ration file.
+
+ The following options are recognized:
+
+ <b>-Am</b> (ignored)
+
+ <b>-Ac</b> (ignored)
+ Postfix sendmail uses the same configuration file
+ regardless of whether or not a message is an ini-
+ tial submission.
+
+ <b>-B</b> <i>body</i><b>_</b><i>type</i>
+ The message body MIME type: <b>7BIT</b> or <b>8BITMIME</b>.
+
+ <b>-bd</b> Go into daemon mode. This mode of operation is
+ implemented by executing the "<b>postfix start</b>" com-
+ mand.
+
+ <b>-bh</b> (ignored)
+
+ <b>-bH</b> (ignored)
+ Postfix has no persistent host status database.
+
+ <b>-bi</b> Initialize alias database. See the <b>newaliases</b> com-
+ mand above.
+
+ <b>-bm</b> Read mail from standard input and arrange for
+ delivery. This is the default mode of operation.
+
+ <b>-bp</b> List the mail queue. See the <b>mailq</b> command above.
+
+ <b>-bs</b> Stand-alone SMTP server mode. Read SMTP commands
+ from standard input, and write responses to stan-
+ dard output. In stand-alone SMTP server mode, mail
+ relaying and other access controls are disabled by
+ default. To enable them, run the process as the
+ <b><a href="postconf.5.html#mail_owner">mail_owner</a></b> user.
+
+ This mode of operation is implemented by running
+ the <a href="smtpd.8.html"><b>smtpd</b>(8)</a> daemon.
+
+ <b>-bv</b> Do not collect or deliver a message. Instead, send
+ an email report after verifying each recipient
+ address. This is useful for testing address
+ rewriting and routing configurations.
+
+ This feature is available in Postfix version 2.1
+ and later.
+
+ <b>-C</b> <i>config</i><b>_</b><i>file</i>
+
+ <b>-C</b> <i>config</i><b>_</b><i>dir</i>
+ The path name of the Postfix <a href="postconf.5.html"><b>main.cf</b></a> file, or of
+ its parent directory. This information is ignored
+ with Postfix versions before 2.3.
+
+ With all Postfix versions, you can specify a direc-
+ tory pathname with the MAIL_CONFIG environment
+ variable to override the location of configuration
+ files.
+
+ <b>-F</b> <i>full</i><b>_</b><i>name</i>
+ Set the sender full name. This overrides the NAME
+ environment variable, and is used only with mes-
+ sages that have no <b>From:</b> message header.
+
+ <b>-f</b> <i>sender</i>
+ Set the envelope sender address. This is the
+ address where delivery problems are sent to. With
+ Postfix versions before 2.1, the <b>Errors-To:</b> message
+ header overrides the error return address.
+
+ <b>-G</b> Gateway (relay) submission, as opposed to initial
+ user submission. Either do not rewrite addresses
+ at all, or update incomplete addresses with the
+ domain information specified with <b>remote_header_re-</b>
+ <b>write_domain</b>.
+
+ This option is ignored before Postfix version 2.3.
+
+ <b>-h</b> <i>hop</i><b>_</b><i>count</i> (ignored)
+ Hop count limit. Use the <b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a></b> configura-
+ tion parameter instead.
+
+ <b>-I</b> Initialize alias database. See the <b>newaliases</b> com-
+ mand above.
+
+ <b>-i</b> When reading a message from standard input, don't
+ treat a line with only a <b>.</b> character as the end of
+ input.
+
+ <b>-L</b> <i>label</i> (ignored)
+ The logging label. Use the <b><a href="postconf.5.html#syslog_name">syslog_name</a></b> configura-
+ tion parameter instead.
+
+ <b>-m</b> (ignored)
+ Backwards compatibility.
+
+ <b>-N</b> <i>dsn</i> (default: 'delay, failure')
+ Delivery status notification control. Specify
+ either a comma-separated list with one or more of
+ <b>failure</b> (send notification when delivery fails),
+ <b>delay</b> (send notification when delivery is delayed),
+ or <b>success</b> (send notification when the message is
+ delivered); or specify <b>never</b> (don't send any noti-
+ fications at all).
+
+ This feature is available in Postfix 2.3 and later.
+
+ <b>-n</b> (ignored)
+ Backwards compatibility.
+
+ <b>-oA</b><i>alias</i><b>_</b><i>database</i>
+ Non-default alias database. Specify <i>pathname</i> or
+ <i>type</i>:<i>pathname</i>. See <a href="postalias.1.html"><b>postalias</b>(1)</a> for details.
+
+ <b>-O</b> <i>option=value</i> (ignored)
+ Backwards compatibility.
+
+ <b>-o7</b> (ignored)
+
+ <b>-o8</b> (ignored)
+ To send 8-bit or binary content, use an appropriate
+ MIME encapsulation and specify the appropriate <b>-B</b>
+ command-line option.
+
+ <b>-oi</b> When reading a message from standard input, don't
+ treat a line with only a <b>.</b> character as the end of
+ input.
+
+ <b>-om</b> (ignored)
+ The sender is never eliminated from alias etc.
+ expansions.
+
+ <b>-o</b> <i>x value</i> (ignored)
+ Set option <i>x</i> to <i>value</i>. Use the equivalent configu-
+ ration parameter in <a href="postconf.5.html"><b>main.cf</b></a> instead.
+
+ <b>-r</b> <i>sender</i>
+ Set the envelope sender address. This is the
+ address where delivery problems are sent to. With
+ Postfix versions before 2.1, the <b>Errors-To:</b> message
+ header overrides the error return address.
+
+ <b>-R</b> <i>return</i><b>_</b><i>limit</i> (ignored)
+ Limit the size of bounced mail. Use the
+ <b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a></b> configuration parameter instead.
+
+ <b>-q</b> Attempt to deliver all queued mail. This is imple-
+ mented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command.
+
+ Warning: flushing undeliverable mail frequently
+ will result in poor delivery performance of all
+ other mail.
+
+ <b>-q</b><i>interval</i> (ignored)
+ The interval between queue runs. Use the
+ <b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a></b> configuration parameter instead.
+
+ <b>-qI</b><i>queueid</i>
+ Schedule immediate delivery of mail with the speci-
+ fied queue ID. This option is implemented by exe-
+ cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command, and is available
+ with Postfix version 2.4 and later.
+
+ <b>-qR</b><i>site</i>
+ Schedule immediate delivery of all mail that is
+ queued for the named <i>site</i>. This option accepts only
+ <i>site</i> names that are eligible for the "fast flush"
+ service, and is implemented by executing the
+ <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command. See <a href="flush.8.html"><b>flush</b>(8)</a> for more infor-
+ mation about the "fast flush" service.
+
+ <b>-qS</b><i>site</i>
+ This command is not implemented. Use the slower
+ "<b>sendmail -q</b>" command instead.
+
+ <b>-t</b> Extract recipients from message headers. These are
+ added to any recipients specified on the command
+ line.
+
+ With Postfix versions prior to 2.1, this option
+ requires that no recipient addresses are specified
+ on the command line.
+
+ <b>-U</b> (ignored)
+ Initial user submission.
+
+ <b>-V</b> <i>envid</i>
+ Specify the envelope ID for notification by servers
+ that support DSN.
+
+ This feature is available in Postfix 2.3 and later.
+
+ <b>-XV</b> (Postfix 2.2 and earlier: <b>-V</b>)
+ Variable Envelope Return Path. Given an envelope
+ sender address of the form <i>owner-listname</i>@<i>origin</i>,
+ each recipient <i>user</i>@<i>domain</i> receives mail with a
+ personalized envelope sender address.
+
+ By default, the personalized envelope sender
+ address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
+ default <b>+</b> and <b>=</b> characters are configurable with
+ the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
+ ter.
+
+ <b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
+ As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
+ characters, instead of the characters specified
+ with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
+ parameter.
+
+ <b>-v</b> Send an email report of the first delivery attempt
+ (Postfix versions 2.1 and later). Mail delivery
+ always happens in the background. When multiple <b>-v</b>
+ options are given, enable verbose logging for
+ debugging purposes.
+
+ <b>-X</b> <i>log</i><b>_</b><i>file</i> (ignored)
+ Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
+ <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
+
+<b>SECURITY</b>
+ By design, this program is not set-user (or group) id.
+ However, it must handle data from untrusted, possibly
+ remote, users. Thus, the usual precautions need to be
+ taken against malicious inputs.
+
+<b>DIAGNOSTICS</b>
+ Problems are logged to <b>syslogd</b>(8) and to the standard
+ error stream.
+
+<b>ENVIRONMENT</b>
+ <b>MAIL_CONFIG</b>
+ Directory with Postfix configuration files.
+
+ <b>MAIL_VERBOSE</b> (value does not matter)
+ Enable verbose logging for debugging purposes.
+
+ <b>MAIL_DEBUG</b> (value does not matter)
+ Enable debugging with an external command, as spec-
+ ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
+ parameter.
+
+ <b>NAME</b> The sender full name. This is used only with mes-
+ sages that have no <b>From:</b> message header. See also
+ the <b>-F</b> option above.
+
+<b>CONFIGURATION PARAMETERS</b>
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
+ to this program. The text below provides only a parameter
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
+ ples.
+
+<b>TROUBLE SHOOTING CONTROLS</b>
+ The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
+ shoot a Postfix system.
+
+ <b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
+ The external command to execute when a Postfix dae-
+ mon program is invoked with the -D option.
+
+ <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
+ <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
+
+ <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
+ in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
+
+<b>ACCESS CONTROLS</b>
+ Available in Postfix version 2.2 and later:
+
+ <b><a href="postconf.5.html#authorized_flush_users">authorized_flush_users</a> (static:anyone)</b>
+ List of users who are authorized to flush the
+ queue.
+
+ <b><a href="postconf.5.html#authorized_mailq_users">authorized_mailq_users</a> (static:anyone)</b>
+ List of users who are authorized to view the queue.
+
+ <b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (static:anyone)</b>
+ List of users who are authorized to submit mail
+ with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
+ leged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper command).
+
+<b>RESOURCE AND RATE CONTROLS</b>
+ <b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
+ The maximal amount of original message text that is
+ sent in a non-delivery notification.
+
+ <b><a href="postconf.5.html#fork_attempts">fork_attempts</a> (5)</b>
+ The maximal number of attempts to fork() a child
+ process.
+
+ <b><a href="postconf.5.html#fork_delay">fork_delay</a> (1s)</b>
+ The delay between attempts to fork() a child
+ process.
+
+ <b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
+ The maximal number of Received: message headers
+ that is allowed in the primary message headers.
+
+ <b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (version dependent)</b>
+ The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
+ manager.
+
+<b>FAST FLUSH CONTROLS</b>
+ The <a href="ETRN_README.html">ETRN_README</a> file describes configuration and operation
+ details for the Postfix "fast flush" service.
+
+ <b><a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> ($<a href="postconf.5.html#relay_domains">relay_domains</a>)</b>
+ Optional list of destinations that are eligible for
+ per-destination logfiles with mail that is queued
+ to those destinations.
+
+<b>VERP CONTROLS</b>
+ The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation
+ details of Postfix support for variable envelope return
+ path addresses.
+
+ <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
+ The two default VERP delimiter characters.
+
+ <b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
+ and in SMTP commands.
+
+<b>MISCELLANEOUS CONTROLS</b>
+ <b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
+ The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
+ updated with "<b>newaliases</b>" or with "<b>sendmail -bi</b>".
+
+ <b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
+ The location of all postfix administrative com-
+ mands.
+
+ <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
+
+ <b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
+ The directory with Postfix support programs and
+ daemon programs.
+
+ <b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
+ The default database type for use in <a href="newaliases.1.html"><b>newaliases</b>(1)</a>,
+ <a href="postalias.1.html"><b>postalias</b>(1)</a> and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
+
+ <b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
+ The time after which the sender receives the mes-
+ sage headers of mail that is still queued.
+
+ <b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix version 2.2,
+ is turned off by default with Postfix version 2.1,
+ and is always turned on with older Postfix ver-
+ sions).
+
+ <b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
+ The UNIX system account that owns the Postfix queue
+ and most Postfix daemon processes.
+
+ <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
+ The location of the Postfix top-level queue direc-
+ tory.
+
+ <b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
+ Don't rewrite message headers from remote clients
+ at all when this parameter is empty; otherwise, re-
+ write message headers and append the specified
+ domain name to incomplete addresses.
+
+ <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
+ The syslog facility of Postfix logging.
+
+ <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
+ becomes, for example, "postfix/smtpd".
+
+<b>FILES</b>
+ /var/spool/postfix, mail queue
+ /etc/postfix, configuration files
+
+<b>SEE ALSO</b>
+ <a href="pickup.8.html">pickup(8)</a>, mail pickup daemon
+ <a href="qmgr.8.html">qmgr(8)</a>, queue manager
+ <a href="smtpd.8.html">smtpd(8)</a>, SMTP server
+ <a href="flush.8.html">flush(8)</a>, fast flush service
+ <a href="postsuper.1.html">postsuper(1)</a>, queue maintenance
+ <a href="postalias.1.html">postalias(1)</a>, create/update/query alias database
+ <a href="postdrop.1.html">postdrop(1)</a>, mail posting utility
+ <a href="postfix.1.html">postfix(1)</a>, mail system control
+ <a href="postqueue.1.html">postqueue(1)</a>, mail queue control
+ syslogd(8), system logging
+
+<b>README_FILES</b>
+ <a href="DEBUG_README.html">DEBUG_README</a>, Postfix debugging howto
+ <a href="ETRN_README.html">ETRN_README</a>, Postfix ETRN howto
+ <a href="VERP_README.html">VERP_README</a>, Postfix VERP howto
+
+<b>LICENSE</b>
+ The Secure Mailer license must be distributed with this
+ software.
+
+<b>AUTHOR(S)</b>
+ Wietse Venema
+ IBM T.J. Watson Research
+ P.O. Box 704
+ Yorktown Heights, NY 10598, USA
+
+ SENDMAIL(1)
+</pre> </body> </html>
<b>o</b> Postfix NIS+ map names use "<b>;</b>" instead of "<b>,</b>",
because the latter character is special in the
- Postfix main.cf file. Postfix replaces "<b>;</b>" charac-
+ Postfix <a href="postconf.5.html">main.cf</a> file. Postfix replaces "<b>;</b>" charac-
ters in the map name by "<b>,</b>" before making NIS+
queries.
Cambridge
CB10 1SB, UK
- Based on the NIS client code:
-
Adopted and adapted by:
Wietse Venema
IBM T.J. Watson Research
pcre_table - format of Postfix PCRE tables
<b>SYNOPSIS</b>
- <b>postmap -
fq "</b><i>string</i><b>" <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i>
+ <b>postmap -q "</b><i>string</i><b>" <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i>
- <b>postmap -
fq - <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i>
+ <b>postmap -q - <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i>
<b>DESCRIPTION</b>
The Postfix mail system uses optional tables for address
To find out what types of lookup tables your Postfix sys-
tem supports use the "<b>postconf -m</b>" command.
- To test lookup tables, use the "<b>postmap -fq</b>" command as
+ To test lookup tables, use the "<b>postmap -q</b>" command as
described in the SYNOPSIS above.
+<b>COMPATIBILITY</b>
+ With Postfix version 2.2 and earlier specify "<b>postmap -fq</b>"
+ to query a table that contains case sensitive patterns.
+ Patterns are case insensitive by default.
+
<b>TABLE FORMAT</b>
The general form of a PCRE table is:
</p>
<p> Note 2: address information may be enclosed inside <tt>[]</tt>,
-but this form is not recommended here. </p>
+but this form is not required here. </p>
<p> When <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> specifies just one IPv4 and/or IPv6 address
that is not a loopback address, the Postfix SMTP client will use
<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> documentation for more detail. </p>
<p> Note 2: address information may be enclosed inside <tt>[]</tt>,
-but this form is not recommended here. </p>
+but this form is not required here. </p>
</DD>
P.O. Box 830688, MC34
Richardson, TX 75083, USA
+ IPv6 support originally by:
+ Mark Huizer, Eindhoven University, The Netherlands
+ Jun-ichiro 'itojun' Hagino, KAME project, Japan
+ The Linux PLD project
+ Dean Strik, Eindhoven University, The Netherlands
+
POSTFIX(1)
</pre> </body> </html>
postlog - Postfix-compatible logging utility
<b>SYNOPSIS</b>
- <b>postlog</b> [<b>-iv</b>] [<b>-c</b> <i>config</i><b>_</b><i>dir</i>]
- [<b>-p</b> <i>priority</i><b>] [-t</b> <i>tag</i>] [<i>text...</i>]
+ <b>postlog</b> [<b>-iv</b>] [<b>-c</b> <i>config</i><b>_</b><i>dir</i>] [<b>-p</b> <i>priority</i><b>] [-t</b> <i>tag</i>]
+ [<i>text...</i>]
<b>DESCRIPTION</b>
- The <a href="postlog.1.html"><b>postlog</b>(1)</a> command implements a Postfix-compatible
- logging interface for use in, for example, shell scripts.
+ The <a href="postlog.1.html"><b>postlog</b>(1)</a> command implements a Postfix-compatible
+ logging interface for use in, for example, shell scripts.
- By default, <a href="postlog.1.html"><b>postlog</b>(1)</a> logs the <i>text</i> given on the command
+ By default, <a href="postlog.1.html"><b>postlog</b>(1)</a> logs the <i>text</i> given on the command
line as one record. If no <i>text</i> is specified on the command
- line, <a href="postlog.1.html"><b>postlog</b>(1)</a> reads from standard input and logs each
+ line, <a href="postlog.1.html"><b>postlog</b>(1)</a> reads from standard input and logs each
input line as one record.
- Logging is sent to <b>syslogd</b>(8); when the standard error
- stream is connected to a terminal, logging is sent there
+ Logging is sent to <b>syslogd</b>(8); when the standard error
+ stream is connected to a terminal, logging is sent there
as well.
The following options are implemented:
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
- Read the <a href="postconf.5.html"><b>main.cf</b></a> configuration file in the named
+ Read the <a href="postconf.5.html"><b>main.cf</b></a> configuration file in the named
directory instead of the default configuration
directory.
<b>-i</b> Include the process ID in the logging tag.
<b>-p</b> <i>priority</i>
- Specifies the logging severity: <b>info</b> (default),
+ Specifies the logging severity: <b>info</b> (default),
<b>warn</b>, <b>error</b>, <b>fatal</b>, or <b>panic</b>.
<b>-t</b> <i>tag</i> Specifies the logging tag, that is, the identifying
- name that appears at the beginning of each logging
- record. A default tag is used when none is speci-
+ name that appears at the beginning of each logging
+ record. A default tag is used when none is speci-
fied.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
<b>ENVIRONMENT</b>
Directory with the <a href="postconf.5.html"><b>main.cf</b></a> file.
<b>CONFIGURATION PARAMETERS</b>
- The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program.
- The text below provides only a parameter summary. See
+ The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
syslogd(8), syslog daemon
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
regexp_table - format of Postfix regular expression tables
<b>SYNOPSIS</b>
- <b>postmap -
fq "</b><i>string</i><b>" <a href="regexp_table.5.html">regexp</a>:/etc/postfix/</b><i>filename</i>
+ <b>postmap -q "</b><i>string</i><b>" <a href="regexp_table.5.html">regexp</a>:/etc/postfix/</b><i>filename</i>
- <b>postmap -
fq - <a href="regexp_table.5.html">regexp</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i>
+ <b>postmap -q - <a href="regexp_table.5.html">regexp</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i>
<b>DESCRIPTION</b>
The Postfix mail system uses optional tables for address
To find out what types of lookup tables your Postfix sys-
tem supports use the "<b>postconf -m</b>" command.
- To test lookup tables, use the "<b>postmap -fq</b>" command as
+ To test lookup tables, use the "<b>postmap -q</b>" command as
described in the SYNOPSIS above.
+<b>COMPATIBILITY</b>
+ With Postfix version 2.2 and earlier specify "<b>postmap -fq</b>"
+ to query a table that contains case sensitive patterns.
+ Patterns are case insensitive by default.
+
<b>TABLE FORMAT</b>
The general form of a Postfix regular expression table is:
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
-<b>BUGS</b>
- The <a href="showq.8.html"><b>showq</b>(8)</a> daemon runs at a fixed low privilege; conse-
- quently, it cannot extract information from queue files in
- the <b>maildrop</b> directory.
-
<b>CONFIGURATION PARAMETERS</b>
Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically as <a href="showq.8.html"><b>showq</b>(8)</a>
processes run for only a limited amount of time. Use the
the client is used for multiple domains.
Most smtp_<i>xxx</i> configuration parameters have an lmtp_<i>xxx</i>
- "ghost" parameter for the equivalent LMTP feature. This
+ "mirror" parameter for the equivalent LMTP feature. This
document describes only those LMTP-related parameters that
- aren't simply "ghost" parameters.
+ aren't simply "mirror" parameters.
Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as <a href="smtp.8.html"><b>smtp</b>(8)</a>
processes run for only a limited amount of time. Use the
+++ /dev/null
-bounce.8.html
\ No newline at end of file
--- /dev/null
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+<html> <head>
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+<title> Postfix manual - bounce(8) </title>
+</head> <body> <pre>
+BOUNCE(8) BOUNCE(8)
+
+<b>NAME</b>
+ bounce - Postfix delivery status reports
+
+<b>SYNOPSIS</b>
+ <b>bounce</b> [generic Postfix daemon options]
+
+<b>DESCRIPTION</b>
+ The <a href="bounce.8.html"><b>bounce</b>(8)</a> daemon maintains per-message log files with
+ delivery status information. Each log file is named after
+ the queue file that it corresponds to, and is kept in a
+ queue subdirectory named after the service name in the
+ <a href="master.5.html"><b>master.cf</b></a> file (either <b>bounce</b>, <b>defer</b> or <b>trace</b>). This pro-
+ gram expects to be run from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
+
+ The <a href="bounce.8.html"><b>bounce</b>(8)</a> daemon processes two types of service
+ requests:
+
+ <b>o</b> Append a recipient (non-)delivery status record to
+ a per-message log file.
+
+ <b>o</b> Enqueue a delivery status notification message,
+ with a copy of a per-message log file and of the
+ corresponding message. When the delivery status
+ notification message is enqueued successfully, the
+ per-message log file is deleted.
+
+ The software does a best notification effort. A non-deliv-
+ ery notification is sent even when the log file or the
+ original message cannot be read.
+
+ Optionally, a bounce (defer, trace) client can request
+ that the per-message log file be deleted when the
+ requested operation fails. This is used by clients that
+ cannot retry transactions by themselves, and that depend
+ on retry logic in their own client.
+
+<b>STANDARDS</b>
+ <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
+ <a href="http://www.faqs.org/rfcs/rfc2045.html">RFC 2045</a> (Format of Internet Message Bodies)
+ <a href="http://www.faqs.org/rfcs/rfc2822.html">RFC 2822</a> (ARPA Internet Text Messages)
+ <a href="http://www.faqs.org/rfcs/rfc3462.html">RFC 3462</a> (Delivery Status Notifications)
+ <a href="http://www.faqs.org/rfcs/rfc3464.html">RFC 3464</a> (Delivery Status Notifications)
+ <a href="http://www.faqs.org/rfcs/rfc3834.html">RFC 3834</a> (Auto-Submitted: message header)
+
+<b>DIAGNOSTICS</b>
+ Problems and transactions are logged to <b>syslogd</b>(8).
+
+<b>CONFIGURATION PARAMETERS</b>
+ Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as
+ <a href="bounce.8.html"><b>bounce</b>(8)</a> processes run for only a limited amount of time.
+ Use the command "<b>postfix reload</b>" to speed up a change.
+
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
+
+ <b><a href="postconf.5.html#2bounce_notice_recipient">2bounce_notice_recipient</a> (postmaster)</b>
+ The recipient of undeliverable mail that cannot be
+ returned to the sender.
+
+ <b><a href="postconf.5.html#backwards_bounce_logfile_compatibility">backwards_bounce_logfile_compatibility</a> (yes)</b>
+ Produce additional <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile records that
+ can be read by Postfix versions before 2.0.
+
+ <b><a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> (postmaster)</b>
+ The recipient of postmaster notifications with the
+ message headers of mail that Postfix did not
+ deliver and of SMTP conversation transcripts of
+ mail that Postfix did not receive.
+
+ <b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
+ The maximal amount of original message text that is
+ sent in a non-delivery notification.
+
+ <b><a href="postconf.5.html#bounce_template_file">bounce_template_file</a> (empty)</b>
+ Pathname of a configuration file with bounce mes-
+ sage templates.
+
+ <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
+
+ <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
+ built-in watchdog timer.
+
+ <b><a href="postconf.5.html#delay_notice_recipient">delay_notice_recipient</a> (postmaster)</b>
+ The recipient of postmaster notifications with the
+ message headers of mail that cannot be delivered
+ within $<a href="postconf.5.html#delay_warning_time">delay_warning_time</a> time units.
+
+ <b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b>
+ The maximal number of attempts to acquire an exclu-
+ sive lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
+
+ <b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
+ The time between attempts to acquire an exclusive
+ lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
+
+ <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
+ The time limit for sending or receiving information
+ over an internal communication channel.
+
+ <b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
+ What categories of Postfix-generated mail are sub-
+ ject to before-queue content inspection by
+ <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
+
+ <b><a href="postconf.5.html#mail_name">mail_name</a> (Postfix)</b>
+ The mail system name that is displayed in Received:
+ headers, in the SMTP greeting banner, and in
+ bounced mail.
+
+ <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
+ The maximum amount of time that an idle Postfix
+ daemon process waits for an incoming connection
+ before terminating voluntarily.
+
+ <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
+ The maximal number of incoming connections that a
+ Postfix daemon process will service before termi-
+ nating voluntarily.
+
+ <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
+ The list of error classes that are reported to the
+ postmaster.
+
+ <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
+ The process ID of a Postfix command or daemon
+ process.
+
+ <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
+ The process name of a Postfix command or daemon
+ process.
+
+ <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
+ The location of the Postfix top-level queue direc-
+ tory.
+
+ <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
+ The syslog facility of Postfix logging.
+
+ <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
+ becomes, for example, "postfix/smtpd".
+
+<b>FILES</b>
+ /var/spool/postfix/bounce/* non-delivery records
+ /var/spool/postfix/defer/* non-delivery records
+ /var/spool/postfix/trace/* delivery status records
+
+<b>SEE ALSO</b>
+ <a href="bounce.5.html">bounce(5)</a>, bounce message template format
+ <a href="qmgr.8.html">qmgr(8)</a>, queue manager
+ <a href="postconf.5.html">postconf(5)</a>, configuration parameters
+ <a href="master.5.html">master(5)</a>, generic daemon options
+ <a href="master.8.html">master(8)</a>, process manager
+ syslogd(8), system logging
+
+<b>LICENSE</b>
+ The Secure Mailer license must be distributed with this
+ software.
+
+<b>AUTHOR(S)</b>
+ Wietse Venema
+ IBM T.J. Watson Research
+ P.O. Box 704
+ Yorktown Heights, NY 10598, USA
+
+ BOUNCE(8)
+</pre> </body> </html>
;;
esac
;;
-"Mac OS".10.[0-3]*)
- SYSTYPE=MACOSX
- # Use the native compiler by default
- : ${CC=cc}
- AWK=gawk
- CCARGS="$CCARGS -DNO_KQUEUE"
- ;;
-
"Mac OS".10*) SYSTYPE=MACOSX
# Use the native compiler by default
: ${CC=cc}
University of Texas at Dallas
P.O. Box 830688, MC34
Richardson, TX 75083, USA
+
+IPv6 support originally by:
+Mark Huizer, Eindhoven University, The Netherlands
+Jun-ichiro 'itojun' Hagino, KAME project, Japan
+The Linux PLD project
+Dean Strik, Eindhoven University, The Netherlands
.na
.nf
.fi
+.ad
\fBpostlog\fR [\fB-iv\fR] [\fB-c \fIconfig_dir\fR]
- [\fB-p \fIpriority\fB] [\fB-t \fItag\fR] [\fItext...\fR]
+[\fB-p \fIpriority\fB] [\fB-t \fItag\fR] [\fItext...\fR]
.SH DESCRIPTION
.ad
.fi
match is found in the access table, or until further
truncation is not possible.
-NOTE 1: The information in the access map should be in
-canonical form, with unnecessary null characters eliminated.
-Address information must not be enclosed with "[]" characters.
+NOTE 1: The access map lookup key must be in canonical form:
+do not specify unnecessary null characters, and do not
+enclose network address information with "[]" characters.
NOTE 2: use the \fBcidr\fR lookup table type to specify
network/netmask patterns. See \fBcidr_table\fR(5) for details.
string representation of the IPv6 host address. Thus, not
all the ":" subnetworks will be tried.
-NOTE 2: The information in the access map should be in
-canonical form, with unnecessary null characters eliminated.
-Address information must not be enclosed with "[]" characters.
+NOTE 2: The access map lookup key must be in canonical form:
+do not specify unnecessary null characters, and do not
+enclose network address information with "[]" characters.
NOTE 3: use the \fBcidr\fR lookup table type to specify
network/netmask patterns. See \fBcidr_table\fR(5) for details.
will be matched regardless of redundant zero characters.
Note: address information may be enclosed inside "[]" but
-this form is not recommended.
+this form is not required.
IPv6 support is available in Postfix 2.2 and later.
.IP "\fInetwork_address result\fR"
.br
\fBbody_checks = pcre:/etc/postfix/body_checks\fR
.sp
-\fBpostmap -fq "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
+\fBpostmap -q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
.br
-\fBpostmap -fq - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+\fBpostmap -q - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
.SH DESCRIPTION
.ad
.fi
input key is \fIuser@mail.example.com\fR, then %1 is \fBcom\fR,
%2 is \fBexample\fR and %3 is \fBmail\fR. If the input key is
unqualified or does not have enough domain components to satisfy
-all the specified patterns, the saerch is suppressed and returns
+all the specified patterns, the search is suppressed and returns
no results.
.IP
The above %1, ..., %9 expansions are available with Postfix 2.2
Cambridge
CB10 1SB, UK
-Based on the NIS client code:
-
Adopted and adapted by:
Wietse Venema
IBM T.J. Watson Research
.SH "SYNOPSIS"
.na
.nf
-\fBpostmap -fq "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
+\fBpostmap -q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
-\fBpostmap -fq - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+\fBpostmap -q - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
.SH DESCRIPTION
.ad
.fi
To find out what types of lookup tables your Postfix system
supports use the "\fBpostconf -m\fR" command.
-To test lookup tables, use the "\fBpostmap -fq\fR" command as
+To test lookup tables, use the "\fBpostmap -q\fR" command as
described in the SYNOPSIS above.
+.SH "COMPATIBILITY"
+.na
+.nf
+.ad
+.fi
+With Postfix version 2.2 and earlier specify "\fBpostmap
+-fq\fR" to query a table that contains case sensitive
+patterns. Patterns are case insensitive by default.
.SH "TABLE FORMAT"
.na
.nf
Note 1: you need to stop and start Postfix when this parameter changes.
.PP
Note 2: address information may be enclosed inside [],
-but this form is not recommended here.
+but this form is not required here.
.PP
When inet_interfaces specifies just one IPv4 and/or IPv6 address
that is not a loopback address, the Postfix SMTP client will use
inet_interfaces documentation for more detail.
.PP
Note 2: address information may be enclosed inside [],
-but this form is not recommended here.
+but this form is not required here.
.SH smtp_bind_address6 (default: empty)
An optional numerical network address that the Postfix SMTP client
should bind to when making an IPv6 connection.
.SH "SYNOPSIS"
.na
.nf
-\fBpostmap -fq "\fIstring\fB" regexp:/etc/postfix/\fIfilename\fR
+\fBpostmap -q "\fIstring\fB" regexp:/etc/postfix/\fIfilename\fR
-\fBpostmap -fq - regexp:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+\fBpostmap -q - regexp:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
.SH DESCRIPTION
.ad
.fi
To find out what types of lookup tables your Postfix system
supports use the "\fBpostconf -m\fR" command.
-To test lookup tables, use the "\fBpostmap -fq\fR" command as
-described in the SYNOPSIS above.
+To test lookup tables, use the "\fBpostmap -q\fR" command
+as described in the SYNOPSIS above.
+.SH "COMPATIBILITY"
+.na
+.nf
+.ad
+.fi
+With Postfix version 2.2 and earlier specify "\fBpostmap
+-fq\fR" to query a table that contains case sensitive
+patterns. Patterns are case insensitive by default.
.SH "TABLE FORMAT"
.na
.nf
In this preliminary implementation, a count (or rate) limited server
can have only one remote client at a time. If a server reports
-multiple simultaneous clients, all but the last reported client
-are ignored.
+multiple simultaneous clients, state is kept only for the last
+reported client.
The \fBanvil\fR(8) server automatically discards client
request information after it expires. To prevent the
Append a recipient (non-)delivery status record to a per-message
log file.
.IP \(bu
-Enqueue a bounce message, with a copy of a per-message log file
-and of the corresponding message. When the bounce message is
+Enqueue a delivery status notification message, with a copy
+of a per-message log file and of the corresponding message.
+When the delivery status notification message is
enqueued successfully, the per-message log file is deleted.
.PP
The software does a best notification effort. A non-delivery
.ad
.fi
Problems and transactions are logged to \fBsyslogd\fR(8).
-.SH BUGS
-.ad
-.fi
-The \fBshowq\fR(8) daemon runs at a fixed low privilege; consequently,
-it cannot extract information from queue files in the
-\fBmaildrop\fR directory.
.SH "CONFIGURATION PARAMETERS"
.na
.nf
when the client is used for multiple domains.
Most smtp_\fIxxx\fR configuration parameters have an
-lmtp_\fIxxx\fR "ghost" parameter for the equivalent LMTP
+lmtp_\fIxxx\fR "mirror" parameter for the equivalent LMTP
feature. This document describes only those LMTP-related
-parameters that aren't simply "ghost" parameters.
+parameters that aren't simply "mirror" parameters.
Changes to \fBmain.cf\fR are picked up automatically, as \fBsmtp\fR(8)
processes run for only a limited amount of time. Use the command
esac) || exit 1
continue;;
- # Hard link
-
- h) eval dest_path=$install_root$path
- check_parent $dest_path || exit 1
- eval source_path=$install_root$source
- compare_or_hardlink $source_path $dest_path || exit 1
+ # Hard link. Skip files that are not installed.
+
+ h) eval echo $path | (IFS=/ read prefix file; test "$prefix" = "no" || (
+ eval dest_path=$install_root$path
+ check_parent $dest_path || exit 1
+ eval source_path=$install_root$source
+ compare_or_hardlink $source_path $dest_path || exit 1
+ )) || exit 1
continue;;
- # Symbolic link
+ # Symbolic link. Skip files that are not installed.
- l) eval dest_path=$install_root$path
- check_parent $dest_path || exit 1
- eval source_path=$install_root$source
- compare_or_symlink $source_path $dest_path || exit 1
+ l) eval echo $path | (IFS=/ read prefix file; test "$prefix" = "no" || (
+ eval dest_path=$install_root$path
+ check_parent $dest_path || exit 1
+ eval source_path=$install_root$source
+ compare_or_symlink $source_path $dest_path || exit 1
+ )) || exit 1
continue;;
*) echo $0: Error: unknown type $type for $path in conf/postfix-files 1>&2
<li> <p> The list of domains that are a member of the class: for
example, all local domains, or all relay domains. </p>
-<li> <p> The default delivery transport. For example, the local or
-relay delivery transport (delivery transports are defined in
-master.cf). This helps to keep Postfix configurations
-simple. </p>
+<li> <p> The default delivery transport. For example, the local,
+virtual or relay delivery transport (delivery transports are defined
+in master.cf). This helps to keep Postfix configurations simple,
+by avoiding the need for explicit routing information in transport
+maps. </p>
<li> <p> The list of valid recipient addresses for that address
class. The Postfix SMTP server rejects invalid recipients with
<table>
-<tr> <td align="center" colspan="3" bgcolor="#f0f0ff"> <br> smtp(8)
-<br> </td> <td colspan="2"> --> Internet </td> </tr>
+<tr> <td> </td> <td> <tt> /-- </tt> </td> <td align="center"
+colspan="3" bgcolor="#f0f0ff"> smtp(8) </td> <td colspan="2"> <tt>
+--> </tt> Internet </td> </tr>
-<tr> <td align="center" rowspan="3"> </td> <td align="center"
-rowspan="3"><tt>|<br>|<br>|<br>|<br>|<br>|<br>v</tt></td>
-<td> </td> </tr>
+<tr> <td align="center" bgcolor="#f0f0ff"> qmgr(8) </td> <td> </td>
+<td align="center" rowspan="3"> </td> <td align="center"
+rowspan="3"><tt>|<br>|<br>|<br>|<br>v</tt></td> <td> </td>
+</tr>
-<tr> <td align="center"
-colspan="2" bgcolor="#f0f0ff"> <br> smtp(8) <br> </td> <td
-align="left"> --> Internet </td> </tr>
+<tr> <td> </td> <td> <tt> \-- </tt> </td> <td align="center"
+colspan="2" bgcolor="#f0f0ff"> smtp(8) </td> <td align="left"> <tt>
+--> </tt> Internet </td> </tr>
-<tr> <td align="center"><tt>^<br>|</tt></td> <td> </td> </tr>
+<tr> <td colspan="3"> </td> <td align="center"><tt>^<br>|</tt></td>
+<td> </td> </tr>
-<tr> <td align="center" colspan="3" bgcolor="#f0f0ff"> <br> scache(8)
-<br> </td> </tr>
+<tr> <td colspan="3"> </td> <td align="center" colspan="3"
+bgcolor="#f0f0ff"> scache(8) </td> </tr>
</table>
<h2> <a name="1">1 - Purpose of this document</a> </h2>
-<p> This is a bootstrap document that helps you get Postfix up and
-running from scratch with the minimal number of steps. If you are
-using a pre-compiled version of Postfix, you should be reading the
-general Postfix documentation which aims to describe the system in
-more detail. This bootstrap document should not be considered part
-of the general Postfix documentation. </p>
+<p> If you are using a pre-compiled version of Postfix, you should
+start with BASIC_CONFIGURATION_README and the general documentation
+referenced by it. INSTALL is only a bootstrap document to get
+Postfix up and running from scratch with the minimal number of
+steps; it should not be considered part of the general documentation.
+</p>
<p> This document describes how to build, install and configure a
Postfix system so that it can do one of the following: </p>
</blockquote>
<p> Of particular interest is the postconf(5) manual page that
-lists all the 400+ configuration parameters. The HTML version of
+lists all the 500+ configuration parameters. The HTML version of
this text makes it easy to navigate around. </p>
<p> All Postfix source files have their own built-in manual page.
OSF1.V3 - OSF1.V5 (Digital UNIX) <br>
Reliant UNIX 5.x <br>
Rhapsody 5.x <br>
-SunOS 4.1.4 (July 2006) <br>
-SunOS 5.4 - 5.9 (Solaris 2.4..9) <br>
+SunOS 4.1.4 (March 2007) <br>
+SunOS 5.4 - 5.10 (Solaris 2.4..10) <br>
Ultrix 4.x (well, that was long ago) <br>
</p>
</blockquote>
<p> On Solaris, the "make" command and other utilities for software
development are in /usr/ccs/bin, so you MUST have /usr/ccs/bin in
-your command search path. </p>
+your command search path. If these files do not exist, install the
+development packages first. See the Solaris FAQ item "<a
+href="http://www.science.uva.nl/pub/solaris/solaris2.html#q6.2">Which
+packages do I need to install to support a C compiler?</a>". </p>
<p> If you need to build Postfix for multiple architectures, use the
"lndir" command to build a shadow tree with symbolic links to the
<h3>4.5 - Support for thousands of processes</h3>
-<p> In order to build Postfix for very large applications, where you
-expect to run more than 1000 mail delivery processes, you may need to
-override the definition of the FD_SETSIZE macro to make select()
-work correctly: </p>
+<p> The number of connections that Postfix can manage simultaneously
+is limited by the number of processes that it can run. This number
+in turn is limited by the number of files and sockets that a single
+process can open. For example, the Postfix queue manager has a
+separate connection to each delivery process, and the anvil(8)
+server has one connection per smtpd(8) process. </p>
+
+<p> Postfix version 2.4 and later have no built-in limits on the
+number of open files or sockets, when compiled on systems that
+support one of the following: </p>
+
+<ul>
+
+<li> BSD kqueue(2) (FreeBSD 4.1, NetBSD 2.0, OpenBSD 2.9),
+
+<li> Solaris 8 /dev/poll,
+
+<li> Linux 2.6 epoll(4).
+
+</ul>
+
+
+<p> With other Postfix versions or operating systems, the number
+of file descriptors per process is limited by the value of the
+FD_SETSIZE macro. If you expect to run more than 1000 mail delivery
+processes, you may need to override the definition of the FD_SETSIZE
+macro to make select() work correctly: </p>
<blockquote>
<pre>
overriding the __FD_SETSIZE macro. Beware, undocumented interfaces
can change at any time and without warning. </p>
+<p> But wait, there is more: none of this will work unless the
+operating system is configured to handle thousands of connections.
+See the TUNING_README guide for examples of how to increase the
+number of open sockets or files. </p>
+
<h3>4.6 - Compiling Postfix, at last</h3>
<p> If the command </p>
<p> This text describes how to install Postfix from source code.
See the PACKAGE_README file if you are building a package for
-distribution to other systems. See auxiliary/MacOSX/README-INSTALL.OSX
-for information about installing Postfix from source on Mac OS X.
-</p>
+distribution to other systems. </p>
<h3>6.1 - Save existing Sendmail binaries</h3>
<p> <a name="save">IMPORTANT</a>: if you are REPLACING an existing
Sendmail installation with Postfix, you may need to keep the old
sendmail program running for some time in order to flush the mail
-queue. As superuser, execute the following commands (your sendmail,
-newaliases and mailq programs may be in a different place): </p>
+queue. </p>
+
+<ul>
+
+<li> <p> Some systems implement a mail switch mechanism where
+different MTAs (Postfix, Sendmail, etc.) can be installed at the
+same time, while only one of them is actually being used. Examples
+of such switching mechanisms are the FreeBSD mailwrapper(8) or the
+Linux mail switch. In this case you should try to "flip" the switch
+to "Postfix" before installing Postfix. </p>
+
+<li> <p> If your system has no mail switch mechanism, execute the
+following commands (your sendmail, newaliases and mailq programs
+may be in a different place): </p>
-<blockquote>
<pre>
# mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF
# mv /usr/bin/newaliases /usr/bin/newaliases.OFF
# chmod 755 /usr/sbin/sendmail.OFF /usr/bin/newaliases.OFF \
/usr/bin/mailq.OFF
</pre>
-</blockquote>
+
+</ul>
<h3>6.2 - Create account and groups</h3>
<ul>
+<li> <p> The interactive version ("make install") asks for pathnames
+for Postfix data and program files, and stores your preferences in
+the main.cf file. <b> If you don't want Postfix to overwrite
+non-Postfix "sendmail", "mailq" and "newaliases" files, specify
+pathnames that end in ".postfix"</b>. </p>
+
<li> <p> The non-interactive version ("make upgrade") needs the
/etc/postfix/main.cf file from a previous installation. If the file
does not exist, use interactive installation ("make install")
instead. </p>
-<li> <p> The interactive version offers suggestions for pathnames
-that you can override interactively, and stores your preferences
-in /etc/postfix/main.cf for convenient future upgrades. </p>
-
</ul>
<h3>6.4 - Configure Postfix</h3>
Postfix on a virtual interface address. Simply configure your mail
user agent to directly invoke the Postfix sendmail program. </p>
+<p> To create a virtual network interface address, study your
+system ifconfig manual page. The command syntax could be any
+of: </p>
+
+<blockquote>
+<pre>
+# <b>ifconfig le0:1 <address> netmask <mask> up</b>
+# <b>ifconfig en0 alias <address> netmask 255.255.255.255</b>
+</pre>
+</blockquote>
+
<p> In the /etc/postfix/main.cf file, I would specify </p>
<blockquote>
<h2><a name="example_group">Example: expanding LDAP groups</a></h2>
-<p> LDAP is frequently used to store group member information, and Postfix
-supports expanding a group's email address to the list of email addresses
-of the group members. There are a number of ways of handling LDAP groups,
-which will be illustrated via the mock LDAP entries and implied schema
-below. This shows two group entries "agroup" and "bgroup" and four
-user entries "auser", "buser", "cuser" and "duser". The group "agroup"
-has the users "auser" (1) and "buser" (2) as members via DN references
-in the multi-valued attribute "memberdn", and direct email addresses of
-two external users "auser@example.org" (3) and "buser@example.org" (4)
-stored in the multi-valued attribute "memberaddr". The same is true of
-"bgroup" and "cuser"/"duser" (6)/(7)/(8)/(9), but "bgroup" also has a
-"maildrop" attribute of "bgroup@mlm.example.com" (5): </p>
+<p>
+LDAP is frequently used to store group member information. There are a
+number of ways of handling LDAP groups. We will show a few examples in
+order of increasing complexity, but owing to the number of independent
+variables, we can only present a tiny portion of the solution space.
+We show how to:
+</p>
+
+<ol>
+
+<li> <p> query groups as lists of addresses; </p>
+
+<li> <p> query groups as lists of user objects containing addresses; </p>
+
+<li> <p> forward special lists unexpanded to a separate list server,
+for moderation or other processing; </p>
+
+<li> <p> handle complex schemas by controlling expansion and by treating
+leaf nodes specially, using features that are new in Postfix 2.4. </p>
+
+</ol>
+
+<p>
+The example LDAP entries and implied schema below show two group entries
+("agroup" and "bgroup") and four user entries ("auser", "buser", "cuser"
+and "duser"). The group "agroup" has the users "auser" (1) and "buser" (2)
+as members via DN references in the multi-valued attribute "memberdn", and
+direct email addresses of two external users "auser@example.org" (3) and
+"buser@example.org" (4) stored in the multi-valued attribute "memberaddr".
+The same is true of "bgroup" and "cuser"/"duser" (6)/(7)/(8)/(9), but
+"bgroup" also has a "maildrop" attribute of "bgroup@mlm.example.com"
+(5): </p>
<blockquote>
<pre>
Always check tables using postmap(1) with the "-q" option, before
deploying them into production use in main.cf. </p>
-<p> Our second use case also expands "memberdn" attributes (1), (2),
+<p> Our second use case instead expands "memberdn" attributes (1), (2),
(6) and (7), follows the DN references and returns the "maildrop" of the
referenced user entries. Here we use the "special_result_attribute"
setting from ldap_table(5) to designate the "memberdn" attribute
the group and the member DNs. In this case we choose "maildrop" and
assume for the moment that groups never have a "maildrop" (the "bgroup"
"maildrop" attribute is for a different use case). The returned data for
-"auser" and "buser" is from items (11) and (13) in the mock data. </p>
+"auser" and "buser" is from items (11) and (13) in the example data. </p>
<blockquote>
<pre>
...
search_base = dc=example, dc=com
query_filter = mail=%s
- result_attribute = memberaddr, maildrop
+ result_attribute = maildrop
special_result_attribute = memberdn
$ postmap -q agroup@example.com ldap:special.cf
- auser@mailhub.example.com,buser@mailhub.example.com,auser@example.org,buser@example.org
+ auser@mailhub.example.com,buser@mailhub.example.com
</pre>
</blockquote>
<p> Note: if the desired member object result attribute is always also
-present in the group, you get surprising results, the expansion also
+present in the group, you get surprising results: the expansion also
returns the address of the group. This is a known limitation of Postfix
releases prior to 2.4, and is addressed in the new with Postfix 2.4
"leaf_result_attribute" feature described in ldap_table(5). </p>
...
search_base = dc=example, dc=com
query_filter = mail=%s
- result_attribute = memberaddr, maildrop
+ result_attribute = maildrop
special_result_attribute = memberdn
$ postmap -q auser@example.com ldap:no_expand.cf ldap:expand.cf
auser@mailhub.example.com
$ postmap -q agroup@example.com ldap:no_expand.cf ldap:expand.cf
- auser@mailhub.example.com,buser@mailhub.example.com,auser@example.org,buser@example.org
+ auser@mailhub.example.com,buser@mailhub.example.com
$ postmap -q bgroup@example.com ldap:no_expand.cf ldap:expand.cf
bgroup@mlm.example.com
</pre>
Victor Duchovni developed the common query, result_format, domain and
expansion_limit interface for LDAP, MySQL and PosgreSQL.</li>
+<li>Gunnar Wrobel provided a first implementation of a feature to
+limit LDAP search results to leaf nodes only. Victor generalized
+this into the Postfix 2.4 "leaf_result_attribute" feature. </li>
+
</ul>
And of course Wietse.
<h2>Berkeley DB issues</h2>
-<p> Warning: if you can't compile Postfix because the file "db.h"
+<p> If you can't compile Postfix because the file "db.h"
isn't found, then you MUST install the Berkeley DB development
package (name: db???-devel-???) that matches your system library.
You can find out what is installed with the rpm command. For example:
</blockquote>
<p> This means that you need to install db4-devel-4.3.29-2 (on
-some systems, specify <tt>/lib/libdb.so</tt> in the rpm query). </p>
+some systems, specify "<b>rpm -qf /lib/libdb.so</b>" instead). </p>
<p> DO NOT download some Berkeley DB version from the network.
Every Postfix program will dump core when it is built with a different
<p> On RedHat Linux 7.1 and later <b>procmail</b> no longer has
permission
-to write the mail spool directory. Workaround: chmod 1777
-/var/spool/mail.
-</p>
+to write the mail spool directory. Workaround: </p>
+
+<blockquote>
+<pre>
+# chmod 1777 /var/spool/mail
+</pre>
+</blockquote>
<h2>Syslogd performance</h2>
<p> That is, an empty value. With this setting, the Postfix SMTP
server will not reject mail with "User unknown in local recipient
-table". </p>
+table". <b> Don't do this on systems that receive mail directly
+from the Internet. With today's worms and viruses, Postfix will
+become a backscatter source: it accepts mail for non-existent
+recipients and then tries to return that mail as "undeliverable"
+to the often forged sender address</b>. </p>
<h2><a name="change">When you need to change the local_recipient_maps
setting in main.cf</a></h2>
recipients that don't have UNIX home directories. </p>
<p> The following example shows how to use maildrop for some.domain
-and for someother.domain. </p>
+and for someother.domain. The example comes in two parts. </p>
+
+<p> Part 1 describes changes to the main.cf file: </p>
<blockquote>
<pre>
<p> Note: Do not use the postfix user as the maildrop user. </p>
+<p> Part 2 describes changes to the master.cf file: </p>
+
<blockquote>
<pre>
/etc/postfix/master.cf:
</ul>
-<p> Fixing the ugly header maybe as simple as upgrading to a recent
-version of the Milter application. For example, current versions
-of dkim-filter and dk-filter have code that looks up the Postfix
-queue ID at a later protocol stage. </p>
+<p> If you experience the ugly header problem, see if a recent
+version of the Milter application fixes it. For example, current
+versions of dkim-filter and dk-filter already have code that looks
+up the Postfix queue ID at a later protocol stage. </p>
<p> To fix the ugly message header with sid-filter applications,
we change the source code, so that it does the queue ID lookup after
</pre>
</blockquote>
-<p> The solution is to use a Postfix version that supports the
-missing functionality. </p>
+<p> The solution is to use Postfix version 2.4 or later. </p>
<li> <p> Most Milter configuration options are global. Future Postfix
versions may support per-Milter timeouts, per-Milter error handling,
../html/MYSQL_README.html ../html/NFS_README.html \
../html/OVERVIEW.html \
../html/PACKAGE_README.html ../html/PCRE_README.html \
- ../html/PGSQL_README.html ../html/QMQP_README.html \
+ ../html/PGSQL_README.html \
../html/QSHAPE_README.html \
../html/RESTRICTION_CLASS_README.html ../html/SASL_README.html \
../html/SCHEDULER_README.html ../html/SMTPD_ACCESS_README.html \
../README_FILES/MYSQL_README ../README_FILES/NFS_README \
../README_FILES/OVERVIEW \
../README_FILES/PACKAGE_README ../README_FILES/PCRE_README \
- ../README_FILES/PGSQL_README ../README_FILES/QMQP_README \
+ ../README_FILES/PGSQL_README \
../README_FILES/QSHAPE_README \
../README_FILES/RESTRICTION_CLASS_README \
../README_FILES/SASL_README ../README_FILES/SCHEDULER_README \
<p> When delivering mail to a destination with multiple mail servers,
connection caching can help to skip over a non-responding server,
-and thus dramatically speed up delivery. </p>
+and thus dramatically speed up delivery. SMTP connection caching
+is available in Postfix version 2.2 and later. More information
+about this feature is in the CONNECTION_CACHE_README document. </p>
<table>
-<tr> <td align="center" bgcolor="#f0f0ff"> <br> smtp(8) <br>
- </td> <td> <tt> <-> </tt> </td> <td align="center"
-bgcolor="#f0f0ff"> <br> scache(8) <br> </td> <td> <tt>
-<-> </tt> </td> <td align="center" bgcolor="#f0f0ff"> <br>
-smtp(8) <br> </td>
+<tr> <td> </td> <td> <tt> /-- </tt> </td> <td align="center"
+colspan="3" bgcolor="#f0f0ff"> smtp(8) </td> <td colspan="2"> <tt>
+--> </tt> Internet </td> </tr>
+
+<tr> <td align="center" bgcolor="#f0f0ff"> qmgr(8) </td> <td> </td>
+<td align="center" rowspan="3"> </td> <td align="center"
+rowspan="3"><tt>|<br>|<br>|<br>|<br>v</tt></td> <td> </td>
+</tr>
+
+<tr> <td> </td> <td> <tt> \-- </tt> </td> <td align="center"
+colspan="2" bgcolor="#f0f0ff"> smtp(8) </td> <td align="left"> <tt>
+--> </tt> Internet </td> </tr>
+
+<tr> <td colspan="3"> </td> <td align="center"><tt>^<br>|</tt></td>
+<td> </td> </tr>
+
+<tr> <td colspan="3"> </td> <td align="center" colspan="3"
+bgcolor="#f0f0ff"> scache(8) </td> </tr>
</table>
+++ /dev/null
-<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
- "http://www.w3.org/TR/html4/loose.dtd">
-
-<html>
-
-<head>
-
-<title>Postfix qmail and ezmlm support</title>
-
-<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
-
-</head>
-
-<body>
-
-<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix qmail and ezmlm support</h1>
-
-<hr>
-
-<p> This document will be made available via http://www.postfix.org/. </p>
-
-</body>
-
-</html>
<p> Policy delegation is now the preferred method for adding policies
to Postfix. It's much easier to develop a new feature in few lines
-of Perl, than trying to do the same in C code. The difference in
+of Perl, Python, Ruby, or TCL, than trying to do the same in C code.
+The difference in
performance will be unnoticeable except in the most demanding
environments. On active systems a policy daemon process is used
multiple times, for up to $max_use incoming SMTP connections. </p>
<li> <p> Re-inject the mail back into Postfix via SMTP, perhaps
after changing its content and/or destination. </p>
+ <li> <p> Discard or quarantine the mail. </p>
+
<li> <p> Reject the mail by sending a suitable SMTP status code
back to Postfix. Postfix passes the status back to the remote
SMTP client. This way, Postfix does not have to send a bounce
This limit is not necessary if you receive all mail from a
trusted relay host. </p>
- <p> Note: this setting is ignored by the stable Postfix 2.1
- release. The feature will be available only in the experimental
- release until Postfix 2.2. </p>
+ <p> Note: this setting is available in Postfix version 2.2 and
+ later. Earlier Postfix versions will ignore it. </p>
<li> <p> The "-o smtpd_proxy_filter=127.0.0.1:10025" tells the
before filter SMTP server that it should give incoming mail to
for TLS. </p>
<p> You can disable TLS for a subset of destinations, while leaving
-it enabled for the rest. With the Postfix 2.3
+ TLS <a
+it enabled for the rest. With the Postfix 2.3
and later TLS <a
href="#client_tls_policy">policy table</a>, specify the "none"
security level. With the obsolete <a href="#client_tls_obs">per-site</a>
table, specify the "NONE" keyword. </p>
be ignored with a warning written to the mail logs. </p>
<p> You can enable opportunistic TLS just for selected destinations. With
-the Postfix 2.3
+ TLS <a href="#client_tls_policy">policy table</a>,
+the Postfix 2.3
and later TLS <a href="#client_tls_policy">policy table</a>,
specify the "may" security level. With the obsolete <a
href="#client_tls_obs">per-site</a> table, specify the "MAY" keyword.</p>
TLS encryption as the default security level. </p>
<p> You can enable mandatory TLS encryption just for specific destinations.
-With the Postfix 2.3
+ TLS <a href="#client_tls_policy">policy
+With the Postfix 2.3
and later TLS <a href="#client_tls_policy">policy
table</a>, specify the "encrypt" security level. With the
obsolete <a href="#client_tls_obs">per-site</a> table, specify the
"MUST_NOPEERMATCH" keyword. While the obsolete approach still works
-with Postfix 2.3, it is strongly discouraged: users of Postfix 2.3+
+with Postfix 2.3, it is strongly discouraged: users of Postfix 2.3 and later
should use the new TLS policy settings. </p>
<p> Examples: </p>
</blockquote>
<p> Postfix 2.2 syntax (no support for sub-domains without resorting to
-regexp tables). With Postfix 2.3
+, do not use the obsolete <a
+regexp tables). With Postfix 2.3
and later, do not use the obsolete <a
href="#client_tls_obs">per-site</a> table. </p>
<blockquote>
use the destination (for example, "[example.net]:587"), as the <a
href="#client_tls_obs">per-site</a> table lookup key (a recipient domain
or MX-enabled transport nexthop with no port suffix may look like a bare
-hostname, but is still a suitable <i>destination</i>). With Postfix 2.3+,
+hostname, but is still a suitable <i>destination</i>). With Postfix 2.3
+and later,
do not use the obsolete <a href="#client_tls_obs">per-site</a> table;
use the new <a href="#client_tls_policy">policy table</a> instead. </p>
</p>
<p> You can enable mandatory server certificate verification just
-for specific destinations. With the Postfix 2.3
+ TLS <a
+for specific destinations. With the Postfix 2.3
and later TLS <a
href="#client_tls_policy">policy table</a>, specify the "verify"
security level. With the obsolete <a href="#client_tls_obs">per-site</a>
table, specify the "MUST" keyword. While the obsolete approach
still works with Postfix 2.3, it is strongly discouraged: users of
-Postfix 2.3+ should use the new TLS policy settings. </p>
+Postfix 2.3 and later should use the new TLS policy settings. </p>
<p> Example: </p>
STARTTLS support. </p>
<p> You can enable secure TLS verification just for specific destinations.
-With the Postfix 2.3
+ TLS <a href="#client_tls_policy">policy table</a>,
+With the Postfix 2.3
and later TLS <a href="#client_tls_policy">policy table</a>,
specify the "secure" security level. With the obsolete
<a href="#client_tls_obs">per-site</a> table, specify the "MUST"
keyword and <a href="#client_tls_harden">harden</a> the certificate
verification against DNS forgery. While the obsolete approach still
-works with Postfix 2.3, it is strongly discouraged: users of Postfix 2.3+
+works with Postfix 2.3, it is strongly discouraged: users of Postfix 2.3
+and later
should use the new TLS policy settings. </p>
<p> Examples: </p>
</pre>
</blockquote>
-<p> Postfix 2.2.9+ syntax: </p>
+<p> Postfix 2.2.9 and later syntax: </p>
<p> <b>Note:</b> Avoid policy lookups with the bare hostname (for
example, "tls.example.com"). Instead, use the destination (for
example, "[tls.example.com]") as the <a
href="#client_tls_obs">per-site</a> table lookup key (a recipient domain
or MX-enabled transport nexthop with no port suffix may look like a bare
-hostname, but is still a suitable <i>destination</i>). With Postfix 2.3+,
+hostname, but is still a suitable <i>destination</i>). With Postfix 2.3
+and later,
do not use the obsolete <a href="#client_tls_obs">per-site</a> table;
use the new <a href="#client_tls_policy">policy table</a> instead. </p>
full destination nexthop (enclosed in [] with a possible ":port"
suffix) as the per-site table lookup key (a recipient domain or
MX-enabled transport nexthop with no port suffix may look like a bare
-hostname, but is still a suitable <i>destination</i>). With Postfix 2.3+,
+hostname, but is still a suitable <i>destination</i>). With Postfix 2.3
+and later,
use of the obsolete approach documented here is strongly discouraged:
use the new <a href="#client_tls_policy">policy table</a> instead. </p>
<p> For a general discussion of TLS security for SMTP see <a
href="#client_tls_limits">TLS limitations</a> above. What follows applies
only to Postfix 2.2.9 and subsequent Postfix 2.2 patch levels. Do
-not use this approach with Postfix 2.3+; instead see the instructions under <a
+not use this approach with Postfix 2.3
+and later; instead see the instructions under <a
href="#client_tls_secure">secure</a> server certificate verification. </p>
<p> As long as no secure DNS lookup mechanism is available, false
with Postfix version 2.2. </p>
<p> The Postfix smtpd(8) server can limit the number of simultaneous
-connections from the same SMTP client, as well as the number of
-connections that a client is allowed to make per unit time.
+connections from the same SMTP client, as well as the connection
+rate and the rate of certain SMTP commands from the same client.
These statistics are maintained by the anvil(8) server (translation:
if anvil(8) breaks, then connection limits stop working). </p>
# match is found in the access table, or until further
# truncation is not possible.
#
-# NOTE 1: The information in the access map should be in
-# canonical form, with unnecessary null characters eliminated.
-# Address information must not be enclosed with "[]" characters.
+# NOTE 1: The access map lookup key must be in canonical form:
+# do not specify unnecessary null characters, and do not
+# enclose network address information with "[]" characters.
#
# NOTE 2: use the \fBcidr\fR lookup table type to specify
# network/netmask patterns. See \fBcidr_table\fR(5) for details.
# string representation of the IPv6 host address. Thus, not
# all the ":" subnetworks will be tried.
#
-# NOTE 2: The information in the access map should be in
-# canonical form, with unnecessary null characters eliminated.
-# Address information must not be enclosed with "[]" characters.
+# NOTE 2: The access map lookup key must be in canonical form:
+# do not specify unnecessary null characters, and do not
+# enclose network address information with "[]" characters.
#
# NOTE 3: use the \fBcidr\fR lookup table type to specify
# network/netmask patterns. See \fBcidr_table\fR(5) for details.
# will be matched regardless of redundant zero characters.
#
# Note: address information may be enclosed inside "[]" but
-# this form is not recommended.
+# this form is not required.
#
# IPv6 support is available in Postfix 2.2 and later.
# .IP "\fInetwork_address result\fR"
# .br
# \fBbody_checks = pcre:/etc/postfix/body_checks\fR
# .sp
-# \fBpostmap -fq "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
+# \fBpostmap -q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
# .br
-# \fBpostmap -fq - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+# \fBpostmap -q - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
# DESCRIPTION
# This document describes access control on the content of
# message headers and message body lines; it is implemented
# input key is \fIuser@mail.example.com\fR, then %1 is \fBcom\fR,
# %2 is \fBexample\fR and %3 is \fBmail\fR. If the input key is
# unqualified or does not have enough domain components to satisfy
-# all the specified patterns, the saerch is suppressed and returns
+# all the specified patterns, the search is suppressed and returns
# no results.
# .IP
# The above %1, ..., %9 expansions are available with Postfix 2.2
# Cambridge
# CB10 1SB, UK
#
-# Based on the NIS client code:
-#
# Adopted and adapted by:
# Wietse Venema
# IBM T.J. Watson Research
# SUMMARY
# format of Postfix PCRE tables
# SYNOPSIS
-# \fBpostmap -fq "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
+# \fBpostmap -q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
#
-# \fBpostmap -fq - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+# \fBpostmap -q - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
# DESCRIPTION
# The Postfix mail system uses optional tables for address
# rewriting or mail routing. These tables are usually in
# To find out what types of lookup tables your Postfix system
# supports use the "\fBpostconf -m\fR" command.
#
-# To test lookup tables, use the "\fBpostmap -fq\fR" command as
+# To test lookup tables, use the "\fBpostmap -q\fR" command as
# described in the SYNOPSIS above.
+# COMPATIBILITY
+# .ad
+# .fi
+# With Postfix version 2.2 and earlier specify "\fBpostmap
+# -fq\fR" to query a table that contains case sensitive
+# patterns. Patterns are case insensitive by default.
# TABLE FORMAT
# .ad
# .fi
</p>
<p> Note 2: address information may be enclosed inside <tt>[]</tt>,
-but this form is not recommended here. </p>
+but this form is not required here. </p>
<p> When inet_interfaces specifies just one IPv4 and/or IPv6 address
that is not a loopback address, the Postfix SMTP client will use
inet_interfaces documentation for more detail. </p>
<p> Note 2: address information may be enclosed inside <tt>[]</tt>,
-but this form is not recommended here. </p>
+but this form is not required here. </p>
%PARAM smtp_bind_address6
# SUMMARY
# format of Postfix regular expression tables
# SYNOPSIS
-# \fBpostmap -fq "\fIstring\fB" regexp:/etc/postfix/\fIfilename\fR
+# \fBpostmap -q "\fIstring\fB" regexp:/etc/postfix/\fIfilename\fR
#
-# \fBpostmap -fq - regexp:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+# \fBpostmap -q - regexp:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
# DESCRIPTION
# The Postfix mail system uses optional tables for address
# rewriting or mail routing. These tables are usually in
# To find out what types of lookup tables your Postfix system
# supports use the "\fBpostconf -m\fR" command.
#
-# To test lookup tables, use the "\fBpostmap -fq\fR" command as
-# described in the SYNOPSIS above.
+# To test lookup tables, use the "\fBpostmap -q\fR" command
+# as described in the SYNOPSIS above.
+# COMPATIBILITY
+# .ad
+# .fi
+# With Postfix version 2.2 and earlier specify "\fBpostmap
+# -fq\fR" to query a table that contains case sensitive
+# patterns. Patterns are case insensitive by default.
# TABLE FORMAT
# .ad
# .fi
xxxxx
yy
zz
+AAAREADME
+API
+DAEMONs
+DHE
+DSL
+DataBase
+EMSTP
+EST
+HTTPS
+JOBIDUNKNOWN
+Jänicke
+Koetter
+Leandro
+MSA
+MUAs
+Netinfo
+ODRhu
+Outlook's
+PQexec
+Procontrol
+REJECTs
+Requeuing
+SDBM
+SSLv
+Santi
+Sirainen
+TCL
+TEMPFAILs
+TLSv
+Tallon
+Tinycdb
+Tokarev
+Wrobel
+aNULL
+agroup
+alloc
+antiantivirus
+apps
+arandom
+arounds
+auser
+beb
+bgroup
+buser
+callouts
+cctx
+cli
+cname
+corpit
+cuser
+ddd
+dfc
+dkim
+dmS
+domainkeys
+duser
+epoll
+esmtp
+exim
+gssapi
+heraccount
+herisp
+hisaccount
+hisisp
+ietf
+imc
+interoperate
+keysize
+koetter
+kqueue
+ldapgroup
+libcdb
+libdb
+lpr
+mailwrapper
+mctx
+memberaddr
+memberdn
+mjt
+mlm
+msa
+myisp
+myname
+netinfo
+nisplus
+noatime
+nopeer
+obs
+openspf
+orig
+passdb
+patrick
+preloading
+rpm
+saslfinger
+securetls
+spamware
+systemtype
+tinycdb
+unencoded
+uniquename
+william
+xxxxxxx
+yulszqocfzsficvzzju
+yyyyyy
+zzzzzz
/*
/* In this preliminary implementation, a count (or rate) limited server
/* can have only one remote client at a time. If a server reports
-/* multiple simultaneous clients, all but the last reported client
-/* are ignored.
+/* multiple simultaneous clients, state is kept only for the last
+/* reported client.
/*
/* The \fBanvil\fR(8) server automatically discards client
/* request information after it expires. To prevent the
/* Append a recipient (non-)delivery status record to a per-message
/* log file.
/* .IP \(bu
-/* Enqueue a bounce message, with a copy of a per-message log file
-/* and of the corresponding message. When the bounce message is
+/* Enqueue a delivery status notification message, with a copy
+/* of a per-message log file and of the corresponding message.
+/* When the delivery status notification message is
/* enqueued successfully, the per-message log file is deleted.
/* .PP
/* The software does a best notification effort. A non-delivery
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20070323"
-#define MAIL_VERSION_NUMBER "2.4.0-RC8"
+#define MAIL_RELEASE_DATE "20070325"
+#define MAIL_VERSION_NUMBER "2.4.0-RC9"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
/* University of Texas at Dallas
/* P.O. Box 830688, MC34
/* Richardson, TX 75083, USA
+/*
+/* IPv6 support originally by:
+/* Mark Huizer, Eindhoven University, The Netherlands
+/* Jun-ichiro 'itojun' Hagino, KAME project, Japan
+/* The Linux PLD project
+/* Dean Strik, Eindhoven University, The Netherlands
/*--*/
/* System library. */
/* Postfix-compatible logging utility
/* SYNOPSIS
/* .fi
+/* .ad
/* \fBpostlog\fR [\fB-iv\fR] [\fB-c \fIconfig_dir\fR]
-/* [\fB-p \fIpriority\fB] [\fB-t \fItag\fR] [\fItext...\fR]
+/* [\fB-p \fIpriority\fB] [\fB-t \fItag\fR] [\fItext...\fR]
/* DESCRIPTION
/* The \fBpostlog\fR(1) command implements a Postfix-compatible logging
/* interface for use in, for example, shell scripts.
/* outside world.
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
-/* BUGS
-/* The \fBshowq\fR(8) daemon runs at a fixed low privilege; consequently,
-/* it cannot extract information from queue files in the
-/* \fBmaildrop\fR directory.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
/* when the client is used for multiple domains.
/*
/* Most smtp_\fIxxx\fR configuration parameters have an
-/* lmtp_\fIxxx\fR "ghost" parameter for the equivalent LMTP
+/* lmtp_\fIxxx\fR "mirror" parameter for the equivalent LMTP
/* feature. This document describes only those LMTP-related
-/* parameters that aren't simply "ghost" parameters.
+/* parameters that aren't simply "mirror" parameters.
/*
/* Changes to \fBmain.cf\fR are picked up automatically, as \fBsmtp\fR(8)
/* processes run for only a limited amount of time. Use the command
if ((newloc = mail_addr_find(relocated_maps, STR(nextrcpt),
IGNORE_ADDR_EXTENSION)) != 0) {
vstring_strcpy(channel, MAIL_SERVICE_ERROR);
- vstring_sprintf(nexthop, "User has moved to %s", newloc);
+ /* 5.1.6 is the closest match, but not perfect. */
+ vstring_sprintf(nexthop, "5.1.6 User has moved to %s", newloc);
} else if (dict_errno != 0) {
msg_warn("%s lookup failure", VAR_RELOCATED_MAPS);
*flags |= RESOLVE_FLAG_FAIL;
#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases"
#define NATIVE_COMMAND_DIR "/usr/sbin"
#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
-
-#ifndef NO_KQUEUE
-# define EVENTS_STYLE EVENTS_STYLE_KQUEUE
-# define USE_SYSV_POLL
-#endif
-
+#define SOCKADDR_SIZE socklen_t
+#define SOCKOPT_SIZE socklen_t
#endif
/*
projects / thirdparty / postfix.git / commitdiff
