/* Address to send a copy of each message that enters the system.
/* .IP \fBhopcount_limit\fR
/* Limit the number of \fBReceived:\fR message headers.
-/* .IP \fBrecipients_witheld_header\fR
+/* .IP \fBundisclosed_recipients_header\fR
/* The header line that is inserted when no recipients were
/* specified in (Resent-)To: or (Resent-)Cc: message headers.
/* .SH "Address transformations"
state->resent, vstring_str(state->temp1));
if (state->fullname && *state->fullname) {
vstring_strcat(state->temp2, " (");
- token = tok822_alloc(TOK822_COMMENT, state->fullname);
+ token = tok822_alloc(TOK822_COMMENT_TEXT, state->fullname);
tok822_externalize(state->temp2, token, TOK822_STR_NONE);
tok822_free(token);
vstring_strcat(state->temp2, ")");
* Version of this program.
*/
#define VAR_MAIL_VERSION "mail_version"
-#define DEF_MAIL_VERSION "Snapshot-20000421"
+#define DEF_MAIL_VERSION "Snapshot-20000422"
extern char *var_mail_version;
/* LICENSE
#define TOK822_DOMLIT 259 /* stuff between [] not nesting */
#define TOK822_ADDR 260 /* actually a token group */
#define TOK822_STARTGRP 261 /* start of named group */
-#define TOK822_COMMTEXT 262 /* comment text */
+#define TOK822_COMMENT_TEXT 262 /* comment text */
#define TOK822_MAXTOK 262
/*
VSTRING_ADDCH(vp, ')');
break;
case TOK822_ATOM:
- case TOK822_COMMTEXT:
+ case TOK822_COMMENT_TEXT:
case TOK822_QSTRING:
vstring_strcat(vp, vstring_str(tp->vstr));
break;
tok822_externalize(vp, tp->head, TOK822_STR_NONE);
VSTRING_ADDCH(vp, ')');
break;
- case TOK822_COMMTEXT:
+ case TOK822_COMMENT_TEXT:
tok822_copy_quoted(vp, vstring_str(tp->vstr), "()\\\r\n");
break;
case TOK822_QSTRING:
TOK822 *tc = 0;
int ch;
-#define COMMENT_TEXT_TOKEN(t) ((t) && (t)->type == TOK822_COMMTEXT)
+#define COMMENT_TEXT_TOKEN(t) ((t) && (t)->type == TOK822_COMMENT_TEXT)
#define APPEND_NEW_TOKEN(tp, type, strval) \
tok822_sub_append(tp, tok822_alloc(type, strval))
str++;
}
if (!COMMENT_TEXT_TOKEN(tc))
- tc = APPEND_NEW_TOKEN(tp, TOK822_COMMTEXT, (char *) 0);
+ tc = APPEND_NEW_TOKEN(tp, TOK822_COMMENT_TEXT, (char *) 0);
VSTRING_ADDCH(tc->vstr, ch);
}
}
vstream_printf("%*s %s\n", indent, "", "group \":\"");
} else {
vstream_printf("%*s %s \"%s\"\n", indent, "",
- tp->type == TOK822_COMMTEXT ? "text" :
+ tp->type == TOK822_COMMENT_TEXT ? "comment text" :
tp->type == TOK822_ATOM ? "atom" :
tp->type == TOK822_QSTRING ? "quoted string" :
tp->type == TOK822_DOMLIT ? "domain literal" :
Normally, the table serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> com-
mand. The result, an indexed file in <b>dbm</b> or <b>db</b> format, is
- used for fast searching by the mail system. After an
- update it may take a minute or so before the change
- becomes visible. Issue a <b>postfix</b> <b>reload</b> command to elimi-
- nate the delay.
+ used for fast searching by the mail system. Execute the
+ command <b>postmap</b> <b>/etc/postfix/access</b> in order to rebuild
+ the indexed file after changing the access table.
- When the table is provided via other means such as NIS,
- LDAP or SQL, the same lookups are done as for ordinary
+ When the table is provided via other means such as NIS,
+ LDAP or SQL, the same lookups are done as for ordinary
indexed files.
- Alternatively, the table can be provided as a regular-
+ Alternatively, the table can be provided as a regular-
expression map where patterns are given as regular expres-
- sions. In that case, the lookups are done in a slightly
+ sions. In that case, the lookups are done in a slightly
different way as described below.
<b>TABLE</b> <b>FORMAT</b>
The format of the access table is as follows:
blanks and comments
- Blank lines are ignored, as are lines beginning
+ Blank lines are ignored, as are lines beginning
with `#'.
<i>pattern</i> <i>action</i>
<b>PATTERNS</b>
With lookups from indexed files such as DB or DBM, or from
- networked tables such as NIS, LDAP or SQL, patterns are
+ networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user</i>@<i>domain</i>
Matches the specified mail address.
<i>domain.name</i>
- Matches the <i>domain.name</i> itself and any subdomain
- thereof, either in hostnames or in mail addresses.
+ Matches the <i>domain.name</i> itself and any subdomain
+ thereof, either in hostnames or in mail addresses.
Top-level domains will never be matched.
- <i>user</i>@ Matches all mail addresses with the specified user
+ <i>user</i>@ Matches all mail addresses with the specified user
part.
+
1
<i>net.work</i>
- <i>net</i> Matches any host address in the specified network.
- A network address is a sequence of one or more
+ <i>net</i> Matches any host address in the specified network.
+ A network address is a sequence of one or more
octets separated by ".".
<b>ACTIONS</b>
[<b>45</b>]<i>XX</i> <i>text</i>
- Reject the address etc. that matches the pattern,
+ Reject the address etc. that matches the pattern,
and respond with the numerical code and text.
<b>REJECT</b> Reject the address etc. that matches the pattern. A
Accept the address etc. that matches the pattern.
<b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
the table is given in the form of regular expressions. For
- a description of regular expression lookup table syntax,
+ a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
- Each pattern is a regular expression that is applied to
+ Each pattern is a regular expression that is applied to
the entire string being looked up. Depending on the appli-
- cation, that string is an entire client hostname, an
+ cation, that string is an entire client hostname, an
entire client IP address, or an entire mail address. Thus,
- no parent domain or parent network search is done, and
- <i>user@domain</i> mail addresses are not broken up into their
+ no parent domain or parent network search is done, and
+ <i>user@domain</i> mail addresses are not broken up into their
<i>user@</i> and <i>domain</i> constituent parts.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Actions are the same as with normal indexed file lookups,
- with the additional feature that parenthesized substrings
- from the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
+ Actions are the same as with normal indexed file lookups,
+ with the additional feature that parenthesized substrings
+ from the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>BUGS</b>
- The table format does not understand quoting conventions.
+ The table format does not understand quoting conventions.
<b>SEE</b> <b>ALSO</b>
<a href="postmap.1.html">postmap(1)</a> create mapping table
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
aliases - format of the Postfix alias database
<b>SYNOPSIS</b>
- <b>postalias</b> [<b>-c</b> <i>config_dir</i>] [<b>-v</b>] [<i>file_type</i>:]<i>input_file</i>
+ <b>newaliases</b>
<b>DESCRIPTION</b>
The <b>aliases</b> file provides a system-wide mechanism to redi-
The file serves as input to the <a href="postalias.1.html"><b>postalias</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
- fast lookup by the mail system. After an update it may
- take a minute or so before the change becomes visible.
- Issue a <b>postfix</b> <b>reload</b> command to eliminate the delay.
+ fast lookup by the mail system. Execute the command
+ <b>newaliases</b> in order to rebuild the indexed file after
+ changing the Postfix alias database.
The input and output file formats are expected to be com-
patible with Sendmail version 8, and are expected to be
ALIASES(5) ALIASES(5)
- with the RFC 822 standard.
+ with the <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> standard.
<i>/file/name</i>
Mail is appended to <i>/file/name</i>. See <a href="local.8.html"><b>local</b>(8)</a> for
extensions.
<b>STANDARDS</b>
- RFC 822 (ARPA Internet Text Messages)
+ <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
<b>SEE</b> <b>ALSO</b>
<a href="local.8.html">local(8)</a> local delivery agent
Normally, the file serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> com-
mand. The result, an indexed file in <b>dbm</b> or <b>db</b> format, is
- used for fast searching by the mail system. After an
- update it may take a minute or so before the change
- becomes visible. Issue a <b>postfix</b> <b>reload</b> command to elimi-
- nate the delay.
+ used for fast searching by the mail system. Execute the
+ command <b>postmap</b> <b>/etc/postfix/canonical</b> in order to rebuild
+ the indexed file after changing the canonical table.
- When the table is provided via other means such as NIS,
- LDAP or SQL, the same lookups are done as for ordinary
+ When the table is provided via other means such as NIS,
+ LDAP or SQL, the same lookups are done as for ordinary
indexed files.
- Alternatively, the table can be provided as a regular-
+ Alternatively, the table can be provided as a regular-
expression map where patterns are given as regular expres-
- sions. In that case, the lookups are done in a slightly
+ sions. In that case, the lookups are done in a slightly
different way as described below.
- The <b>canonical</b> mapping affects both message header
+ The <b>canonical</b> mapping affects both message header
addresses (i.e. addresses that appear inside messages) and
- message envelope addresses (for example, the addresses
- that are used in SMTP protocol commands). Think Sendmail
+ message envelope addresses (for example, the addresses
+ that are used in SMTP protocol commands). Think Sendmail
rule set <b>S3</b>, if you like.
- Typically, one would use the <b>canonical</b> table to replace
- login names by <i>Firstname.Lastname</i>, or to clean up
+ Typically, one would use the <b>canonical</b> table to replace
+ login names by <i>Firstname.Lastname</i>, or to clean up
addresses produced by legacy mail systems.
- The <b>canonical</b> mapping is not to be confused with <i>virtual</i>
+ The <b>canonical</b> mapping is not to be confused with <i>virtual</i>
<i>domain</i> support. Use the <a href="virtual.5.html"><b>virtual</b>(5)</a> map for that purpose.
- The <b>canonical</b> mapping is not to be confused with local
+ The <b>canonical</b> mapping is not to be confused with local
aliasing. Use the <a href="aliases.5.html"><b>aliases</b>(5)</a> map for that purpose.
<b>TABLE</b> <b>FORMAT</b>
The format of the <b>canonical</b> table is as follows:
blanks and comments
- Blank lines are ignored, as are lines beginning
+ Blank lines are ignored, as are lines beginning
with `#'.
<i>pattern</i> <i>result</i>
- When <i>pattern</i> matches a mail address, replace it by
+ When <i>pattern</i> matches a mail address, replace it by
the corresponding <i>result</i>.
+ With lookups from indexed files such as DB or DBM, or from
CANONICAL(5) CANONICAL(5)
- With lookups from indexed files such as DB or DBM, or from
- networked tables such as NIS, LDAP or SQL, patterns are
+ networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user</i>@<i>domain</i> <i>address</i>
- <i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
+ <i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
the highest precedence.
- This form useful to clean up addresses produced by
- legacy mail systems. It can also be used to pro-
- duce <i>Firstname.Lastname</i> style addresses, but see
+ This form useful to clean up addresses produced by
+ legacy mail systems. It can also be used to pro-
+ duce <i>Firstname.Lastname</i> style addresses, but see
below for a simpler solution.
<i>user</i> <i>address</i>
<i>user</i>@<i>site</i> is replaced by <i>address</i> when <i>site</i> is equal
- to $<b>myorigin</b>, when <i>site</i> is listed in $<b>mydestina-</b>
+ to $<b>myorigin</b>, when <i>site</i> is listed in $<b>mydestina-</b>
<b>tion</b>, or when it is listed in $<b>inet</b><i>_</i><b>interfaces</b>.
- This form is useful for replacing login names by
+ This form is useful for replacing login names by
<i>Firstname.Lastname</i>.
@<i>domain</i> <i>address</i>
- Every address in <i>domain</i> is replaced by <i>address</i>.
+ Every address in <i>domain</i> is replaced by <i>address</i>.
This form has the lowest precedence.
- In all the above forms, when <i>address</i> has the form @<i>other-</i>
+ In all the above forms, when <i>address</i> has the form @<i>other-</i>
<i>domain</i>, the result is the same user in <i>otherdomain</i>.
<b>ADDRESS</b> <b>EXTENSION</b>
- When table lookup fails, and the address localpart con-
- tains the optional recipient delimiter (e.g.,
- <i>user+foo</i>@<i>domain</i>), the search is repeated for the unex-
- tended address (e.g. <i>user</i>@<i>domain</i>), and the unmatched
+ When table lookup fails, and the address localpart con-
+ tains the optional recipient delimiter (e.g.,
+ <i>user+foo</i>@<i>domain</i>), the search is repeated for the unex-
+ tended address (e.g. <i>user</i>@<i>domain</i>), and the unmatched
extension is propagated to the result of table lookup. The
matching order is: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>,
<i>user</i>, and @<i>domain</i>.
<b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
the table is given in the form of regular expressions. For
- a description of regular expression lookup table syntax,
+ a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
- Each pattern is a regular expression that is applied to
+ Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail
- addresses are not broken up into their <i>user</i> and <i>@domain</i>
+ addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Results are the same as with normal indexed file lookups,
+ Results are the same as with normal indexed file lookups,
+ with the additional feature that parenthesized substrings
CANONICAL(5) CANONICAL(5)
- with the additional feature that parenthesized substrings
- from the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
+ from the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>BUGS</b>
- The table format does not understand quoting conventions.
+ The table format does not understand quoting conventions.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
- to this topic. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix</b> <b>reload</b>
+ The following <b>main.cf</b> parameters are especially relevant
+ to this topic. See the Postfix <b>main.cf</b> file for syntax
+ details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>canonical</b><i>_</i><b>maps</b>
Other parameters of interest:
<b>inet</b><i>_</i><b>interfaces</b>
- The network interface addresses that this system
+ The network interface addresses that this system
receives mail on.
<b>masquerade</b><i>_</i><b>domains</b>
- List of domains that hide their subdomain struc-
+ List of domains that hide their subdomain struc-
ture.
<b>masquerade</b><i>_</i><b>exceptions</b>
- List of user names that are not subject to address
+ List of user names that are not subject to address
masquerading.
<b>mydestination</b>
- List of domains that this mail system considers
+ List of domains that this mail system considers
local.
<b>myorigin</b>
+
3
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
mations:
<b>o</b> Insert missing message headers: (<b>Resent-</b>) <b>From:</b>,
- <b>Message-Id:</b>, and <b>Date:</b>.
+ <b>To:</b>, <b>Message-Id:</b>, and <b>Date:</b>.
<b>o</b> Extract envelope recipient addresses from (<b>Resent-</b>)
<b>To:</b>, <b>Cc:</b> and <b>Bcc:</b> message headers when no recipi-
message back to the sender in case of trouble.
<b>STANDARDS</b>
- RFC 822 (ARPA Internet Text Messages)
+ <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
<b>hopcount</b><i>_</i><b>limit</b>
Limit the number of <b>Received:</b> message headers.
+ <b>recipients</b><i>_</i><b>witheld</b><i>_</i><b>header</b>
+ The header line that is inserted when no recipients
+ were specified in (Resent-)To: or (Resent-)Cc: mes-
+ sage headers.
+
<b>Address</b> <b>transformations</b>
<b>empty</b><i>_</i><b>address</b><i>_</i><b>recipient</b>
The destination for undeliverable mail from <>.
<b>virtual</b><i>_</i><b>maps</b>
Address mapping lookup table for envelope recipient
- addresses.
-
-<b>Resource</b> <b>controls</b>
- <b>duplicate</b><i>_</i><b>filter</b><i>_</i><b>limit</b>
- Limit the number of envelope recipients that are
CLEANUP(8) CLEANUP(8)
+ addresses.
+
+<b>Resource</b> <b>controls</b>
+ <b>duplicate</b><i>_</i><b>filter</b><i>_</i><b>limit</b>
+ Limit the number of envelope recipients that are
remembered.
<b>header</b><i>_</i><b>size</b><i>_</i><b>limit</b>
-
-
-
-
-
<b>DESCRIPTION</b>
The Postfix mail system uses optional tables for address
- rewriting or mail routing. These tables usually are in <b>dbm</b>
+ rewriting or mail routing. These tables are usually in <b>dbm</b>
or <b>db</b> format. Alternatively, lookup tables can be speci-
fied in Perl Compatible Regular Expression form.
<b>DESCRIPTION</b>
The Postfix mail system uses optional tables for address
- rewriting or mail routing. These tables usually are in <b>dbm</b>
+ rewriting or mail routing. These tables are usually in <b>dbm</b>
or <b>db</b> format. Alternatively, lookup tables can be speci-
fied in POSIX regular expression form.
Normally, the file serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> com-
mand. The result, an indexed file in <b>dbm</b> or <b>db</b> format, is
- used for fast searching by the mail system. After an
- update issue a <b>postfix</b> <b>reload</b> command to make the change
- visible.
+ used for fast searching by the mail system. Execute the
+ command <b>postmap</b> <b>/etc/postfix/relocated</b> in order to rebuild
+ the indexed file after changing the relocated table.
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
options are recognized but silently ignored.
By default, <b>sendmail</b> reads a message from standard input
- and arranges for delivery. <b>sendmail</b> attempts to create a
- queue file in the <b>maildrop</b> directory. If that directory is
- not world-writable, the message is piped through the <b>post-</b>
- <b>drop</b>(1) command, which is expected to execute with suit-
- able privileges.
-
- Specific command aliases are provided for other common
+ until EOF or until it reads a line with only a <b>.</b> charac-
+ ter, and arranges for delivery. <b>sendmail</b> attempts to cre-
+ ate a queue file in the <b>maildrop</b> directory. If that direc-
+ tory is not world-writable, the message is piped through
+ the <a href="postdrop.1.html"><b>postdrop</b>(1)</a> command, which is expected to execute with
+ suitable privileges.
+
+ Specific command aliases are provided for other common
modes of operation:
- <b>mailq</b> List the mail queue. Each entry shows the queue
- file ID, message size, arrival time, sender, and
+ <b>mailq</b> List the mail queue. Each entry shows the queue
+ file ID, message size, arrival time, sender, and
the recipients that still need to be delivered. If
- mail could not be delivered upon the last attempt,
+ mail could not be delivered upon the last attempt,
the reason for failure is shown. This mode of oper-
- ation
is implemented by connecting to the <a href="showq.8.html"><b>showq</b>(8)</a>
+ ation
is implemented by connecting to the <a href="showq.8.html"><b>showq</b>(8)</a>
daemon.
<b>newaliases</b>
Initialize the alias database. If no alias database
type is specified, the program uses the type speci-
- fied in the <b>database</b><i>_</i><b>type</b> configuration parameter;
- if no input file is specified, the program pro-
- cesses the file(s) specified with the
- <b>alias</b><i>_</i><b>database</b> configuration parameter. This mode
- of operation is implemented by running the <b>postal-</b>
+ fied in the <b>database</b><i>_</i><b>type</b> configuration parameter;
+ if no input file is specified, the program pro-
+ cesses the file(s) specified with the
+ <b>alias</b><i>_</i><b>database</b> configuration parameter. This mode
+ of operation is implemented by running the <b>postal-</b>
<b>ias</b>(1) command.
- Note: it may take a minute or so before an alias
- database update becomes visible. Use the <b>postfix</b>
+ Note: it may take a minute or so before an alias
+ database update becomes visible. Use the <b>postfix</b>
<b>reload</b> command to eliminate this delay.
These and other features can be selected by specifying the
appropriate combination of command-line options. Some fea-
- tures are controlled by parameters in the <b>main.cf</b> configu-
- ration file.
+ tures are controlled by parameters in the <b>main.cf</b>
SENDMAIL(1) SENDMAIL(1)
+ configuration file.
+
The following options are recognized:
<b>-B</b> <i>body_type</i> (ignored)
- The message body MIME type. Currently, Postfix
+ The message body MIME type. Currently, Postfix
implements <b>just-send-eight</b>.
<b>-C</b> <i>config_file</i> (ignored :-)
figuration files are kept in <b>/etc/postfix</b>.
<b>-F</b> <i>full_name</i>
- Set the sender full name. This is used only with
+ Set the sender full name. This is used only with
messages that have no <b>From:</b> message header.
- <b>-I</b> Initialize alias database. See the <b>newaliases</b> com-
+ <b>-I</b> Initialize alias database. See the <b>newaliases</b> com-
mand above.
<b>-N</b> <i>dsn</i> (ignored)
- Delivery status notification control. Currently,
+ Delivery status notification control. Currently,
Postfix does not implement <b>DSN</b>.
<b>-R</b> <i>return_limit</i> (ignored)
- Limit the size of bounced mail. Use the
- <b>bounce</b><i>_</i><b>size</b><i>_</i><b>limit</b> configuration parameter instead.
+ Limit the size of bounced mail. Use the
+ <b>bounce</b><i>_</i><b>size</b><i>_</i><b>limit</b> configuration parameter instead.
<b>-X</b> <i>log_file</i> (ignored)
- Log mailer traffic. Use the <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b> and
- <b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> configuration parameters instead.
+ Log mailer traffic. Use the <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b> and
+ <b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> configuration parameters instead.
<b>-U</b> (ignored)
Initial user submission.
- <b>-bd</b> Go into daemon mode. This mode of operation is
+ <b>-bd</b> Go into daemon mode. This mode of operation is
implemented by executing the <b>postfix</b> <b>start</b> command.
- <b>-bi</b> Initialize alias database. See the <b>newaliases</b> com-
+ <b>-bi</b> Initialize alias database. See the <b>newaliases</b> com-
mand above.
- <b>-bm</b> Read mail from standard input and arrange for
+ <b>-bm</b> Read mail from standard input and arrange for
delivery. This is the default mode of operation.
<b>-bp</b> List the mail queue. See the <b>mailq</b> command above.
- <b>-bs</b> Stand-alone SMTP server mode. Read SMTP commands
- from standard input, and write responses to stan-
+ <b>-bs</b> Stand-alone SMTP server mode. Read SMTP commands
+ from standard input, and write responses to stan-
dard output. This mode of operation is implemented
by running the <a href="smtpd.8.html"><b>smtpd</b>(8)</a> daemon.
<b>-f</b> <i>sender</i>
Set the envelope sender address. This is the
address where delivery problems are sent to, unless
- the message contains an <b>Errors-To:</b> message header.
-
-
+ the message contains an <b>Errors-To:</b> message header.
<b>-h</b> <i>hop_count</i> (ignored)
- Hop count limit. Use the <b>hopcount</b><i>_</i><b>limit</b> configura-
+ Hop count limit. Use the <b>hopcount</b><i>_</i><b>limit</b> configura-
tion parameter instead.
- <b>-i</b> (ignored)
- Lines beginning with "." get special treatment only
- with <b>-bs</b>.
+ <b>-i</b> When reading a message from standard input, don't
+ treat a line with only a <b>.</b> character as the end of
+ input.
<b>-m</b> (ignored)
Backwards compatibility.
The message body type. Currently, Postfix imple-
ments <b>just-send-eight</b>.
+ <b>-oi</b> When reading a message from standard input, don't
+ treat a line with only a <b>.</b> character as the end of
+ input.
+
<b>-om</b> (ignored)
The sender is never eliminated from alias etc.
expansions.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
tiple <b>-v</b> options make the software increasingly
- verbose.
-
-<b>SECURITY</b>
- By design, this program is not set-user (or group) id.
SENDMAIL(1) SENDMAIL(1)
+ verbose.
+
+<b>SECURITY</b>
+ By design, this program is not set-user (or group) id.
However, it must handle data from untrusted users or
untrusted machines. Thus, the usual precautions need to
be taken against malicious inputs.
host matches a pattern in the <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
parameter.
- <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
- List of domain or network patterns. When a remote
- host matches a pattern, increase the verbose
-
4
SENDMAIL(1) SENDMAIL(1)
- logging level by the amount specified in the
+ <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
+ List of domain or network patterns. When a remote
+ host matches a pattern, increase the verbose log-
+ ging level by the amount specified in the
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> parameter.
<b>fork</b><i>_</i><b>attempts</b>
The Secure Mailer license must be distributed with this
software.
-<b>AUTHOR(S)</b>
- Wietse Venema
- IBM T.J. Watson Research
- P.O. Box 704
+
SENDMAIL(1) SENDMAIL(1)
+<b>AUTHOR(S)</b>
+ Wietse Venema
+ IBM T.J. Watson Research
+ P.O. Box 704
Yorktown Heights, NY 10598, USA
-
-
-
-
SMTP client can be run chrooted at fixed low privilege.
<b>STANDARDS</b>
- RFC 821 (SMTP protocol)
- RFC 1651 (SMTP service extensions)
- RFC 1870 (Message Size Declaration)
- RFC 2197 (Pipelining)
+ <a href="http://www.faqs.org/rfcs/rfc821.html">RFC 821</a> (SMTP protocol)
+ <a href="http://www.faqs.org/rfcs/rfc1651.html">RFC 1651</a> (SMTP service extensions)
+ <a href="http://www.faqs.org/rfcs/rfc1870.html">RFC 1870</a> (Message Size Declaration)
+ <a href="http://www.faqs.org/rfcs/rfc2197.html">RFC 2197</a> (Pipelining)
+ <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a> (AUTH command)
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8). Cor-
<b>CONFIGURATION</b> <b>PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix</b> <b>reload</b>
SMTP(8) SMTP(8)
+ details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>Miscellaneous</b>
-
2
Do not wait for the server response after sending
QUIT.
+<b>Authentication</b> <b>controls</b>
+ <b>smtp</b><i>_</i><b>enable</b><i>_</i><b>sasl</b><i>_</i><b>auth</b>
+ Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
+ (SASL).
+
+ <b>smtp</b><i>_</i><b>sasl</b><i>_</i><b>password</b><i>_</i><b>maps</b>
+ Lookup tables with per-host <i>name</i>:<i>password</i> entries.
+ No entry for a host means no attempt to authenti-
+ cate.
+
+ <b>smtp</b><i>_</i><b>sasl</b><i>_</i><b>security</b><i>_</i><b>options</b>
+ Zero or more of the following.
+
+ <b>noplaintext</b>
+ Disallow authentication methods that use
+ plaintext passwords.
+
+ <b>noactive</b>
+ Disallow authentication methods that are
+ vulnerable to non-dictionary active attacks.
+
+ <b>nodictionary</b>
+ Disallow authentication methods that are
+ vulnerable to passive dictionary attack.
+
+ <b>noanonymous</b>
+ Disallow anonymous logins.
+
<b>Resource</b> <b>controls</b>
<b>smtp</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b>
Limit the number of parallel deliveries to the same
- destination. The default limit is taken from the
+ destination. The default limit is taken from the
<b>default</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b> parameter.
<b>smtp</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
- Limit the number of recipients per message deliv-
- ery. The default limit is taken from the
+ Limit the number of recipients per message deliv-
+ ery. The default limit is taken from the
<b>default</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> parameter.
<b>Timeout</b> <b>controls</b>
<b>smtp</b><i>_</i><b>connect</b><i>_</i><b>timeout</b>
Timeout in seconds for completing a TCP connection.
When no connection can be made within the deadline,
- the SMTP client tries the next address on the mail
+ the SMTP client tries the next address on the mail
exchanger list.
+
+
+
+
+ 3
+
+
+
+
+
+SMTP(8) SMTP(8)
+
+
<b>smtp</b><i>_</i><b>helo</b><i>_</i><b>timeout</b>
- Timeout in seconds for receiving the SMTP greeting
+ Timeout in seconds for receiving the SMTP greeting
banner. When the server drops the connection with-
- out sending a greeting banner, or when it sends no
+ out sending a greeting banner, or when it sends no
greeting banner within the deadline, the SMTP
client tries the next address on the mail exchanger
list.
<b>smtp</b><i>_</i><b>helo</b><i>_</i><b>timeout</b>
- Timeout in seconds for sending the <b>HELO</b> command,
+ Timeout in seconds for sending the <b>HELO</b> command,
and for receiving the server response.
<b>smtp</b><i>_</i><b>mail</b><i>_</i><b>timeout</b>
- Timeout in seconds for sending the <b>MAIL</b> <b>FROM</b> com-
+ Timeout in seconds for sending the <b>MAIL</b> <b>FROM</b> com-
mand, and for receiving the server response.
<b>smtp</b><i>_</i><b>rcpt</b><i>_</i><b>timeout</b>
and for receiving the server response.
<b>smtp</b><i>_</i><b>data</b><i>_</i><b>init</b><i>_</i><b>timeout</b>
- Timeout in seconds for sending the <b>DATA</b> command,
+ Timeout in seconds for sending the <b>DATA</b> command,
and for receiving the server response.
<b>smtp</b><i>_</i><b>data</b><i>_</i><b>xfer</b><i>_</i><b>timeout</b>
<b>smtp</b><i>_</i><b>data</b><i>_</i><b>done</b><i>_</i><b>timeout</b>
Timeout in seconds for sending the "<b>.</b>" command, and
-
-
-
- 3
-
-
-
-
-
-SMTP(8) SMTP(8)
-
-
for receiving the server response. When no response
- is received, a warning is logged that the mail may
+ is received, a warning is logged that the mail may
be delivered multiple times.
<b>smtp</b><i>_</i><b>quit</b><i>_</i><b>timeout</b>
- Timeout in seconds for sending the <b>QUIT</b> command,
+ Timeout in seconds for sending the <b>QUIT</b> command,
and for receiving the server response.
<b>SEE</b> <b>ALSO</b>
syslogd(8) system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
4
SMTP server can be run chrooted at fixed low privilege.
<b>STANDARDS</b>
- RFC 821 (SMTP protocol)
- RFC 1123 (Host requirements)
- RFC 1651 (SMTP service extensions)
- RFC 1652 (8bit-MIME transport)
- RFC 1854 (SMTP Pipelining)
- RFC 1870 (Message Size Declaration)
- RFC 1985 (ETRN command) (partial)
+ <a href="http://www.faqs.org/rfcs/rfc821.html">RFC 821</a> (SMTP protocol)
+ <a href="http://www.faqs.org/rfcs/rfc1123.html">RFC 1123</a> (Host requirements)
+ <a href="http://www.faqs.org/rfcs/rfc1651.html">RFC 1651</a> (SMTP service extensions)
+ <a href="http://www.faqs.org/rfcs/rfc1652.html">RFC 1652</a> (8bit-MIME transport)
+ <a href="http://www.faqs.org/rfcs/rfc1854.html">RFC 1854</a> (SMTP Pipelining)
+ <a href="http://www.faqs.org/rfcs/rfc1870.html">RFC 1870</a> (Message Size Declaration)
+ <a href="http://www.faqs.org/rfcs/rfc1985.html">RFC 1985</a> (ETRN command) (partial)
+ <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a> (AUTH command)
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
policy violations, and of other trouble.
<b>BUGS</b>
- RFC 1985 is implemented by forcing delivery of all
+ <a href="http://www.faqs.org/rfcs/rfc1985.html">RFC 1985</a> is implemented by forcing delivery of all
deferred mail.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix</b> <b>reload</b>
SMTPD(8) SMTPD(8)
+ details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>Compatibility</b> <b>controls</b>
<b>strict</b><i>_</i><b>rfc821</b><i>_</i><b>envelopes</b>
- Disallow non-RFC 821 style addresses in envelopes.
- For example, allow RFC822-style address forms with
+ Disallow non-<a href="http://www.faqs.org/rfcs/rfc821.html">RFC 821</a> style addresses in envelopes.
+ For example, allow <a href="http://www.faqs.org/rfcs/rfc822.html">RFC822</a>-style address forms with
comments, like Sendmail does.
+<b>Authenication</b> <b>controls</b>
+ <b>enable</b><i>_</i><b>sasl</b><i>_</i><b>authentication</b>
+ Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
+ (SASL). This functionality is available only when
+ explicitly selected at program build time and
+ explicitly enabled at runtime.
+
+ <b>smtpd</b><i>_</i><b>sasl</b><i>_</i><b>security</b><i>_</i><b>options</b>
+ Zero or more of the following.
+
+ <b>noplaintext</b>
+ Disallow authentication methods that use
+ plaintext passwords.
+
+ <b>noactive</b>
+ Disallow authentication methods that are
+ vulnerable to non-dictionary active attacks.
+
+ <b>nodictionary</b>
+ Disallow authentication methods that are
+ vulnerable to passive dictionary attack.
+
+ <b>noanonymous</b>
+ Disallow anonymous logins.
+
<b>Miscellaneous</b>
<b>always</b><i>_</i><b>bcc</b>
- Address to send a copy of each message that enters
+ Address to send a copy of each message that enters
the system.
<b>command</b><i>_</i><b>directory</b>
<b>$program</b><i>_</i><b>directory</b>).
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b>
- Increment in verbose logging level when a remote
+ Increment in verbose logging level when a remote
host matches a pattern in the <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
parameter.
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
- List of domain or network patterns. When a remote
- host matches a pattern, increase the verbose log-
- ging level by the amount specified in the
+ List of domain or network patterns. When a remote
+ host matches a pattern, increase the verbose log-
+ ging level by the amount specified in the
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> parameter.
+
+
+
+ 2
+
+
+
+
+
+SMTPD(8) SMTPD(8)
+
+
<b>error</b><i>_</i><b>notice</b><i>_</i><b>recipient</b>
- Recipient of protocol/policy/resource/software
+ Recipient of protocol/policy/resource/software
error notices.
<b>hopcount</b><i>_</i><b>limit</b>
List of error classes. Of special interest are:
<b>local</b><i>_</i><b>recipient</b><i>_</i><b>maps</b>
- List of maps with user names that are local to
+ List of maps with user names that are local to
<b>$myorigin</b> or <b>$inet</b><i>_</i><b>interfaces</b>. If this parameter is
- defined, then the SMTP server rejects mail for
+ defined, then the SMTP server rejects mail for
unknown local users.
- <b>policy</b> When a client violates any policy, mail a
+ <b>policy</b> When a client violates any policy, mail a
transcript of the entire SMTP session to the
postmaster.
<b>protocol</b>
- When a client violates the SMTP protocol or
+ When a client violates the SMTP protocol or
issues an unimplemented command, mail a
transcript of the entire SMTP session to the
postmaster.
-
-
-
- 2
-
-
-
-
-
-SMTPD(8) SMTPD(8)
-
-
<b>smtpd</b><i>_</i><b>banner</b>
- Text that follows the <b>220</b> status code in the SMTP
+ Text that follows the <b>220</b> status code in the SMTP
greeting banner.
<b>smtpd</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
- Restrict the number of recipients that the SMTP
+ Restrict the number of recipients that the SMTP
server accepts per message delivery.
<b>smtpd</b><i>_</i><b>timeout</b>
- Limit the time to send a server response and to
+ Limit the time to send a server response and to
receive a client request.
<b>Resource</b> <b>controls</b>
<b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
- Limit the amount of memory in bytes used for the
+ Limit the amount of memory in bytes used for the
handling of partial input lines.
<b>message</b><i>_</i><b>size</b><i>_</i><b>limit</b>
ing on-disk storage for envelope information.
<b>queue</b><i>_</i><b>minfree</b>
- Minimal amount of free space in bytes in the queue
- file system for the SMTP server to accept any mail
+ Minimal amount of free space in bytes in the queue
+ file system for the SMTP server to accept any mail
at all.
<b>Tarpitting</b>
+
+
+
+
+ 3
+
+
+
+
+
+SMTPD(8) SMTPD(8)
+
+
<b>smtpd</b><i>_</i><b>error</b><i>_</i><b>sleep</b><i>_</i><b>time</b>
Time to wait in seconds before sending a 4xx or 5xx
server error response.
<b>smtpd</b><i>_</i><b>soft</b><i>_</i><b>error</b><i>_</i><b>limit</b>
When an SMTP client has made this number of errors,
- wait <i>error_count</i> seconds before responding to any
+ wait <i>error_count</i> seconds before responding to any
client request.
<b>smtpd</b><i>_</i><b>hard</b><i>_</i><b>error</b><i>_</i><b>limit</b>
- Disconnect after a client has made this number of
+ Disconnect after a client has made this number of
errors.
+ <b>smtpd</b><i>_</i><b>junk</b><i>_</i><b>command</b><i>_</i><b>limit</b>
+ Limit the number of times a client can issue a junk
+ command such as NOOP, VRFY, ETRN or RSET in one
+ SMTP session before it is penalized with tarpit
+ delays.
+
<b>UCE</b> <b>control</b> <b>restrictions</b>
<b>smtpd</b><i>_</i><b>client</b><i>_</i><b>restrictions</b>
Restrict what clients may connect to this mail sys-
Restrict what client hostnames are allowed in <b>HELO</b>
and <b>EHLO</b> commands.
-
-
-
-
- 3
-
-
-
-
-
-SMTPD(8) SMTPD(8)
-
-
<b>smtpd</b><i>_</i><b>sender</b><i>_</i><b>restrictions</b>
Restrict what sender addresses are allowed in <b>MAIL</b>
<b>FROM</b> commands.
Declares the name of zero or more parameters that
contain a list of UCE restrictions. The names of
these parameters can then be used instead of the
+
+
+
+ 4
+
+
+
+
+
+SMTPD(8) SMTPD(8)
+
+
restriction lists that they represent.
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>domains</b>
Server response when a client attempts to violate
the mail relay policy.
-
-
-
-
- 4
-
-
-
-
-
-SMTPD(8) SMTPD(8)
-
-
<b>unknown</b><i>_</i><b>address</b><i>_</i><b>reject</b><i>_</i><b>code</b>
Server response when a client violates the
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>address</b> restriction.
The Secure Mailer license must be distributed with this
software.
+
+
+
+
+ 5
+
+
+
+
+
+SMTPD(8) SMTPD(8)
+
+
<b>AUTHOR(S)</b>
Wietse Venema
IBM T.J. Watson Research
- 5
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6
</pre> </body> </html>
Normally, the file serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> com-
mand. The result, an indexed file in <b>dbm</b> or <b>db</b> format, is
- used for fast searching by the mail system. After updating
- this table, issue the <b>postfix</b> <b>reload</b> command to make the
- change visible.
+ used for fast searching by the mail system. Execute the
+ command <b>postmap</b> <b>/etc/postfix/transport</b> in order to rebuild
+ the indexed file after changing the transport table.
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
Normally, the file serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> com-
mand. The result, an indexed file in <b>dbm</b> or <b>db</b> format, is
- used for fast searching by the mail system. After an
- update it may take a minute or so before the change
- becomes visible. Issue a <b>postfix</b> <b>reload</b> command to elimi-
- nate the delay.
+ used for fast searching by the mail system. Execute the
+ command <b>postmap</b> <b>/etc/postfix/virtual</b> in order to rebuild
+ the indexed file after changing the virtual table.
- When the table is provided via other means such as NIS,
- LDAP or SQL, the same lookups are done as for ordinary
+ When the table is provided via other means such as NIS,
+ LDAP or SQL, the same lookups are done as for ordinary
indexed files.
- Alternatively, the table can be provided as a regular-
+ Alternatively, the table can be provided as a regular-
expression map where patterns are given as regular expres-
- sions. In that case, the lookups are done in a slightly
+ sions. In that case, the lookups are done in a slightly
different way as described below.
<b>TABLE</b> <b>FORMAT</b>
- Typical support for a virtual domain looks like the fol-
+ Typical support for a virtual domain looks like the fol-
lowing:
<i>virtual.domain</i> <i>anything</i> (right-hand content does not matter)
<i>user2@virtual.domain</i> <i>address2,</i> <i>address3</i>
With this, the SMTP server accepts mail for <i>virtual.domain</i>
- and rejects mail for <i>unknown</i>@<i>virtual.domain</i> as undeliver-
+ and rejects mail for <i>unknown</i>@<i>virtual.domain</i> as undeliver-
able.
- The format of the virtual table is as follows, mappings
+ The format of the virtual table is as follows, mappings
being tried in the order as listed in this manual page:
blanks and comments
- Blank lines are ignored, as are lines beginning
+ Blank lines are ignored, as are lines beginning
with `#'.
-
+ <i>pattern</i> <i>result</i>
+ When <i>pattern</i> matches a mail address, replace it by
VIRTUAL(5) VIRTUAL(5)
- <i>pattern</i> <i>result</i>
- When <i>pattern</i> matches a mail address, replace it by
the corresponding <i>result</i>.
With lookups from indexed files such as DB or DBM, or from
- networked tables such as NIS, LDAP or SQL, patterns are
+ networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user</i>@<i>domain</i> <i>address,</i> <i>address,</i> <i>...</i>
- Mail for <i>user</i>@<i>domain</i> is redirected to <i>address</i>.
+ Mail for <i>user</i>@<i>domain</i> is redirected to <i>address</i>.
This form has the highest precedence.
<i>user</i> <i>address,</i> <i>address,</i> <i>...</i>
- Mail for <i>user</i>@<i>site</i> is redirected to <i>address</i> when
- <i>site</i> is equal to $<b>myorigin</b>, when <i>site</i> is listed in
+ Mail for <i>user</i>@<i>site</i> is redirected to <i>address</i> when
+ <i>site</i> is equal to $<b>myorigin</b>, when <i>site</i> is listed in
$mydestination, or when it is listed in
$<i>inet_interfaces</i>.
- This functionality overlaps with functionality of
+ This functionality overlaps with functionality of
the local <i>alias</i>(5) database. The difference is that
- <b>virtual</b> mapping can be applied to non-local
+ <b>virtual</b> mapping can be applied to non-local
addresses.
@<i>domain</i> <i>address,</i> <i>address,</i> <i>...</i>
- Mail for any user in <i>domain</i> is redirected to
+ Mail for any user in <i>domain</i> is redirected to
<i>address</i>. This form has the lowest precedence.
- In all the above forms, when <i>address</i> has the form @<i>other-</i>
- <i>domain</i>, the result is the same user in <i>otherdomain</i>. This
+ In all the above forms, when <i>address</i> has the form @<i>other-</i>
+ <i>domain</i>, the result is the same user in <i>otherdomain</i>. This
works for the first address in the expansion only.
<b>ADDRESS</b> <b>EXTENSION</b>
- When the search fails, and the address localpart contains
- the optional recipient delimiter (e.g., <i>user+foo</i>@<i>domain</i>),
- the search is repeated for the unextended address (e.g.
+ When the search fails, and the address localpart contains
+ the optional recipient delimiter (e.g., <i>user+foo</i>@<i>domain</i>),
+ the search is repeated for the unextended address (e.g.
<i>user</i>@<i>domain</i>), and the unmatched address extension is prop-
- agated to the result of expansion. The matching order is:
+ agated to the result of expansion. The matching order is:
<i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and @<i>domain</i>.
<b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
the table is given in the form of regular expressions. For
- a description of regular expression lookup table syntax,
+ a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
- Each pattern is a regular expression that is applied to
+ Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail
- addresses are not broken up into their <i>user</i> and <i>@domain</i>
+ addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
+ Results are the same as with normal indexed file lookups,
+
2
VIRTUAL(5) VIRTUAL(5)
- Results are the same as with normal indexed file lookups,
- with the additional feature that parenthesized substrings
- from the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
+ with the additional feature that parenthesized substrings
+ from the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>BUGS</b>
- The table format does not understand quoting conventions.
+ The table format does not understand quoting conventions.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
- to this topic. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix</b> <b>reload</b>
+ The following <b>main.cf</b> parameters are especially relevant
+ to this topic. See the Postfix <b>main.cf</b> file for syntax
+ details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>virtual</b><i>_</i><b>maps</b>
Other parameters of interest:
<b>inet</b><i>_</i><b>interfaces</b>
- The network interface addresses that this system
+ The network interface addresses that this system
receives mail on.
<b>mydestination</b>
- List of domains that this mail system considers
+ List of domains that this mail system considers
local.
<b>myorigin</b>
<a href="regexp_table.5.html">regexp_table(5)</a> format of POSIX regular expression tables
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
+
3
Normally, the table serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
-is used for fast searching by the mail system. After an update
-it may take a minute or so before the change becomes visible.
-Issue a \fBpostfix reload\fR command to eliminate the delay.
+is used for fast searching by the mail system. Execute the command
+\fBpostmap /etc/postfix/access\fR in order to rebuild the indexed
+file after changing the access table.
When the table is provided via other means such as NIS, LDAP
or SQL, the same lookups are done as for ordinary indexed files.
.na
.nf
.fi
-\fBpostalias\fR [\fB-c\fR \fIconfig_dir\fR] [\fB-v\fR]
-[\fIfile_type\fR:]\fIinput_file\fR
+\fBnewaliases\fR
.SH DESCRIPTION
.ad
.fi
The file serves as input to the \fBpostalias\fR(1) command. The
result, an indexed file in \fBdbm\fR or \fBdb\fR format, is
-used for fast lookup by the mail system. After an update
-it may take a minute or so before the change becomes visible.
-Issue a \fBpostfix reload\fR command to eliminate the delay.
+used for fast lookup by the mail system. Execute the command
+\fBnewaliases\fR in order to rebuild the indexed file after
+changing the Postfix alias database.
The input and output file formats are expected to be compatible
with Sendmail version 8, and are expected to be suitable for the
Normally, the file serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
-is used for fast searching by the mail system. After an update
-it may take a minute or so before the change becomes visible.
-Issue a \fBpostfix reload\fR command to eliminate the delay.
+is used for fast searching by the mail system. Execute the command
+\fBpostmap /etc/postfix/canonical\fR in order to rebuild the indexed
+file after changing the canonical table.
When the table is provided via other means such as NIS, LDAP
or SQL, the same lookups are done as for ordinary indexed files.
Normally, the file serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
-is used for fast searching by the mail system. After an update
-issue a \fBpostfix reload\fR command to make the change visible.
+is used for fast searching by the mail system. Execute the command
+\fBpostmap /etc/postfix/relocated\fR in order to rebuild the indexed
+file after changing the relocated table.
When the table is provided via other means such as NIS, LDAP
or SQL, the same lookups are done as for ordinary indexed files.
Normally, the file serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
-for fast searching by the mail system. After updating this table,
-issue the \fBpostfix reload\fR command to make the change visible.
+for fast searching by the mail system. Execute the command
+\fBpostmap /etc/postfix/transport\fR in order to rebuild the indexed
+file after changing the transport table.
When the table is provided via other means such as NIS, LDAP
or SQL, the same lookups are done as for ordinary indexed files.
Normally, the file serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
-is used for fast searching by the mail system. After an update
-it may take a minute or so before the change becomes visible.
-Issue a \fBpostfix reload\fR command to eliminate the delay.
+is used for fast searching by the mail system. Execute the command
+\fBpostmap /etc/postfix/virtual\fR in order to rebuild the indexed
+file after changing the virtual table.
When the table is provided via other means such as NIS, LDAP
or SQL, the same lookups are done as for ordinary indexed files.
The \fBcleanup\fR daemon always performs the following transformations:
.IP \(bu
Insert missing message headers: (\fBResent-\fR) \fBFrom:\fR,
-\fBMessage-Id:\fR, and \fBDate:\fR.
+\fBTo:\fR, \fBMessage-Id:\fR, and \fBDate:\fR.
.IP \(bu
Extract envelope recipient addresses from (\fBResent-\fR) \fBTo:\fR,
\fBCc:\fR and \fBBcc:\fR message headers when no recipients are
Address to send a copy of each message that enters the system.
.IP \fBhopcount_limit\fR
Limit the number of \fBReceived:\fR message headers.
+.IP \fBrecipients_witheld_header\fR
+The header line that is inserted when no recipients were
+specified in (Resent-)To: or (Resent-)Cc: message headers.
.SH "Address transformations"
.ad
.fi
RFC 1651 (SMTP service extensions)
RFC 1870 (Message Size Declaration)
RFC 2197 (Pipelining)
+RFC 2554 (AUTH command)
.SH DIAGNOSTICS
.ad
.fi
Skip servers that greet us with a 5xx status code.
.IP \fBsmtp_skip_quit_response\fR
Do not wait for the server response after sending QUIT.
+.SH "Authentication controls"
+.IP \fBsmtp_enable_sasl_auth\fR
+Enable per-session authentication as per RFC 2554 (SASL).
+.IP \fBsmtp_sasl_password_maps\fR
+Lookup tables with per-host \fIname\fR:\fIpassword\fR entries.
+No entry for a host means no attempt to authenticate.
+.IP \fBsmtp_sasl_security_options\fR
+Zero or more of the following.
+.RS
+.IP \fBnoplaintext\fR
+Disallow authentication methods that use plaintext passwords.
+.IP \fBnoactive\fR
+Disallow authentication methods that are vulnerable to non-dictionary
+active attacks.
+.IP \fBnodictionary\fR
+Disallow authentication methods that are vulnerable to passive
+dictionary attack.
+.IP \fBnoanonymous\fR
+Disallow anonymous logins.
+.RE
.SH "Resource controls"
.ad
.fi
Enable per-session authentication as per RFC 2554 (SASL).
This functionality is available only when explicitly selected
at program build time and explicitly enabled at runtime.
+.IP \fBsmtpd_sasl_security_options\fR
+Zero or more of the following.
+.RS
+.IP \fBnoplaintext\fR
+Disallow authentication methods that use plaintext passwords.
+.IP \fBnoactive\fR
+Disallow authentication methods that are vulnerable to non-dictionary
+active attacks.
+.IP \fBnodictionary\fR
+Disallow authentication methods that are vulnerable to passive
+dictionary attack.
+.IP \fBnoanonymous\fR
+Disallow anonymous logins.
+.RE
.SH Miscellaneous
.ad
.fi
projects / thirdparty / postfix.git / commitdiff
