queue file, log not only the 'new' name in the incoming
queue, but also log the 'old' name in the maildrop queue.
File: pickup/pickup.c.
+
+20240422
+
+ Cleanup: improved warning text when a local alias contains
+ a domain. File: postalias/postalias.c.
+
+20240502
+
+ Documentation: clarified the spawn(8) manpage BUGS section.
+ File: spawn/spawn.c.
+
+20240504
+
+ Documentation: clarified some text in the Postfix overview.
+ File: proto/OVERVIEW.html.
+
+20240603
+
+ Documentation: with "smtpd_tls_security_level = encrypt",
+ clarified what commands the Postfix will accept during the
+ plaintext phase. File: proto/postconf.proto.
+
+ Documentation: ugly javascript workaround for
+ Google Chrome scrolling to the wrong location with
+ '<a name=' and '<a id=' tags in postconf.5.html. See
+ https://support.google.com/chrome/thread/11993079. File:
+ proto/postconf.html.prolog.
error(8) delivery agents are special: they discard or bounce all mail, and
are not shown in the figure above.
- The queue manager maintains a small active queue with the messages that it
- has opened for delivery. The active queue acts as a limited window on
+ The queue manager maintains a limited active queue with the messages that
+ it has opened for delivery. The active queue acts as a limited window on
potentially large incoming or deferred queues. The limited active queue
prevents the queue manager from running out of memory under heavy load.
relocated(5) table for recipients whose address has changed; mail for such
recipients is returned to the sender with an explanation.
- * The smtp(8) client looks up a list of mail exchangers for the destination
- host, sorts the list by preference, and tries each server in turn until it
- finds a server that responds. It then encapsulates the sender, recipient
- and message content as required by the SMTP protocol; this includes
- conversion of 8-bit MIME to 7-bit encoding.
+ * The smtp(8) client looks up a list of SMTP servers for the destination(s)
+ in a delivery request, sorts the list by preference, and tries each server
+ in turn until it has delivered or bounced all recipients in the delivery
+ request. It encapsulates the sender, recipients and message content as
+ required by the SMTP protocol; this includes message body conversion from
+ 8-bit MIME to 7-bit encoding, but does not include RFC 2047 header
+ encoding.
* The lmtp(8) client speaks a protocol similar to SMTP that is optimized for
delivery to mailbox servers such as Cyrus. The advantage of this setup is
* The pipe(8) mailer is the outbound interface to other mail processing
systems (the Postfix sendmail(1) command being the inbound interface). The
- interface is UNIX compatible: it provides information on the command line
- and on the standard input stream, and expects a process exit status code as
- defined in <sysexits.h>. Examples of delivery via the pipe(8) mailer are in
- the MAILDROP_README and UUCP_README documents.
+ interface is UNIX compatible: the pipe(8) mailer provides information to a
+ child process command line, environment variables, and standard input
+ stream, and expects a child process exit status code as defined in
+ <sysexits.h>. Examples of delivery via the pipe(8) mailer are in the
+ FILTER_README, MAILDROP_README, and UUCP_README documents.
P\bPo\bos\bst\btf\bfi\bix\bx b\bbe\beh\bhi\bin\bnd\bd t\bth\bhe\be s\bsc\bce\ben\bne\bes\bs
message
logfiles
- * The flush(8) servers maintain per-destination logs and implement both ETRN
- and "sendmail -qRdestination", as described in the ETRN_README document.
- This moves selected queue files from the deferred queue back to the
- incoming queue and requests their delivery. The flush(8) service is
- available with Postfix version 1.0 and later.
+ * The flush(8) servers maintain per-destination logs and implement "sendmail
+ -qRsite", "sendmail -qIqueueid" "postqueue -s site", "postqueue -
+ i queueid", and ETRN as described in the ETRN_README document. This moves
+ selected queue files from the deferred queue back to the incoming queue and
+ requests their delivery. The flush(8) service is available with Postfix
+ version 1.0 and later.
incoming
^
connection setup and improves message delivery rates. After a Postfix smtp
(8) client connects to a remote SMTP server and sends plaintext EHLO and
STARTTLS commands, the smtp(8) client inserts a tlsproxy(8) process into
- the connection as shown below.
-
- After the mail transaction completes, the Postfix smtp(8) client gives the
- smtp(8)-to-tlsproxy(8) connection to the scache(8) server, which keeps the
- connection open for a limited amount of time. The smtp(8) client continues
- with some other mail delivery request. Meanwhile, any Postfix smtp(8)
- client can ask the scache(8) server for that cached connection and reuse it
- for mail delivery.
+ the connection as shown in the top of the figure below.
/-- smtp(8) --> tlsproxy(8) --> Internet
scache(8)
+ After the mail transaction completes, the Postfix smtp(8) client gives the
+ smtp(8)-to-tlsproxy(8) connection to the scache(8) server, which keeps the
+ connection open for a limited amount of time. The smtp(8) client continues
+ with some other mail delivery request. Meanwhile, any Postfix smtp(8)
+ client can ask the scache(8) server for that cached connection and reuse it
+ for mail delivery.
+
* The showq(8) servers list the Postfix queue status. This is the queue
listing service that does the work for the mailq(1) and postqueue(1)
commands.
Disable -DSNAPSHOT and -DNONPROD in makedefs.
+ Many master.cf services don't expect wakeup calls, resulting
+ in weird warnings. Maybe the master daemon could signal the
+ wakeup intent through a child process command-line option,
+ so that the child can log "do not enable wakeups". Or the
+ client could announce to the xxx_server-main() skeleton
+ whether it wants wakeups. Or the child process could
+ special-case messages that consist only of a "W". We're not
+ using FIFOs anymore, and trigger servers could use a proper
+ (attribute, value) protocol.
+
+ "postconf -d" should not complain about a missing master.cf
+ file.
+
+ qmgr_message.c should do the right thing when the
+ double_bounce_sender value contains @.
+
migrate rbl -> dnsbl
migrate smtpd_sasl_tls_security_options to "noanonymous"
agents are special: they discard or bounce all mail, and are not
shown in the figure above. </p>
-<p> The queue manager maintains a
small <a href="QSHAPE_README.html#active_queue">active queue</a> with the
+<p> The queue manager maintains a
limited <a href="QSHAPE_README.html#active_queue">active queue</a> with the
messages that it has opened for delivery. The <a href="QSHAPE_README.html#active_queue">active queue</a> acts as
a limited window on potentially large <a href="QSHAPE_README.html#incoming_queue">incoming</a> or <a href="QSHAPE_README.html#deferred_queue">deferred queues</a>.
The limited <a href="QSHAPE_README.html#active_queue">active queue</a> prevents the queue manager from running
for recipients whose address has changed; mail for such recipients is
returned to the sender with an explanation. </p>
-<li> <p> The <a href="smtp.8.html">smtp(8)</a> client looks up a list of mail exchangers for
-the destination host, sorts the list by preference, and tries each
-server in turn until it finds a server that responds. It then
-encapsulates the sender, recipient and message content as required
-by the SMTP protocol; this includes conversion of 8-bit MIME to
-7-bit encoding. </p>
+<li> <p> The <a href="smtp.8.html">smtp(8)</a> client looks up a list of SMTP servers for
+the destination(s) in a delivery request, sorts the list by preference,
+and tries each server in turn until it has delivered or bounced all
+recipients in the delivery request. It encapsulates the sender,
+recipients and message content as required by the SMTP protocol;
+this includes message body conversion from 8-bit MIME to 7-bit
+encoding, but does not include <a href="https://tools.ietf.org/html/rfc2047">RFC 2047</a> header encoding. </p>
<li> <p> The <a href="lmtp.8.html">lmtp(8)</a> client speaks a protocol similar to SMTP that
is optimized for delivery to mailbox servers such as Cyrus. The
<li> <p> The <a href="pipe.8.html">pipe(8)</a> mailer is the outbound interface to other mail
processing systems (the Postfix <a href="sendmail.1.html">sendmail(1)</a> command being the
-inbound interface). The interface is UNIX compatible: it provides
-information on the command line and on the standard input stream,
-and expects a process exit status code as defined in <sysexits.h>.
-Examples of delivery via the <a href="pipe.8.html">pipe(8)</a> mailer are in the <a href="MAILDROP_README.html">MAILDROP_README</a>
+inbound interface). The interface is UNIX compatible: the <a href="pipe.8.html">pipe(8)</a>
+mailer provides information to a child process command line,
+environment variables, and standard input stream, and expects a
+child process exit status code as defined in <sysexits.h>.
+Examples of delivery via the <a href="pipe.8.html">pipe(8)</a> mailer are in the <a href="FILTER_README.html">FILTER_README</a>,
+<a href="MAILDROP_README.html">MAILDROP_README</a>,
and <a href="UUCP_README.html">UUCP_README</a> documents.
</ul>
</table>
<li> <p> The <a href="flush.8.html">flush(8)</a> servers maintain per-destination logs and
-implement both ETRN and "sendmail -qRdestination", as described
+implement "sendmail -qR<i>site</i>", "sendmail -qI<i>queueid</i>"
+"postqueue -s <i>site</i>", "postqueue -i <i>queueid</i>", and ETRN
+as described
in the <a href="ETRN_README.html">ETRN_README</a> document. This moves selected queue files from
the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> back to the <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> and requests their
delivery. The <a href="flush.8.html">flush(8)</a> service is available with Postfix version
rates. After a Postfix <a href="smtp.8.html">smtp(8)</a> client connects to a remote SMTP
server and sends plaintext EHLO and STARTTLS commands, the <a href="smtp.8.html">smtp(8)</a>
client inserts a <a href="tlsproxy.8.html">tlsproxy(8)</a> process into the connection as shown
-below. </p>
-
-<p> After the mail transaction completes, the Postfix <a href="smtp.8.html">smtp(8)</a> client
-gives the <a href="smtp.8.html">smtp(8)</a>-to-<a href="tlsproxy.8.html">tlsproxy(8)</a> connection to the <a href="scache.8.html">scache(8)</a>
-server, which keeps the connection open for a limited amount of
-time. The <a href="smtp.8.html">smtp(8)</a> client continues with some other mail delivery
-request. Meanwhile, any Postfix <a href="smtp.8.html">smtp(8)</a> client can ask the <a href="scache.8.html">scache(8)</a>
-server for that cached connection and reuse it for mail delivery.
-</p>
+in the top of the figure below. </p>
<table>
</table>
+<p> After the mail transaction completes, the Postfix <a href="smtp.8.html">smtp(8)</a> client
+gives the <a href="smtp.8.html">smtp(8)</a>-to-<a href="tlsproxy.8.html">tlsproxy(8)</a> connection to the <a href="scache.8.html">scache(8)</a>
+server, which keeps the connection open for a limited amount of
+time. The <a href="smtp.8.html">smtp(8)</a> client continues with some other mail delivery
+request. Meanwhile, any Postfix <a href="smtp.8.html">smtp(8)</a> client can ask the <a href="scache.8.html">scache(8)</a>
+server for that cached connection and reuse it for mail delivery.
+</p>
+
<li> <p> The <a href="showq.8.html">showq(8)</a> servers list the Postfix queue status. This
is the queue listing service that does the work for the <a href="mailq.1.html">mailq(1)</a>
and <a href="postqueue.1.html">postqueue(1)</a> commands. </p>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel='stylesheet' type='text/css' href='postfix-doc.css'>
+<script type="text/javascript">
+
+// Kludge for https://support.google.com/chrome/thread/11993079
+const isChrome = /Chrome/.test(navigator.userAgent)
+ && /Google Inc/.test(navigator.vendor);
+const hash = window.location.hash;
+if (hash && isChrome) {
+ setTimeout(function() {
+ window.location.hash = "";
+ window.location.hash = hash;
+ }, 1000);
+}
+
+</script>
+
</head>
<body>
<ul>
-<li> a = time from message arrival to last <a href="QSHAPE_README.html#active_queue">active queue</a> entry
+<li> a = Time from message arrival to last <a href="QSHAPE_README.html#active_queue">active queue</a> entry.
-<li> b = time from last <a href="QSHAPE_README.html#active_queue">active queue</a> entry to connection setup
+<li> b = Time from last <a href="QSHAPE_README.html#active_queue">active queue</a> entry to the beginning of
+connection setup.
-<li> c = time in connection setup, including DNS, EHLO and STARTTLS
+<li> c = Time in connection setup. With SMTP, that is the time
+before sending the MAIL FROM command: with a new connection, that
+includes DNS lookups, and protocol handshakes with TCP, EHLO, and
+STARTTLS; with a reused connection, that includes DNS lookups,
+connection cache lookup by domain or IP address, and a liveness
+probe with RSET.
-<li> d = time in message transmission
+<li> d = Time in message transmission. With SMTP, that starts with
+sending MAIL FROM.
</ul>
(default: no)</b></DT><DD>
<p> Mandatory TLS: announce STARTTLS support to remote SMTP clients,
-and require that clients use TLS encryption. According to <a href="https://tools.ietf.org/html/rfc2487">RFC 2487</a>
+and reject all plaintext commands except HELO, EHLO, XCLIENT,
+STARTTLS, NOOP, QUIT, and (Postfix ≥ 3.9) HELP.
+According to <a href="https://tools.ietf.org/html/rfc2487">RFC 2487</a>
this MUST NOT be applied in case of a publicly-referenced SMTP
-server. This option is therefore off by default. </p>
+server. Instead, this should be used on dedicated servers, for
+example submission (port 587). This option is therefore off by
+default. </p>
<p> Note 1: "<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> = yes" implies "<a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> = yes". </p>
</dd>
<dt><b>encrypt</b></dt> <dd>Mandatory TLS encryption: announce
-STARTTLS support to remote SMTP clients, and require that clients use TLS
-encryption. According to <a href="https://tools.ietf.org/html/rfc2487">RFC 2487</a> this MUST NOT be applied in case
-of a publicly-referenced SMTP server. Instead, this option should
-be used only on dedicated servers. </dd>
+STARTTLS support to remote SMTP clients, and reject all plaintext
+commands except HELO, EHLO, XCLIENT, STARTTLS, NOOP, QUIT, and (Postfix
+≥ 3.9) HELP. According to <a href="https://tools.ietf.org/html/rfc2487">RFC 2487</a> this MUST NOT be applied in case
+of a publicly-referenced SMTP server. Instead, this should be used
+on dedicated servers, for example submission (port 587). </dd>
</dl>
interpreter.
<b>BUGS</b>
- In order to enforce standard Postfix process resource controls, the
- <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon runs only one external command at a time. As such, it
- presents a noticeable overhead by wasting precious process resources.
- The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon is expected to be replaced by a more structural
+ In order to enforce standard Postfix process resource controls, each
+ <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon process runs only one external command, and blocks
+ until the command terminates or a time limit is reached. As such, it
+ presents a noticeable overhead by wasting precious process resources.
+ The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon is expected to be replaced by a more structural
solution.
<b>DIAGNOSTICS</b>
- The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon reports abnormal child exits. Problems are logged
+ The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon reports abnormal child exits. Problems are logged
to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>.
<b>SECURITY</b>
This program needs root privilege in order to execute external commands
as the specified user. It is therefore security sensitive. However the
- <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon does not talk to the external command and thus is not
+ <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon does not talk to the external command and thus is not
vulnerable to data-driven attacks.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically as <a href="spawn.8.html"><b>spawn</b>(8)</a> processes
+ Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically as <a href="spawn.8.html"><b>spawn</b>(8)</a> processes
run for only a limited amount of time. Use the command "<b>postfix reload</b>"
to speed up a change.
- The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
+ The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
more details including examples.
- In the text below, <i>transport</i> is the first field of the entry in the
+ In the text below, <i>transport</i> is the first field of the entry in the
<a href="master.5.html"><b>master.cf</b></a> file.
<b>RESOURCE AND RATE CONTROL</b>
<b><a href="postconf.5.html#transport_time_limit">transport_time_limit</a> ($<a href="postconf.5.html#command_time_limit">command_time_limit</a>)</b>
A transport-specific override for the <a href="postconf.5.html#command_time_limit">command_time_limit</a> parame-
- ter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of the message
+ ter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of the message
delivery transport.
<b>MISCELLANEOUS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to handle a
+ How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
<b><a href="postconf.5.html#export_environment">export_environment</a> (see 'postconf -d' output)</b>
- The list of environment variables that a Postfix process will
+ The list of environment variables that a Postfix process will
export to non-Postfix processes.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
- The time limit for sending or receiving information over an
+ The time limit for sending or receiving information over an
internal communication channel.
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
- The UNIX system account that owns the Postfix queue and most
+ The UNIX system account that owns the Postfix queue and most
Postfix daemon processes.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix daemon process
+ The maximum amount of time that an idle Postfix daemon process
waits for an incoming connection before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- A prefix that is prepended to the process name in syslog
+ A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
Available in Postfix 3.3 and later:
.PP
The format of the "delays=a/b/c/d" logging is as follows:
.IP \(bu
-a = time from message arrival to last active queue entry
+a = Time from message arrival to last active queue entry.
.IP \(bu
-b = time from last active queue entry to connection setup
+b = Time from last active queue entry to the beginning of
+connection setup.
.IP \(bu
-c = time in connection setup, including DNS, EHLO and STARTTLS
+c = Time in connection setup. With SMTP, that is the time
+before sending the MAIL FROM command: with a new connection, that
+includes DNS lookups, and protocol handshakes with TCP, EHLO, and
+STARTTLS; with a reused connection, that includes DNS lookups,
+connection cache lookup by domain or IP address, and a liveness
+probe with RSET.
.IP \(bu
-d = time in message transmission
+d = Time in message transmission. With SMTP, that starts with
+sending MAIL FROM.
.br
.PP
This feature is available in Postfix 2.3 and later.
See smtpd_data_restrictions for details and limitations.
.SH smtpd_enforce_tls (default: no)
Mandatory TLS: announce STARTTLS support to remote SMTP clients,
-and require that clients use TLS encryption. According to RFC 2487
+and reject all plaintext commands except HELO, EHLO, XCLIENT,
+STARTTLS, NOOP, QUIT, and (Postfix >= 3.9) HELP.
+According to RFC 2487
this MUST NOT be applied in case of a publicly\-referenced SMTP
-server. This option is therefore off by default.
+server. Instead, this should be used on dedicated servers, for
+example submission (port 587). This option is therefore off by
+default.
.PP
Note 1: "smtpd_enforce_tls = yes" implies "smtpd_tls_auth_only = yes".
.PP
.br
.IP "\fBencrypt\fR"
Mandatory TLS encryption: announce
-STARTTLS support to remote SMTP clients, and require that clients use TLS
-encryption. According to RFC 2487 this MUST NOT be applied in case
-of a publicly\-referenced SMTP server. Instead, this option should
-be used only on dedicated servers.
+STARTTLS support to remote SMTP clients, and reject all plaintext
+commands except HELO, EHLO, XCLIENT, STARTTLS, NOOP, QUIT, and (Postfix
+>= 3.9) HELP. According to RFC 2487 this MUST NOT be applied in case
+of a publicly\-referenced SMTP server. Instead, this should be used
+on dedicated servers, for example submission (port 587).
.br
.br
.PP
.ad
.fi
In order to enforce standard Postfix process resource controls,
-the \fBspawn\fR(8) daemon runs only one external command at a time.
+each \fBspawn\fR(8) daemon process runs only one external
+command, and blocks until the command terminates or a time
+limit is reached.
As such, it presents a noticeable overhead by wasting precious
process resources. The \fBspawn\fR(8) daemon is expected to be
replaced by a more structural solution.
agents are special: they discard or bounce all mail, and are not
shown in the figure above. </p>
-<p> The queue manager maintains a small active queue with the
+<p> The queue manager maintains a limited active queue with the
messages that it has opened for delivery. The active queue acts as
a limited window on potentially large incoming or deferred queues.
The limited active queue prevents the queue manager from running
for recipients whose address has changed; mail for such recipients is
returned to the sender with an explanation. </p>
-<li> <p> The smtp(8) client looks up a list of mail exchangers for
-the destination host, sorts the list by preference, and tries each
-server in turn until it finds a server that responds. It then
-encapsulates the sender, recipient and message content as required
-by the SMTP protocol; this includes conversion of 8-bit MIME to
-7-bit encoding. </p>
+<li> <p> The smtp(8) client looks up a list of SMTP servers for
+the destination(s) in a delivery request, sorts the list by preference,
+and tries each server in turn until it has delivered or bounced all
+recipients in the delivery request. It encapsulates the sender,
+recipients and message content as required by the SMTP protocol;
+this includes message body conversion from 8-bit MIME to 7-bit
+encoding, but does not include RFC 2047 header encoding. </p>
<li> <p> The lmtp(8) client speaks a protocol similar to SMTP that
is optimized for delivery to mailbox servers such as Cyrus. The
<li> <p> The pipe(8) mailer is the outbound interface to other mail
processing systems (the Postfix sendmail(1) command being the
-inbound interface). The interface is UNIX compatible: it provides
-information on the command line and on the standard input stream,
-and expects a process exit status code as defined in <sysexits.h>.
-Examples of delivery via the pipe(8) mailer are in the MAILDROP_README
+inbound interface). The interface is UNIX compatible: the pipe(8)
+mailer provides information to a child process command line,
+environment variables, and standard input stream, and expects a
+child process exit status code as defined in <sysexits.h>.
+Examples of delivery via the pipe(8) mailer are in the FILTER_README,
+MAILDROP_README,
and UUCP_README documents.
</ul>
</table>
<li> <p> The flush(8) servers maintain per-destination logs and
-implement both ETRN and "sendmail -qRdestination", as described
+implement "sendmail -qR<i>site</i>", "sendmail -qI<i>queueid</i>"
+"postqueue -s <i>site</i>", "postqueue -i <i>queueid</i>", and ETRN
+as described
in the ETRN_README document. This moves selected queue files from
the deferred queue back to the incoming queue and requests their
delivery. The flush(8) service is available with Postfix version
rates. After a Postfix smtp(8) client connects to a remote SMTP
server and sends plaintext EHLO and STARTTLS commands, the smtp(8)
client inserts a tlsproxy(8) process into the connection as shown
-below. </p>
-
-<p> After the mail transaction completes, the Postfix smtp(8) client
-gives the smtp(8)-to-tlsproxy(8) connection to the scache(8)
-server, which keeps the connection open for a limited amount of
-time. The smtp(8) client continues with some other mail delivery
-request. Meanwhile, any Postfix smtp(8) client can ask the scache(8)
-server for that cached connection and reuse it for mail delivery.
-</p>
+in the top of the figure below. </p>
<table>
</table>
+<p> After the mail transaction completes, the Postfix smtp(8) client
+gives the smtp(8)-to-tlsproxy(8) connection to the scache(8)
+server, which keeps the connection open for a limited amount of
+time. The smtp(8) client continues with some other mail delivery
+request. Meanwhile, any Postfix smtp(8) client can ask the scache(8)
+server for that cached connection and reuse it for mail delivery.
+</p>
+
<li> <p> The showq(8) servers list the Postfix queue status. This
is the queue listing service that does the work for the mailq(1)
and postqueue(1) commands. </p>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel='stylesheet' type='text/css' href='postfix-doc.css'>
+<script type="text/javascript">
+
+// Kludge for https://support.google.com/chrome/thread/11993079
+const isChrome = /Chrome/.test(navigator.userAgent)
+ && /Google Inc/.test(navigator.vendor);
+const hash = window.location.hash;
+if (hash && isChrome) {
+ setTimeout(function() {
+ window.location.hash = "";
+ window.location.hash = hash;
+ }, 1000);
+}
+
+</script>
+
</head>
<body>
%PARAM smtpd_enforce_tls no
<p> Mandatory TLS: announce STARTTLS support to remote SMTP clients,
-and require that clients use TLS encryption. According to RFC 2487
+and reject all plaintext commands except HELO, EHLO, XCLIENT,
+STARTTLS, NOOP, QUIT, and (Postfix ≥ 3.9) HELP.
+According to RFC 2487
this MUST NOT be applied in case of a publicly-referenced SMTP
-server. This option is therefore off by default. </p>
+server. Instead, this should be used on dedicated servers, for
+example submission (port 587). This option is therefore off by
+default. </p>
<p> Note 1: "smtpd_enforce_tls = yes" implies "smtpd_tls_auth_only = yes". </p>
<ul>
-<li> a = time from message arrival to last active queue entry
+<li> a = Time from message arrival to last active queue entry.
-<li> b = time from last active queue entry to connection setup
+<li> b = Time from last active queue entry to the beginning of
+connection setup.
-<li> c = time in connection setup, including DNS, EHLO and STARTTLS
+<li> c = Time in connection setup. With SMTP, that is the time
+before sending the MAIL FROM command: with a new connection, that
+includes DNS lookups, and protocol handshakes with TCP, EHLO, and
+STARTTLS; with a reused connection, that includes DNS lookups,
+connection cache lookup by domain or IP address, and a liveness
+probe with RSET.
-<li> d = time in message transmission
+<li> d = Time in message transmission. With SMTP, that starts with
+sending MAIL FROM.
</ul>
</dd>
<dt><b>encrypt</b></dt> <dd>Mandatory TLS encryption: announce
-STARTTLS support to remote SMTP clients, and require that clients use TLS
-encryption. According to RFC 2487 this MUST NOT be applied in case
-of a publicly-referenced SMTP server. Instead, this option should
-be used only on dedicated servers. </dd>
+STARTTLS support to remote SMTP clients, and reject all plaintext
+commands except HELO, EHLO, XCLIENT, STARTTLS, NOOP, QUIT, and (Postfix
+≥ 3.9) HELP. According to RFC 2487 this MUST NOT be applied in case
+of a publicly-referenced SMTP server. Instead, this should be used
+on dedicated servers, for example submission (port 587). </dd>
</dl>
LLC
Maadani
GTEST
+javascript
or unimplemented commands File smtpd smtpd c
proto proto mysql_table proto pgsql_table proto ldap_table
File pickup pickup c
+ a domain File postalias postalias c
+ File spawn spawn c
viktor
MONGODB
MongoDB
+qIqueueid
+Dextrous
+ar
+liveness
+superset
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20240422"
+#define MAIL_RELEASE_DATE "20240603"
#define MAIL_VERSION_NUMBER "3.10"
#ifdef SNAPSHOT
* alias database is being built, so we're guessing a bit.
*/
if (tok822_rfind_type(colon, '@') || tok822_rfind_type(colon, '%')) {
- msg_warn("%s, line %d: name must be local",
+ msg_warn("%s, line %d: name must be local and have no domain",
VSTREAM_PATH(source_fp), lineno);
tok822_free_tree(tok_list);
continue;
/* shell meta characters by a shell command interpreter.
/* BUGS
/* In order to enforce standard Postfix process resource controls,
-/* the \fBspawn\fR(8) daemon runs only one external command at a time.
+/* each \fBspawn\fR(8) daemon process runs only one external
+/* command, and blocks until the command terminates or a time
+/* limit is reached.
/* As such, it presents a noticeable overhead by wasting precious
/* process resources. The \fBspawn\fR(8) daemon is expected to be
/* replaced by a more structural solution.
projects / thirdparty / postfix.git / commitdiff
