specific to the virtual(8) delivery agent, and will have
no effect when mail is delivered with a different program.
Files: proto/postconf.proto, proto/VIRTUAL_README.html.
+
+20120824
+
+ Feature: support for "sendmail -R hdrs|full". Jan Kundrát.
+ File: sendmail/sendmail.c.
+
+20120902
+
+ Documentation: updated TUNING_README with new pointers to
+ the STRESS_README and POSTSCREEN_README documents. Miscellaneous
+ documentation clarifications based on postfix-users discussions.
K\bKn\bno\bow\bwn\bn L\bLi\bim\bmi\bit\bta\bat\bti\bio\bon\bns\bs
- * The order of IPv6/IPv4 outgoing connection attempts is not yet
- configurable. Currently, IPv6 is tried before IPv4.
+ * Postfix SMTP clients before version 2.8 try to connect over IPv6 before
+ trying IPv4. With more recent Postfix versions, the order of IPv6 versus
+ IPv4 outgoing connection attempts is configurable with the
+ smtp_address_preference parameter.
- * Postfix currently does not support DNSBL (real-time blackhole list) lookups
- for IPv6 client IP addresses; currently there are no blacklists that cover
- the IPv6 address space.
+ * Postfix versions before 2.6 do not support DNSBL (real-time blackhole list)
+ lookups for IPv6 client IP addresses.
* IPv6 does not have class A, B, C, etc. networks. With IPv6 networks, the
setting "mynetworks_style = class" has the same effect as the setting
I\bIn\bnt\btr\bro\bod\bdu\buc\bct\bti\bio\bon\bn
+This document describes features that are available in Postfix 2.8 and later.
+
The Postfix postscreen(8) daemon provides additional protection against mail
server overload. One postscreen(8) process handles multiple inbound SMTP
connections, and decides which clients may talk to a Postfix SMTP server
indicates a super-user shell.
* Become your own Certificate Authority, so that you can sign your own public
- keys. This example uses the CA.pl script that ships with OpenSSL. By
- default, OpenSSL installs this as /usr/local/ssl/misc/CA.pl, but your
- mileage may vary. The script creates a private key in ./demoCA/private/
- cakey.pem and a public key in ./demoCA/cacert.pem.
+ keys. This example uses the CA.pl script that ships with OpenSSL. On some
+ systems, OpenSSL installs this as /usr/local/ssl/misc/CA.pl. Some systems
+ install this as part of a package named openssl-perl or something similar.
+ The script creates a private key in ./demoCA/private/cakey.pem and a public
+ key in ./demoCA/cacert.pem.
% /\b/u\bus\bsr\br/\b/l\blo\boc\bca\bal\bl/\b/s\bss\bsl\bl/\b/m\bmi\bis\bsc\bc/\b/C\bCA\bA.\b.p\bpl\bl -\b-n\bne\bew\bwc\bca\ba
CA certificate filename (or enter to create)
* If the number of smtpd(8) processes has reached the process limit as
specified in master.cf, new SMTP clients must wait until a process becomes
- available. Increase the number of processes if memory permits. See the
- instructions given under "Tuning the number of Postfix processes".
+ available. See the STRESS_README and POSTSCREEN_README documents for
+ measures that help to prevent SMTP server overload.
D\bDo\boi\bin\bng\bg m\bmo\bor\bre\be w\bwo\bor\brk\bk w\bwi\bit\bth\bh y\byo\bou\bur\br S\bSM\bMT\bTP\bP s\bse\ber\brv\bve\ber\br p\bpr\bro\boc\bce\bes\bss\bse\bes\bs
deliver mail to a small number of high volume domains.
A common situation where high concurrency is called for is on gateways relaying
-a high volume of mail from between the Internet and an intranet mail
-environment. Approximately half the mail (assuming equal volumes inbound and
-outbound) will be destined for the internal mail hubs. Since the internal mail
-hubs will be receiving all external mail exclusively from the gateway, it is
-reasonable to configure the gateway to make greater demands on the capacity of
-the internal SMTP servers.
+a high volume of mail between the Internet and an intranet mail environment.
+Approximately half the mail (assuming equal volumes inbound and outbound) will
+be destined for the internal mail hubs. Since the internal mail hubs will be
+receiving all external mail exclusively from the gateway, it is reasonable to
+configure the gateway to make greater demands on the capacity of the internal
+SMTP servers.
The tuning of the inbound concurrency limits need not be trial and error. A
high volume capable mailhub should be able to easily handle 50 or 100 (rather
Postfix will attempt to send multiple copies of the message in parallel.
IMPORTANT: Be careful when increasing the recipient limit per message delivery;
-some smtpd(8) servers abort the connection when they run out of memory or when
-a hard recipient limit is reached, so that the message will never be delivered.
+some SMTP servers abort the connection when they run out of memory or when a
+hard recipient limit is reached, so that the message will never be delivered.
The smtpd_recipient_limit parameter (default: 1000) controls how many
recipients the Postfix smtpd(8) server will take per delivery. The default
/etc/postfix/main.cf:
default_process_limit = 10
-You need to execute "postfix reload" to make the change effective. The limits
-are enforced by the Postfix master(8) daemon which does not automatically read
+You need to execute "postfix reload" to make the change effective. This limit
+is enforced by the Postfix master(8) daemon which does not automatically read
main.cf when it changes.
You can override the process limit for specific Postfix daemons by editing the
master.cf file. For example, if you do not wish to receive 100 SMTP messages at
-the same time, but do not want to change the process limits for local mail
-deliveries, you could specify:
+the same time, but do not want to change the process limits for other Postfix
+daemons, you could specify:
/etc/postfix/master.cf:
# ====================================================================
Don't forget Apple's code donation for fetching mail from
IMAP server.
+ Parallelized queue preprocessing: rip out the queue manager
+ code to read queue files and resolve recipients, and run
+ it in parallel processes. The queue manager then processes
+ their results as they become available. This would eliminate
+ the qmgr<->trivial-rewrite bottleneck. This can also eliminate
+ much of the scheduling disadvantage of a single queue manager
+ compared to hundreds of mail receiving or sending processes
+ (especially if there is a way to scan the queue in parallel).
+
mem_pool module for frequently-allocated objects
such as postscreen VSTRINGS and STATE objects.
Operations: create, put, get, maybe destroy.
- Call-backs: create, reset, and maybe destroy.
+ Call-backs: init, reset, and maybe destroy.
Make "rename" the default when postmapping a DB file
(later: use copy+rename for postmap -i, postmap -d).
<ul>
-<li> <p> The order of IPv6/IPv4 outgoing connection attempts is
-not yet configurable. Currently, IPv6 is tried before IPv4. </p>
+<li> <p> Postfix SMTP clients before version 2.8 try to connect
+over IPv6 before trying IPv4. With more recent Postfix versions,
+the order of IPv6 versus IPv4 outgoing connection attempts is
+configurable with the <a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> parameter. </p>
-<li> <p> Postfix currently does not support DNSBL (real-time
-blackhole list) lookups for IPv6 client IP addresses; currently
-there are no blacklists that cover the IPv6 address space. </p>
+<li> <p> Postfix versions before 2.6 do not support DNSBL (real-time
+blackhole list) lookups for IPv6 client IP addresses. </p>
<li> <p> IPv6 does not have class A, B, C, etc. networks. With IPv6
networks, the setting "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = class" has the
<h2> <a name="intro">Introduction</a> </h2>
+<p> This document describes features that are available in Postfix
+2.8 and later. </p>
+
<p> The Postfix <a href="postscreen.8.html">postscreen(8)</a> daemon provides additional protection
against mail server overload. One <a href="postscreen.8.html">postscreen(8)</a> process handles
multiple inbound SMTP connections, and decides which clients may
<li> <p> Become your own Certificate Authority, so that you can
sign your own public keys. This example uses the CA.pl script that
-ships with OpenSSL. By default, OpenSSL installs this as
-<tt>/usr/local/ssl/misc/CA.pl</tt>, but your mileage may vary.
+ships with OpenSSL. On some systems, OpenSSL installs this as
+<tt>/usr/local/ssl/misc/CA.pl</tt>. Some systems install this as
+part of a package named <tt>openssl-perl</tt> or something similar.
The script creates a private key in <tt>./demoCA/private/cakey.pem</tt>
and a public key in <tt>./demoCA/cacert.pem</tt>.</p>
<li> <p> If the number of <a href="smtpd.8.html">smtpd(8)</a> processes has reached the process
limit as specified in <a href="master.5.html">master.cf</a>, new SMTP clients must wait until
-a process becomes available. Increase the number of processes if
-memory permits. See the instructions given under "<a
-href="#proc_limit">Tuning the number of Postfix processes</a>".
-</p>
+a process becomes available. See the <a href="STRESS_README.html">STRESS_README</a> and <a href="POSTSCREEN_README.html">POSTSCREEN_README</a>
+documents for measures that help to prevent SMTP server overload. </p>
</ul>
to a small number of high volume domains. </p>
<p> A common situation where high concurrency is called for is on
-gateways relaying a high volume of mail from between the Internet
+gateways relaying a high volume of mail between the Internet
and an intranet mail environment. Approximately half the mail
(assuming equal volumes inbound and outbound) will be destined
for the internal mail hubs. Since the internal mail hubs will be
copies of the message in parallel. </p>
<p> IMPORTANT: Be careful when increasing the recipient limit per
-message delivery; some <a href="smtpd.8.html">smtpd(8)</a> servers abort the connection when they
+message delivery; some SMTP servers abort the connection when they
run out of memory or when a hard recipient limit is reached, so
that the message will never be delivered. </p>
</blockquote>
<p> You need to execute "postfix reload" to make the change effective.
-Th
e limits are enforced by the Postfix <a href="master.8.html">master(8)</a> daemon which does
+Th
is limit is enforced by the Postfix <a href="master.8.html">master(8)</a> daemon which does
not automatically read <a href="postconf.5.html">main.cf</a> when it changes. </p>
<p> You can override the process limit for specific Postfix daemons
by editing the <a href="master.5.html">master.cf</a> file. For example, if you do not wish to
receive 100 SMTP messages at the same time, but do not want to
-change the process limits for local mail deliveries, you could
+change the process limits for other Postfix daemons, you could
specify: </p>
<blockquote>
Postfix versions before 2.1, the <b>Errors-To:</b> message
header overrides the error return address.
- <b>-R</b> <i>return</i><b>_</b><i>limit</i> (ignored)
- Limit the size of bounced mail. Use the
- <b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a></b> configuration parameter instead.
+ <b>-R</b> <i>return</i>
+ Delivery status notification control. Specify
+ "hdrs" to return only the header if a message
+ bounces, "full" to return a full copy (the default
+ behavior).
- <b>-q</b> Attempt to deliver all queued mail. This is imple-
+ The <b>-R</b> option specifies an upper bound; for exam-
+ ple, Postfix will return only the header, when a
+ full copy would exceed the <a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> set-
+ ting.
+
+ This option is ignored before Postfix version 2.10.
+
+ <b>-q</b> Attempt to deliver all queued mail. This is imple-
mented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command.
Warning: flushing undeliverable mail frequently
- will result in poor delivery performance of all
+ will result in poor delivery performance of all
other mail.
<b>-q</b><i>interval</i> (ignored)
- The interval between queue runs. Use the
+ The interval between queue runs. Use the
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a></b> configuration parameter instead.
<b>-qI</b><i>queueid</i>
Schedule immediate delivery of mail with the speci-
- fied queue ID. This option is implemented by exe-
- cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command, and is available
+ fied queue ID. This option is implemented by exe-
+ cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command, and is available
with Postfix version 2.4 and later.
<b>-qR</b><i>site</i>
- Schedule immediate delivery of all mail that is
+ Schedule immediate delivery of all mail that is
queued for the named <i>site</i>. This option accepts only
- <i>site</i> names that are eligible for the "fast flush"
- service, and is implemented by executing the
+ <i>site</i> names that are eligible for the "fast flush"
+ service, and is implemented by executing the
<a href="postqueue.1.html"><b>postqueue</b>(1)</a> command. See <a href="flush.8.html"><b>flush</b>(8)</a> for more infor-
mation about the "fast flush" service.
<b>-qS</b><i>site</i>
- This command is not implemented. Use the slower
+ This command is not implemented. Use the slower
"<b>sendmail -q</b>" command instead.
- <b>-t</b> Extract recipients from message headers. These are
- added to any recipients specified on the command
+ <b>-t</b> Extract recipients from message headers. These are
+ added to any recipients specified on the command
line.
- With Postfix versions prior to 2.1, this option
- requires that no recipient addresses are specified
+ With Postfix versions prior to 2.1, this option
+ requires that no recipient addresses are specified
on the command line.
<b>-U</b> (ignored)
This feature is available in Postfix 2.3 and later.
<b>-XV</b> (Postfix 2.2 and earlier: <b>-V</b>)
- Variable Envelope Return Path. Given an envelope
- sender address of the form <i>owner-listname</i>@<i>origin</i>,
- each recipient <i>user</i>@<i>domain</i> receives mail with a
+ Variable Envelope Return Path. Given an envelope
+ sender address of the form <i>owner-listname</i>@<i>origin</i>,
+ each recipient <i>user</i>@<i>domain</i> receives mail with a
personalized envelope sender address.
- By default, the personalized envelope sender
- address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
- default <b>+</b> and <b>=</b> characters are configurable with
- the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
+ By default, the personalized envelope sender
+ address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
+ default <b>+</b> and <b>=</b> characters are configurable with
+ the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
ter.
<b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
- As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
- characters, instead of the characters specified
- with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
+ As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
+ characters, instead of the characters specified
+ with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
parameter.
- <b>-v</b> Send an email report of the first delivery attempt
- (Postfix versions 2.1 and later). Mail delivery
- always happens in the background. When multiple <b>-v</b>
+ <b>-v</b> Send an email report of the first delivery attempt
+ (Postfix versions 2.1 and later). Mail delivery
+ always happens in the background. When multiple <b>-v</b>
options are given, enable verbose logging for
debugging purposes.
<b>-X</b> <i>log</i><b>_</b><i>file</i> (ignored)
- Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
- <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
+ Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
+ <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
<b>SECURITY</b>
- By design, this program is not set-user (or group) id.
- However, it must handle data from untrusted, possibly
- remote, users. Thus, the usual precautions need to be
+ By design, this program is not set-user (or group) id.
+ However, it must handle data from untrusted, possibly
+ remote, users. Thus, the usual precautions need to be
taken against malicious inputs.
<b>DIAGNOSTICS</b>
- Problems are logged to <b>syslogd</b>(8) and to the standard
+ Problems are logged to <b>syslogd</b>(8) and to the standard
error stream.
<b>ENVIRONMENT</b>
<b>MAIL_DEBUG</b> (value does not matter)
Enable debugging with an external command, as spec-
- ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
+ ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
parameter.
- <b>NAME</b> The sender full name. This is used only with mes-
- sages that have no <b>From:</b> message header. See also
+ <b>NAME</b> The sender full name. This is used only with mes-
+ sages that have no <b>From:</b> message header. See also
the <b>-F</b> option above.
<b>CONFIGURATION PARAMETERS</b>
- The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b>COMPATIBILITY CONTROLS</b>
Available with Postfix 2.9 and later:
<b><a href="postconf.5.html#sendmail_fix_line_endings">sendmail_fix_line_endings</a> (always)</b>
- Controls how the Postfix sendmail command converts
- email message line endings from <CR><LF> into UNIX
+ Controls how the Postfix sendmail command converts
+ email message line endings from <CR><LF> into UNIX
format (<LF>).
<b>TROUBLE SHOOTING CONTROLS</b>
- The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
+ The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
shoot a Postfix system.
<b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
mon program is invoked with the -D option.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
- The increment in verbose logging level when a
- remote client or server matches a pattern in the
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
- Optional list of remote client or server hostname
- or network address patterns that cause the verbose
- logging level to increase by the amount specified
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b>ACCESS CONTROLS</b>
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#authorized_flush_users">authorized_flush_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
- List of users who are authorized to flush the
+ List of users who are authorized to flush the
queue.
<b><a href="postconf.5.html#authorized_mailq_users">authorized_mailq_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
List of users who are authorized to view the queue.
<b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
- List of users who are authorized to submit mail
- with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
+ List of users who are authorized to submit mail
+ with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
leged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper command).
<b>RESOURCE AND RATE CONTROLS</b>
sent in a non-delivery notification.
<b><a href="postconf.5.html#fork_attempts">fork_attempts</a> (5)</b>
- The maximal number of attempts to fork() a child
+ The maximal number of attempts to fork() a child
process.
<b><a href="postconf.5.html#fork_delay">fork_delay</a> (1s)</b>
process.
<b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
- The maximal number of Received: message headers
+ The maximal number of Received: message headers
that is allowed in the primary message headers.
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (300s)</b>
- The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
+ The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
manager; prior to Postfix 2.4 the default value was
1000s.
<b><a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> ($<a href="postconf.5.html#relay_domains">relay_domains</a>)</b>
Optional list of destinations that are eligible for
- per-destination logfiles with mail that is queued
+ per-destination logfiles with mail that is queued
to those destinations.
<b>VERP CONTROLS</b>
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation
- details of Postfix support for variable envelope return
+ details of Postfix support for variable envelope return
path addresses.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
- The characters Postfix accepts as VERP delimiter
- characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
and in SMTP commands.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
- The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
+ The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
updated with "<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
- The location of all postfix administrative com-
+ The location of all postfix administrative com-
mands.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
- The directory with Postfix support programs and
+ The directory with Postfix support programs and
daemon programs.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
<a href="postalias.1.html"><b>postalias</b>(1)</a> and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
- The time after which the sender receives the mes-
+ The time after which the sender receives the mes-
sage headers of mail that is still queued.
<b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
- Report mail delivery errors to the address speci-
- fied with the non-standard Errors-To: message
- header, instead of the envelope sender address
- (this feature is removed with Postfix version 2.2,
- is turned off by default with Postfix version 2.1,
- and is always turned on with older Postfix ver-
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix version 2.2,
+ is turned off by default with Postfix version 2.1,
+ and is always turned on with older Postfix ver-
sions).
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
and most Postfix daemon processes.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
- Don't rewrite message headers from remote clients
+ Don't rewrite message headers from remote clients
at all when this parameter is empty; otherwise, re-
- write message headers and append the specified
+ write message headers and append the specified
domain name to incomplete addresses.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
<a href="VERP_README.html">VERP_README</a>, Postfix VERP howto
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
Postfix versions before 2.1, the <b>Errors-To:</b> message
header overrides the error return address.
- <b>-R</b> <i>return</i><b>_</b><i>limit</i> (ignored)
- Limit the size of bounced mail. Use the
- <b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a></b> configuration parameter instead.
+ <b>-R</b> <i>return</i>
+ Delivery status notification control. Specify
+ "hdrs" to return only the header if a message
+ bounces, "full" to return a full copy (the default
+ behavior).
- <b>-q</b> Attempt to deliver all queued mail. This is imple-
+ The <b>-R</b> option specifies an upper bound; for exam-
+ ple, Postfix will return only the header, when a
+ full copy would exceed the <a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> set-
+ ting.
+
+ This option is ignored before Postfix version 2.10.
+
+ <b>-q</b> Attempt to deliver all queued mail. This is imple-
mented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command.
Warning: flushing undeliverable mail frequently
- will result in poor delivery performance of all
+ will result in poor delivery performance of all
other mail.
<b>-q</b><i>interval</i> (ignored)
- The interval between queue runs. Use the
+ The interval between queue runs. Use the
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a></b> configuration parameter instead.
<b>-qI</b><i>queueid</i>
Schedule immediate delivery of mail with the speci-
- fied queue ID. This option is implemented by exe-
- cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command, and is available
+ fied queue ID. This option is implemented by exe-
+ cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command, and is available
with Postfix version 2.4 and later.
<b>-qR</b><i>site</i>
- Schedule immediate delivery of all mail that is
+ Schedule immediate delivery of all mail that is
queued for the named <i>site</i>. This option accepts only
- <i>site</i> names that are eligible for the "fast flush"
- service, and is implemented by executing the
+ <i>site</i> names that are eligible for the "fast flush"
+ service, and is implemented by executing the
<a href="postqueue.1.html"><b>postqueue</b>(1)</a> command. See <a href="flush.8.html"><b>flush</b>(8)</a> for more infor-
mation about the "fast flush" service.
<b>-qS</b><i>site</i>
- This command is not implemented. Use the slower
+ This command is not implemented. Use the slower
"<b>sendmail -q</b>" command instead.
- <b>-t</b> Extract recipients from message headers. These are
- added to any recipients specified on the command
+ <b>-t</b> Extract recipients from message headers. These are
+ added to any recipients specified on the command
line.
- With Postfix versions prior to 2.1, this option
- requires that no recipient addresses are specified
+ With Postfix versions prior to 2.1, this option
+ requires that no recipient addresses are specified
on the command line.
<b>-U</b> (ignored)
This feature is available in Postfix 2.3 and later.
<b>-XV</b> (Postfix 2.2 and earlier: <b>-V</b>)
- Variable Envelope Return Path. Given an envelope
- sender address of the form <i>owner-listname</i>@<i>origin</i>,
- each recipient <i>user</i>@<i>domain</i> receives mail with a
+ Variable Envelope Return Path. Given an envelope
+ sender address of the form <i>owner-listname</i>@<i>origin</i>,
+ each recipient <i>user</i>@<i>domain</i> receives mail with a
personalized envelope sender address.
- By default, the personalized envelope sender
- address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
- default <b>+</b> and <b>=</b> characters are configurable with
- the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
+ By default, the personalized envelope sender
+ address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
+ default <b>+</b> and <b>=</b> characters are configurable with
+ the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
ter.
<b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
- As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
- characters, instead of the characters specified
- with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
+ As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
+ characters, instead of the characters specified
+ with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
parameter.
- <b>-v</b> Send an email report of the first delivery attempt
- (Postfix versions 2.1 and later). Mail delivery
- always happens in the background. When multiple <b>-v</b>
+ <b>-v</b> Send an email report of the first delivery attempt
+ (Postfix versions 2.1 and later). Mail delivery
+ always happens in the background. When multiple <b>-v</b>
options are given, enable verbose logging for
debugging purposes.
<b>-X</b> <i>log</i><b>_</b><i>file</i> (ignored)
- Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
- <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
+ Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
+ <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
<b>SECURITY</b>
- By design, this program is not set-user (or group) id.
- However, it must handle data from untrusted, possibly
- remote, users. Thus, the usual precautions need to be
+ By design, this program is not set-user (or group) id.
+ However, it must handle data from untrusted, possibly
+ remote, users. Thus, the usual precautions need to be
taken against malicious inputs.
<b>DIAGNOSTICS</b>
- Problems are logged to <b>syslogd</b>(8) and to the standard
+ Problems are logged to <b>syslogd</b>(8) and to the standard
error stream.
<b>ENVIRONMENT</b>
<b>MAIL_DEBUG</b> (value does not matter)
Enable debugging with an external command, as spec-
- ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
+ ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
parameter.
- <b>NAME</b> The sender full name. This is used only with mes-
- sages that have no <b>From:</b> message header. See also
+ <b>NAME</b> The sender full name. This is used only with mes-
+ sages that have no <b>From:</b> message header. See also
the <b>-F</b> option above.
<b>CONFIGURATION PARAMETERS</b>
- The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b>COMPATIBILITY CONTROLS</b>
Available with Postfix 2.9 and later:
<b><a href="postconf.5.html#sendmail_fix_line_endings">sendmail_fix_line_endings</a> (always)</b>
- Controls how the Postfix sendmail command converts
- email message line endings from <CR><LF> into UNIX
+ Controls how the Postfix sendmail command converts
+ email message line endings from <CR><LF> into UNIX
format (<LF>).
<b>TROUBLE SHOOTING CONTROLS</b>
- The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
+ The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
shoot a Postfix system.
<b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
mon program is invoked with the -D option.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
- The increment in verbose logging level when a
- remote client or server matches a pattern in the
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
- Optional list of remote client or server hostname
- or network address patterns that cause the verbose
- logging level to increase by the amount specified
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b>ACCESS CONTROLS</b>
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#authorized_flush_users">authorized_flush_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
- List of users who are authorized to flush the
+ List of users who are authorized to flush the
queue.
<b><a href="postconf.5.html#authorized_mailq_users">authorized_mailq_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
List of users who are authorized to view the queue.
<b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
- List of users who are authorized to submit mail
- with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
+ List of users who are authorized to submit mail
+ with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
leged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper command).
<b>RESOURCE AND RATE CONTROLS</b>
sent in a non-delivery notification.
<b><a href="postconf.5.html#fork_attempts">fork_attempts</a> (5)</b>
- The maximal number of attempts to fork() a child
+ The maximal number of attempts to fork() a child
process.
<b><a href="postconf.5.html#fork_delay">fork_delay</a> (1s)</b>
process.
<b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
- The maximal number of Received: message headers
+ The maximal number of Received: message headers
that is allowed in the primary message headers.
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (300s)</b>
- The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
+ The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
manager; prior to Postfix 2.4 the default value was
1000s.
<b><a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> ($<a href="postconf.5.html#relay_domains">relay_domains</a>)</b>
Optional list of destinations that are eligible for
- per-destination logfiles with mail that is queued
+ per-destination logfiles with mail that is queued
to those destinations.
<b>VERP CONTROLS</b>
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation
- details of Postfix support for variable envelope return
+ details of Postfix support for variable envelope return
path addresses.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
- The characters Postfix accepts as VERP delimiter
- characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
and in SMTP commands.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
- The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
+ The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
updated with "<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
- The location of all postfix administrative com-
+ The location of all postfix administrative com-
mands.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
- The directory with Postfix support programs and
+ The directory with Postfix support programs and
daemon programs.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
<a href="postalias.1.html"><b>postalias</b>(1)</a> and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
- The time after which the sender receives the mes-
+ The time after which the sender receives the mes-
sage headers of mail that is still queued.
<b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
- Report mail delivery errors to the address speci-
- fied with the non-standard Errors-To: message
- header, instead of the envelope sender address
- (this feature is removed with Postfix version 2.2,
- is turned off by default with Postfix version 2.1,
- and is always turned on with older Postfix ver-
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix version 2.2,
+ is turned off by default with Postfix version 2.1,
+ and is always turned on with older Postfix ver-
sions).
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
and most Postfix daemon processes.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
- Don't rewrite message headers from remote clients
+ Don't rewrite message headers from remote clients
at all when this parameter is empty; otherwise, re-
- write message headers and append the specified
+ write message headers and append the specified
domain name to incomplete addresses.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
<a href="VERP_README.html">VERP_README</a>, Postfix VERP howto
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
<p>
Safety net to keep mail queued that would otherwise be returned to
the sender. This parameter disables locally-generated bounces,
-and prevents the Postfix SMTP server from rejecting mail permanently,
+changes the handling of negative responses from remote servers,
+content filters or plugins,
+and prevents the Postfix SMTP server from rejecting mail permanently
by changing 5xx reply codes into 4xx. However, <a href="postconf.5.html#soft_bounce">soft_bounce</a> is no
cure for address rewriting mistakes or mail routing mistakes.
</p>
+<p>
+Note: "<a href="postconf.5.html#soft_bounce">soft_bounce</a> = yes" is in some cases implemented by modifying
+server responses. Therefore, the response that Postfix logs may
+differ from the response that Postfix actually sends or receives.
+</p>
+
<p>
Example:
</p>
Postfix versions before 2.1, the <b>Errors-To:</b> message
header overrides the error return address.
- <b>-R</b> <i>return</i><b>_</b><i>limit</i> (ignored)
- Limit the size of bounced mail. Use the
- <b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a></b> configuration parameter instead.
+ <b>-R</b> <i>return</i>
+ Delivery status notification control. Specify
+ "hdrs" to return only the header if a message
+ bounces, "full" to return a full copy (the default
+ behavior).
- <b>-q</b> Attempt to deliver all queued mail. This is imple-
+ The <b>-R</b> option specifies an upper bound; for exam-
+ ple, Postfix will return only the header, when a
+ full copy would exceed the <a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> set-
+ ting.
+
+ This option is ignored before Postfix version 2.10.
+
+ <b>-q</b> Attempt to deliver all queued mail. This is imple-
mented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command.
Warning: flushing undeliverable mail frequently
- will result in poor delivery performance of all
+ will result in poor delivery performance of all
other mail.
<b>-q</b><i>interval</i> (ignored)
- The interval between queue runs. Use the
+ The interval between queue runs. Use the
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a></b> configuration parameter instead.
<b>-qI</b><i>queueid</i>
Schedule immediate delivery of mail with the speci-
- fied queue ID. This option is implemented by exe-
- cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command, and is available
+ fied queue ID. This option is implemented by exe-
+ cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command, and is available
with Postfix version 2.4 and later.
<b>-qR</b><i>site</i>
- Schedule immediate delivery of all mail that is
+ Schedule immediate delivery of all mail that is
queued for the named <i>site</i>. This option accepts only
- <i>site</i> names that are eligible for the "fast flush"
- service, and is implemented by executing the
+ <i>site</i> names that are eligible for the "fast flush"
+ service, and is implemented by executing the
<a href="postqueue.1.html"><b>postqueue</b>(1)</a> command. See <a href="flush.8.html"><b>flush</b>(8)</a> for more infor-
mation about the "fast flush" service.
<b>-qS</b><i>site</i>
- This command is not implemented. Use the slower
+ This command is not implemented. Use the slower
"<b>sendmail -q</b>" command instead.
- <b>-t</b> Extract recipients from message headers. These are
- added to any recipients specified on the command
+ <b>-t</b> Extract recipients from message headers. These are
+ added to any recipients specified on the command
line.
- With Postfix versions prior to 2.1, this option
- requires that no recipient addresses are specified
+ With Postfix versions prior to 2.1, this option
+ requires that no recipient addresses are specified
on the command line.
<b>-U</b> (ignored)
This feature is available in Postfix 2.3 and later.
<b>-XV</b> (Postfix 2.2 and earlier: <b>-V</b>)
- Variable Envelope Return Path. Given an envelope
- sender address of the form <i>owner-listname</i>@<i>origin</i>,
- each recipient <i>user</i>@<i>domain</i> receives mail with a
+ Variable Envelope Return Path. Given an envelope
+ sender address of the form <i>owner-listname</i>@<i>origin</i>,
+ each recipient <i>user</i>@<i>domain</i> receives mail with a
personalized envelope sender address.
- By default, the personalized envelope sender
- address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
- default <b>+</b> and <b>=</b> characters are configurable with
- the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
+ By default, the personalized envelope sender
+ address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
+ default <b>+</b> and <b>=</b> characters are configurable with
+ the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
ter.
<b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
- As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
- characters, instead of the characters specified
- with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
+ As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
+ characters, instead of the characters specified
+ with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
parameter.
- <b>-v</b> Send an email report of the first delivery attempt
- (Postfix versions 2.1 and later). Mail delivery
- always happens in the background. When multiple <b>-v</b>
+ <b>-v</b> Send an email report of the first delivery attempt
+ (Postfix versions 2.1 and later). Mail delivery
+ always happens in the background. When multiple <b>-v</b>
options are given, enable verbose logging for
debugging purposes.
<b>-X</b> <i>log</i><b>_</b><i>file</i> (ignored)
- Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
- <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
+ Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
+ <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
<b>SECURITY</b>
- By design, this program is not set-user (or group) id.
- However, it must handle data from untrusted, possibly
- remote, users. Thus, the usual precautions need to be
+ By design, this program is not set-user (or group) id.
+ However, it must handle data from untrusted, possibly
+ remote, users. Thus, the usual precautions need to be
taken against malicious inputs.
<b>DIAGNOSTICS</b>
- Problems are logged to <b>syslogd</b>(8) and to the standard
+ Problems are logged to <b>syslogd</b>(8) and to the standard
error stream.
<b>ENVIRONMENT</b>
<b>MAIL_DEBUG</b> (value does not matter)
Enable debugging with an external command, as spec-
- ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
+ ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
parameter.
- <b>NAME</b> The sender full name. This is used only with mes-
- sages that have no <b>From:</b> message header. See also
+ <b>NAME</b> The sender full name. This is used only with mes-
+ sages that have no <b>From:</b> message header. See also
the <b>-F</b> option above.
<b>CONFIGURATION PARAMETERS</b>
- The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b>COMPATIBILITY CONTROLS</b>
Available with Postfix 2.9 and later:
<b><a href="postconf.5.html#sendmail_fix_line_endings">sendmail_fix_line_endings</a> (always)</b>
- Controls how the Postfix sendmail command converts
- email message line endings from <CR><LF> into UNIX
+ Controls how the Postfix sendmail command converts
+ email message line endings from <CR><LF> into UNIX
format (<LF>).
<b>TROUBLE SHOOTING CONTROLS</b>
- The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
+ The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
shoot a Postfix system.
<b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
mon program is invoked with the -D option.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
- The increment in verbose logging level when a
- remote client or server matches a pattern in the
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
- Optional list of remote client or server hostname
- or network address patterns that cause the verbose
- logging level to increase by the amount specified
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b>ACCESS CONTROLS</b>
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#authorized_flush_users">authorized_flush_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
- List of users who are authorized to flush the
+ List of users who are authorized to flush the
queue.
<b><a href="postconf.5.html#authorized_mailq_users">authorized_mailq_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
List of users who are authorized to view the queue.
<b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
- List of users who are authorized to submit mail
- with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
+ List of users who are authorized to submit mail
+ with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
leged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper command).
<b>RESOURCE AND RATE CONTROLS</b>
sent in a non-delivery notification.
<b><a href="postconf.5.html#fork_attempts">fork_attempts</a> (5)</b>
- The maximal number of attempts to fork() a child
+ The maximal number of attempts to fork() a child
process.
<b><a href="postconf.5.html#fork_delay">fork_delay</a> (1s)</b>
process.
<b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
- The maximal number of Received: message headers
+ The maximal number of Received: message headers
that is allowed in the primary message headers.
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (300s)</b>
- The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
+ The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
manager; prior to Postfix 2.4 the default value was
1000s.
<b><a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> ($<a href="postconf.5.html#relay_domains">relay_domains</a>)</b>
Optional list of destinations that are eligible for
- per-destination logfiles with mail that is queued
+ per-destination logfiles with mail that is queued
to those destinations.
<b>VERP CONTROLS</b>
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation
- details of Postfix support for variable envelope return
+ details of Postfix support for variable envelope return
path addresses.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
- The characters Postfix accepts as VERP delimiter
- characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
and in SMTP commands.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
- The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
+ The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
updated with "<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
- The location of all postfix administrative com-
+ The location of all postfix administrative com-
mands.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
- The directory with Postfix support programs and
+ The directory with Postfix support programs and
daemon programs.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
<a href="postalias.1.html"><b>postalias</b>(1)</a> and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
- The time after which the sender receives the mes-
+ The time after which the sender receives the mes-
sage headers of mail that is still queued.
<b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
- Report mail delivery errors to the address speci-
- fied with the non-standard Errors-To: message
- header, instead of the envelope sender address
- (this feature is removed with Postfix version 2.2,
- is turned off by default with Postfix version 2.1,
- and is always turned on with older Postfix ver-
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix version 2.2,
+ is turned off by default with Postfix version 2.1,
+ and is always turned on with older Postfix ver-
sions).
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
and most Postfix daemon processes.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
- Don't rewrite message headers from remote clients
+ Don't rewrite message headers from remote clients
at all when this parameter is empty; otherwise, re-
- write message headers and append the specified
+ write message headers and append the specified
domain name to incomplete addresses.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
<a href="VERP_README.html">VERP_README</a>, Postfix VERP howto
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
Set the envelope sender address. This is the address where
delivery problems are sent to. With Postfix versions before 2.1, the
\fBErrors-To:\fR message header overrides the error return address.
-.IP "\fB-R \fIreturn_limit\fR (ignored)"
-Limit the size of bounced mail. Use the \fBbounce_size_limit\fR
-configuration parameter instead.
+.IP "\fB-R \fIreturn\fR"
+Delivery status notification control. Specify "hdrs" to
+return only the header if a message bounces, "full" to
+return a full copy (the default behavior).
+
+The \fB-R\fR option specifies an upper bound; for example,
+Postfix will return only the header, when a full copy would
+exceed the bounce_size_limit setting.
+
+This option is ignored before Postfix version 2.10.
.IP \fB-q\fR
Attempt to deliver all queued mail. This is implemented by
executing the \fBpostqueue\fR(1) command.
.SH soft_bounce (default: no)
Safety net to keep mail queued that would otherwise be returned to
the sender. This parameter disables locally-generated bounces,
-and prevents the Postfix SMTP server from rejecting mail permanently,
+changes the handling of negative responses from remote servers,
+content filters or plugins,
+and prevents the Postfix SMTP server from rejecting mail permanently
by changing 5xx reply codes into 4xx. However, soft_bounce is no
cure for address rewriting mistakes or mail routing mistakes.
.PP
+Note: "soft_bounce = yes" is in some cases implemented by modifying
+server responses. Therefore, the response that Postfix logs may
+differ from the response that Postfix actually sends or receives.
+.PP
Example:
.PP
.nf
<ul>
-<li> <p> The order of IPv6/IPv4 outgoing connection attempts is
-not yet configurable. Currently, IPv6 is tried before IPv4. </p>
+<li> <p> Postfix SMTP clients before version 2.8 try to connect
+over IPv6 before trying IPv4. With more recent Postfix versions,
+the order of IPv6 versus IPv4 outgoing connection attempts is
+configurable with the smtp_address_preference parameter. </p>
-<li> <p> Postfix currently does not support DNSBL (real-time
-blackhole list) lookups for IPv6 client IP addresses; currently
-there are no blacklists that cover the IPv6 address space. </p>
+<li> <p> Postfix versions before 2.6 do not support DNSBL (real-time
+blackhole list) lookups for IPv6 client IP addresses. </p>
<li> <p> IPv6 does not have class A, B, C, etc. networks. With IPv6
networks, the setting "mynetworks_style = class" has the
<h2> <a name="intro">Introduction</a> </h2>
+<p> This document describes features that are available in Postfix
+2.8 and later. </p>
+
<p> The Postfix postscreen(8) daemon provides additional protection
against mail server overload. One postscreen(8) process handles
multiple inbound SMTP connections, and decides which clients may
<li> <p> Become your own Certificate Authority, so that you can
sign your own public keys. This example uses the CA.pl script that
-ships with OpenSSL. By default, OpenSSL installs this as
-<tt>/usr/local/ssl/misc/CA.pl</tt>, but your mileage may vary.
+ships with OpenSSL. On some systems, OpenSSL installs this as
+<tt>/usr/local/ssl/misc/CA.pl</tt>. Some systems install this as
+part of a package named <tt>openssl-perl</tt> or something similar.
The script creates a private key in <tt>./demoCA/private/cakey.pem</tt>
and a public key in <tt>./demoCA/cacert.pem</tt>.</p>
<li> <p> If the number of smtpd(8) processes has reached the process
limit as specified in master.cf, new SMTP clients must wait until
-a process becomes available. Increase the number of processes if
-memory permits. See the instructions given under "<a
-href="#proc_limit">Tuning the number of Postfix processes</a>".
-</p>
+a process becomes available. See the STRESS_README and POSTSCREEN_README
+documents for measures that help to prevent SMTP server overload. </p>
</ul>
to a small number of high volume domains. </p>
<p> A common situation where high concurrency is called for is on
-gateways relaying a high volume of mail from between the Internet
+gateways relaying a high volume of mail between the Internet
and an intranet mail environment. Approximately half the mail
(assuming equal volumes inbound and outbound) will be destined
for the internal mail hubs. Since the internal mail hubs will be
copies of the message in parallel. </p>
<p> IMPORTANT: Be careful when increasing the recipient limit per
-message delivery; some smtpd(8) servers abort the connection when they
+message delivery; some SMTP servers abort the connection when they
run out of memory or when a hard recipient limit is reached, so
that the message will never be delivered. </p>
</blockquote>
<p> You need to execute "postfix reload" to make the change effective.
-The limits are enforced by the Postfix master(8) daemon which does
+This limit is enforced by the Postfix master(8) daemon which does
not automatically read main.cf when it changes. </p>
<p> You can override the process limit for specific Postfix daemons
by editing the master.cf file. For example, if you do not wish to
receive 100 SMTP messages at the same time, but do not want to
-change the process limits for local mail deliveries, you could
+change the process limits for other Postfix daemons, you could
specify: </p>
<blockquote>
<p>
Safety net to keep mail queued that would otherwise be returned to
the sender. This parameter disables locally-generated bounces,
-and prevents the Postfix SMTP server from rejecting mail permanently,
+changes the handling of negative responses from remote servers,
+content filters or plugins,
+and prevents the Postfix SMTP server from rejecting mail permanently
by changing 5xx reply codes into 4xx. However, soft_bounce is no
cure for address rewriting mistakes or mail routing mistakes.
</p>
+<p>
+Note: "soft_bounce = yes" is in some cases implemented by modifying
+server responses. Therefore, the response that Postfix logs may
+differ from the response that Postfix actually sends or receives.
+</p>
+
<p>
Example:
</p>
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20120801"
+#define MAIL_RELEASE_DATE "20120902"
#define MAIL_VERSION_NUMBER "2.10"
#ifdef SNAPSHOT
#define REC_TYPE_VERP 'V' /* VERP delimiters */
#define REC_TYPE_DSN_RET '<' /* DSN full/hdrs */
-#define REC_TYPE_DSN_ENVID 'i' /* DSN full/hdrs */
+#define REC_TYPE_DSN_ENVID 'i' /* DSN envelope id */
#define REC_TYPE_DSN_ORCPT 'o' /* DSN orig rcpt address */
#define REC_TYPE_DSN_NOTIFY 'n' /* DSN notify flags */
/* Set the envelope sender address. This is the address where
/* delivery problems are sent to. With Postfix versions before 2.1, the
/* \fBErrors-To:\fR message header overrides the error return address.
-/* .IP "\fB-R \fIreturn_limit\fR (ignored)"
-/* Limit the size of bounced mail. Use the \fBbounce_size_limit\fR
-/* configuration parameter instead.
+/* .IP "\fB-R \fIreturn\fR"
+/* Delivery status notification control. Specify "hdrs" to
+/* return only the header if a message bounces, "full" to
+/* return a full copy (the default behavior).
+/*
+/* The \fB-R\fR option specifies an upper bound; for example,
+/* Postfix will return only the header, when a full copy would
+/* exceed the bounce_size_limit setting.
+/*
+/* This option is ignored before Postfix version 2.10.
/* .IP \fB-q\fR
/* Attempt to deliver all queued mail. This is implemented by
/* executing the \fBpostqueue\fR(1) command.
/* enqueue - post one message */
static void enqueue(const int flags, const char *encoding,
- const char *dsn_envid, int dsn_notify,
+ const char *dsn_envid, int dsn_notify, int dsn_ret,
const char *rewrite_context, const char *sender,
const char *full_name, char **recipients)
{
if (dsn_notify)
rec_fprintf(dst, REC_TYPE_ATTR, "%s=%d",
MAIL_ATTR_DSN_NOTIFY, dsn_notify);
+ if (dsn_ret)
+ rec_fprintf(dst, REC_TYPE_ATTR, "%s=%d",
+ MAIL_ATTR_DSN_RET, dsn_ret);
if (REC_PUT_BUF(dst, REC_TYPE_RCPT, buf) < 0)
msg_fatal_status(EX_TEMPFAIL,
"%s(%ld): error writing queue file: %m",
if (dsn_notify)
rec_fprintf(dst, REC_TYPE_ATTR, "%s=%d",
MAIL_ATTR_DSN_NOTIFY, dsn_notify);
+ if (dsn_ret)
+ rec_fprintf(dst, REC_TYPE_ATTR, "%s=%d",
+ MAIL_ATTR_DSN_RET, dsn_ret);
+
if (rec_put(dst, REC_TYPE_RCPT, *cpp, strlen(*cpp)) < 0)
msg_fatal_status(EX_TEMPFAIL,
"%s(%ld): error writing queue file: %m",
uid_t uid;
const char *rewrite_context = MAIL_ATTR_RWR_LOCAL;
int dsn_notify = 0;
+ int dsn_ret = 0;
const char *dsn_envid = 0;
int saved_optind;
if ((dsn_notify = dsn_notify_mask(optarg)) == 0)
msg_warn("bad -N option value -- ignored");
break;
+ case 'R':
+ if ((dsn_ret = dsn_ret_code(optarg)) == 0)
+ msg_warn("bad -R option value -- ignored");
+ break;
case 'V': /* DSN, was: VERP */
if (strlen(optarg) > 100)
msg_warn("too long -V option value -- ignored");
msg_fatal_status(EX_USAGE, "-t option cannot be used with -bv");
if (dsn_notify)
msg_fatal_status(EX_USAGE, "-N option cannot be used with -bv");
+ if (dsn_ret)
+ msg_fatal_status(EX_USAGE, "-R option cannot be used with -bv");
if (msg_verbose == 1)
msg_fatal_status(EX_USAGE, "-v option cannot be used with -bv");
}
mail_run_replace(var_command_dir, ext_argv->argv);
/* NOTREACHED */
} else {
- enqueue(flags, encoding, dsn_envid, dsn_notify,
+ enqueue(flags, encoding, dsn_envid, dsn_notify, dsn_ret,
rewrite_context, sender, full_name, argv + OPTIND);
exit(0);
/* NOTREACHED */
projects / thirdparty / postfix.git / commitdiff
