Bugfix: typo in tls_server.c, breaking CApath. Fix by
Philipp Morger. File: tls/tls_server.c.
+20050227
+
+ Bugfix (bug introduced 20040331): with SIGHUP ignored, the
+ postdrop signal handler would effectively ignore SIGINT,
+ SIGQUIT and SIGTERM. Simplified the overly-conservative
+ protection against nested signals in postdrop, and added
+ some future proofing comments. File: postdrop/postdrop.c
+
+ Cleanup: when address rewriting is enabled, don't change
+ the capitalization of header labels, i.e. don't replace
+ FROM: or CC: by From: or Cc:. Files: cleanup/cleanup_message.c,
+ smtp/smtp_proto.c.
+
Open problems:
Med: disable header address rewriting after XCLIENT?
* postconf(5): All main.cf parameters
* LOCAL_RECIPIENT_README: Rejecting Unknown Local Recipients
* ADDRESS_CLASS_README: Address Classes
+ * CONNECTION_CACHE_README: Connection cache howto
* PACKAGE_README: Guidelines for Package Builders
* SCHEDULER_README: Queue Scheduler
* XCLIENT_README: XCLIENT Command
L\bLi\bim\bmi\bit\bta\bat\bti\bio\bon\bns\bs o\bof\bf a\bad\bdd\bdr\bre\bes\bss\bs v\bve\ber\bri\bif\bfi\bic\bca\bat\bti\bio\bon\bn
- * Postfix probes the nearest MTA for the address that is being verified,
- without actually sending mail to that address. If the nearest MTA accepts
- the address, then Postfix assumes that the address is deliverable, even
- when the address will bounce AFTER that MTA accepts it.
-
- * Sites like AOL may blacklist you when you are probing them too often (a
- probe is an SMTP session that does not deliver mail), or when you are
- probing them too often for a non-existent address.
+ * When verifying a remote address, Postfix probes the nearest MTA for that
+ address, without actually delivering mail to it. If the nearest MTA accepts
+ the address, then Postfix assumes that the address is deliverable. In
+ reality, mail for a remote address can bounce AFTER the nearest MTA accepts
+ the recipient address.
+
+ * Some sites may blacklist you when you are probing them too often (a probe
+ is an SMTP session that does not deliver mail), or when you are probing
+ them too often for a non-existent address. This is one reason why you
+ should use sender address verification sparingly, if at all, when your site
+ receives lots of email.
* Normally, address verification probe messages follow the same path as
regular mail. However, some sites send mail to the Internet via an
--- /dev/null
+P\bPo\bos\bst\btf\bfi\bix\bx C\bCo\bon\bnn\bne\bec\bct\bti\bio\bon\bn C\bCa\bac\bch\bhe\be
+
+-------------------------------------------------------------------------------
+
+I\bIn\bnt\btr\bro\bod\bdu\buc\bct\bti\bio\bon\bn
+
+This document describes the Postfix connection cache implementation, which is
+available with Postfix version 2.2 and later.
+
+Topics covered in this document:
+
+ * What SMTP connection caching can do for you
+ * Connection cache implementation
+ * Connection cache configuration
+ * Connection cache safety mechanisms
+ * Connection cache limitations
+ * Connection cache statistics
+
+W\bWh\bha\bat\bt S\bSM\bMT\bTP\bP c\bco\bon\bnn\bne\bec\bct\bti\bio\bon\bn c\bca\bac\bch\bhi\bin\bng\bg c\bca\ban\bn d\bdo\bo f\bfo\bor\br y\byo\bou\bu
+
+With SMTP connection caching, Postfix can deliver multiple messages over the
+same SMTP connection. By default, Postfix 2.2 reuses an SMTP connection
+automatically when a destination has high volume of mail in the active queue.
+
+SMTP Connection caching is a performance feature. Whether or not it actually
+improves performance depends on the conditions:
+
+ * SMTP Connection caching can greatly improve performance when delivering
+ mail to a destination with multiple mail servers, because it can help
+ Postfix to skip over a non-responding server.
+
+ * Otherwise, the benefits of SMTP connection caching are minor: it eliminates
+ the latency of the TCP handshake (SYN, SYN+ACK, ACK), plus the latency of
+ the SMTP initial handshake (220 greeting, EHLO command, EHLO response).
+
+ * SMTP Connection caching gives no gains with respect to SMTP session tear-
+ down. The Postfix smtp(8) client normally does not wait for the server's
+ reply to the QUIT command, and it never waits for the TCP final handshake
+ to complete.
+
+ * SMTP Connection caching introduces some overhead: the client needs to send
+ an RSET command to find out if a connection is still usable, before it can
+ send the next MAIL FROM command.
+
+For other potential issues with SMTP connection caching, see the discussion of
+limitations at the end of this document.
+
+C\bCo\bon\bnn\bne\bec\bct\bti\bio\bon\bn c\bca\bac\bch\bhe\be i\bim\bmp\bpl\ble\bem\bme\ben\bnt\bta\bat\bti\bio\bon\bn
+
+For an overview of how Postfix delivers mail, see the Postfix architecture
+OVERVIEW document.
+
+The Postfix connection cache is shared among Postfix mail delivering processes.
+This maximizes the opportunity to reuse an open connection. Other MTAs such as
+Sendmail or exim have a non-shared connection cache. Here, a connection can be
+reused only by the mail delivering process that creates the connection. To get
+the same performance improvement as with a shared connection cache, non-shared
+connections need to be kept open for a longer time.
+
+ Internet <-- smtp(8) <-> scache(8) <-> smtp(8) --> Internet
+
+
+The scache(8) server, introduced with Postfix version 2.2, maintains the shared
+connection cache. With Postfix version 2.2, only the smtp(8) client has support
+to access this cache.
+
+When SMTP connection caching is enabled (see next section), the smtp(8) client
+does not disconnect after a mail transaction, but gives the connection to the
+scache(8) server which keeps the connection open for a limited amount of time.
+
+After handing over the open connection to the scache(8) server, the smtp(8)
+client continues with some other mail delivery request. Meanwhile, any smtp(8)
+client process can ask the scache(8) server for that cached connection and
+reuse it for mail delivery.
+
+The connection cache can be searched by destination domain name (the right-hand
+side of the recipient address) and by the IP address of the host at the other
+end of the connection. This allows Postfix to reuse a connection even when the
+remote host is mail server for domains with different names.
+
+C\bCo\bon\bnn\bne\bec\bct\bti\bio\bon\bn c\bca\bac\bch\bhe\be c\bco\bon\bnf\bfi\big\bgu\bur\bra\bat\bti\bio\bon\bn
+
+The Postfix smtp(8) client supports two connection caching strategies:
+
+ * On-demand connection caching. This is enabled by default, and is controlled
+ with the smtp_connection_cache_on_demand configuration parameter. When this
+ feature is enabled, the Postfix smtp(8) client automatically saves a
+ connection to the connection cache when a destination has a high volume of
+ mail in the active queue.
+
+ Example:
+
+ /etc/postfix/main.cf:
+ smtp_connection_cache_on_demand = yes
+
+ * Per-destination connection caching. This is enabled by explicitly listing
+ specific destinations with the smtp_connection_cache_destinations
+ configuration parameter. After completing delivery to a selected
+ destination, the Postfix smtp(8) client always saves the connection to the
+ connection cache.
+
+ Specify a comma or white space separated list of destinations or pseudo-
+ destinations:
+
+ o if mail is sent without a relay host: a domain name (the right-hand
+ side of an email address, without the [] around a numeric IP address),
+
+ o if mail is sent via a relay host: a relay host name (without the [] or
+ non-default TCP port), as specified in main.cf or in the transport map,
+
+ o a /file/name with domain names and/or relay host names as defined
+ above,
+
+ o a "type:table" with domain names and/or relay host names on the left-
+ hand side. The right-hand side result from "type:table" lookups is
+ ignored.
+
+ Examples:
+
+ /etc/postfix/main.cf:
+ smtp_connection_cache_destinations = $relayhost
+ smtp_connection_cache_destinations = hotmail.com, ...
+ smtp_connection_cache_destinations = static:all (not recommended)
+
+C\bCo\bon\bnn\bne\bec\bct\bti\bio\bon\bn c\bca\bac\bch\bhe\be s\bsa\baf\bfe\bet\bty\by m\bme\bec\bch\bha\ban\bni\bis\bsm\bms\bs
+
+Connection caching must be used wisely. It is anti-social to keep an unused
+SMTP connection open for a significant amount of time, and it is unwise to send
+huge numbers of messages through the same connection. In order to avoid
+problems with SMTP connection caching, Postfix implements the following safety
+mechanisms:
+
+ * The Postfix scache(8) server keeps a connection open for only a limited
+ time. The time limit is specified with the smtp_connection_cache_time_limit
+ and with the connection_cache_ttl_limit configuration parameters. This
+ prevents anti-social behavior.
+
+ * The Postfix smtp(8) client reuses a session for only a limited number of
+ times. This avoids triggering bugs in implementations that do not correctly
+ handle multiple deliveries per session. The use count is limited with the
+ smtp_connection_cache_reuse_limit configuration parameter.
+
+ * The connection cache explicitly labels each cached connection with
+ destination domain and IP address information. A connection cache lookup
+ succeeds only when the correct information is specified. This prevents mis-
+ delivery of mail.
+
+C\bCo\bon\bnn\bne\bec\bct\bti\bio\bon\bn c\bca\bac\bch\bhe\be l\bli\bim\bmi\bit\bta\bat\bti\bio\bon\bns\bs
+
+Postfix SMTP connection caching conflicts with certain applications:
+
+ * The Postfix shared connection cache cannot be used with TLS, because saved
+ TLS session information can be used only when a new connection is created
+ (this limitation does not exist in connection caching implementations that
+ reuse a connection only in the process that creates it). For this reason,
+ the Postfix smtp(8) client always closes the connection after completing an
+ attempt to deliver mail over TLS.
+
+ * Postfix connection caching currently does not support multiple SASL
+ accounts per mail server. Specifically, Postfix connection caching assumes
+ that a SASL credential is valid for all hostnames or domain names that
+ deliver via the same mail server IP address and TCP port, and assume that
+ the SASL credential does not depend on the message originator.
+
+C\bCo\bon\bnn\bne\bec\bct\bti\bio\bon\bn c\bca\bac\bch\bhe\be s\bst\bta\bat\bti\bis\bst\bti\bic\bcs\bs
+
+The scache(8) connection cache server logs statistics about the peak cache size
+and the cache hit rates. This information is logged every
+connection_cache_status_update_time seconds, when the process terminates after
+the maximal idle time is exceeded, or when Postfix is reloaded.
+
+ * Hit rates for connection cache lookups by domain will tell you how useful
+ connection caching is.
+
+ * Connection cache lookups by network address will always fail, unless you're
+ sending mail to different domains that share the same MX hosts.
+
+ * No statistics are logged when no attempts are made to access the connection
+ cache.
+
you have to. Check out the postconf(5) manual whenever you do IPv6 related
configuration work with Postfix.
+ * Instead of hard-coding 127.0.0.1 and ::1 loopback addresses in master.cf,
+ specify "inet_interfaces = loopback-only" in main.cf. This way you can use
+ the same master.cf file regardless of whether or not Postfix will run on an
+ IPv6-enabled system.
+
* The first new parameter is called inet_protocols. This specifies what
protocols Postfix will use when it makes or accepts network connections,
and also controls what DNS lookups Postfix will use when it makes network
B\bBe\ber\brk\bke\bel\ble\bey\by D\bDB\bB i\bis\bss\bsu\bue\bes\bs
-On RedHat Linux 7.0 you must install the db3-devel RPM before you can compile
-the Postfix source code.
+Warning: if you can't compile Postfix because the file "db.h" isn't found, then
+you MUST install the Berkeley DB development package (package name: db???-
+devel-???) that comes with your Linux system. Only that package contains the
+files that correspond to the Berkeley DB version that is used by the system
+library routines.
-Warning: do not use multiple Berkeley DB versions. Every Postfix program will
-dump core when it is built with a different Berkeley DB version than the
-version that is used by the system library routines. See the DB_README file for
-further information.
+DO NOT download some Berkeley DB version from the network. Every Postfix
+program will dump core when it is built with a different Berkeley DB version
+than the version that is used by the system library routines. See the DB_README
+file for further information.
P\bPr\bro\boc\bcm\bma\bai\bil\bl i\bis\bss\bsu\bue\bes\bs
-On RedHat Linux 7.1 p\bpr\bro\boc\bcm\bma\bai\bil\bl no longer has permission to write the mail spool
-directory. Workaround: chmod 1777 /var/spool/mail.
+On RedHat Linux 7.1 and later p\bpr\bro\boc\bcm\bma\bai\bil\bl no longer has permission to write the
+mail spool directory. Workaround: chmod 1777 /var/spool/mail.
S\bSy\bys\bsl\blo\bog\bgd\bd p\bpe\ber\brf\bfo\bor\brm\bma\ban\bnc\bce\be
of Postfix mail delivery. It contacts the smtp(8), lmtp(8), local(8),
virtual(8), pipe(8), discard(8) or error(8) delivery agents, and sends a
delivery request for one or more recipient addresses. The discard(8) and
- error(8) delivery agents are special: they discard or bounce all mail, they
+ error(8) delivery agents are special: they discard or bounce all mail, and
are not shown in the figure above.
The queue manager maintains a small active queue with the messages that it
------------------------------------
Note: this feature is not included with Postfix 2.1, but it is
-documented is here so that the information will not be lost.
+documented here so that the information will not be lost.
[Feature 20031111] Preliminary defense against SMTP clients that
hammer an SMTP server with too many connections. By default, the
--- /dev/null
+The stable Postfix release is called postfix-2.2.x where 2=major
+release number, 2=minor release number, x=patchlevel. The stable
+release never changes except for patches that address bugs or
+emergencies. Patches change the patchlevel and the release date.
+
+New features are developed in snapshot releases. These are called
+postfix-2.3-yyyymmdd where yyyymmdd is the release date (yyyy=year,
+mm=month, dd=day). Patches are never issued for snapshot releases;
+instead, a new snapshot is released.
+
+The mail_release_date configuration parameter (format: yyyymmdd)
+specifies the release date of a stable release or snapshot release.
+
+Main changes with Postfix version 2.2
+-------------------------------------
+
+This is a summary of the changes. These and more are detailed in
+the following sections of this document.
+
+- TLS and IPv6 support are now built into Postfix, based on code
+from third-party patches.
+
+- SMTP client-side connection reuse. This can dramatically speed
+up deliveries to high-volume destinations that have good and
+non-responding mail servers.
+
+- By default, message header address rewriting is now disabled for
+SMTP mail from other systems. Thus, spam from poorly written
+software no longer looks like it came from a local user.
+
+- When your machine does not have its own domain name, Postfix can
+now replace your "home network" email address by your ISP account
+in outgoing SMTP mail, while leaving your email address unchanged
+when sending mail to someone on the local machine.
+
+- Compatibility workarounds: you can now selectively turn off ESMTP
+features such as AUTH or STARTTLS in the Postfix SMTP client or
+server, without having to "dumb down" other mail deliveries, and
+without having to use transport maps for outgoing mail.
+
+- Remote SMTP client resource control (the anvil server). This
+allows you to limit the number of connections, or the number of
+MAIL FROM and RCPT TO commands that an SMTP client can send per
+unit time.
+
+- Support for CDB, SDBM and NIS+ databases is now built into Postfix
+(but the CDB and SDBM libraries are not).
+
+- New SMTP access control features, and more.
+
+Major changes - critical
+------------------------
+
+BEFORE upgrading from an older release you MUST stop Postfix, unless
+you're running a Postfix 2.2 snapshot release that already has
+Postfix 2.2 IPV6 and TLS support.
+
+AFTER upgrading from an older release DO NOT copy the old
+master.cf/main.cf files over the new files. Instead, you MUST let
+the Postfix installation procedure update the existing configuration
+files with new service entries.
+
+[Incompat 20041118] The master-child protocol has changed. The
+Postfix master daemon will log warnings about partial status updates
+if you don't stop and start Postfix.
+
+[Incompat 20041023, 20041009] The queue manager to delivery agent
+protocol has changed. Mail will remain queued if you do not restart
+the queue manager.
+
+[Incompat 20050111] The upgrade procedure adds the tlsmgr service
+to the master.cf file. This service entry is not compatible with
+the Postfix/TLS patch.
+
+[Feature 20040919] The upgrade procedure adds the discard service
+to the master.cf file.
+
+[Feature 20040720] The upgrade procedure adds the scache (connection
+cache) service to the master.cf file.
+
+Major changes - IPv6 support
+----------------------------
+
+[Feature 20050111] Postfix version 2.2 IP version 6 support based
+on the Postfix/IPv6 patch by Dean Strik and others. IPv6 support
+is always compiled into Postfix on systems that have Postfix
+compatible IPv6 support. On other systems Postfix will simply use
+IP version 4 just like it did before. See the IPV6_README document
+for what systems are supported, and how to turn on IPv6 in main.cf.
+
+[Incompat 20050111] Postfix version 2.2 IPv6 support differs from
+the Postfix/IPv6 patch by Dean Strik in a few minor ways.
+
+- Network protocol support including DNS lookup is selected with
+the inet_protocols parameter instead of the inet_interfaces parameter.
+This is needed so that Postfix will not attempt to deliver mail via
+IPv6 when the system has no IPv6 connectivity.
+
+- The lmtp_bind_address6 feature was omitted. The Postfix LMTP
+client will be absorbed into the SMTP client, so there is no reason
+to keep adding features to the LMTP client.
+
+- The CIDR-based address matching code was rewritten. The new
+behavior is believed to be closer to expectation. The results may
+be incompatible with that of the Postfix/IPv6 patch.
+
+[Incompat 20050117] The Postfix SMTP server now requires that IPv6
+addresses in SMTP commands are specified as [ipv6:ipv6address], as
+described in RFC 2821.
+
+Major changes - TLS support
+---------------------------
+
+[Feature 20041210] Postfix version 2.2 TLS support, based on the
+Postfix/TLS patch by Lutz Jaenicke. TLS support is not compiled
+in by default. For more information about Postfix 2.2 TLS support,
+see the TLS_README document.
+
+[Feature 20050209] The Postfix SMTP server policy delegation protocol
+now supplies TLS client certificate information after successful
+verification. The new policy delegation protocol attribute names
+are ccert_subject, ccert_issuer and ccert_fingerprint.
+
+[Feature 20050208] New "check_ccert_maps maptype:mapname" feature
+to enforce access control based on hexadecimal client certificate
+fingerprints.
+
+[Incompat 20041210] Postfix version 2.2 TLS support differs from
+the Postfix/TLS patch by Lutz Jaenicke in a few minor ways.
+
+- main.cf: Use btree instead of sdbm for TLS session cache databases.
+
+ Session caches are now accessed only by the tlsmgr(8) process,
+ so there are no concurrency issues. Although Postfix still has
+ an SDBM client, the SDBM library (1000 lines of code) is no longer
+ included with Postfix.
+
+ TLS session caches can use any database that can store objects
+ of several kbytes or more, and that implements the sequence
+ operation. In most cases, btree databases should be adequate.
+
+ NOTE: You cannot use dbm databases. TLS session objects are too
+ large.
+
+- master.cf: Specify unix instead of fifo for the tlsmgr service type.
+ This change is automatically made by the Postfix upgrade procedure.
+
+ The smtp(8) and smtpd(8) processes use a client-server protocol
+ in order to access the tlsmgr(8)'s pseudo-random number generation
+ (PRNG) pool, and in order to access the TLS session cache databases.
+ Such a protocol cannot be run across fifos.
+
+Major changes - SMTP client connection cache
+--------------------------------------------
+
+[Feature 20040720] SMTP client-side connection caching. Instead of
+disconnecting immediately after a mail transaction, the Postfix
+SMTP client can save the open connection to the scache(8) connection
+cache daemon, so that any SMTP client process can reuse that session
+for another mail transaction. See the CONNECTION_CACHE_README
+document for a description of configuration and implementation.
+
+This feature introduces the scache (connection cache) server, which
+is added to your master.cf file when you upgrade Postfix.
+
+[Feature 20040729] Opportunistic SMTP connection caching. When a
+destination has a high volume of mail in the active queue, SMTP
+connection caching is enabled automatically. This is controlled
+with a new configuration parameter "smtp_connection_cache_on_demand"
+(default: yes).
+
+[Feature 20040723] Per-destination SMTP connection caching. This
+is enabled with the smtp_connection_cache_destinations parameter.
+The parameter requires "bare" domain names or IP addresses without
+"[]" or TCP port, to avoid a syntax conflict between host:port and
+maptype:mapname entries.
+
+[Feature 20040721] The scache(8) connection cache manager logs cache
+hit and miss statistics every $connection_cache_status_update_time
+seconds (default: 600s). It reports the hit and miss rates for
+lookups by domain, as well as for lookups by network address.
+
+Major changes - address rewriting
+---------------------------------
+
+[Feature 20050206] Support for address rewriting in outgoing SMTP
+mail (headers and envelopes). This is useful for sites that have a
+fantasy Internet domain name such as localdomain.local. Mail
+addresses that use fantasy domain names are often rejected by mail
+servers.
+
+The smtp_generic_maps feature allows you to replace a local mail
+address (user@localdomain.local) by a valid Internet address
+(account@isp.example) when mail is sent across the Internet. The
+feature has no effect on mail that is sent between accounts on the
+local machine. The syntax is described in generic(5) and a detailed
+example is in the STANDARD_CONFIGURATION_README document, the section
+titled "Postfix on hosts without a real Internet hostname".
+
+[Feature 20041023] By default, Postfix no longer appends its own
+domain to addresses in message headers from remote clients. Thus,
+spam from poorly written software no longer looks like it came from
+a local user.
+
+Postfix either does not rewrite remote message headers at all, or
+it rewrites headers and appends the domain name that is specified
+with the remote_header_rewrite_domain parameter (like "domain.invalid").
+
+To get the behavior of earlier Postfix versions (always append
+Postfix's own domain to incomplete addresses in message headers)
+specify:
+
+/etc/postfix/main.cf:
+ local_header_rewrite_clients = static:all
+
+Postfix always appends its own domain information to addresses in
+message headers from Postfix sendmail and from local SMTP clients.
+
+By default, Postfix considers an SMTP client local (and thus updates
+message header addresses with the Postfix's own domain) when the
+client IP address matches the local machine's interface addresses,
+or when mail is submitted with the Postfix sendmail(1) command.
+
+If you must rewrite headers from other clients then you can specify,
+for example,
+
+/etc/postfix/main.cf:
+ local_header_rewrite_clients = permit_mynetworks,
+ permit_sasl_authenticated, permit_tls_clientcerts,
+ check_address_map hash:/etc/postfix/pop-before-smtp
+
+Postfix always appends local domain information to envelope addresses
+(as opposed to header addresses), because an unqualified envelope
+address is effectively local for the purpose of delivery, and for
+the purpose of replying to it.
+
+Full details are given in ADDRESS_REWRITING_README, and in the
+postconf(5) manual. For best results, point your browser at the
+ADDRESS_REWRITING_README.html file and navigate to the section
+titled " To rewrite message headers or not, or to label as invalid".
+
+[Incompat 20050212] When header address rewriting is enabled, Postfix
+now updates a message header only when at least one address in that
+header is modified. Older Postfix versions first parse and then
+un-parse a header so that there may be subtle changes in formatting,
+such as the amount of whitespace between tokens.
+
+[Incompat 20050227] When header address rewriting is enabled, Postfix
+no longer changes header label capitalization, i.e. FROM: or CC:
+are no longer replaced by From: or Cc:.
+
+[Feature 20040827] Finer control over canonical mapping with
+canonical_classes, sender_canonical_classes and
+recipient_canonical_classes. These specify one or more of
+envelope_sender, header_sender, envelope_recipient or header_recipient.
+The default settings are backwards compatible.
+
+Major changes - SMTP compatibility controls
+-------------------------------------------
+
+[Feature 20041218] Fine control for SMTP inter-operability problems,
+by discarding keywords that are sent or received with the EHLO
+handshake. Typically one would discard "pipelining", "starttls",
+or "auth" to work around systems with a broken implementation.
+Specify a list of EHLO keywords with the smtp(d)_discard_ehlo_keywords
+parameters, or specify one or more lookup tables, indexed by remote
+network address, with the smtp(d)_discard_ehlo_keyword_address_maps
+parameters.
+
+Note: this feature only discards words from the EHLO conversation;
+it does not turn off the actual features in the SMTP server.
+
+Major changes - database support
+--------------------------------
+
+[Feature 20041210] You can now dump an entire database with the new
+postmap/postalias "-s" option. This works only for database types
+with Postfix sequence operator support: hash, btree, dbm, and sdbm.
+
+[Feature 20041208] Support for CDB databases by Michael Tokarev.
+This supports both Michael's tinycdb and Daniel Bernstein's cdb
+implementations, but neither of the two implementations is bundled
+with Postfix.
+
+[Feature 20041023] The NIS+ client by Geoff Gibbs is now part of
+the Postfix source tree. Details are given in the nisplus_table(5)
+manual page.
+
+[Feature 20040827] Easier use of the proxymap(8) service with the
+virtual(8) delivery agent. The virtual(8) delivery agent will
+silently open maps directly when those maps can't be proxied for
+security reasons. This means you can now specify "virtual_mailbox_maps
+= proxy:mysql:whatever" without triggering a fatal error in the
+virtual(8) delivery agent.
+
+Major changes - remote SMTP client resource control
+---------------------------------------------------
+
+[Incompat 20041009] The smtpd_client_connection_limit_exceptions
+parameter is renamed to smtpd_client_event_limit_exceptions. Besides
+connections it now also applies to per-client message rate and
+recipient rate limits.
+
+[Feature 20041009] Per SMTP client message rate and recipient rate
+limits. These limit the number of MAIL FROM or RCPT TO requests
+regardless of whether or not Postfix would have accepted them
+otherwise. The user interface (smtpd_client_message_rate_limit and
+smtpd_client_recipient_rate_limit) is similar to that of the existing
+per SMTP client connection rate limit, and the same warnings apply:
+these features are to be used to stop abuse, and must not be used
+to regulate legitimate mail. More details can be found in the
+postconf(5) manual.
+
+Major changes - remote SMTP client access control
+-------------------------------------------------
+
+[Feature 20050209] The Postfix SMTP server policy delegation protocol
+now supplies TLS client certificate information after successful
+verification. The new policy delegation protocol attribute names
+are ccert_subject, ccert_issuer and ccert_fingerprint.
+
+[Feature 20050208] New "check_ccert_maps maptype:mapname" feature
+to enforce access control based on hexadecimal client certificate
+fingerprints.
+
+[Feature 20050203] New "permit_inet_interfaces" access restriction
+to allow access from local IP addresses only. This is used for the
+default, purist, setting of local_header_rewrite_clients (rewrite
+only headers in mail from this machine).
+
+[Feature 20050203] New "sleep time-in-seconds" pseudo access
+restriction to block zombie clients with reject_unauthorized_pipelining
+before the Postfix SMTP server sends the SMTP greeting. See postconf(5)
+for example. This feature is not available the stable Postfix 2.2
+release, but it is documented here so that it will not get lost.
+
+[Feature 20041118] New "smtpd_end_of_data_restrictions" feature
+that is invoked after the client terminates the SMTP DATA command.
+The syntax is the same as with "smtpd_data_restrictions". In the
+SMTPD policy delegation request, the message size is the actual
+byte count of the message content, instead of the message size
+announced by the client in the MAIL FROM command.
+
+Major changes - SASL authentication
+-----------------------------------
+
+[Feature 20040827] Better SMTP client control over the use of SASL
+mechanisms. New smtp_sasl_mechanism_filter mechanism to shorten the
+list of SASL mechanisms from a remote server to just those that the
+local SASL library can actually use.
+
+Major changes - header/body patterns
+------------------------------------
+
+[Feature 20050205] REPLACE action in header_checks and body_checks,
+to replace a message header or body line. See header_checks(5) for
+details.
+
+Major changes - local delivery
+------------------------------
+
+[Feature 20040621] Control over the working directory when executing
+an external command. With the pipe(8) mailer, specify directory=pathname,
+and with local(8) specify "command_execution_directory = expression"
+where "expression" is subject to $home etc. macro expansion. The
+result of macro expansion is restricted by the set of characters
+specified with execution_directory_expansion_filter.
+
+Major changes - mail delivery attributes
+----------------------------------------
+
+[Feature 20041218] More client attributes for delivery to command
+with the local(8) and pipe(8) delivery agents: client_hostname,
+client_address, client_protocol, client_helo, sasl_method, sasl_sender,
+and sasl_username. With local(8), attribute names must be specified
+in upper case.
+
+Major changes - package creation
+--------------------------------
+
+[Feature 20050203] To create a ready-to-install package for
+distribution to other systems you can now use "make package" or
+"make non-interactive-package", instead of invoking the internal
+postfix-install script by hand. See the PACKAGE_README file for
+details.
+
+Major changes - performance
+---------------------------
+
+[Incompat 20050117] Only the deferred and defer queue directories
+are now hashed by default, instead of eight queue directories. This
+may speed up Postfix boot time on low-traffic systems without
+compromising performance under high load too much. Hashing must be
+turned on for the defer and deferred queue directories, because
+those directories contain lots of files when undeliverable mail is
+backing up.
+
+[Incompat 20040720] The default SMTP/LMTP timeouts for sending RSET
+are reduced to 20s.
+
+Major changes - miscellaneous
+-----------------------------
+
+[Feature 20050203] Safety: Postfix no longer tries to send mail to
+the fallback_relay when the local machine is MX host for the mail
+destination. See the postconf(5) description of the fallback_relay
+feature for details.
+
+[Incompat 20041023] Support for the non-standard Errors-To: return
+addresses is now removed from Postfix. It was already disabled by
+default with Postfix version 2.1. Since Errors-To: is non-standard,
+there was no guarantee that it would have the desired effect with
+other MTAs.
+
+[Feature 20040919] A new discard(8) mail delivery agent that makes
+throwing away mail easier and more efficient. It's the Postfix
+equivalent of /dev/null for mail deliveries. On the mail receiving
+side, Postfix already has a /dev/null equivalent in the form of the
+DISCARD action in access maps and header_body_checks.
+
+[Feature 20040919] Access control for local mail submission, for
+listing the queue, and for flushing the queue. These features are
+controlled with authorized_submit_users, authorized_mailq_users,
+and with authorized_flush_users, respectively. The last two controls
+are always permitted for the super-user and for the mail system
+owner. More information is in the postconf(5) manual.
+
+[Incompat 20040829] When no recipients are specified on the command
+line or via the -t option, the Postfix sendmail command terminates
+with status EX_USAGE and produces an error message instead of
+accepting the mail first and bouncing it later. This gives more
+direct feedback in case of a common client configuration error.
+
EOF
}
+ # Update the tlsmgr fifo->unix service.
+
+ grep "^tlsmgr[ ]*fifo[ ]" \
+ $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, updating the tlsmgr fifo->unix service
+ ed $config_directory/master.cf <<EOF || exit 1
+/^tlsmgr[ ]*fifo[ ]/
+s/fifo/unix/
+p
+w
+q
+EOF
+ }
+
# Add missing tlsmgr service to master.cf.
grep '^tlsmgr.*tlsmgr' $config_directory/master.cf >/dev/null || {
-# RELOCATED(5) RELOCATED(5)
+# RELOCATED(5) RELOCATED(5)
#
# NAME
# relocated - Postfix relocated table format
# description of regular expression lookup table syntax, see
# regexp_table(5) or pcre_table(5). For a description of the
# TCP client/server table lookup protocol, see tcp_table(5).
+# This feature is not available up to and including Postfix
+# version 2.2.
#
-# Each pattern is a regular expression that is applied to
+# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, user@domain mail
-# addresses are not broken up into their user and @domain
+# addresses are not broken up into their user and @domain
# constituent parts, nor is user+foo broken up into user and
# foo.
#
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the ta-
+# ble, until a pattern is found that matches the search
# string.
#
-# Results are the same as with indexed file lookups, with
-# the additional feature that parenthesized substrings from
+# Results are the same as with indexed file lookups, with
+# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
-# tion of the TCP client/server lookup protocol, see
-# tcp_table(5). This feature is not available up to and
-# including Postfix version 2.2.
+# tion of the TCP client/server lookup protocol, see tcp_ta-
+# ble(5). This feature is not available up to and including
+# Postfix version 2.2.
#
# Each lookup operation uses the entire address once. Thus,
-# user@domain mail addresses are not broken up into their
+# user@domain mail addresses are not broken up into their
# user and @domain constituent parts, nor is user+foo broken
# up into user and foo.
#
# Results are the same as with indexed file lookups.
#
# BUGS
-# The table format does not understand quoting conventions.
+# The table format does not understand quoting conventions.
#
# CONFIGURATION PARAMETERS
-# The following main.cf parameters are especially relevant.
-# The text below provides only a parameter summary. See
+# The following main.cf parameters are especially relevant.
+# The text below provides only a parameter summary. See
# postconf(5) for more details including examples.
#
# relocated_maps
# Other parameters of interest:
#
# inet_interfaces
-# The network interface addresses that this system
+# The network interface addresses that this system
# receives mail on. You need to stop and start Post-
# fix when this parameter changes.
#
# mydestination
-# List of domains that this mail system considers
+# List of domains that this mail system considers
# local.
#
# myorigin
# postconf(5), configuration parameters
#
# README FILES
-# Use "postconf readme_directory" or "postconf html_direc-
+# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# DATABASE_README, Postfix lookup table overview
# ADDRESS_REWRITING_README, address rewriting guide
#
# LICENSE
-# The Secure Mailer license must be distributed with this
+# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
-# RELOCATED(5)
+# RELOCATED(5)
<ul>
-<li> <p> Postfix probes the nearest MTA for the address that is
-being verified, without actually sending mail to that address. If
+<li> <p> When verifying a remote address, Postfix probes the nearest
+MTA for that address, without actually delivering mail to it. If
the nearest MTA accepts the address, then Postfix assumes that the
-address is deliverable, even when the address will bounce AFTER
-that MTA accepts it. </p>
+address is deliverable. In reality, mail for a remote address can
+bounce AFTER the nearest MTA accepts the recipient address. </p>
-<li> <p> Sites like AOL may blacklist you when you are probing them
+<li> <p> Some sites may blacklist you when you are probing them
too often (a probe is an SMTP session that does not deliver mail),
or when you are probing them too often for a non-existent address.
-</p>
+This is one reason why you should use sender address verification
+sparingly, if at all, when your site receives lots of email. </p>
<li> <p> Normally, address verification probe messages follow the
same path as regular mail. However, some sites send mail to the
--- /dev/null
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+
+<head>
+
+<title>Postfix Connection Cache </title>
+
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+
+</head>
+
+<body>
+
+<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Connection Cache </h1>
+
+<hr>
+
+<h2>Introduction</h2>
+
+<p> This document describes the Postfix connection cache implementation,
+which is available with Postfix version 2.2 and later. </p>
+
+<p> Topics covered in this document: </p>
+
+<ul>
+
+<li><a href="#summary"> What SMTP connection caching can do for you</a>
+
+<li><a href="#implementation"> Connection cache implementation</a>
+
+<li><a href="#configuration"> Connection cache configuration</a>
+
+<li><a href="#safety">Connection cache safety mechanisms </a>
+
+<li><a href="#limitations">Connection cache limitations</a>
+
+<li><a href="#statistics">Connection cache statistics</a>
+
+</ul>
+
+<h2><a name="summary">What SMTP connection caching can do for
+you</a></h2>
+
+<p> With SMTP connection caching, Postfix can deliver multiple
+messages over the same SMTP connection. By default, Postfix 2.2
+reuses an SMTP connection automatically when a destination has
+high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>. </p>
+
+<p> SMTP Connection caching is a performance feature. Whether or not
+it actually improves performance depends on the conditions: </p>
+
+<ul>
+
+<li> <p> SMTP Connection caching can greatly improve performance
+when delivering mail to a destination with multiple mail servers,
+because it can help Postfix to skip over a non-responding server.
+</p>
+
+<li> <p> Otherwise, the benefits of SMTP connection caching are
+minor: it eliminates the latency of the TCP handshake (SYN, SYN+ACK,
+ACK), plus the latency of the SMTP initial handshake (220 greeting,
+EHLO command, EHLO response).
+
+<li> <p> SMTP Connection caching gives no gains with respect to
+SMTP session tear-down. The Postfix <a href="smtp.8.html">smtp(8)</a> client normally does
+not wait for the server's reply to the QUIT command, and it never
+waits for the TCP final handshake to complete. </p>
+
+<li> <p> SMTP Connection caching introduces some overhead: the
+client needs to send an RSET command to find out if a connection
+is still usable, before it can send the next MAIL FROM command.
+</p>
+
+</ul>
+
+<p> For other potential issues with SMTP connection caching, see
+the discussion of <a href="#limitations">limitations</a> at the end
+of this document. </p>
+
+<h2><a name="implementation">Connection cache implementation</a></h2>
+
+<p> For an overview of how Postfix delivers mail, see the Postfix
+architecture <a href="OVERVIEW.html">OVERVIEW</a> document. </p>
+
+<p> The Postfix connection cache is shared among Postfix mail
+delivering processes. This maximizes the opportunity to reuse an
+open connection. Other MTAs such as Sendmail or exim have a
+non-shared connection cache. Here, a connection can be reused only
+by the mail delivering process that creates the connection. To get
+the same performance improvement as with a shared connection cache,
+non-shared connections need to be kept open for a longer time. </p>
+
+<blockquote>
+
+<table>
+
+<tr> <td> Internet <-- </td> <td align="center" bgcolor="#f0f0ff">
+<br> <a href="smtp.8.html">smtp(8)</a> <br> </td> <td> <tt> <-> </tt> </td> <td
+align="center" bgcolor="#f0f0ff"> <br> <a href="scache.8.html">scache(8)</a> <br> </td>
+<td> <tt> <-> </tt> </td> <td align="center" bgcolor="#f0f0ff">
+<br> <a href="smtp.8.html">smtp(8)</a> <br> </td> <td> --> Internet </td>
+
+</table>
+
+</blockquote>
+
+<p> The <a href="scache.8.html">scache(8)</a> server, introduced with Postfix version 2.2,
+maintains the shared connection cache. With Postfix version 2.2,
+only the <a href="smtp.8.html">smtp(8)</a> client has support to access this cache. </p>
+
+<p> When SMTP connection caching is enabled (see next section), the
+<a href="smtp.8.html">smtp(8)</a> client does not disconnect after a mail transaction, but
+gives the connection to the <a href="scache.8.html">scache(8)</a> server which keeps the
+connection open for a limited amount of time. </p>
+
+<p> After handing over the open connection to the <a href="scache.8.html">scache(8)</a> server,
+the <a href="smtp.8.html">smtp(8)</a> client continues with some other mail delivery request.
+Meanwhile, any <a href="smtp.8.html">smtp(8)</a> client process can ask the <a href="scache.8.html">scache(8)</a> server
+for that cached connection and reuse it for mail delivery. </p>
+
+<p> The connection cache can be searched by destination domain name
+(the right-hand side of the recipient address) and by the IP address
+of the host at the other end of the connection. This allows Postfix
+to reuse a connection even when the remote host is mail server for
+domains with different names. </p>
+
+<h2><a name="configuration">Connection cache configuration </a></h2>
+
+<p> The Postfix <a href="smtp.8.html">smtp(8)</a> client supports two connection caching
+strategies: </p>
+
+<ul>
+
+<li> <p> On-demand connection caching. This is enabled by default,
+and is controlled with the <a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> configuration
+parameter. When this feature is enabled, the Postfix <a href="smtp.8.html">smtp(8)</a> client
+automatically saves a connection to the connection cache when a
+destination has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>. </p>
+
+<p> Example: </p>
+
+<blockquote>
+
+<pre>
+/etc/postfix/main.cf:
+ <a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> = yes
+</pre>
+
+</blockquote>
+
+<li> <p> Per-destination connection caching. This is enabled by
+explicitly listing specific destinations with the
+<a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> configuration parameter. After
+completing delivery to a selected destination, the Postfix <a href="smtp.8.html">smtp(8)</a>
+client <i>always</i> saves the connection to the connection cache.
+</p>
+
+<p> Specify a comma or white space separated list of destinations
+or pseudo-destinations: </p>
+
+<ul>
+
+<li> <p> if mail is sent without a relay host: a domain name (the
+right-hand side of an email address, without the [] around a numeric
+IP address), </p>
+
+<li> <p> if mail is sent via a relay host: a relay host name (without
+the [] or non-default TCP port), as specified in main.cf or in the
+transport map, </p>
+
+<li> <p> a /file/name with domain names and/or relay host names as
+defined above, </p>
+
+<li> <p> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or relay host names
+on the left-hand side. The right-hand side result from "<a href="DATABASE_README.html">type:table</a>"
+lookups is ignored. </p>
+
+</ul>
+
+<p> Examples: </p>
+
+<blockquote>
+
+<pre>
+/etc/postfix/main.cf:
+ <a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> = $<a href="postconf.5.html#relayhost">relayhost</a>
+ <a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> = hotmail.com, ...
+ <a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> = static:all (<i>not recommended</i>)
+</pre>
+
+</blockquote>
+
+</ul>
+
+<h2><a name="safety">Connection cache safety mechanisms </a></h2>
+
+<p> Connection caching must be used wisely. It is anti-social to
+keep an unused SMTP connection open for a significant amount of
+time, and it is unwise to send huge numbers of messages through
+the same connection. In order to avoid problems with SMTP connection
+caching, Postfix implements the following safety mechanisms: </p>
+
+<ul>
+
+<li> <p> The Postfix <a href="scache.8.html">scache(8)</a> server keeps a connection open for
+only a limited time. The time limit is specified with the
+<a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> and with the <a href="postconf.5.html#connection_cache_ttl_limit">connection_cache_ttl_limit</a>
+configuration parameters. This prevents anti-social behavior. </p>
+
+<li> <p> The Postfix <a href="smtp.8.html">smtp(8)</a> client reuses a session for only a
+limited number of times. This avoids triggering bugs in implementations
+that do not correctly handle multiple deliveries per session. The
+use count is limited with the <a href="postconf.5.html#smtp_connection_cache_reuse_limit">smtp_connection_cache_reuse_limit</a>
+configuration parameter. </p>
+
+<li> <p> The connection cache explicitly labels each cached connection
+with destination domain and IP address information. A connection
+cache lookup succeeds only when the correct information is specified.
+This prevents mis-delivery of mail. </p>
+
+</ul>
+
+<h2><a name="limitations">Connection cache limitations</a></h2>
+
+<p> Postfix SMTP connection caching conflicts with certain applications:
+</p>
+
+<ul>
+
+<li> <p> The Postfix shared connection cache cannot be used with
+TLS, because saved TLS session information can be used only when a
+new connection is created (this limitation does not exist in
+connection caching implementations that reuse a connection only in
+the process that creates it). For this reason, the Postfix <a href="smtp.8.html">smtp(8)</a>
+client always closes the connection after completing an attempt to
+deliver mail over TLS. </p>
+
+<li> <p> Postfix connection caching currently does not support
+multiple SASL accounts per mail server. Specifically, Postfix
+connection caching assumes that a SASL credential is valid for all
+hostnames or domain names that deliver via the same mail server IP
+address and TCP port, and assume that the SASL credential does not
+depend on the message originator. </p>
+
+</ul>
+
+
+<h2><a name="statistics">Connection cache statistics </a></h2>
+
+<p> The <a href="scache.8.html">scache(8)</a> connection cache server logs statistics about the
+peak cache size and the cache hit rates. This information is logged
+every <a href="postconf.5.html#connection_cache_status_update_time">connection_cache_status_update_time</a> seconds, when the process
+terminates after the maximal idle time is exceeded, or when Postfix
+is reloaded. </p>
+
+<ul>
+
+<li> <p> Hit rates for connection cache lookups by domain will tell
+you how useful connection caching is. </p>
+
+<li> <p> Connection cache lookups by network address will always
+fail, unless you're sending mail to different domains that share
+the same MX hosts. </p>
+
+<li> <p> No statistics are logged when no attempts are made to
+access the connection cache. </p>
+
+</ul>
+
+
+</body>
+
+</html>
<ul>
+<li> <p> Instead of hard-coding 127.0.0.1 and ::1 loopback addresses
+in master.cf, specify "<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only" in main.cf.
+This way you can use the same master.cf file regardless of whether
+or not Postfix will run on an IPv6-enabled system. </p>
+
<li> <p> The first new parameter is called <a href="postconf.5.html#inet_protocols">inet_protocols</a>. This
specifies what protocols Postfix will use when it makes or accepts
network connections, and also controls what DNS lookups Postfix
<h2>Berkeley DB issues</h2>
-<p> On RedHat Linux 7.0 you must install the db3-devel RPM before
-you can compile the Postfix source code. </p>
+<p> Warning: if you can't compile Postfix because the file "db.h"
+isn't found, then you MUST install the Berkeley DB development
+package (package name: db???-devel-???) that comes with your Linux
+system. Only that package contains the files that correspond to the
+Berkeley DB version that is used by the system library routines.
+</p>
-<p> Warning: do not use multiple Berkeley DB versions. Every Postfix
-program will dump core when it is built with a different Berkeley
-DB version than the version that is used by the system library
-routines. See the <a href="DB_README.html">DB_README</a> file for further information. </p>
+<p> DO NOT download some Berkeley DB version from the network.
+Every Postfix program will dump core when it is built with a different
+Berkeley DB version than the version that is used by the system
+library routines. See the <a href="DB_README.html">DB_README</a> file for further information.
+</p>
<h2>Procmail issues</h2>
-<p> On RedHat Linux 7.1 <b>procmail</b> no longer has permission
+<p> On RedHat Linux 7.1 and later <b>procmail</b> no longer has
+permission
to write the mail spool directory. Workaround: chmod 1777
/var/spool/mail.
</p>
<a href="smtp.8.html">smtp(8)</a>, <a href="lmtp.8.html">lmtp(8)</a>, <a href="local.8.html">local(8)</a>, <a href="virtual.8.html">virtual(8)</a>, <a href="pipe.8.html">pipe(8)</a>, <a href="discard.8.html">discard(8)</a> or
<a href="error.8.html">error(8)</a> delivery agents, and sends a delivery request for one
or more recipient addresses. The <a href="discard.8.html">discard(8)</a> and <a href="error.8.html">error(8)</a> delivery
-agents are special: they discard or bounce all mail, they are not
+agents are special: they discard or bounce all mail, and are not
shown in the figure above. </p>
<p> The queue manager maintains a small <a href="QSHAPE_README.html#active_queue">active queue</a> with the
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - access(5) </title>
</head> <body> <pre>
-ACCESS(5) ACCESS(5)
+ACCESS(5) ACCESS(5)
<b>NAME</b>
access - Postfix access table format
<i>user@</i> and <i>domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the ta-
+ ble, until a pattern is found that matches the search
string.
Actions are the same as with indexed file lookups, with
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
- including Postfix version 2.2.
+ tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
+ <a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including
+ Postfix version 2.2.
Each lookup operation uses the entire query string once.
Depending on the application, that string is an entire
P.O. Box 704
Yorktown Heights, NY 10598, USA
- ACCESS(5)
+ ACCESS(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - aliases(5) </title>
</head> <body> <pre>
-ALIASES(5) ALIASES(5)
+ALIASES(5) ALIASES(5)
<b>NAME</b>
aliases - Postfix local alias database format
P.O. Box 704
Yorktown Heights, NY 10598, USA
- ALIASES(5)
+ ALIASES(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - anvil(8) </title>
</head> <body> <pre>
-ANVIL(8) ANVIL(8)
+ANVIL(8) ANVIL(8)
<b>NAME</b>
anvil - Postfix session count and request rate control
The <a href="anvil.8.html"><b>anvil</b>(8)</a> server maintains an in-memory table with
information about recent clients of a connection count (or
- rate) limited service. Although state is kept only tem-
- porarily, this may require a lot of memory on systems that
+ rate) limited service. Although state is kept only tempo-
+ rarily, this may require a lot of memory on systems that
handle connections from many remote clients. To reduce
memory usage, reduce the time unit over which state is
kept.
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- ANVIL(8)
+ ANVIL(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - bounce(8) </title>
</head> <body> <pre>
-BOUNCE(8) BOUNCE(8)
+BOUNCE(8) BOUNCE(8)
<b>NAME</b>
bounce - Postfix message bounce or defer daemon
postmaster.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- BOUNCE(8)
+ BOUNCE(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - canonical(5) </title>
</head> <body> <pre>
-CANONICAL(5) CANONICAL(5)
+CANONICAL(5) CANONICAL(5)
<b>NAME</b>
canonical - Postfix canonical table format
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the ta-
+ ble, until a pattern is found that matches the search
string.
Results are the same as with indexed file lookups, with
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
- including Postfix version 2.2.
+ tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
+ <a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including
+ Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
<i>user@domain</i> mail addresses are not broken up into their
P.O. Box 704
Yorktown Heights, NY 10598, USA
- CANONICAL(5)
+ CANONICAL(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - cidr_table(5) </title>
</head> <body> <pre>
-CIDR_TABLE(5) CIDR_TABLE(5)
+CIDR_TABLE(5) CIDR_TABLE(5)
<b>NAME</b>
cidr_table - format of Postfix CIDR tables
cal line.
<b>TABLE SEARCH ORDER</b>
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the ta-
+ ble, until a pattern is found that matches the search
string.
<b>EXAMPLE SMTPD ACCESS MAP</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- CIDR_TABLE(5)
+ CIDR_TABLE(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - cleanup(8) </title>
</head> <body> <pre>
-CLEANUP(8) CLEANUP(8)
+CLEANUP(8) CLEANUP(8)
<b>NAME</b>
cleanup - canonicalize and enqueue Postfix message
inserts when a message contains no To: or Cc: mes-
sage header.
- Available in Postfix version 2.1 and later:
+ Available in Postfix version 2.1 only:
+
+ <b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix 2.2, is
+ turned off by default with Postfix 2.1, and is
+ always turned on with older Postfix versions).
<b>BUILT-IN CONTENT FILTERING CONTROLS</b>
- Postfix built-in content filtering is meant to stop a
- flood of worms or viruses. It is not a general content
+ Postfix built-in content filtering is meant to stop a
+ flood of worms or viruses. It is not a general content
filter.
<b><a href="postconf.5.html#body_checks">body_checks</a> (empty)</b>
- Optional lookup tables for content inspection as
+ Optional lookup tables for content inspection as
specified in the <b><a href="postconf.5.html#body_checks">body_checks</a></b>(5) manual page.
<b><a href="postconf.5.html#header_checks">header_checks</a> (empty)</b>
- Optional lookup tables for content inspection of
- primary non-MIME message headers, as specified in
+ Optional lookup tables for content inspection of
+ primary non-MIME message headers, as specified in
the <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) manual page.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#body_checks_size_limit">body_checks_size_limit</a> (51200)</b>
How much text in a message body segment (or attach-
- ment, if you prefer to use that term) is subjected
+ ment, if you prefer to use that term) is subjected
to <a href="postconf.5.html#body_checks">body_checks</a> inspection.
<b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b>
- Optional lookup tables for content inspection of
- MIME related message headers, as described in the
+ Optional lookup tables for content inspection of
+ MIME related message headers, as described in the
<b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) manual page.
<b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b>
- Optional lookup tables for content inspection of
- non-MIME message headers in attached messages, as
+ Optional lookup tables for content inspection of
+ non-MIME message headers in attached messages, as
described in the <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) manual page.
<b>MIME PROCESSING CONTROLS</b>
will handle.
<b><a href="postconf.5.html#strict_8bitmime">strict_8bitmime</a> (no)</b>
- Enable both <a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> and strict_8bit-
+ Enable both <a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> and strict_8bit-
mime_body.
<b><a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> (no)</b>
Reject mail with 8-bit text in message headers.
<b><a href="postconf.5.html#strict_8bitmime_body">strict_8bitmime_body</a> (no)</b>
- Reject 8-bit message body text without 8-bit MIME
+ Reject 8-bit message body text without 8-bit MIME
content encoding information.
<b><a href="postconf.5.html#strict_mime_encoding_domain">strict_mime_encoding_domain</a> (no)</b>
Reject mail with invalid Content-Transfer-Encoding:
- information for the message/* or multipart/* MIME
+ information for the message/* or multipart/* MIME
content types.
<b>AUTOMATIC BCC RECIPIENT CONTROLS</b>
mail enters the mail system:
<b><a href="postconf.5.html#always_bcc">always_bcc</a> (empty)</b>
- Optional address that receives a "blind carbon
+ Optional address that receives a "blind carbon
copy" of each message that is received by the Post-
fix mail system.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#sender_bcc_maps">sender_bcc_maps</a> (empty)</b>
- Optional BCC (blind carbon-copy) address lookup
+ Optional BCC (blind carbon-copy) address lookup
tables, indexed by sender address.
<b><a href="postconf.5.html#recipient_bcc_maps">recipient_bcc_maps</a> (empty)</b>
- Optional BCC (blind carbon-copy) address lookup
+ Optional BCC (blind carbon-copy) address lookup
tables, indexed by recipient address.
<b>ADDRESS TRANSFORMATION CONTROLS</b>
- Address
rewriting is delegated to the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
- daemon. The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> server implements table driven
+ Address
rewriting is delegated to the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
+ daemon. The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> server implements table driven
address mapping.
<b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a> (MAILER-DAEMON)</b>
- The recipient of mail addressed to the null
+ The recipient of mail addressed to the null
address.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b>
- Optional address mapping lookup tables for message
+ Optional address mapping lookup tables for message
headers and envelopes.
<b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for envelope
and header sender addresses.
- <b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a> (envelope_sender, header_sender,</b>
+ <b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a> (envelope_sender, header_sender,</b>
<b>header_recipient)</b>
What addresses are subject to address masquerading.
<b><a href="postconf.5.html#masquerade_domains">masquerade_domains</a> (empty)</b>
- Optional list of domains whose subdomain structure
+ Optional list of domains whose subdomain structure
will be stripped off in email addresses.
<b><a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a> (empty)</b>
- Optional list of user names that are not subjected
- to address masquerading, even when their address
+ Optional list of user names that are not subjected
+ to address masquerading, even when their address
matches $<a href="postconf.5.html#masquerade_domains">masquerade_domains</a>.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> (canonical, virtual)</b>
- What address lookup tables copy an address exten-
+ What address lookup tables copy an address exten-
sion from the lookup key to the lookup result.
Available before Postfix version 2.0:
<b><a href="postconf.5.html#virtual_maps">virtual_maps</a> (empty)</b>
Optional lookup tables with a) names of domains for
- which all addresses are aliased to addresses in
- other local or remote domains, and b) addresses
- that are aliased to addresses in other local or
+ which all addresses are aliased to addresses in
+ other local or remote domains, and b) addresses
+ that are aliased to addresses in other local or
remote domains.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
- Optional lookup tables that alias specific mail
- addresses or domains to other local or remote
+ Optional lookup tables that alias specific mail
+ addresses or domains to other local or remote
address.
Available in Postfix version 2.2 and later:
- <b><a href="postconf.5.html#canonical_classes">canonical_classes</a> (envelope_sender, envelope_recipient,</b>
+ <b><a href="postconf.5.html#canonical_classes">canonical_classes</a> (envelope_sender, envelope_recipient,</b>
<b>header_sender, header_recipient)</b>
- What
addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a>
+ What
addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a>
address mapping.
<b><a href="postconf.5.html#recipient_canonical_classes">recipient_canonical_classes</a> (envelope_recipient,</b>
<b>header_recipient)</b>
- What
addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canoni</a>-
+ What
addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canoni</a>-
<a href="postconf.5.html#recipient_canonical_maps">cal_maps</a> address mapping.
<b><a href="postconf.5.html#sender_canonical_classes">sender_canonical_classes</a> (envelope_sender, header_sender)</b>
address mapping.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
- Don't rewrite message headers from remote clients
- at all when this parameter is empty; otherwise,
- rewrite remote message headers and append the spec-
- ified domain name to incomplete addresses.
+ Don't rewrite message headers from remote clients
+ at all when this parameter is empty; otherwise, re-
+ write remote message headers and append the speci-
+ fied domain name to incomplete addresses.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#duplicate_filter_limit">duplicate_filter_limit</a> (1000)</b>
- The maximal number of addresses remembered by the
- address
duplicate filter for <a href="aliases.5.html"><b>aliases</b>(5)</a> or <a href="virtual.5.html"><b>vir-</b></a>
+ The maximal number of addresses remembered by the
+ address
duplicate filter for <a href="aliases.5.html"><b>aliases</b>(5)</a> or <a href="virtual.5.html"><b>vir-</b></a>
<a href="virtual.5.html"><b>tual</b>(5)</a> alias expansion, or for <a href="showq.8.html"><b>showq</b>(8)</a> queue dis-
plays.
message header.
<b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
- The maximal number of Received: message headers
+ The maximal number of Received: message headers
that is allowed in the primary message headers.
<b><a href="postconf.5.html#in_flow_delay">in_flow_delay</a> (1s)</b>
- Time to pause before accepting a new message, when
+ Time to pause before accepting a new message, when
the message arrival rate exceeds the message deliv-
ery rate.
<b><a href="postconf.5.html#message_size_limit">message_size_limit</a> (10240000)</b>
- The maximal size in bytes of a message, including
+ The maximal size in bytes of a message, including
envelope information.
Available in Postfix version 2.0 and later:
will handle.
<b><a href="postconf.5.html#queue_file_attribute_count_limit">queue_file_attribute_count_limit</a> (100)</b>
- The maximal number of (name=value) attributes that
+ The maximal number of (name=value) attributes that
may be stored in a Postfix queue file.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#virtual_alias_expansion_limit">virtual_alias_expansion_limit</a> (1000)</b>
- The maximal number of addresses that virtual alias
+ The maximal number of addresses that virtual alias
expansion produces from each original recipient.
<b><a href="postconf.5.html#virtual_alias_recursion_limit">virtual_alias_recursion_limit</a> (1000)</b>
- The maximal nesting depth of virtual alias expan-
+ The maximal nesting depth of virtual alias expan-
sion.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
- The time after which the sender receives the mes-
+ The time after which the sender receives the mes-
sage headers of mail that is still queued.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b>
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The domain name that locally-posted mail appears to
- come from, and that locally posted mail is deliv-
+ come from, and that locally posted mail is deliv-
ered to.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#enable_original_recipient">enable_original_recipient</a> (yes)</b>
- Enable support for the X-Original-To message
+ Enable support for the X-Original-To message
header.
<b>FILES</b>
<a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> Postfix address manipulation
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- CLEANUP(8)
+ CLEANUP(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - discard(8) </title>
</head> <body> <pre>
-DISCARD(8) DISCARD(8)
+DISCARD(8) DISCARD(8)
<b>NAME</b>
discard - Postfix discard mail delivery agent
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- DISCARD(8)
+ DISCARD(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - error(8) </title>
</head> <body> <pre>
-ERROR(8) ERROR(8)
+ERROR(8) ERROR(8)
<b>NAME</b>
error - Postfix error mail delivery agent
postmaster.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- ERROR(8)
+ ERROR(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - flush(8) </title>
</head> <body> <pre>
-FLUSH(8) FLUSH(8)
+FLUSH(8) FLUSH(8)
<b>NAME</b>
flush - Postfix fast flush server
explicit ".domain.tld" pattern.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- FLUSH(8)
+ FLUSH(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - generic(5) </title>
</head> <body> <pre>
-GENERIC(5) GENERIC(5)
+GENERIC(5) GENERIC(5)
<b>NAME</b>
generic - Postfix generic table format
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the ta-
+ ble, until a pattern is found that matches the search
string.
Results are the same as with indexed file lookups, with
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
- including Postfix version 2.2.
+ tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
+ <a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including
+ Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
<i>user@domain</i> mail addresses are not broken up into their
P.O. Box 704
Yorktown Heights, NY 10598, USA
- GENERIC(5)
+ GENERIC(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - header_checks(5) </title>
</head> <body> <pre>
-HEADER_CHECKS(5) HEADER_CHECKS(5)
+HEADER_CHECKS(5) HEADER_CHECKS(5)
<b>NAME</b>
<a href="postconf.5.html#header_checks">header_checks</a> - Postfix built-in header/body inspection
P.O. Box 704
Yorktown Heights, NY 10598, USA
- HEADER_CHECKS(5)
+ HEADER_CHECKS(5)
</pre> </body> </html>
<li> <a href="ADDRESS_CLASS_README.html"> Address Classes </a>
+<li> <a href="CONNECTION_CACHE_README.html"> Connection cache howto </a>
+
<li> <a href="PACKAGE_README.html"> Guidelines for Package Builders
</a>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - ldap_table(5) </title>
</head> <body> <pre>
-LDAP_TABLE(5) LDAP_TABLE(5)
+LDAP_TABLE(5) LDAP_TABLE(5)
<b>NAME</b>
ldap_table - Postfix LDAP client configuration
Mattice, Prabhat K Singh, Sami Haahtinen, Samuel Tardieu,
Victor Duchovni, and many others.
- LDAP_TABLE(5)
+ LDAP_TABLE(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - lmtp(8) </title>
</head> <body> <pre>
-LMTP(8) LMTP(8)
+LMTP(8) LMTP(8)
<b>NAME</b>
lmtp - Postfix local delivery via LMTP
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 830688, MC34
Richardson, TX 75083, USA
- LMTP(8)
+ LMTP(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - local(8) </title>
</head> <body> <pre>
-LOCAL(8) LOCAL(8)
+LOCAL(8) LOCAL(8)
<b>NAME</b>
local - Postfix local mail delivery
message header.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- LOCAL(8)
+ LOCAL(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - master(5) </title>
</head> <body> <pre>
-MASTER(5) MASTER(5)
+MASTER(5) MASTER(5)
<b>NAME</b>
master - Postfix master process configuration file format
all interfaces configured with the
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> parameter.
+ Note: with Postfix version 2.2 and later
+ specify "<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only</b>" in
+ main.cf, instead of hard-coding loopback IP
+ address information in master.cf or in
+ main.cf.
+
<b>unix</b> The service listens on a UNIX-domain socket
and is accessible for local clients only.
<b>Process limit (default: $<a href="postconf.5.html#default_process_limit">default_process_limit</a>)</b>
The maximum number of processes that may execute
- this service simultaneously. Specify 0 for no pro-
- cess count limit.
+ this service simultaneously. Specify 0 for no
+ process count limit.
NOTE: Some Postfix services must be configured as a
single-process service (for example, <a href="qmgr.8.html"><b>qmgr</b>(8)</a>) and
P.O. Box 704
Yorktown Heights, NY 10598, USA
- MASTER(5)
+ MASTER(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - master(8) </title>
</head> <body> <pre>
-MASTER(8) MASTER(8)
+MASTER(8) MASTER(8)
<b>NAME</b>
master - Postfix master process
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
The list of environment parameters that a Postfix
- process will import from a non-Postfix parent pro-
- cess.
+ process will import from a non-Postfix parent
+ process.
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
The UNIX system account that owns the Postfix queue
and most Postfix daemon processes.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- MASTER(8)
+ MASTER(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - mysql_table(5) </title>
</head> <body> <pre>
-MYSQL_TABLE(5) MYSQL_TABLE(5)
+MYSQL_TABLE(5) MYSQL_TABLE(5)
<b>NAME</b>
mysql_table - Postfix MySQL client configuration
P.O. BOX 1-764
RO-014700 Bucharest, ROMANIA
- MYSQL_TABLE(5)
+ MYSQL_TABLE(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - nisplus_table(5) </title>
</head> <body> <pre>
-NISPLUS_TABLE(5) NISPLUS_TABLE(5)
+NISPLUS_TABLE(5) NISPLUS_TABLE(5)
<b>NAME</b>
nisplus_table - Postfix NIS+ client
P.O. Box 704
Yorktown Heights, NY 10598, USA
- NISPLUS_TABLE(5)
+ NISPLUS_TABLE(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - oqmgr(8) </title>
</head> <body> <pre>
-OQMGR(8) OQMGR(8)
+OQMGR(8) OQMGR(8)
<b>NAME</b>
oqmgr - old Postfix queue manager
over an internal communication channel.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- OQMGR(8)
+ OQMGR(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - pcre_table(5) </title>
</head> <body> <pre>
-PCRE_TABLE(5) PCRE_TABLE(5)
+PCRE_TABLE(5) PCRE_TABLE(5)
<b>NAME</b>
pcre_table - format of Postfix PCRE tables
cal line.
Each pattern is a perl-like regular expression. The
- expression delimiter can be any character, except whites-
- pace or characters that have special meaning (tradition-
+ expression delimiter can be any character, except white-
+ space or characters that have special meaning (tradition-
ally the forward slash is used). The regular expression
can contain whitespace.
sion.
<b>SEARCH ORDER</b>
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the input
+ Patterns are applied in the order as specified in the ta-
+ ble, until a pattern is found that matches the input
string.
Each pattern is applied to the entire input string.
P.O. Box 704
Yorktown Heights, NY 10598, USA
- PCRE_TABLE(5)
+ PCRE_TABLE(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - pgsql_table(5) </title>
</head> <body> <pre>
-PGSQL_TABLE(5) PGSQL_TABLE(5)
+PGSQL_TABLE(5) PGSQL_TABLE(5)
<b>NAME</b>
pgsql_table - Postfix PostgreSQL client configuration
This is equivalent to:
query = select my_lookup_user_alias('%s')
- and overrides both the <b>query</b> parameter and the
- table-related fields above.
+ and overrides both the <b>query</b> parameter and the ta-
+ ble-related fields above.
As of June 2002, if the function returns a single
row and a single column AND that value is NULL,
P.O. BOX 1-764
RO-014700 Bucharest, ROMANIA
- PGSQL_TABLE(5)
+ PGSQL_TABLE(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - pickup(8) </title>
</head> <body> <pre>
-PICKUP(8) PICKUP(8)
+PICKUP(8) PICKUP(8)
<b>NAME</b>
pickup - Postfix local mail pickup
to deal with unfiltered user data.
<b>CONFIGURATION PARAMETERS</b>
- As the <a href="pickup.8.html"><b>pickup</b>(8)</a> daemon is a relatively long-running pro-
- cess, up to an hour may pass before a <b>main.cf</b> change takes
- effect. Use the command "<b>postfix reload</b>" command to speed
- up a change.
+ As the <a href="pickup.8.html"><b>pickup</b>(8)</a> daemon is a relatively long-running
+ process, up to an hour may pass before a <b>main.cf</b> change
+ takes effect. Use the command "<b>postfix reload</b>" command to
+ speed up a change.
The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- PICKUP(8)
+ PICKUP(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - pipe(8) </title>
</head> <body> <pre>
-PIPE(8) PIPE(8)
+PIPE(8) PIPE(8)
<b>NAME</b>
pipe - Postfix delivery to external command
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- PIPE(8)
+ PIPE(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postalias(1) </title>
</head> <body> <pre>
-POSTALIAS(1) POSTALIAS(1)
+POSTALIAS(1) POSTALIAS(1)
<b>NAME</b>
postalias - Postfix alias database maintenance
databases.
When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
- the database type specified via the
- <b><a href="postconf.5.html#default_database_type">default_database_type</a></b> configuration parameter. The
- default value for this parameter depends on the
- host environment.
+ the database type specified via the <b><a href="postconf.5.html#default_database_type">default_data</a>-</b>
+ <b><a href="postconf.5.html#default_database_type">base_type</a></b> configuration parameter. The default
+ value for this parameter depends on the host envi-
+ ronment.
<i>file</i><b>_</b><i>name</i>
The name of the alias database source file when
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>STANDARDS</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTALIAS(1)
+ POSTALIAS(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postcat(1) </title>
</head> <body> <pre>
-POSTCAT(1) POSTCAT(1)
+POSTCAT(1) POSTCAT(1)
<b>NAME</b>
postcat - show Postfix queue file contents
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTCAT(1)
+ POSTCAT(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postconf(1) </title>
</head> <body> <pre>
-POSTCONF(1) POSTCONF(1)
+POSTCONF(1) POSTCONF(1)
<b>NAME</b>
postconf - Postfix configuration utility
In Postfix configuration files, lookup tables are
specified as <i>type</i><b>:</b><i>name</i>, where <i>type</i> is one of the
types listed below. The table <i>name</i> syntax depends
- on the lookup table type as described in the
- <a href="DATABASE_README.html">DATABASE_README</a> document.
+ on the lookup table type as described in the <a href="DATABASE_README.html">DATA</a>-
+ <a href="DATABASE_README.html">BASE_README</a> document.
<b>btree</b> A sorted, balanced tree structure. This is
available on systems with support for Berke-
<b>regexp</b> (read-only)
A lookup table based on regular expressions.
- The file format is described in <a href="regexp_table.5.html"><b>reg-</b></a>
- <a href="regexp_table.5.html"><b>exp_table</b>(5)</a>.
+ The file format is described in <a href="regexp_table.5.html"><b>regexp_ta-</b></a>
+ <a href="regexp_table.5.html"><b>ble</b>(5)</a>.
<b>sdbm</b> An indexed file type based on hashing. This
is available on systems with support for
Perform lookups using a simple request-reply
protocol that is described in <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
This feature is not included with Postfix
- 2.1.
+ 2.2.
<b>unix</b> (read-only)
A limited way to query the UNIX authentica-
implemented:
<b>unix:passwd.byname</b>
- The table is the UNIX password
- database. The key is a login name.
- The result is a password file entry
- in <b>passwd</b>(5) format.
+ The table is the UNIX password data-
+ base. The key is a login name. The
+ result is a password file entry in
+ <b>passwd</b>(5) format.
<b>unix:group.byname</b>
- The table is the UNIX group
- database. The key is a group name.
- The result is a group file entry in
- <b>group</b>(5) format.
+ The table is the UNIX group database.
+ The key is a group name. The result
+ is a group file entry in <b>group</b>(5)
+ format.
Other table types may exist depending on how Postfix was
built.
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTCONF(1)
+ POSTCONF(1)
</pre> </body> </html>
<DT><b><a name="connection_cache_ttl_limit">connection_cache_ttl_limit</a>
(default: 2s)</b></DT><DD>
-<p> The maximal time-to-live value that the connection cache server
+<p> The maximal time-to-live value that the <a href="scache.8.html">scache(8)</a> connection
+cache server
allows. Requests that specify a larger TTL will be stored with the
maximum allowed TTL. The purpose of this additional control is to
protect the infrastructure against careless people. The cache TTL
whether it is listed on the server, and regardless of the certifying
authority. </dd>
-<dt><b> <a name="check_address_map">check_address_map</a> <i><a
-href="DATABASE_README.html">type:table</a></i> </b></dt>
+<dt><b> <a name="check_address_map">check_address_map</a> <i><a href="DATABASE_README.html">type:table</a></i> </b></dt>
<dt><b> <i><a href="DATABASE_README.html">type:table</a></i> </b></dt>
and can improve mail delivery performance. </p>
<p> Specify a comma or white space separated list of destinations
-or pseudo-destinations:
-</p>
+or pseudo-destinations: </p>
<ul>
<li> if mail is sent without a relay host: a domain name (the
-right-hand side of an email address, without the optional []),
+right-hand side of an email address, without the [] around a numeric
+IP address),
-<li> if mail is sent via a relay host: a relay host (without the
-optional [] or non-default TCP port), as specified in main.cf or
-in the transport map,
+<li> if mail is sent via a relay host: a relay host name (without
+[] or non-default TCP port), as specified in main.cf or in the
+transport map,
-<li> a /file/name with domains and/or relay hosts,
+<li> a /file/name with domain names and/or relay host names as
+defined above,
-<li> a "<a href="DATABASE_README.html">type:table</a>" with domains and/or relay hosts on the left-hand
-side. The right-hand side result from "<a href="DATABASE_README.html">type:table</a>" lookups is
-ignored.
+<li> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or relay hosts name on
+the left-hand side. The right-hand side result from "<a href="DATABASE_README.html">type:table</a>"
+lookups is ignored.
</ul>
<p>
Clients that are excluded from connection count, connection rate,
-message rate or recipient rate restrictions.
+or SMTP request rate restrictions.
</p>
<p>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postdrop(1) </title>
</head> <body> <pre>
-POSTDROP(1) POSTDROP(1)
+POSTDROP(1) POSTDROP(1)
<b>NAME</b>
postdrop - Postfix mail posting utility
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
The list of environment parameters that a Postfix
- process will import from a non-Postfix parent pro-
- cess.
+ process will import from a non-Postfix parent
+ process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue direc-
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b><a href="postconf.5.html#trigger_timeout">trigger_timeout</a> (10s)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTDROP(1)
+ POSTDROP(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postkick(1) </title>
</head> <body> <pre>
-POSTKICK(1) POSTKICK(1)
+POSTKICK(1) POSTKICK(1)
<b>NAME</b>
postkick - kick a Postfix service
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTKICK(1)
+ POSTKICK(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postlock(1) </title>
</head> <body> <pre>
-POSTLOCK(1) POSTLOCK(1)
+POSTLOCK(1) POSTLOCK(1)
<b>NAME</b>
postlock - lock mail folder and execute command
process.
<b><a href="postconf.5.html#fork_delay">fork_delay</a> (1s)</b>
- The delay between attempts to fork() a child pro-
- cess.
+ The delay between attempts to fork() a child
+ process.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTLOCK(1)
+ POSTLOCK(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postlog(1) </title>
</head> <body> <pre>
-POSTLOG(1) POSTLOG(1)
+POSTLOG(1) POSTLOG(1)
<b>NAME</b>
postlog - Postfix-compatible logging utility
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTLOG(1)
+ POSTLOG(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postmap(1) </title>
</head> <body> <pre>
-POSTMAP(1) POSTMAP(1)
+POSTMAP(1) POSTMAP(1)
<b>NAME</b>
postmap - Postfix lookup table management
The <i>key</i> and <i>value</i> are processed as is, except that sur-
rounding white space is stripped off. Unlike with Postfix
alias databases, quotes cannot be used to protect lookup
- keys that contain special characters such as `#' or
- whitespace. The <i>key</i> is mapped to lowercase to make mapping
+ keys that contain special characters such as `#' or white-
+ space. The <i>key</i> is mapped to lowercase to make mapping
lookups case insensitive.
<b>COMMAND-LINE ARGUMENTS</b>
databases.
When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
- the database type specified via the
- <b><a href="postconf.5.html#default_database_type">default_database_type</a></b> configuration parameter.
+ the database type specified via the <b><a href="postconf.5.html#default_database_type">default_data</a>-</b>
+ <b><a href="postconf.5.html#default_database_type">base_type</a></b> configuration parameter.
<i>file</i><b>_</b><i>name</i>
The name of the lookup table source file when
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTMAP(1)
+ POSTMAP(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postqueue(1) </title>
</head> <body> <pre>
-POSTQUEUE(1) POSTQUEUE(1)
+POSTQUEUE(1) POSTQUEUE(1)
<b>NAME</b>
postqueue - Postfix queue control
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
The list of environment parameters that a Postfix
- process will import from a non-Postfix parent pro-
- cess.
+ process will import from a non-Postfix parent
+ process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue direc-
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b><a href="postconf.5.html#trigger_timeout">trigger_timeout</a> (10s)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTQUEUE(1)
+ POSTQUEUE(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postsuper(1) </title>
</head> <body> <pre>
-POSTSUPER(1) POSTSUPER(1)
+POSTSUPER(1) POSTSUPER(1)
<b>NAME</b>
postsuper - Postfix superintendent
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- POSTSUPER(1)
+ POSTSUPER(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - proxymap(8) </title>
</head> <body> <pre>
-PROXYMAP(8) PROXYMAP(8)
+PROXYMAP(8) PROXYMAP(8)
<b>NAME</b>
proxymap - Postfix lookup table proxy server
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
P.O. Box 704
Yorktown Heights, NY 10598, USA
- PROXYMAP(8)
+ PROXYMAP(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - qmgr(8) </title>
</head> <body> <pre>
-QMGR(8) QMGR(8)
+QMGR(8) QMGR(8)
<b>NAME</b>
qmgr - Postfix queue manager
over an internal communication channel.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
Modra 6
155 00, Prague, Czech Republic
- QMGR(8)
+ QMGR(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - qmqp-sink(1) </title>
</head> <body> <pre>
-QMQP-SINK(1) QMQP-SINK(1)
+QMQP-SINK(1) QMQP-SINK(1)
<b>NAME</b>
qmqp-sink - multi-threaded QMQP test server
P.O. Box 704
Yorktown Heights, NY 10598, USA
- QMQP-SINK(1)
+ QMQP-SINK(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - qmqp-source(1) </title>
</head> <body> <pre>
-QMQP-SOURCE(1) QMQP-SOURCE(1)
+QMQP-SOURCE(1) QMQP-SOURCE(1)
<b>NAME</b>
qmqp-source - multi-threaded QMQP test generator
P.O. Box 704
Yorktown Heights, NY 10598, USA
- QMQP-SOURCE(1)
+ QMQP-SOURCE(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - qmqpd(8) </title>
</head> <body> <pre>
-QMQPD(8) QMQPD(8)
+QMQPD(8) QMQPD(8)
<b>NAME</b>
qmqpd - Postfix QMQP server
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- QMQPD(8)
+ QMQPD(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - qshape(1) </title>
</head> <body> <pre>
-QSHAPE(1) QSHAPE(1)
+QSHAPE(1) QSHAPE(1)
<b>NAME</b>
qshape - Print Postfix queue domain and age distribution
Victor Duchovni
Morgan Stanley
- QSHAPE(1)
+ QSHAPE(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - regexp_table(5) </title>
</head> <body> <pre>
-REGEXP_TABLE(5) REGEXP_TABLE(5)
+REGEXP_TABLE(5) REGEXP_TABLE(5)
<b>NAME</b>
regexp_table - format of Postfix regular expression tables
and end of the input string.
<b>TABLE SEARCH ORDER</b>
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the input
+ Patterns are applied in the order as specified in the ta-
+ ble, until a pattern is found that matches the input
string.
Each pattern is applied to the entire input string.
P.O. Box 704
Yorktown Heights, NY 10598, USA
- REGEXP_TABLE(5)
+ REGEXP_TABLE(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - relocated(5) </title>
</head> <body> <pre>
-RELOCATED(5) RELOCATED(5)
+RELOCATED(5) RELOCATED(5)
<b>NAME</b>
relocated - Postfix relocated table format
description of regular expression lookup table syntax, see
<a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>. For a description of the
TCP client/server table lookup protocol, see <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
+ This feature is not available up to and including Postfix
+ version 2.2.
- Each pattern is a regular expression that is applied to
+ Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail
- addresses are not broken up into their <i>user</i> and <i>@domain</i>
+ addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the ta-
+ ble, until a pattern is found that matches the search
string.
- Results are the same as with indexed file lookups, with
- the additional feature that parenthesized substrings from
+ Results are the same as with indexed file lookups, with
+ the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
- including Postfix version 2.2.
+ tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
+ <a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including
+ Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
- <i>user@domain</i> mail addresses are not broken up into their
+ <i>user@domain</i> mail addresses are not broken up into their
<i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>.
Results are the same as with indexed file lookups.
<b>BUGS</b>
- The table format does not understand quoting conventions.
+ The table format does not understand quoting conventions.
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant.
- The text below provides only a parameter summary. See
+ The following <b>main.cf</b> parameters are especially relevant.
+ The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#relocated_maps">relocated_maps</a></b>
Other parameters of interest:
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b>
- The network interface addresses that this system
+ The network interface addresses that this system
receives mail on. You need to stop and start Post-
fix when this parameter changes.
<b><a href="postconf.5.html#mydestination">mydestination</a></b>
- List of domains that this mail system considers
+ List of domains that this mail system considers
local.
<b><a href="postconf.5.html#myorigin">myorigin</a></b>
<a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a>, address rewriting guide
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- RELOCATED(5)
+ RELOCATED(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - scache(8) </title>
</head> <body> <pre>
-SCACHE(8) SCACHE(8)
+SCACHE(8) SCACHE(8)
<b>NAME</b>
- scache - Postfix connection cache server
+ scache - Postfix shared connection cache server
<b>SYNOPSIS</b>
<b>scache</b> [generic Postfix daemon options]
<b>RESOURCE CONTROLS</b>
<b><a href="postconf.5.html#connection_cache_ttl_limit">connection_cache_ttl_limit</a> (2s)</b>
- The maximal time-to-live value that the connection
- cache server allows.
+ The maximal time-to-live value that the <a href="scache.8.html"><b>scache</b>(8)</a>
+ connection cache server allows.
<b><a href="postconf.5.html#connection_cache_status_update_time">connection_cache_status_update_time</a> (600s)</b>
- How frequently the <a href="scache.8.html"><b>scache</b>(8)</a> server logs usage
- statistics with connection cache hit and miss rates
+ How frequently the <a href="scache.8.html"><b>scache</b>(8)</a> server logs usage sta-
+ tistics with connection cache hit and miss rates
for logical destinations and for physical end-
points.
before exiting.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
<a href="master.8.html">master(8)</a>, process manager
syslogd(8), system logging
+<b>README FILES</b>
+ <a href="CONNECTION_CACHE_README.html">CONNECTION_CACHE_README</a>, Postfix connection cache
+
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>HISTORY</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- SCACHE(8)
+ SCACHE(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - sendmail(1) </title>
</head> <body> <pre>
-SENDMAIL(1) SENDMAIL(1)
+SENDMAIL(1) SENDMAIL(1)
<b>NAME</b>
sendmail - Postfix to Sendmail compatibility interface
process.
<b><a href="postconf.5.html#fork_delay">fork_delay</a> (1s)</b>
- The delay between attempts to fork() a child pro-
- cess.
+ The delay between attempts to fork() a child
+ process.
<b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
The maximal number of Received: message headers
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b><a href="postconf.5.html#trigger_timeout">trigger_timeout</a> (10s)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- SENDMAIL(1)
+ SENDMAIL(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - showq(8) </title>
</head> <body> <pre>
-SHOWQ(8) SHOWQ(8)
+SHOWQ(8) SHOWQ(8)
<b>NAME</b>
showq - list the Postfix mail queue
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>FILES</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- SHOWQ(8)
+ SHOWQ(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - smtp-sink(1) </title>
</head> <body> <pre>
-SMTP-SINK(1) SMTP-SINK(1)
+SMTP-SINK(1) SMTP-SINK(1)
<b>NAME</b>
smtp-sink - multi-threaded SMTP/LMTP test server
P.O. Box 704
Yorktown Heights, NY 10598, USA
- SMTP-SINK(1)
+ SMTP-SINK(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - smtp-source(1) </title>
</head> <body> <pre>
-SMTP-SOURCE(1) SMTP-SOURCE(1)
+SMTP-SOURCE(1) SMTP-SOURCE(1)
<b>NAME</b>
smtp-source - multi-threaded SMTP/LMTP test generator
P.O. Box 704
Yorktown Heights, NY 10598, USA
- SMTP-SOURCE(1)
+ SMTP-SOURCE(1)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - smtp(8) </title>
</head> <body> <pre>
-SMTP(8) SMTP(8)
+SMTP(8) SMTP(8)
<b>NAME</b>
smtp - Postfix SMTP client
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
Universitaetsplatz 3-4
D-03044 Cottbus, Germany
- SMTP(8)
+ SMTP(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - smtpd(8) </title>
</head> <body> <pre>
-SMTPD(8) SMTPD(8)
+SMTPD(8) SMTPD(8)
<b>NAME</b>
smtpd - Postfix SMTP server
<b><a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
Clients that are excluded from connection count,
- connection rate, message rate or recipient rate
- restrictions.
+ connection rate, or SMTP request rate restrictions.
<b>TARPIT CONTROLS</b>
When a remote SMTP client makes errors, the Postfix SMTP
ered. This feature is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>-
<a href="postconf.5.html#reject_unverified_sender">fied_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
restrictions. The status of verification probes is main-
- tained by the <a href="verify.8.html"><b>verify</b>(8)</a> server. See the file ADDRESS_VER-
- <a href="IFICATION_README.html">IFICATION_README</a> for information about how to configure
+ tained by the <a href="verify.8.html"><b>verify</b>(8)</a> server. See the file <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VER</a>-
+ <a href="ADDRESS_VERIFICATION_README.html">IFICATION_README</a> for information about how to configure
and operate the Postfix sender/recipient address verifica-
tion service.
ered to.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
Available in Postfix version 2.2 and later:
Universitaetsplatz 3-4
D-03044 Cottbus, Germany
- SMTPD(8)
+ SMTPD(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - spawn(8) </title>
</head> <body> <pre>
-SPAWN(8) SPAWN(8)
+SPAWN(8) SPAWN(8)
<b>NAME</b>
spawn - Postfix external command spawner
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- SPAWN(8)
+ SPAWN(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - tcp_table(5) </title>
</head> <body> <pre>
-TCP_TABLE(5) TCP_TABLE(5)
+TCP_TABLE(5) TCP_TABLE(5)
<b>NAME</b>
tcp_table - Postfix client/server table lookup protocol
P.O. Box 704
Yorktown Heights, NY 10598, USA
- TCP_TABLE(5)
+ TCP_TABLE(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - tlsmgr(8) </title>
</head> <body> <pre>
-TLSMGR(8) TLSMGR(8)
+TLSMGR(8) TLSMGR(8)
<b>NAME</b>
tlsmgr - Postfix TLS session cache and PRNG manager
built-in watchdog timer.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- TLSMGR(8)
+ TLSMGR(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - transport(5) </title>
</head> <body> <pre>
-TRANSPORT(5) TRANSPORT(5)
+TRANSPORT(5) TRANSPORT(5)
<b>NAME</b>
transport - Postfix transport table format
<i>some.domain.hierarchy</i> is not looked up via its parent
domains, nor is <i>user+foo@domain</i> looked up as <i>user@domain</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the ta-
+ ble, until a pattern is found that matches the search
string.
Results are the same as with indexed file lookups, with
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
- including Postfix version 2.2.
+ tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
+ <a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including
+ Postfix version 2.2.
Each lookup operation uses the entire recipient address
once. Thus, <i>some.domain.hierarchy</i> is not looked up via
P.O. Box 704
Yorktown Heights, NY 10598, USA
- TRANSPORT(5)
+ TRANSPORT(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - trivial-rewrite(8) </title>
</head> <body> <pre>
-TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
+TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<b>NAME</b>
trivial-rewrite - Postfix address rewriting and resolving
The <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a> servers run under control by the
Postfix master server. Each server can handle multiple
simultaneous connections. When all servers are busy while
- a client connects, the master creates a new server pro-
- cess, provided that the trivial-rewrite server process
+ a client connects, the master creates a new server
+ process, provided that the trivial-rewrite server process
limit is not exceeded. Each trivial-rewrite server termi-
nates after serving at least <b>$<a href="postconf.5.html#max_use">max_use</a></b> clients of after
<b>$<a href="postconf.5.html#max_idle">max_idle</a></b> seconds of idle time.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
Don't rewrite message headers from remote clients
- at all when this parameter is empty; otherwise,
- rewrite remote message headers and append the spec-
- ified domain name to incomplete addresses.
+ at all when this parameter is empty; otherwise, re-
+ write remote message headers and append the speci-
+ fied domain name to incomplete addresses.
<b>ROUTING CONTROLS</b>
The following is applicable to Postfix version 2.0 and
<b><a href="postconf.5.html#relayhost">relayhost</a> (empty)</b>
The default host to send non-local mail to when no
- entry is matched in the optional <a href="transport.5.html"><b>transport</b>(5)</a>
- table.
+ entry is matched in the optional <a href="transport.5.html"><b>transport</b>(5)</a> ta-
+ ble.
<b><a href="postconf.5.html#transport_maps">transport_maps</a> (empty)</b>
Optional lookup tables with mappings from recipient
for users or domains that no longer exist.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
Available in Postfix version 2.0 and later:
P.O. Box 704
Yorktown Heights, NY 10598, USA
- TRIVIAL-REWRITE(8)
+ TRIVIAL-REWRITE(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - verify(8) </title>
</head> <body> <pre>
-VERIFY(8) VERIFY(8)
+VERIFY(8) VERIFY(8)
<b>NAME</b>
verify - Postfix address verification server
over an internal communication channel.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- VERIFY(8)
+ VERIFY(8)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - virtual(5) </title>
</head> <body> <pre>
-VIRTUAL(5) VIRTUAL(5)
+VIRTUAL(5) VIRTUAL(5)
<b>NAME</b>
virtual - Postfix virtual alias table format
<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = hash:/etc/postfix/virtual
Note: some systems use <b>dbm</b> databases instead of <b>hash</b>.
- See the output from "<b>postconf -m</b>" for available
- database types.
+ See the output from "<b>postconf -m</b>" for available data-
+ base types.
/etc/postfix/virtual:
<i>virtual-alias.domain anything</i> (right-hand content does not matter)
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the ta-
+ ble, until a pattern is found that matches the search
string.
Results are the same as with indexed file lookups, with
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
- including Postfix version 2.2.
+ tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
+ <a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including
+ Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
<i>user@domain</i> mail addresses are not broken up into their
P.O. Box 704
Yorktown Heights, NY 10598, USA
- VIRTUAL(5)
+ VIRTUAL(5)
</pre> </body> </html>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - virtual(8) </title>
</head> <body> <pre>
-VIRTUAL(8) VIRTUAL(8)
+VIRTUAL(8) VIRTUAL(8)
<b>NAME</b>
virtual - Postfix virtual domain mail delivery agent
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
- cess.
+ The process ID of a Postfix command or daemon
+ process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
- cess name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
Level 3, 213 Miller St
North Sydney 2060, NSW, Australia
- VIRTUAL(8)
+ VIRTUAL(8)
</pre> </body> </html>
.IP "\fBtcp\fR (read-only)"
Perform lookups using a simple request-reply protocol that is
described in \fBtcp_table\fR(5).
-This feature is not included with Postfix 2.1.
+This feature is not included with Postfix 2.2.
.IP "\fBunix\fR (read-only)"
A limited way to query the UNIX authentication database. The
following tables are implemented:
\fB10025\fR accepts connections on TCP port 10025 via
all interfaces configured with the \fBinet_interfaces\fR
parameter.
+
+.sp
+Note: with Postfix version 2.2 and later specify
+"\fBinet_interfaces = loopback-only\fR" in main.cf, instead
+of hard-coding loopback IP address information in master.cf
+or in main.cf.
.IP \fBunix\fR
The service listens on a UNIX-domain socket and is accessible
for local clients only.
connection cache hit and miss rates for logical destinations and for
physical endpoints.
.SH connection_cache_ttl_limit (default: 2s)
-The maximal time-to-live value that the connection cache server
+The maximal time-to-live value that the \fBscache\fR(8) connection
+cache server
allows. Requests that specify a larger TTL will be stored with the
maximum allowed TTL. The purpose of this additional control is to
protect the infrastructure against careless people. The cache TTL
client TLS certificate is successfully verified, regardless of
whether it is listed on the server, and regardless of the certifying
authority.
-.IP "\fB check_address_map \fI<a
-href="DATABASE_README.html">type:table\fR \fR"
+.IP "\fB check_address_map \fItype:table\fR \fR"
.IP "\fB \fItype:table\fR \fR"
Append the domain name in $myorigin or $mydomain when the
client IP address matches the specified lookup table.
or pseudo-destinations:
.IP \(bu
if mail is sent without a relay host: a domain name (the
-right-hand side of an email address, without the optional []),
+right-hand side of an email address, without the [] around a numeric
+IP address),
.IP \(bu
-if mail is sent via a relay host: a relay host (without the
-optional [] or non-default TCP port), as specified in main.cf or
-in the transport map,
+if mail is sent via a relay host: a relay host name (without
+[] or non-default TCP port), as specified in main.cf or in the
+transport map,
.IP \(bu
-a /file/name with domains and/or relay hosts,
+a /file/name with domain names and/or relay host names as
+defined above,
.IP \(bu
-a "type:table" with domains and/or relay hosts on the left-hand
-side. The right-hand side result from "type:table" lookups is
-ignored.
+a "type:table" with domain names and/or relay hosts name on
+the left-hand side. The right-hand side result from "type:table"
+lookups is ignored.
.PP
This feature is available in Postfix 2.2 and later.
.SH smtp_connection_cache_on_demand (default: yes)
.ft R
.SH smtpd_client_event_limit_exceptions (default: $mynetworks)
Clients that are excluded from connection count, connection rate,
-message rate or recipient rate restrictions.
+or SMTP request rate restrictions.
.PP
By default, clients in trusted networks are excluded. Specify a
list of network blocks, hostnames or .domain names (the initial
expression lookup table syntax, see \fBregexp_table\fR(5) or
\fBpcre_table\fR(5). For a description of the TCP client/server
table lookup protocol, see \fBtcp_table\fR(5).
+This feature is not available up to and including Postfix version 2.2.
Each pattern is a regular expression that is applied to the entire
address being looked up. Thus, \fIuser@domain\fR mail addresses are not
Message header that the Postfix \fBcleanup\fR(8) server inserts when a
message contains no To: or Cc: message header.
.PP
-Available in Postfix version 2.1 and later:
+Available in Postfix version 2.1 only:
+.IP "\fBenable_errors_to (no)\fR"
+Report mail delivery errors to the address specified with the
+non-standard Errors-To: message header, instead of the envelope
+sender address (this feature is removed with Postfix 2.2, is
+turned off by default with Postfix 2.1, and is always turned on
+with older Postfix versions).
.SH "BUILT-IN CONTENT FILTERING CONTROLS"
.na
.nf
.SH NAME
scache
\-
-Postfix connection cache server
+Postfix shared connection cache server
.SH "SYNOPSIS"
.na
.nf
.ad
.fi
.IP "\fBconnection_cache_ttl_limit (2s)\fR"
-The maximal time-to-live value that the connection cache server
+The maximal time-to-live value that the \fBscache\fR(8) connection
+cache server
allows.
.IP "\fBconnection_cache_status_update_time (600s)\fR"
How frequently the \fBscache\fR(8) server logs usage statistics with
postconf(5), configuration parameters
master(8), process manager
syslogd(8), system logging
+.SH "README FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or
+"\fBpostconf html_directory\fR" to locate this information.
+.na
+.nf
+CONNECTION_CACHE_README, Postfix connection cache
.SH "LICENSE"
.na
.nf
Postfix actually accepts those recipients.
.IP "\fBsmtpd_client_event_limit_exceptions ($mynetworks)\fR"
Clients that are excluded from connection count, connection rate,
-message rate or recipient rate restrictions.
+or SMTP request rate restrictions.
.SH "TARPIT CONTROLS"
.na
.nf
if (/^\s*\n/) {
if ($paragraph) {
for $class (@classes) {
- ${$append_to}{$class} .= $prefix . $paragraph . $_;
+ ${$append_to}{$class} .= $paragraph . $_;
}
$paragraph = "";
}
if ($append_to eq \%leader) {
@classes = ("default");
$paragraph = $_;
- } else {
- die "No [class] at start of paragraph: $_"
- unless /^\[([^]]+)\]\s*(.*)/s;
- $paragraph = $2;
+ } elsif (/^\[([^]]+)\]\s*(.*)/s) {
+ $paragraph = $prefix . $2;
($junk = $1) =~ s/\s*,\s*/,/g;
$junk =~ s/^\s+//;
$junk =~ s/\s+$//;
#print "junk >$junk<\n";
@classes = split(/,+/, $junk);
#print "[", join(', ', @classes), "] ", $paragraph;
+ } else {
+ $paragraph = $_;
}
} else {
$paragraph .= $_;
for $class (sort keys %body) {
print "Major changes - $class\n";
- print "----------------------\n\n";
+ ($junk = "Major changes - $class") =~ s/./-/g;
+ print $junk, "\n\n";
print $body{$class};
}
s;\bdaemon_timeout\b;<a href="postconf.5.html#daemon_timeout">$&</a>;g;
s;\bdebug_peer_level\b;<a href="postconf.5.html#debug_peer_level">$&</a>;g;
s;\bdebug_peer_list\b;<a href="postconf.5.html#debug_peer_list">$&</a>;g;
- s;\bdefault_database_type\b;<a href="postconf.5.html#default_database_type">$&</a>;g;
+ s;\bdefault_data
[-</Bb>]*\n* *[<Bb>]*base_type\b;<a href="postconf.5.html#default_database_type">$&</a>;g;
s;\bdefault_deliv[-</Bb>]*\n* *[<Bb>]*ery_slot_cost\b;<a href="postconf.5.html#default_delivery_slot_cost">$&</a>;g;
s;\bdefault_deliv[-</Bb>]*\n* *[<Bb>]*ery_slot_discount\b;<a href="postconf.5.html#default_delivery_slot_discount">$&</a>;g;
s;\bdefault_deliv[-</Bb>]*\n* *[<Bb>]*ery_slot_loan\b;<a href="postconf.5.html#default_delivery_slot_loan">$&</a>;g;
s/[<bB>]*aliases[<\/bB>]*\(5\)/<a href="aliases.5.html">$&<\/a>/g;
s/[<bB>]*canonical[<\/bB>]*\(5\)/<a href="canonical.5.html">$&<\/a>/g;
s/[<bB>]*gener[-<\/bB>]*\n* *[<bB>]*ic[<\/bB>]*\(5\)/<a href="generic.5.html">$&<\/a>/g;
- s/[<bB>]*ldap[<\/bBiI>]*_[<\/iIbB>]*table[<\/bB>]*\(5\)/<a href="ldap_table.5.html">$&<\/a>/g;
+ s/[<bB>]*ldap[<\/bBiI>]*_[<\/iIbB>]*ta
[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="ldap_table.5.html">$&<\/a>/g;
s/[<bB>]*mas[-<\/bB>]*\n* *[<bB>]*ter[<\/bB>]*\(5\)/<a href="master.5.html">$&<\/a>/g;
- s/[<bB>]*mysql[<\/bBiI>]*_[<\/iIbB>]*table[<\/bB>]*\(5\)/<a href="mysql_table.5.html">$&<\/a>/g;
- s/[<bB>]*nisplus[<\/bBiI>]*_[<\/iIbB>]*table[<\/bB>]*\(5\)/<a href="nisplus_table.5.html">$&<\/a>/g;
- s/[<bB>]*pcre[<\/bBiI>]*_[<\/iIbB>]*table[<\/bB>]*\(5\)/<a href="pcre_table.5.html">$&<\/a>/g;
- s/[<bB>]*pgsql[<\/bBiI>]*_[<\/iIbB>]*table[<\/bB>]*\(5\)/<a href="pgsql_table.5.html">$&<\/a>/g;
+ s/[<bB>]*mysql[<\/bBiI>]*_[<\/iIbB>]*ta
[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="mysql_table.5.html">$&<\/a>/g;
+ s/[<bB>]*nisplus[<\/bBiI>]*_[<\/iIbB>]*ta
[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="nisplus_table.5.html">$&<\/a>/g;
+ s/[<bB>]*pcre[<\/bBiI>]*_[<\/iIbB>]*ta
[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="pcre_table.5.html">$&<\/a>/g;
+ s/[<bB>]*pgsql[<\/bBiI>]*_[<\/iIbB>]*ta
[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="pgsql_table.5.html">$&<\/a>/g;
s/[<bB>]*postconf[<\/bB>]*\(5\)/<a href="postconf.5.html">$&<\/a>/g;
s/[<bB>]*prox[-<\/bB>]*\n*[ <bB>]*ymap[<\/bB>]*\(8\)/<a href="proxymap.8.html">$&<\/a>/g;
- s/[<bB>]*reg[-<\/bB>]*\n*[ <bB>]*exp[<\/bBiI>]*_[<\/iIbB>]*table[<\/bB>]*\(5\)/<a href="regexp_table.5.html">$&<\/a>/g;
+ s/[<bB>]*reg[-<\/bB>]*\n*[ <bB>]*exp[<\/bBiI>]*_[<\/iIbB>]*ta
[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="regexp_table.5.html">$&<\/a>/g;
s/[<bB>]*relocated[<\/bB>]*\(5\)/<a href="relocated.5.html">$&<\/a>/g;
s/[<bB>]*scache[<\/bB>]*\(8\)/<a href="scache.8.html">$&<\/a>/g;
s/[<bB>]*trans[-<\/bB>]*\n*[ <bB>]*port[<\/bB>]*\(5\)/<a href="transport.5.html">$&<\/a>/g;
s/[<bB>]*verify[<\/bB>]*\(8\)/<a href="verify.8.html">$&<\/a>/g;
s/[<bB>]*vir[-<\/bB>]*\n*[ <bB>]*tual[<\/bB>]*\(5\)/<a href="virtual.5.html">$&<\/a>/g;
s/[<bB>]*vir[-<\/bB>]*\n*[ <bB>]*tual[<\/bB>]*\(8\)/<a href="virtual.8.html">$&<\/a>/g;
- s/[<bB>]*cidr_table[<\/bB>]*\(5\)/<a href="cidr_table.5.html">$&<\/a>/g;
- s/[<bB>]*tcp_table[<\/bB>]*\(5\)/<a href="tcp_table.5.html">$&<\/a>/g;
+ s/[<bB>]*cidr_ta
[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="cidr_table.5.html">$&<\/a>/g;
+ s/[<bB>]*tcp_ta
[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="tcp_table.5.html">$&<\/a>/g;
s/[<bB>]*body_checks[<\/bB>]*\(5\)/<a href="header_checks.5.html">$&<\/a>/g;
s/[<bB>]*header_checks[<\/bB>]*\(5\)/<a href="header_checks.5.html">$&<\/a>/g;
# Hyperlink README document names
- s/\b[A-Z0-9_]*_README\b/<a href="$&.html">$&<\/a>/g;
+ s/\b([A-Z][A-Z0-9_]*)[-]*\n*[ ]*([A-Z0-9_]*_README)\b/<a href="$1$2.html">$&<\/a>/g;
s/\bINSTALL\b/<a href="$&.html">$&<\/a>/g;
s/\bOVERVIEW\b/<a href="$&.html">$&<\/a>/g;
s/\btype:table\b/<a href="DATABASE_README.html">type:table<\/a>/g;
s;\bcheck_etrn_access\b;<a href="postconf.5.html#check_etrn_access">$&</a>;g;
- # Split parameter or restriction hyperlinks across line breaks
+ # Split *README, parameter or restriction hyperlinks across line breaks
- s/(<a href="[^"]*">)([-a-z0-9_]*)\b([-<\/bB>]*\n *[<bB>]*)\b([-a-z0-9_]*)(<\/a>)/$1$2$5$3$1$4$5/;
+ s/(<a href="[^"]*">)([-A-Za-z0-9_]*)\b([-<\/bB>]*\n *[<bB>]*)\b([-A-Za-z0-9_]*)(<\/a>)/$1$2$5$3$1$4$5/;
# Glue manual/parameter/restriction hyperlinks without line breaks.
<ul>
-<li> <p> Postfix probes the nearest MTA for the address that is
-being verified, without actually sending mail to that address. If
+<li> <p> When verifying a remote address, Postfix probes the nearest
+MTA for that address, without actually delivering mail to it. If
the nearest MTA accepts the address, then Postfix assumes that the
-address is deliverable, even when the address will bounce AFTER
-that MTA accepts it. </p>
+address is deliverable. In reality, mail for a remote address can
+bounce AFTER the nearest MTA accepts the recipient address. </p>
-<li> <p> Sites like AOL may blacklist you when you are probing them
+<li> <p> Some sites may blacklist you when you are probing them
too often (a probe is an SMTP session that does not deliver mail),
or when you are probing them too often for a non-existent address.
-</p>
+This is one reason why you should use sender address verification
+sparingly, if at all, when your site receives lots of email. </p>
<li> <p> Normally, address verification probe messages follow the
same path as regular mail. However, some sites send mail to the
--- /dev/null
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+
+<head>
+
+<title>Postfix Connection Cache </title>
+
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+
+</head>
+
+<body>
+
+<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Connection Cache </h1>
+
+<hr>
+
+<h2>Introduction</h2>
+
+<p> This document describes the Postfix connection cache implementation,
+which is available with Postfix version 2.2 and later. </p>
+
+<p> Topics covered in this document: </p>
+
+<ul>
+
+<li><a href="#summary"> What SMTP connection caching can do for you</a>
+
+<li><a href="#implementation"> Connection cache implementation</a>
+
+<li><a href="#configuration"> Connection cache configuration</a>
+
+<li><a href="#safety">Connection cache safety mechanisms </a>
+
+<li><a href="#limitations">Connection cache limitations</a>
+
+<li><a href="#statistics">Connection cache statistics</a>
+
+</ul>
+
+<h2><a name="summary">What SMTP connection caching can do for
+you</a></h2>
+
+<p> With SMTP connection caching, Postfix can deliver multiple
+messages over the same SMTP connection. By default, Postfix 2.2
+reuses an SMTP connection automatically when a destination has
+high volume of mail in the active queue. </p>
+
+<p> SMTP Connection caching is a performance feature. Whether or not
+it actually improves performance depends on the conditions: </p>
+
+<ul>
+
+<li> <p> SMTP Connection caching can greatly improve performance
+when delivering mail to a destination with multiple mail servers,
+because it can help Postfix to skip over a non-responding server.
+</p>
+
+<li> <p> Otherwise, the benefits of SMTP connection caching are
+minor: it eliminates the latency of the TCP handshake (SYN, SYN+ACK,
+ACK), plus the latency of the SMTP initial handshake (220 greeting,
+EHLO command, EHLO response).
+
+<li> <p> SMTP Connection caching gives no gains with respect to
+SMTP session tear-down. The Postfix smtp(8) client normally does
+not wait for the server's reply to the QUIT command, and it never
+waits for the TCP final handshake to complete. </p>
+
+<li> <p> SMTP Connection caching introduces some overhead: the
+client needs to send an RSET command to find out if a connection
+is still usable, before it can send the next MAIL FROM command.
+</p>
+
+</ul>
+
+<p> For other potential issues with SMTP connection caching, see
+the discussion of <a href="#limitations">limitations</a> at the end
+of this document. </p>
+
+<h2><a name="implementation">Connection cache implementation</a></h2>
+
+<p> For an overview of how Postfix delivers mail, see the Postfix
+architecture OVERVIEW document. </p>
+
+<p> The Postfix connection cache is shared among Postfix mail
+delivering processes. This maximizes the opportunity to reuse an
+open connection. Other MTAs such as Sendmail or exim have a
+non-shared connection cache. Here, a connection can be reused only
+by the mail delivering process that creates the connection. To get
+the same performance improvement as with a shared connection cache,
+non-shared connections need to be kept open for a longer time. </p>
+
+<blockquote>
+
+<table>
+
+<tr> <td> Internet <-- </td> <td align="center" bgcolor="#f0f0ff">
+<br> smtp(8) <br> </td> <td> <tt> <-> </tt> </td> <td
+align="center" bgcolor="#f0f0ff"> <br> scache(8) <br> </td>
+<td> <tt> <-> </tt> </td> <td align="center" bgcolor="#f0f0ff">
+<br> smtp(8) <br> </td> <td> --> Internet </td>
+
+</table>
+
+</blockquote>
+
+<p> The scache(8) server, introduced with Postfix version 2.2,
+maintains the shared connection cache. With Postfix version 2.2,
+only the smtp(8) client has support to access this cache. </p>
+
+<p> When SMTP connection caching is enabled (see next section), the
+smtp(8) client does not disconnect after a mail transaction, but
+gives the connection to the scache(8) server which keeps the
+connection open for a limited amount of time. </p>
+
+<p> After handing over the open connection to the scache(8) server,
+the smtp(8) client continues with some other mail delivery request.
+Meanwhile, any smtp(8) client process can ask the scache(8) server
+for that cached connection and reuse it for mail delivery. </p>
+
+<p> The connection cache can be searched by destination domain name
+(the right-hand side of the recipient address) and by the IP address
+of the host at the other end of the connection. This allows Postfix
+to reuse a connection even when the remote host is mail server for
+domains with different names. </p>
+
+<h2><a name="configuration">Connection cache configuration </a></h2>
+
+<p> The Postfix smtp(8) client supports two connection caching
+strategies: </p>
+
+<ul>
+
+<li> <p> On-demand connection caching. This is enabled by default,
+and is controlled with the smtp_connection_cache_on_demand configuration
+parameter. When this feature is enabled, the Postfix smtp(8) client
+automatically saves a connection to the connection cache when a
+destination has a high volume of mail in the active queue. </p>
+
+<p> Example: </p>
+
+<blockquote>
+
+<pre>
+/etc/postfix/main.cf:
+ smtp_connection_cache_on_demand = yes
+</pre>
+
+</blockquote>
+
+<li> <p> Per-destination connection caching. This is enabled by
+explicitly listing specific destinations with the
+smtp_connection_cache_destinations configuration parameter. After
+completing delivery to a selected destination, the Postfix smtp(8)
+client <i>always</i> saves the connection to the connection cache.
+</p>
+
+<p> Specify a comma or white space separated list of destinations
+or pseudo-destinations: </p>
+
+<ul>
+
+<li> <p> if mail is sent without a relay host: a domain name (the
+right-hand side of an email address, without the [] around a numeric
+IP address), </p>
+
+<li> <p> if mail is sent via a relay host: a relay host name (without
+the [] or non-default TCP port), as specified in main.cf or in the
+transport map, </p>
+
+<li> <p> a /file/name with domain names and/or relay host names as
+defined above, </p>
+
+<li> <p> a "type:table" with domain names and/or relay host names
+on the left-hand side. The right-hand side result from "type:table"
+lookups is ignored. </p>
+
+</ul>
+
+<p> Examples: </p>
+
+<blockquote>
+
+<pre>
+/etc/postfix/main.cf:
+ smtp_connection_cache_destinations = $relayhost
+ smtp_connection_cache_destinations = hotmail.com, ...
+ smtp_connection_cache_destinations = static:all (<i>not recommended</i>)
+</pre>
+
+</blockquote>
+
+</ul>
+
+<h2><a name="safety">Connection cache safety mechanisms </a></h2>
+
+<p> Connection caching must be used wisely. It is anti-social to
+keep an unused SMTP connection open for a significant amount of
+time, and it is unwise to send huge numbers of messages through
+the same connection. In order to avoid problems with SMTP connection
+caching, Postfix implements the following safety mechanisms: </p>
+
+<ul>
+
+<li> <p> The Postfix scache(8) server keeps a connection open for
+only a limited time. The time limit is specified with the
+smtp_connection_cache_time_limit and with the connection_cache_ttl_limit
+configuration parameters. This prevents anti-social behavior. </p>
+
+<li> <p> The Postfix smtp(8) client reuses a session for only a
+limited number of times. This avoids triggering bugs in implementations
+that do not correctly handle multiple deliveries per session. The
+use count is limited with the smtp_connection_cache_reuse_limit
+configuration parameter. </p>
+
+<li> <p> The connection cache explicitly labels each cached connection
+with destination domain and IP address information. A connection
+cache lookup succeeds only when the correct information is specified.
+This prevents mis-delivery of mail. </p>
+
+</ul>
+
+<h2><a name="limitations">Connection cache limitations</a></h2>
+
+<p> Postfix SMTP connection caching conflicts with certain applications:
+</p>
+
+<ul>
+
+<li> <p> The Postfix shared connection cache cannot be used with
+TLS, because saved TLS session information can be used only when a
+new connection is created (this limitation does not exist in
+connection caching implementations that reuse a connection only in
+the process that creates it). For this reason, the Postfix smtp(8)
+client always closes the connection after completing an attempt to
+deliver mail over TLS. </p>
+
+<li> <p> Postfix connection caching currently does not support
+multiple SASL accounts per mail server. Specifically, Postfix
+connection caching assumes that a SASL credential is valid for all
+hostnames or domain names that deliver via the same mail server IP
+address and TCP port, and assume that the SASL credential does not
+depend on the message originator. </p>
+
+</ul>
+
+
+<h2><a name="statistics">Connection cache statistics </a></h2>
+
+<p> The scache(8) connection cache server logs statistics about the
+peak cache size and the cache hit rates. This information is logged
+every connection_cache_status_update_time seconds, when the process
+terminates after the maximal idle time is exceeded, or when Postfix
+is reloaded. </p>
+
+<ul>
+
+<li> <p> Hit rates for connection cache lookups by domain will tell
+you how useful connection caching is. </p>
+
+<li> <p> Connection cache lookups by network address will always
+fail, unless you're sending mail to different domains that share
+the same MX hosts. </p>
+
+<li> <p> No statistics are logged when no attempts are made to
+access the connection cache. </p>
+
+</ul>
+
+
+</body>
+
+</html>
<ul>
+<li> <p> Instead of hard-coding 127.0.0.1 and ::1 loopback addresses
+in master.cf, specify "inet_interfaces = loopback-only" in main.cf.
+This way you can use the same master.cf file regardless of whether
+or not Postfix will run on an IPv6-enabled system. </p>
+
<li> <p> The first new parameter is called inet_protocols. This
specifies what protocols Postfix will use when it makes or accepts
network connections, and also controls what DNS lookups Postfix
<h2>Berkeley DB issues</h2>
-<p> On RedHat Linux 7.0 you must install the db3-devel RPM before
-you can compile the Postfix source code. </p>
+<p> Warning: if you can't compile Postfix because the file "db.h"
+isn't found, then you MUST install the Berkeley DB development
+package (package name: db???-devel-???) that comes with your Linux
+system. Only that package contains the files that correspond to the
+Berkeley DB version that is used by the system library routines.
+</p>
-<p> Warning: do not use multiple Berkeley DB versions. Every Postfix
-program will dump core when it is built with a different Berkeley
-DB version than the version that is used by the system library
-routines. See the DB_README file for further information. </p>
+<p> DO NOT download some Berkeley DB version from the network.
+Every Postfix program will dump core when it is built with a different
+Berkeley DB version than the version that is used by the system
+library routines. See the DB_README file for further information.
+</p>
<h2>Procmail issues</h2>
-<p> On RedHat Linux 7.1 <b>procmail</b> no longer has permission
+<p> On RedHat Linux 7.1 and later <b>procmail</b> no longer has
+permission
to write the mail spool directory. Workaround: chmod 1777
/var/spool/mail.
</p>
../html/BASIC_CONFIGURATION_README.html \
../html/BUILTIN_FILTER_README.html \
../html/CDB_README.html \
+ ../html/CONNECTION_CACHE_README.html \
../html/CONTENT_INSPECTION_README.html \
../html/CYRUS_README.html \
../html/DATABASE_README.html ../html/DB_README.html \
../README_FILES/BASIC_CONFIGURATION_README \
../README_FILES/BUILTIN_FILTER_README \
../README_FILES/CDB_README \
+ ../README_FILES/CONNECTION_CACHE_README \
../README_FILES/CONTENT_INSPECTION_README \
../README_FILES/CYRUS_README \
../README_FILES/DATABASE_README ../README_FILES/DB_README \
MAN = ../man/man5/postconf.5
-AWK = awk '{ print; if (NR == 1) print ".pl 9999" }'
+AWK = awk '{ print; if (NR == 1) print ".pl 9999\n.ll 65" }'
SRCTOMAN= ../mantools/srctoman
POSTLINK= ../mantools/postlink
HT2READ = ../mantools/html2readme
../html/CDB_README.html: CDB_README.html
$(POSTLINK) $? >$@
+../html/CONNECTION_CACHE_README.html: CONNECTION_CACHE_README.html
+ $(POSTLINK) $? >$@
+
../html/CONTENT_INSPECTION_README.html: CONTENT_INSPECTION_README.html
$(POSTLINK) $? >$@
../README_FILES/CDB_README: CDB_README.html
$(HT2READ) $? >$@
+../README_FILES/CONNECTION_CACHE_README: CONNECTION_CACHE_README.html
+ $(HT2READ) $? >$@
+
../README_FILES/CONTENT_INSPECTION_README: CONTENT_INSPECTION_README.html
$(HT2READ) $? >$@
smtp(8), lmtp(8), local(8), virtual(8), pipe(8), discard(8) or
error(8) delivery agents, and sends a delivery request for one
or more recipient addresses. The discard(8) and error(8) delivery
-agents are special: they discard or bounce all mail, they are not
+agents are special: they discard or bounce all mail, and are not
shown in the figure above. </p>
<p> The queue manager maintains a small active queue with the
# \fB10025\fR accepts connections on TCP port 10025 via
# all interfaces configured with the \fBinet_interfaces\fR
# parameter.
+#
+# .sp
+# Note: with Postfix version 2.2 and later specify
+# "\fBinet_interfaces = loopback-only\fR" in main.cf, instead
+# of hard-coding loopback IP address information in master.cf
+# or in main.cf.
# .IP \fBunix\fR
# The service listens on a UNIX-domain socket and is accessible
# for local clients only.
and can improve mail delivery performance. </p>
<p> Specify a comma or white space separated list of destinations
-or pseudo-destinations:
-</p>
+or pseudo-destinations: </p>
<ul>
<li> if mail is sent without a relay host: a domain name (the
-right-hand side of an email address, without the optional []),
+right-hand side of an email address, without the [] around a numeric
+IP address),
-<li> if mail is sent via a relay host: a relay host (without the
-optional [] or non-default TCP port), as specified in main.cf or
-in the transport map,
+<li> if mail is sent via a relay host: a relay host name (without
+[] or non-default TCP port), as specified in main.cf or in the
+transport map,
-<li> a /file/name with domains and/or relay hosts,
+<li> a /file/name with domain names and/or relay host names as
+defined above,
-<li> a "type:table" with domains and/or relay hosts on the left-hand
-side. The right-hand side result from "type:table" lookups is
-ignored.
+<li> a "type:table" with domain names and/or relay hosts name on
+the left-hand side. The right-hand side result from "type:table"
+lookups is ignored.
</ul>
<p>
Clients that are excluded from connection count, connection rate,
-message rate or recipient rate restrictions.
+or SMTP request rate restrictions.
</p>
<p>
%PARAM connection_cache_ttl_limit 2s
-<p> The maximal time-to-live value that the connection cache server
+<p> The maximal time-to-live value that the scache(8) connection
+cache server
allows. Requests that specify a larger TTL will be stored with the
maximum allowed TTL. The purpose of this additional control is to
protect the infrastructure against careless people. The cache TTL
whether it is listed on the server, and regardless of the certifying
authority. </dd>
-<dt><b> <a name="check_address_map">check_address_map</a> <i><a
-href="DATABASE_README.html">type:table</a></i> </b></dt>
+<dt><b> <a name="check_address_map">check_address_map</a> <i><a href="DATABASE_README.html">type:table</a></i> </b></dt>
<dt><b> <i><a href="DATABASE_README.html">type:table</a></i> </b></dt>
# expression lookup table syntax, see \fBregexp_table\fR(5) or
# \fBpcre_table\fR(5). For a description of the TCP client/server
# table lookup protocol, see \fBtcp_table\fR(5).
+# This feature is not available up to and including Postfix version 2.2.
#
# Each pattern is a regular expression that is applied to the entire
# address being looked up. Thus, \fIuser@domain\fR mail addresses are not
static char *max_rcpt_user;
static time_t max_rcpt_time;
+static int max_newtls;
+static char *max_newtls_user;
+static time_t max_newtls_time;
+
static int max_cache;
static time_t max_cache_time;
int rate; /* connection rate */
int mail; /* message rate */
int rcpt; /* recipient rate */
+ int newtls; /* newtls rate */
time_t start; /* time of first rate sample */
} ANVIL_REMOTE;
(remote)->rate = 1; \
(remote)->mail = 0; \
(remote)->rcpt = 0; \
+ (remote)->newtls = 0; \
(remote)->start = event_time(); \
} while(0)
(remote)->rate = 1; \
(remote)->mail = 0; \
(remote)->rcpt = 0; \
+ (remote)->newtls = 0; \
(remote)->start = _now; \
} else if ((remote)->rate < INT_MAX) { \
(remote)->rate += 1; \
(remote)->rate = 0; \
(remote)->mail = 1; \
(remote)->rcpt = 0; \
+ (remote)->newtls = 0; \
(remote)->start = _now; \
} else if ((remote)->mail < INT_MAX) { \
(remote)->mail += 1; \
(remote)->rate = 0; \
(remote)->mail = 0; \
(remote)->rcpt = 1; \
+ (remote)->newtls = 0; \
(remote)->start = _now; \
} else if ((remote)->rcpt < INT_MAX) { \
(remote)->rcpt += 1; \
} \
} while(0)
+#define ANVIL_ADD_STARTTLS(remote) \
+ do { \
+ time_t _now = event_time(); \
+ if ((remote)->start + var_anvil_time_unit < _now) { \
+ (remote)->rate = 0; \
+ (remote)->mail = 0; \
+ (remote)->rcpt = 0; \
+ (remote)->newtls = 1; \
+ (remote)->start = _now; \
+ } else if ((remote)->rcpt < INT_MAX) { \
+ (remote)->newtls += 1; \
+ } \
+ } while(0)
+
/* Drop connection from (service, client) state. */
#define ANVIL_REMOTE_DROP_ONE(remote) \
}
}
+/* anvil_remote_newtls - register newtls event */
+
+static void anvil_remote_newtls(VSTREAM *client_stream, const char *ident)
+{
+ ANVIL_REMOTE *anvil_remote;
+
+ /*
+ * Be prepared for "postfix reload" after "connect".
+ */
+ if ((anvil_remote =
+ (ANVIL_REMOTE *) htable_find(anvil_remote_map, ident)) == 0)
+ anvil_remote = anvil_remote_conn_update(client_stream, ident);
+
+ /*
+ * Update newtls rate and respond to local client.
+ */
+ ANVIL_ADD_STARTTLS(anvil_remote);
+ attr_print_plain(client_stream, ATTR_FLAG_NONE,
+ ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, ANVIL_STAT_OK,
+ ATTR_TYPE_NUM, ANVIL_ATTR_RATE, anvil_remote->newtls,
+ ATTR_TYPE_END);
+
+ /*
+ * Update local statistics.
+ */
+ if (anvil_remote->newtls > max_newtls) {
+ max_newtls = anvil_remote->newtls;
+ if (max_newtls_user == 0) {
+ max_newtls_user = mystrdup(anvil_remote->ident);
+ } else if (!STREQ(max_newtls_user, anvil_remote->ident)) {
+ myfree(max_newtls_user);
+ max_newtls_user = mystrdup(anvil_remote->ident);
+ }
+ max_newtls_time = event_time();
+ }
+}
+
/* anvil_remote_disconnect - report disconnect event */
static void anvil_remote_disconnect(VSTREAM *client_stream, const char *ident)
anvil_remote_mail(client_stream, STR(ident));
} else if (STREQ(STR(request), ANVIL_REQ_RCPT)) {
anvil_remote_rcpt(client_stream, STR(ident));
+ } else if (STREQ(STR(request), ANVIL_REQ_NEWTLS)) {
+ anvil_remote_newtls(client_stream, STR(ident));
} else if (STREQ(STR(request), ANVIL_REQ_DISC)) {
anvil_remote_disconnect(client_stream, STR(ident));
} else if (STREQ(STR(request), ANVIL_REQ_LOOKUP)) {
max_rcpt_user, ctime(&max_rcpt_time) + 4);
max_rcpt = 0;
}
+ if (max_newtls > 0) {
+ msg_info("statistics: max newtls rate %d/%ds for (%s) at %.15s",
+ max_newtls, var_anvil_time_unit,
+ max_newtls_user, ctime(&max_newtls_time) + 4);
+ max_newtls = 0;
+ }
if (max_cache > 0) {
msg_info("statistics: max cache size %d at %.15s",
max_cache, ctime(&max_cache_time) + 4);
/* Message header that the Postfix \fBcleanup\fR(8) server inserts when a
/* message contains no To: or Cc: message header.
/* .PP
-/* Available in Postfix version 2.1 and later:
+/* Available in Postfix version 2.1 only:
+/* .IP "\fBenable_errors_to (no)\fR"
+/* Report mail delivery errors to the address specified with the
+/* non-standard Errors-To: message header, instead of the envelope
+/* sender address (this feature is removed with Postfix 2.2, is
+/* turned off by default with Postfix 2.1, and is always turned on
+/* with older Postfix versions).
/* BUILT-IN CONTENT FILTERING CONTROLS
/* .ad
/* .fi
}
}
if (did_rewrite) {
- vstring_sprintf(header_buf, "%s: ", hdr_opts->name);
+ vstring_truncate(header_buf, strlen(hdr_opts->name));
+ vstring_strcat(header_buf, ": ");
tok822_externalize(header_buf, tree, TOK822_STR_HEAD);
}
myfree((char *) addr_list);
}
}
if (did_rewrite) {
- vstring_sprintf(header_buf, "%s: ", hdr_opts->name);
+ vstring_truncate(header_buf, strlen(hdr_opts->name));
+ vstring_strcat(header_buf, ": ");
tok822_externalize(header_buf, tree, TOK822_STR_HEAD);
}
myfree((char *) addr_list);
/* const char *addr;
/* int *rcpts;
/*
+/* int anvil_clnt_newtls(anvil_clnt, service, addr, newtls)
+/* ANVIL_CLNT *anvil_clnt;
+/* const char *service;
+/* const char *addr;
+/* int *newtls;
+/*
/* int anvil_clnt_disconnect(anvil_clnt, service, addr)
/* ANVIL_CLNT *anvil_clnt;
/* const char *service;
/* anvil_clnt_rcpt() registers a RCPT TO event and returns
/* the current RCPT TO rate for the specified client.
/*
+/* anvil_clnt_newtls() registers a request to negotiate a new
+/* (uncached) TLS session and returns the current request rate
+/* for the specified client.
+/*
/* anvil_clnt_disconnect() informs the anvil server that a
/* client has disconnected.
/*
/* .IP rcpts
/* Pointer to storage for the current recipient rate for this
/* remote client.
+/* .IP newtls
+/* Pointer to storage for the current "new TLS session" rate
+/* for this remote client.
/* DIAGNOSTICS
/* anvil_clnt_connect() and anvil_clnt_disconnect() return
/* ANVIL_STAT_OK in case of success, ANVIL_STAT_FAIL otherwise
return (status);
}
+/* anvil_clnt_newtls - heads-up and policy query */
+
+int anvil_clnt_newtls(ANVIL_CLNT *anvil_clnt, const char *service,
+ const char *addr, int *newtls)
+{
+ char *ident = ANVIL_IDENT(service, addr);
+ int status;
+
+ if (attr_clnt_request((ATTR_CLNT *)anvil_clnt,
+ ATTR_FLAG_NONE, /* Query attributes. */
+ ATTR_TYPE_STR, ANVIL_ATTR_REQ, ANVIL_REQ_NEWTLS,
+ ATTR_TYPE_STR, ANVIL_ATTR_IDENT, ident,
+ ATTR_TYPE_END,
+ ATTR_FLAG_MISSING, /* Reply attributes. */
+ ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, &status,
+ ATTR_TYPE_NUM, ANVIL_ATTR_RATE, newtls,
+ ATTR_TYPE_END) != 2)
+ status = ANVIL_STAT_FAIL;
+ else if (status != ANVIL_STAT_OK)
+ status = ANVIL_STAT_FAIL;
+ myfree(ident);
+ return (status);
+}
+
/* anvil_clnt_disconnect - heads-up only */
-int anvil_clnt_disconnect(ANVIL_CLNT *anvil_clnt, const char *service,
- const char *addr)
+int anvil_clnt_disconnect(ANVIL_CLNT *anvil_clnt, const char *service,
+ const char *addr)
{
char *ident = ANVIL_IDENT(service, addr);
- int status;
+ int status;
- if (attr_clnt_request((ATTR_CLNT *) anvil_clnt,
+ if (attr_clnt_request((ATTR_CLNT *)anvil_clnt,
ATTR_FLAG_NONE, /* Query attributes. */
ATTR_TYPE_STR, ANVIL_ATTR_REQ, ANVIL_REQ_DISC,
ATTR_TYPE_STR, ANVIL_ATTR_IDENT, ident,
ANVIL_REQ_MAIL, ANVIL_REQ_RCPT);
}
-int main(int unused_argc, char **argv)
+int main(int unused_argc, char **argv)
{
VSTRING *inbuf = vstring_alloc(1);
char *bufp;
char *cmd;
- int cmd_len;
+ int cmd_len;
char *service;
char *addr;
- int count;
- int rate;
- int msgs;
- int rcpts;
+ int count;
+ int rate;
+ int msgs;
+ int rcpts;
ANVIL_CLNT *anvil;
msg_vstream_init(argv[0], VSTREAM_ERR);
#define ANVIL_REQ_DISC "disconnect"
#define ANVIL_REQ_MAIL "message"
#define ANVIL_REQ_RCPT "recipient"
+#define ANVIL_REQ_NEWTLS "newtls"
#define ANVIL_REQ_LOOKUP "lookup"
#define ANVIL_ATTR_IDENT "ident"
#define ANVIL_ATTR_COUNT "count"
extern int anvil_clnt_connect(ANVIL_CLNT *, const char *, const char *, int *, int *);
extern int anvil_clnt_mail(ANVIL_CLNT *, const char *, const char *, int *);
extern int anvil_clnt_rcpt(ANVIL_CLNT *, const char *, const char *, int *);
+extern int anvil_clnt_newtls(ANVIL_CLNT *, const char *, const char *, int *);
extern int anvil_clnt_lookup(ANVIL_CLNT *, const char *, const char *, int *, int *, int *, int *);
extern int anvil_clnt_disconnect(ANVIL_CLNT *, const char *, const char *);
extern void anvil_clnt_free(ANVIL_CLNT *);
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
-#define MAIL_RELEASE_DATE "20050222"
+#define MAIL_RELEASE_DATE "20050227"
#define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version"
#include <sys_defs.h>
#include <unistd.h>
#include <stddef.h> /* offsetof() */
+#include <string.h>
/* Utility library. */
#include <sys_defs.h>
#include <unistd.h>
+#include <string.h>
/* Utility library. */
/* System library. */
#include <sys_defs.h>
+#include <string.h>
/* Utility library. */
/* .IP "\fBtcp\fR (read-only)"
/* Perform lookups using a simple request-reply protocol that is
/* described in \fBtcp_table\fR(5).
-/* This feature is not included with Postfix 2.1.
+/* This feature is not included with Postfix 2.2.
/* .IP "\fBunix\fR (read-only)"
/* A limited way to query the UNIX authentication database. The
/* following tables are implemented:
/*
* This is the fatal error handler. Don't try to do anything fancy.
+ *
+ * msg_xxx() does not allocate memory, so it is safe as long as the signal
+ * handler can't be invoked recursively.
*/
if (postdrop_path) {
if (remove(postdrop_path))
/*
* Assume atomic signal() updates, even when emulated with sigaction().
+ * We use the in-kernel SIGINT handler address as an atomic variable to
+ * prevent nested postdrop_sig() calls. For this reason, main() must
+ * configure postdrop_sig() as SIGINT handler before other signal
+ * handlers are allowed to invoke postdrop_sig().
*/
- if (signal(SIGHUP, SIG_IGN) != SIG_IGN
- && signal(SIGINT, SIG_IGN) != SIG_IGN
- && signal(SIGQUIT, SIG_IGN) != SIG_IGN
- && signal(SIGTERM, SIG_IGN) != SIG_IGN) {
+ if (signal(SIGINT, SIG_IGN) != SIG_IGN) {
+ (void)signal(SIGQUIT, SIG_IGN);
+ (void)signal(SIGTERM, SIG_IGN);
+ (void)signal(SIGHUP, SIG_IGN);
postdrop_cleanup();
- exit(sig);
+ /* Future proofing. If you need exit() here then you broke Postfix. */
+ _exit(sig);
}
}
/*
* Set up signal handlers and a runtime error handler so that we can
* clean up incomplete output.
+ *
+ * postdrop_sig() uses the in-kernel SIGINT handler address as an atomic
+ * variable to prevent nested postdrop_sig() calls. For this reason, the
+ * SIGINT handler must be configured before other signal handlers are
+ * allowed to invoke postdrop_sig().
*/
signal(SIGPIPE, SIG_IGN);
signal(SIGXFSZ, SIG_IGN);
- if (signal(SIGHUP, SIG_IGN) == SIG_DFL)
- signal(SIGHUP, postdrop_sig);
signal(SIGINT, postdrop_sig);
signal(SIGQUIT, postdrop_sig);
signal(SIGTERM, postdrop_sig);
+ if (signal(SIGHUP, SIG_IGN) == SIG_DFL)
+ signal(SIGHUP, postdrop_sig);
msg_cleanup(postdrop_cleanup);
/* End of initializations. */
/* NAME
/* scache 8
/* SUMMARY
-/* Postfix connection cache server
+/* Postfix shared connection cache server
/* SYNOPSIS
/* \fBscache\fR [generic Postfix daemon options]
/* DESCRIPTION
/* .ad
/* .fi
/* .IP "\fBconnection_cache_ttl_limit (2s)\fR"
-/* The maximal time-to-live value that the connection cache server
+/* The maximal time-to-live value that the \fBscache\fR(8) connection
+/* cache server
/* allows.
/* .IP "\fBconnection_cache_status_update_time (600s)\fR"
/* How frequently the \fBscache\fR(8) server logs usage statistics with
/* postconf(5), configuration parameters
/* master(8), process manager
/* syslogd(8), system logging
+/* README FILES
+/* .ad
+/* .fi
+/* Use "\fBpostconf readme_directory\fR" or
+/* "\fBpostconf html_directory\fR" to locate this information.
+/* .na
+/* .nf
+/* CONNECTION_CACHE_README, Postfix connection cache
/* LICENSE
/* .ad
/* .fi
did_rewrite |= smtp_map11_tree(tpp[0], smtp_generic_maps,
smtp_ext_prop_mask & EXT_PROP_GENERIC);
if (did_rewrite) {
- vstring_sprintf(buf, "%s: ", header_info->name);
+ vstring_truncate(buf, strlen(header_info->name));
+ vstring_strcat(buf, ": ");
tok822_externalize(buf, tree, TOK822_STR_HEAD);
}
myfree((char *) addr_list);
/* Postfix actually accepts those recipients.
/* .IP "\fBsmtpd_client_event_limit_exceptions ($mynetworks)\fR"
/* Clients that are excluded from connection count, connection rate,
-/* message rate or recipient rate restrictions.
+/* or SMTP request rate restrictions.
/* TARPIT CONTROLS
/* .ad
/* .fi
projects / thirdparty / postfix.git / commitdiff
