Cleanup: sendmail no longer ignores null command-line
recipients. File: sendmail/sendmail.c.
- Cleanup: "postfix start" background checks moved back
- to the foreground so they can be stopped more easily.
- File: conf/postfix-script.
+ Cleanup: "postfix start" background checks moved back to
+ the foreground so they can be stopped more easily. File:
+ conf/postfix-script.
+
+20050204
+
+ Feature: REPLACE command in header/body_checks (implemented
+ as a combination of PREPEND and IGNORE) by Bastiaan Bakker.
+ File: cleanup/cleanup_message.c.
+
+ Cleanup: linted the manual pages for consistency in the
+ way manuals are referenced, and in the presentation of
+ command examples. Files: mantools/manlint, mantools/fixman,
+ mantools/postconf2man.
Open problems:
in tcp_table(5). The lookup table name is "tcp:host:port" where "host"
specifies a symbolic hostname or a numeric IP address, and "port"
specifies a symbolic service name or a numeric port number. This
- protocol is not available in Postfix version 2.1.
+ protocol is not available up to and including Postfix version 2.2.
u\bun\bni\bix\bx (read-only)
A limited way to query the UNIX authentication database. The following
tables are implemented:
OSF1.V3 - OSF1.V5 (Digital UNIX)
Reliant UNIX 5.x
Rhapsody 5.x
- SunOS 4.1.4 (April 2004)
+ SunOS 4.1.4 (February 2005)
SunOS 5.4 - 5.9 (Solaris 2.4..9)
Ultrix 4.x (well, that was long ago)
I\bIn\bnt\btr\bro\bod\bdu\buc\bct\bti\bio\bon\bn
-Postfix 2.2 introduces support for the IPv6 (IP version 6) protocol, whose main
-feature of interest is that it uses 128-bit IP addresses instead of the 32-bit
-addresses used by IPv4.
+Postfix 2.2 introduces support for the IPv6 (IP version 6) protocol. IPv6
+support older Postfix versions was available as an add-on patch. The section
+"Compatibility with Postfix <2.2 IPv6 support" below discusses the differences
+between these implementations.
-With this, Postfix can use the same SMTP protocol over IPv6 as it already uses
-over the older IPv4 network, and Postfix can do AAAA record lookups in the DNS
-in addition to the older A records. Information about IPv6 can be found at
-http://www.ipv6.org/.
+The main feature of interest is that IPv6 uses 128-bit IP addresses instead of
+the 32-bit addresses used by IPv4. It can therefore accomodate a much larger
+number of hosts and networks without ugly kluges such as NAT. A side benefit of
+the much larger address space is that it makes network scanning unpractical.
+
+Postfix uses the same SMTP protocol over IPv6 as it already uses over the older
+IPv4 network, and does AAAA record lookups in the DNS in addition to the older
+A records. Information about IPv6 can be found at http://www.ipv6.org/.
This document provides information on the following topics:
as mynetworks or debug_peer_list.
Postfix IPv6 address syntax is a little tricky, because there are a few places
-where you must enclose IPv6 address inside [] characters, and a few places
-where you must not. It is a good idea to use [] only in the few places where
+where you must enclose an IPv6 address inside "[]" characters, and a few places
+where you must not. It is a good idea to use "[]" only in the few places where
you have to. Check out the postconf(5) manual whenever you do IPv6 related
configuration work with Postfix.
- * The new inet_protocols parameter specifies what IP protocols Postfix will
- use. This parameter also controls what DNS lookups Postfix will do.
+ * The first new parameter is called inet_protocols. This specifies what
+ protocols Postfix will use when it makes or accepts network connections,
+ and also controls what DNS lookups Postfix will use when it makes network
+ connections.
/etc/postfix/main.cf:
# You must stop/start Postfix after changing this parameter.
If you did specify the mynetworks parameter value in main.cf, you need
update the mynetworks value to include the IPv6 networks the system is in.
- Be sure to specify IPv6 address information inside [], like this:
+ Be sure to specify IPv6 address information inside "[]", like this:
/etc/postfix/main.cf:
mynetworks = ...IPv4 networks... [::1]/128 [2001:240:5c7::]/64 ...
N\bNO\bOT\bTE\bE:\b: w\bwh\bhe\ben\bn c\bco\bon\bnf\bfi\big\bgu\bur\bri\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx m\bma\bat\btc\bch\bh l\bli\bis\bst\bts\bs s\bsu\buc\bch\bh a\bas\bs m\bmy\byn\bne\bet\btw\bwo\bor\brk\bks\bs o\bor\br
-d\bde\beb\bbu\bug\bg_\b_p\bpe\bee\ber\br_\b_l\bli\bis\bst\bt,\b, y\byo\bou\bu m\bmu\bus\bst\bt s\bsp\bpe\bec\bci\bif\bfy\by I\bIP\bPv\bv6\b6 a\bad\bdd\bdr\bre\bes\bss\bs i\bin\bnf\bfo\bor\brm\bma\bat\bti\bio\bon\bn i\bin\bns\bsi\bid\bde\be [\b[]\b] i\bin\bn t\bth\bhe\be
+d\bde\beb\bbu\bug\bg_\b_p\bpe\bee\ber\br_\b_l\bli\bis\bst\bt,\b, y\byo\bou\bu m\bmu\bus\bst\bt s\bsp\bpe\bec\bci\bif\bfy\by I\bIP\bPv\bv6\b6 a\bad\bdd\bdr\bre\bes\bss\bs i\bin\bnf\bfo\bor\brm\bma\bat\bti\bio\bon\bn i\bin\bns\bsi\bid\bde\be "\b"[\b[]\b]"\b" i\bin\bn t\bth\bhe\be
m\bma\bai\bin\bn.\b.c\bcf\bf p\bpa\bar\bra\bam\bme\bet\bte\ber\br v\bva\bal\blu\bue\be a\ban\bnd\bd i\bin\bn f\bfi\bil\ble\bes\bs s\bsp\bpe\bec\bci\bif\bfi\bie\bed\bd w\bwi\bit\bth\bh a\ba "\b"/\b/f\bfi\bil\ble\be/\b/n\bna\bam\bme\be"\b" p\bpa\bat\btt\bte\ber\brn\bn.\b.
I\bIP\bPv\bv6\b6 a\bad\bdd\bdr\bre\bes\bss\bse\bes\bs c\bco\bon\bnt\bta\bai\bin\bn t\bth\bhe\be "\b":\b:"\b" c\bch\bha\bar\bra\bac\bct\bte\ber\br,\b, a\ban\bnd\bd w\bwo\bou\bul\bld\bd o\bot\bth\bhe\ber\brw\bwi\bis\bse\be b\bbe\be c\bco\bon\bnf\bfu\bus\bse\bed\bd w\bwi\bit\bth\bh
a\ba "\b"t\bty\byp\bpe\be:\b:t\bta\bab\bbl\ble\be"\b" p\bpa\bat\btt\bte\ber\brn\bn.\b.
setting "mynetworks_style = class" has the same effect as the setting
"mynetworks_style = subnet".
- * On Tru64Unix, Postfix can't figure out the local subnet mask and always
- assumes a /128 network. This is a problem only with "mynetworks_style =
- subnet" and no explicit mynetworks setting in main.cf.
+ * On Tru64Unix and AIX, Postfix can't figure out the local subnet mask and
+ always assumes a /128 network. This is a problem only with
+ "mynetworks_style = subnet" and no explicit mynetworks setting in main.cf.
C\bCo\bom\bmp\bpa\bat\bti\bib\bbi\bil\bli\bit\bty\by w\bwi\bit\bth\bh P\bPo\bos\bst\btf\bfi\bix\bx <\b<2\b2.\b.2\b2 I\bIP\bPv\bv6\b6 s\bsu\bup\bpp\bpo\bor\brt\bt
* Test if Postfix can figure out its interface information.
After compiling Postfix in the usual manner, step into the src/util
- directory and type "make inet_addr_local". Running this file by hand should
+ directory and type "m\bma\bak\bke\be i\bin\bne\bet\bt_\b_a\bad\bdd\bdr\br_\b_l\blo\boc\bca\bal\bl". Running this file by hand should
produce all the interface addresses and network masks, for example:
% make
* The anvil(8) server implements client connection and request rate limiting
for all smtpd(8) servers. The TUNING_README document provides guidance for
- dealing with mis-behaving SMTP clients. The anvil(8) service is not
- included with Postfix version 2.1 or earlier.
+ dealing with mis-behaving SMTP clients. The anvil(8) service is available
+ in Postfix version 2.2 and later.
Network -> smtpd(8) <-> anvil(8)
o Maintain the pseudo-random number generator (PRNG) that is used to seed
the TLS engines in Postfix smtp(8) client or smtpd(8) server processes.
- The state of this PRNG is saved periodically to a file, and is read
+ The state of this PRNG is periodically saved to a file, and is read
when tlsmgr(8) starts up.
o Maintain the optional Postfix smtp(8) client or smtpd(8) server caches
carefully as Wietse's own code, every 1000 lines introduce one additional bug
into Postfix.
-I\bIn\bnt\btr\bro\bod\bdu\buc\bct\bti\bio\bon\bn
+W\bWh\bha\bat\bt P\bPo\bos\bst\btf\bfi\bix\bx T\bTL\bLS\bS s\bsu\bup\bpp\bpo\bor\brt\bt d\bdo\boe\bes\bs f\bfo\bor\br y\byo\bou\bu
-This document requires Postfix version 2.2 or later.
+Transport Layer Security (TLS, formerly called SSL) provides certificate-based
+authentication and encrypted sessions. An encrypted session protects the
+information that is transmitted with SMTP mail or with SASL authentication.
-Postfix may be built with Transport Layer Security (TLS, formerly called SSL)
-protocol support as described in RFC 3207. This provides certificate-based
-authentication, and encrypted sessions. An encrypted session protects the
-information that is transmitted with SMTP mail or with SASL authentication. The
-main elements of the Postfix TLS architecture are:
-
- * The smtpd(8) server implements the SMTP over TLS server side.
-
- * The smtp(8) client implements the SMTP over TLS client side.
-
- * The tlsmgr(8) server maintains the pseudo-random number generator (PRNG)
- that seeds the TLS engines in the smtpd(8) server and smtp(8) client
- processes, and maintains the TLS session cache files with TLS session keys.
-
-The following diagram shows the relationship between these architecture
-elements.
-
- <---seed--- ---seed--->
-Network-> smtpd(8) tlsmgr(8) smtp(8) ->Network
- <-session-> <-session->
-
- / | \
- |
- / \
-
- smtpd PRNG smtp
- session state session
- cache file cache
+Postfix version 2.2 introduces support for TLS as described in RFC 3207. TLS
+Support for older Postfix versions was available as an add-on patch. The
+section "Compatibility with Postfix < 2.2 TLS support" below discusses the
+differences between these implementations.
Topics covered in this document:
+ * How Postfix TLS support works
* Building Postfix with TLS support
* SMTP Server specific settings
* SMTP Client specific settings
* Getting started, quick and dirty
+H\bHo\bow\bw P\bPo\bos\bst\btf\bfi\bix\bx T\bTL\bLS\bS s\bsu\bup\bpp\bpo\bor\brt\bt w\bwo\bor\brk\bks\bs
+
+The diagram below shows the main elements of the Postfix TLS architecture and
+their relationships. Colored boxes with numbered names represent Postfix daemon
+programs. Other colored boxes represent storage elements.
+
+ * The smtpd(8) server implements the SMTP over TLS server side.
+
+ * The smtp(8) client implements the SMTP over TLS client side.
+
+ * The tlsmgr(8) server maintains the pseudo-random number generator (PRNG)
+ that seeds the TLS engines in the smtpd(8) server and smtp(8) client
+ processes, and maintains the TLS session key cache files.
+
+ <---seed--- ---seed--->
+Network-> smtpd(8) tlsmgr(8) smtp(8) ->Network
+ <-session-> <-session->
+
+ / | \
+ |
+ / \
+
+ smtpd PRNG smtp
+ session state session
+ key cache file key cache
+
B\bBu\bui\bil\bld\bdi\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx w\bwi\bit\bth\bh T\bTL\bLS\bS s\bsu\bup\bpp\bpo\bor\brt\bt
To build Postfix with TLS support, first we need to generate the make(1) files
Postfix version 2.2 TLS support is based on the Postfix/TLS patch by Lutz
Jänicke, but differs in a few minor ways.
- * main.cf: Use b\bbt\btr\bre\bee\be instead of s\bsd\bdb\bbm\bm for TLS session cache databases.
+ * main.cf: Specify "btree" instead of "sdbm" for TLS session cache databases.
TLS session cache databases are now accessed only by the tlsmgr(8) process,
- so there are no more concurrency issues. Although Postfix has an s\bsd\bdb\bbm\bm
- client, the s\bsd\bdb\bbm\bm library (1000 lines of code) is not included with Postfix.
+ so there are no more concurrency issues. Although Postfix has an sdbm
+ client, the sdbm library (1000 lines of code) is not included with Postfix.
TLS session caches can use any database that can store objects of several
kbytes or more, and that implements the sequence operation. In most cases,
- b\bbt\btr\bre\bee\be databases should be adequate.
+ btree databases should be adequate.
- NOTE: You cannot use d\bdb\bbm\bm databases. TLS session objects are too large.
+ NOTE: You cannot use dbm databases. TLS session objects are too large.
- * master.cf: Specify u\bun\bni\bix\bx instead of f\bfi\bif\bfo\bo as the tlsmgr service type.
+ * master.cf: Specify "unix" instead of "fifo" as the tlsmgr service type.
The smtp(8) and smtpd(8) processes now use a client-server protocol in
order to access the tlsmgr(8) pseudo-random number generation (PRNG) pool,
and change the patchlevel and the release date. Patches are never
issued for snapshot releases.
+Major changes with snapshot Postfix-2.2-20050205
+================================================
+
+REPLACE action in header_checks and body_checks. See header_checks(5)
+for details.
+
Incompatible changes with snapshot Postfix-2.2-20050203
=======================================================
# absolute path for each queue subdirectory even if you want the
# default incoming and active queue distribution.
# SEE ALSO
-# mailq(1) List all messages in the queue.
+# mailq(1), List all messages in the queue.
# QSHAPE_README Examples and background material.
# FILES
# $config_directory/main.cf, Postfix installation parameters.
# ACCESS(5) ACCESS(5)
#
# NAME
-# access - format of Postfix access table
+# access - Postfix access table format
#
# SYNOPSIS
# postmap /etc/postfix/access
# postmap -q - /etc/postfix/access <inputfile
#
# DESCRIPTION
-# The optional access table directs the Postfix SMTP server
-# to selectively reject or accept mail. Access can be
+# The optional access(5) table directs the Postfix SMTP
+# server to selectively reject or accept mail. Access can be
# allowed or denied for specific host names, domain names,
# networks, host addresses or mail addresses.
#
# For an example, see the EXAMPLE section at the end of this
# manual page.
#
-# Normally, the access table is specified as a text file
+# Normally, the access(5) table is specified as a text file
# that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see
-# tcp_table(5). This feature is not available in Postfix
-# version 2.1.
+# tcp_table(5). This feature is not available up to and
+# including Postfix version 2.2.
#
# Each lookup operation uses the entire query string once.
# Depending on the application, that string is an entire
# ALIASES(5) ALIASES(5)
#
# NAME
-# aliases - format of the Postfix alias database
+# aliases - Postfix local alias database format
#
# SYNOPSIS
# newaliases
#
# DESCRIPTION
-# The aliases table provides a system-wide mechanism to
+# The aliases(5) table provides a system-wide mechanism to
# redirect mail for local recipients. The redirections are
# processed by the Postfix local(8) delivery agent.
#
-# Normally, the aliases table is specified as a text file
+# Normally, the aliases(5) table is specified as a text file
# that serves as input to the postalias(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast lookup by the mail system. Execute the command
# Users can control delivery of their own mail by setting up
# .forward files in their home directory. Lines in per-user
# .forward files have the same syntax as the right-hand side
-# of aliases entries.
+# of aliases(5) entries.
#
# The format of the alias database input file is as follows:
#
# CANONICAL(5) CANONICAL(5)
#
# NAME
-# canonical - format of Postfix canonical table
+# canonical - Postfix canonical table format
#
# SYNOPSIS
# postmap /etc/postfix/canonical
# postmap -q - /etc/postfix/canonical <inputfile
#
# DESCRIPTION
-# The optional canonical table specifies an address mapping
-# for local and non-local addresses. The mapping is used by
-# the cleanup(8) daemon. The address mapping is recursive.
+# The optional canonical(5) table specifies an address map-
+# ping for local and non-local addresses. The mapping is
+# used by the cleanup(8) daemon. The address mapping is
+# recursive.
#
-# Normally, the canonical table is specified as a text file
-# that serves as input to the postmap(1) command. The
+# Normally, the canonical(5) table is specified as a text
+# file that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
-# postmap /etc/postfix/canonical in order to rebuild the
+# "postmap /etc/postfix/canonical" in order to rebuild the
# indexed file after changing the text file.
#
# When the table is provided via other means such as NIS,
# way as described below under "REGULAR EXPRESSION TABLES"
# and "TCP-BASED TABLES".
#
-# By default the canonical mapping affects both message
+# By default the canonical(5) mapping affects both message
# header addresses (i.e. addresses that appear inside mes-
# sages) and message envelope addresses (for example, the
# addresses that are used in SMTP protocol commands). Think
# Sendmail rule set S3, if you like. This is controlled
# with the canonical_classes parameter.
#
-# Typically, one would use the canonical table to replace
+# Typically, one would use the canonical(5) table to replace
# login names by Firstname.Lastname, or to clean up
# addresses produced by legacy mail systems.
#
-# The canonical mapping is not to be confused with virtual
-# domain support. Use the virtual(5) map for that purpose.
+# The canonical(5) mapping is not to be confused with vir-
+# tual domain support. Use the virtual(5) map for that pur-
+# pose.
#
-# The canonical mapping is not to be confused with local
+# The canonical(5) mapping is not to be confused with local
# aliasing. Use the aliases(5) map for that purpose.
#
# TABLE FORMAT
-# The input format for the postmap(1) command is as follows:
+# make# The input format for the postmap(1) command is as
+# follows:
#
# pattern result
-# When pattern matches a mail address, replace it by
+# When pattern matches a mail address, replace it by
# the corresponding result.
#
# blank lines and comments
-# Empty lines and whitespace-only lines are ignored,
-# as are lines whose first non-whitespace character
+# Empty lines and whitespace-only lines are ignored,
+# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
-# A logical line starts with non-whitespace text. A
-# line that starts with whitespace continues a logi-
+# A logical line starts with non-whitespace text. A
+# line that starts with whitespace continues a logi-
# cal line.
#
# With lookups from indexed files such as DB or DBM, or from
-# networked tables such as NIS, LDAP or SQL, patterns are
+# networked tables such as NIS, LDAP or SQL, patterns are
# tried in the order as listed below:
#
# user@domain address
-# user@domain is replaced by address. This form has
+# user@domain is replaced by address. This form has
# the highest precedence.
#
-# This is useful to clean up addresses produced by
-# legacy mail systems. It can also be used to pro-
-# duce Firstname.Lastname style addresses, but see
+# This is useful to clean up addresses produced by
+# legacy mail systems. It can also be used to pro-
+# duce Firstname.Lastname style addresses, but see
# below for a simpler solution.
#
# user address
# user@site is replaced by address when site is equal
-# to $myorigin, when site is listed in $mydestina-
-# tion, or when it is listed in $inet_interfaces or
+# to $myorigin, when site is listed in $mydestina-
+# tion, or when it is listed in $inet_interfaces or
# $proxy_interfaces.
#
-# This form is useful for replacing login names by
+# This form is useful for replacing login names by
# Firstname.Lastname.
#
# @domain address
-# Every address in domain is replaced by address.
+# Every address in domain is replaced by address.
# This form has the lowest precedence.
#
-# In all the above forms, when address has the form @other-
+# In all the above forms, when address has the form @other-
# domain, the result is the same user in otherdomain.
#
# ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
-# ient delimiter (e.g., user+foo@domain), the lookup order
+# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, user+foo, user, and
# @domain.
#
-# The propagate_unmatched_extensions parameter controls
-# whether an unmatched address extension (+foo) is propa-
+# The propagate_unmatched_extensions parameter controls
+# whether an unmatched address extension (+foo) is propa-
# gated to the result of table lookup.
#
# REGULAR EXPRESSION TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
-# a description of regular expression lookup table syntax,
+# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
-# Each pattern is a regular expression that is applied to
+# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, user@domain mail
-# addresses are not broken up into their user and @domain
+# addresses are not broken up into their user and @domain
# constituent parts, nor is user+foo broken up into user and
# foo.
#
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the
+# table, until a pattern is found that matches the search
# string.
#
-# Results are the same as with indexed file lookups, with
-# the additional feature that parenthesized substrings from
+# Results are the same as with indexed file lookups, with
+# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
-# tion of the TCP client/server lookup protocol, see
-# tcp_table(5). This feature is not available in Postfix
-# version 2.1.
+# tion of the TCP client/server lookup protocol, see
+# tcp_table(5). This feature is not available up to and
+# including Postfix version 2.2.
#
# Each lookup operation uses the entire address once. Thus,
-# user@domain mail addresses are not broken up into their
+# user@domain mail addresses are not broken up into their
# user and @domain constituent parts, nor is user+foo broken
# up into user and foo.
#
# Results are the same as with indexed file lookups.
#
# BUGS
-# The table format does not understand quoting conventions.
+# The table format does not understand quoting conventions.
#
# CONFIGURATION PARAMETERS
-# The following main.cf parameters are especially relevant.
-# The text below provides only a parameter summary. See
+# The following main.cf parameters are especially relevant.
+# The text below provides only a parameter summary. See
# postconf(5) for more details including examples.
#
# canonical_classes
-# What addresses are subject to canonical address
+# What addresses are subject to canonical address
# mapping.
#
# canonical_maps
# header sender addresses.
#
# propagate_unmatched_extensions
-# A list of address rewriting or forwarding mecha-
-# nisms that propagate an address extension from the
-# original address to the result. Specify zero or
-# more of canonical, virtual, alias, forward, or
+# A list of address rewriting or forwarding mecha-
+# nisms that propagate an address extension from the
+# original address to the result. Specify zero or
+# more of canonical, virtual, alias, forward, or
# include.
#
# Other parameters of interest:
#
# inet_interfaces
-# The network interface addresses that this system
+# The network interface addresses that this system
# receives mail on. You need to stop and start Post-
# fix when this parameter changes.
#
# tor.
#
# masquerade_classes
-# List of address classes subject to masquerading:
-# zero or more of envelope_sender, envelope_recipi-
+# List of address classes subject to masquerading:
+# zero or more of envelope_sender, envelope_recipi-
# ent, header_sender, header_recipient.
#
# masquerade_domains
-# List of domains that hide their subdomain struc-
+# List of domains that hide their subdomain struc-
# ture.
#
# masquerade_exceptions
-# List of user names that are not subject to address
+# List of user names that are not subject to address
# masquerading.
#
# mydestination
-# List of domains that this mail system considers
+# List of domains that this mail system considers
# local.
#
# myorigin
# virtual(5), virtual aliasing
#
# README FILES
-# Use "postconf readme_directory" or "postconf html_direc-
+# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# DATABASE_README, Postfix lookup table overview
# ADDRESS_REWRITING_README, address rewriting guide
#
# LICENSE
-# The Secure Mailer license must be distributed with this
+# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
# lookup tables. Usually the best performance is obtained
# with pcre (Perl Compatible Regular Expression) tables, but
# the slower regexp (POSIX regular expressions) support is
-# more widely available. Use the command postconf -m to
+# more widely available. Use the command "postconf -m" to
# find out what lookup table types your Postfix system sup-
# ports.
#
# Prepend one line with the specified text and
# inspect the next input line.
#
-# Note: the prepended text is output immediately
-# before the input that triggered the PREPEND action.
-# A body action cannot prepend a message header.
+# Notes:
#
-# Note: this action cannot be used to prepend multi-
-# line text.
+# o The prepended text is output on a separate
+# line, immediately before the input that
+# triggered the PREPEND action.
+#
+# o When prepending text before a message header
+# line, the prepended text must begin with a
+# valid message header label.
+#
+# o This action cannot be used to prepend multi-
+# line text.
#
# This feature is available in Postfix 2.1 and later.
#
#
# This feature is available in Postfix 2.1 and later.
#
+# REPLACE text...
+# Replace the current line with the specified text
+# and inspect the next input line.
+#
+# Note: when replacing a message header line, the
+# replacement text must begin with a valid header
+# label.
+#
+# This feature is available in Postfix 2.2 and later.
+#
# REJECT optional text...
# Reject the entire message. Reply with optional
# text... when the optional text is specified, other-
# RELOCATED(5) RELOCATED(5)
#
# NAME
-# relocated - format of Postfix relocated table
+# relocated - Postfix relocated table format
#
# SYNOPSIS
# postmap /etc/postfix/relocated
#
# DESCRIPTION
-# The optional relocated table provides the information that
-# is used in "user has moved to new_location" bounce mes-
-# sages.
+# The optional relocated(5) table provides the information
+# that is used in "user has moved to new_location" bounce
+# messages.
#
-# Normally, the relocated table is specified as a text file
-# that serves as input to the postmap(1) command. The
+# Normally, the relocated(5) table is specified as a text
+# file that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
-# postmap /etc/postfix/relocated in order to rebuild the
+# "postmap /etc/postfix/relocated" in order to rebuild the
# indexed file after changing the relocated table.
#
# When the table is provided via other means such as NIS,
# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see
-# tcp_table(5). This feature is not available in Postfix
-# version 2.1.
+# tcp_table(5). This feature is not available up to and
+# including Postfix version 2.2.
#
# Each lookup operation uses the entire address once. Thus,
# user@domain mail addresses are not broken up into their
# TRANSPORT(5) TRANSPORT(5)
#
# NAME
-# transport - format of Postfix transport table
+# transport - Postfix transport table format
#
# SYNOPSIS
# postmap /etc/postfix/transport
# postmap -q - /etc/postfix/transport <inputfile
#
# DESCRIPTION
-# The optional transport table specifies a mapping from
+# The optional transport(5) table specifies a mapping from
# email addresses to message delivery transports and/or
# relay hosts. The mapping is used by the trivial-rewrite(8)
# daemon.
# Mail for any other destination is by default deliv-
# ered via $default_transport.
#
-# Normally, the transport table is specified as a text file
-# that serves as input to the postmap(1) command. The
+# Normally, the transport(5) table is specified as a text
+# file that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
-# postmap /etc/postfix/transport in order to rebuild the
+# "postmap /etc/postfix/transport" in order to rebuild the
# indexed file after changing the transport table.
#
# When the table is provided via other means such as NIS,
# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see
-# tcp_table(5). This feature is not available in Postfix
-# version 2.1.
+# tcp_table(5). This feature is not available up to and
+# including Postfix version 2.2.
#
# Each lookup operation uses the entire recipient address
# once. Thus, some.domain.hierarchy is not looked up via
# VIRTUAL(5) VIRTUAL(5)
#
# NAME
-# virtual - format of Postfix virtual alias table
+# virtual - Postfix virtual alias table format
#
# SYNOPSIS
# postmap /etc/postfix/virtual
# postmap -q - /etc/postfix/virtual <inputfile
#
# DESCRIPTION
-# The optional virtual alias table specifies address alias-
-# ing for arbitrary local or non-local recipient addresses.
-# Virtual aliasing is recursive, and is done by the Postfix
-# cleanup(8) daemon.
+# The optional virtual(5) alias table specifies address
+# aliasing for arbitrary local or non-local recipient
+# addresses. Virtual aliasing is recursive, and is done by
+# the Postfix cleanup(8) daemon.
#
# The main applications of virtual aliasing are:
#
# Sendmail rule set S0, if you like. Use canonical(5) map-
# ping to rewrite header and envelope addresses in general.
#
-# Normally, the virtual alias table is specified as a text
-# file that serves as input to the postmap(1) command. The
-# result, an indexed file in dbm or db format, is used for
-# fast searching by the mail system. Execute the command
-# postmap /etc/postfix/virtual in order to rebuild the
+# Normally, the virtual(5) alias table is specified as a
+# text file that serves as input to the postmap(1) command.
+# The result, an indexed file in dbm or db format, is used
+# for fast searching by the mail system. Execute the command
+# "postmap /etc/postfix/virtual" in order to rebuild the
# indexed file after changing the text file.
#
# When the table is provided via other means such as NIS,
#
# This functionality overlaps with functionality of
# the local aliases(5) database. The difference is
-# that virtual mapping can be applied to non-local
+# that virtual(5) mapping can be applied to non-local
# addresses.
#
# @domain address, address, ...
# virtual_alias_maps = hash:/etc/postfix/virtual
#
# Note: some systems use dbm databases instead of hash.
-# See the output from postconf -m for available database
-# types.
+# See the output from "postconf -m" for available
+# database types.
#
# /etc/postfix/virtual:
# virtual-alias.domain anything (right-hand content does not matter)
# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see
-# tcp_table(5). This feature is not available in Postfix
-# version 2.1.
+# tcp_table(5). This feature is not available up to and
+# including Postfix version 2.2.
#
# Each lookup operation uses the entire address once. Thus,
# user@domain mail addresses are not broken up into their
# CONFIGURATION PARAMETERS
# The following main.cf parameters are especially relevant
# to this topic. See the Postfix main.cf file for syntax
-# details and for default values. Use the postfix reload
+# details and for default values. Use the "postfix reload"
# command after a configuration change.
#
# virtual_alias_maps
described in <a href="tcp_table.5.html">tcp_table(5)</a>. The lookup table name is "<a href="tcp_table.5.html">tcp</a>:host:port"
where "host" specifies a symbolic hostname or a numeric IP address,
and "port" specifies a symbolic service name or a numeric port
-number. This protocol is not available in Postfix version 2.1.
-</dd>
+number. This protocol is not available up to and including Postfix
+version 2.2. </dd>
<dt> <b>unix</b> (read-only) </dt>
OSF1.V3 - OSF1.V5 (Digital UNIX) <br>
Reliant UNIX 5.x <br>
Rhapsody 5.x <br>
-SunOS 4.1.4 (April 2004) <br>
+SunOS 4.1.4 (February 2005) <br>
SunOS 5.4 - 5.9 (Solaris 2.4..9) <br>
Ultrix 4.x (well, that was long ago) <br>
</p>
<h2>Introduction</h2>
<p> Postfix 2.2 introduces support for the IPv6 (IP version 6)
-protocol, whose main feature of interest is that it uses 128-bit
-IP addresses instead of the 32-bit addresses used by IPv4. </p>
-
-<p> With this, Postfix can use the same SMTP protocol over IPv6 as
-it already uses over the older IPv4 network, and Postfix can do
-AAAA record lookups in the DNS in addition to the older A records.
-Information about IPv6 can be found at <a href="http://www.ipv6.org/">http://www.ipv6.org/</a>. </p>
+protocol. IPv6 support older Postfix versions was available as an
+add-on patch. The section "<a href="#compat">Compatibility with
+Postfix <2.2 IPv6 support</a>" below discusses the differences
+between these implementations. </p>
+
+<p> The main feature of interest is that IPv6 uses 128-bit IP
+addresses instead of the 32-bit addresses used by IPv4. It can
+therefore accomodate a much larger number of hosts and networks
+without ugly kluges such as NAT. A side benefit of the much larger
+address space is that it makes network scanning unpractical. </p>
+
+<p> Postfix uses the same SMTP protocol over IPv6 as it already
+uses over the older IPv4 network, and does AAAA record lookups in
+the DNS in addition to the older A records. Information about IPv6
+can be found at <a href="http://www.ipv6.org/">http://www.ipv6.org/</a>. </p>
<p> This document provides information on the following topics:
</p>
<p> Postfix IPv6 support introduces two new main.cf configuration
parameters, and introduces an important change in address syntax
-notation in match lists such as <tt><a href="postconf.5.html#mynetworks">mynetworks</a></tt> or
-<tt><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></tt>. </p>
+notation in match lists such as <a href="postconf.5.html#mynetworks">mynetworks</a> or
+<a href="postconf.5.html#debug_peer_list">debug_peer_list</a>. </p>
<p> Postfix IPv6 address syntax is a little tricky, because there
-are a few places where you must enclose IPv6 address inside
-<tt>[]</tt> characters, and a few places where you must not. It is
-a good idea to use <tt>[]</tt> only in the few places where you
+are a few places where you must enclose an IPv6 address inside
+"<tt>[]</tt>" characters, and a few places where you must not. It is
+a good idea to use "<tt>[]</tt>" only in the few places where you
have to. Check out the <a href="postconf.5.html">postconf(5)</a> manual whenever you do IPv6
related configuration work with Postfix. </p>
<ul>
-<li> <p> The new <tt><a href="postconf.5.html#inet_protocols">inet_protocols</a></tt> parameter specifies what
-IP protocols Postfix will use. This parameter also controls what
-DNS lookups Postfix will do. </p>
+<li> <p> The first new parameter is called <a href="postconf.5.html#inet_protocols">inet_protocols</a>. This
+specifies what protocols Postfix will use when it makes or accepts
+network connections, and also controls what DNS lookups Postfix
+will use when it makes network connections. </p>
<blockquote>
<pre>
</ul>
<p> Note 1: you must stop and start Postfix after changing the
-<tt><a href="postconf.5.html#inet_protocols">inet_protocols</a></tt> configuration parameter. </p>
+<a href="postconf.5.html#inet_protocols">inet_protocols</a> configuration parameter. </p>
<p> Note 2: if you see error messages like the following, then
you're running Linux and need to turn on IPv6 in the kernel: see
</blockquote>
<p> Note 3: on older Linux and Solaris systems, the setting
-"<tt><a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv6</tt>" will not prevent Postfix from
+"<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv6" will not prevent Postfix from
accepting IPv4 connections. Postfix will present the client IP
addresses in IPv6 format, though. In all other cases, Postfix always
presents IPv4 client IP addresses in the traditional dotted quad
IPv4 format. </p>
-<li> <p> The other new parameter is <tt><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a></tt>.
+<li> <p> The other new parameter is <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a>.
This sets the local interface address for outgoing IPv6 SMTP
-connections, just like the <tt><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a></tt> parameter
+connections, just like the <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> parameter
does for IPv4: </p>
<blockquote>
</pre>
</blockquote>
-<li> <p> If you left the value of the <tt><a href="postconf.5.html#mynetworks">mynetworks</a></tt> parameter at its
-default (i.e. no <tt><a href="postconf.5.html#mynetworks">mynetworks</a></tt> setting in main.cf) Postfix will figure
+<li> <p> If you left the value of the <a href="postconf.5.html#mynetworks">mynetworks</a> parameter at its
+default (i.e. no <a href="postconf.5.html#mynetworks">mynetworks</a> setting in main.cf) Postfix will figure
out by itself what its network addresses are. This is what a typical
setting looks like: </p>
</pre>
</blockquote>
-<p> If you did specify the <tt><a href="postconf.5.html#mynetworks">mynetworks</a></tt> parameter value in
-main.cf, you need update the <tt><a href="postconf.5.html#mynetworks">mynetworks</a></tt> value to include
+<p> If you did specify the <a href="postconf.5.html#mynetworks">mynetworks</a> parameter value in
+main.cf, you need update the <a href="postconf.5.html#mynetworks">mynetworks</a> value to include
the IPv6 networks the system is in. Be sure to specify IPv6 address
-information inside <tt>[]</tt>, like this: </p>
+information inside "<tt>[]</tt>", like this: </p>
<blockquote>
<pre>
</ul>
<p> <b> NOTE: when configuring Postfix match lists such as
-<tt><a href="postconf.5.html#mynetworks">mynetworks</a></tt> or <tt><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></tt>, you must specify
-IPv6 address information inside <tt>[]</tt> in the main.cf parameter
+<a href="postconf.5.html#mynetworks">mynetworks</a> or <a href="postconf.5.html#debug_peer_list">debug_peer_list</a>, you must specify
+IPv6 address information inside "<tt>[]</tt>" in the main.cf parameter
value and in files specified with a "<i>/file/name</i>" pattern.
IPv6 addresses contain the ":" character, and would otherwise be
confused with a "<i>type:table</i>" pattern. </b> </p>
there are no blacklists that cover the IPv6 address space. </p>
<li> <p> IPv6 does not have class A, B, C, etc. networks. With IPv6
-networks, the setting "<tt><a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = class</tt>" has the
-same effect as the setting "<tt><a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet</tt>".
+networks, the setting "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = class" has the
+same effect as the setting "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet".
</p>
-<li> <p> On Tru64Unix, Postfix can't figure out the local subnet mask
+<li> <p> On Tru64Unix and AIX, Postfix can't figure out the local
+subnet mask
and always assumes a /128 network. This is a problem only with
-"<tt><a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet</tt>" and no explicit <tt><a href="postconf.5.html#mynetworks">mynetworks</a></tt>
+"<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet" and no explicit <a href="postconf.5.html#mynetworks">mynetworks</a>
setting in main.cf. </p>
</ul>
<ul>
-<li> <p> main.cf: The <tt><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></tt> parameter does not support
-the notation "<tt>ipv6:all</tt>" or "<tt>ipv4:all</tt>". Use the
-<tt><a href="postconf.5.html#inet_protocols">inet_protocols</a></tt> parameter instead. </p>
+<li> <p> main.cf: The <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> parameter does not support
+the notation "ipv6:all" or "ipv4:all". Use the
+<a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter instead. </p>
-<li> <p> main.cf: Specify "<tt><a href="postconf.5.html#inet_protocols">inet_protocols</a> = all</tt>" or
-"<tt><a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4, ipv6</tt>" in order to enable both IPv4
+<li> <p> main.cf: Specify "<a href="postconf.5.html#inet_protocols">inet_protocols</a> = all" or
+"<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4, ipv6" in order to enable both IPv4
and IPv6 support. </p>
-<li> <p> main.cf: The <tt><a href="postconf.5.html#inet_protocols">inet_protocols</a></tt> parameter also controls
+<li> <p> main.cf: The <a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter also controls
what DNS lookups Postfix will attempt to make when delivering or
receiving mail. </p>
-<li> <p> main.cf: Specify "<tt><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only</tt>"
+<li> <p> main.cf: Specify "<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only"
to listen on loopback network interfaces only. </p>
-<li> <p> The <tt>lmtp_bind_address</tt> and <tt>lmtp_bind_address6</tt>
+<li> <p> The lmtp_bind_address and lmtp_bind_address6
features were omitted. The Postfix LMTP client will be absorbed
into the SMTP client, so there is no reason to keep adding features
to the LMTP client. </p>
<li> <p> The SMTP server now requires that IPv6 addresses in SMTP
-commands are specified as <tt>[ipv6:<i>ipv6address</i>]</tt>, as
+commands are specified as [ipv6:<i>ipv6address</i>], as
described in <a href="http://www.faqs.org/rfcs/rfc2821.html">RFC 2821</a>. </p>
<li> <p> The IPv6 network address matching code was rewritten from
Postfix needs this information to avoid mailer loops and to find out
if mail for <i>user@[ipaddress]</i> is a local or remote destination. </p>
-<p> If your system has the <tt>getifaddrs()</tt> routine then add
+<p> If your system has the getifaddrs() routine then add
the following to your platform-specific section in
-<tt>src/util/sys_defs.h</tt>: </p>
+src/util/sys_defs.h: </p>
<blockquote>
<pre>
</pre>
</blockquote>
-<p> Otherwise, if your system has the SIOCGLIF <tt>ioctl()</tt>
-command in <tt>/usr/include/*/*.h</tt>, add the following to your
-platform-specific section in <tt>src/util/sys_defs.h</tt>: </p>
+<p> Otherwise, if your system has the SIOCGLIF ioctl()
+command in /usr/include/*/*.h, add the following to your
+platform-specific section in src/util/sys_defs.h: </p>
<blockquote>
<pre>
<p> Otherwise, Postfix will have to use the old SIOCGIF commands
and get along with reduced IPv6 functionality (it won't be able to
-figure out your IPv6 netmasks, which are needed for "<tt><a href="postconf.5.html#mynetworks_style">mynetworks_style</a>
-= subnet</tt>". Add this to your platform-specific section in
-<tt>src/util/sys_defs.h</tt>: </p>
+figure out your IPv6 netmasks, which are needed for "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a>
+= subnet". Add this to your platform-specific section in
+src/util/sys_defs.h: </p>
<blockquote>
<pre>
<li> <p> Test if Postfix can figure out its interface information. </p>
<p> After compiling Postfix in the usual manner, step into the
-<tt>src/util</tt> directory and type "<tt>make inet_addr_local</tt>".
+src/util directory and type "<b>make inet_addr_local</b>".
Running this file by hand should produce all the interface addresses
and network masks, for example: </p>
request rate
limiting for all <a href="smtpd.8.html">smtpd(8)</a> servers. The <a href="TUNING_README.html">TUNING_README</a> document
provides guidance for dealing with mis-behaving SMTP clients. The
-<a href="anvil.8.html">anvil(8)</a> service is not included with Postfix version 2.1 or earlier.
+<a href="anvil.8.html">anvil(8)</a> service is available in Postfix version 2.2 and later.
</p>
<table>
<li> <p> Maintain the pseudo-random number generator (PRNG) that
is used to seed the TLS engines in Postfix <a href="smtp.8.html">smtp(8)</a> client or <a href="smtpd.8.html">smtpd(8)</a>
-server processes. The state of this PRNG is saved periodically to
+server processes. The state of this PRNG is periodically saved to
a file, and is read when <a href="tlsmgr.8.html">tlsmgr(8)</a> starts up. </p>
<li> <p> Maintain the optional Postfix <a href="smtp.8.html">smtp(8)</a> client or <a href="smtpd.8.html">smtpd(8)</a>
own code, every 1000 lines introduce one additional bug into
Postfix. </p>
-<h2> Introduction </h2>
+<h2> What Postfix TLS support does for you </h2>
-<p> This document requires Postfix version 2.2 or later. </p>
-
-<p> Postfix may be built with Transport Layer Security (TLS, formerly
-called SSL) protocol support as described in <a href="http://www.faqs.org/rfcs/rfc3207.html">RFC 3207</a>. This provides
-certificate-based authentication, and encrypted sessions. An
+<p> Transport Layer Security (TLS, formerly called SSL) provides
+certificate-based authentication and encrypted sessions. An
encrypted session protects the information that is transmitted with
-SMTP mail or with SASL authentication. The main elements of the
-Postfix TLS architecture are: </p>
+SMTP mail or with SASL authentication.
+
+<p> Postfix version 2.2 introduces support for TLS as described in
+<a href="http://www.faqs.org/rfcs/rfc3207.html">RFC 3207</a>. TLS Support for older Postfix versions was available as
+an add-on patch. The section "<a href="#compat">Compatibility with
+Postfix < 2.2 TLS support</a>" below discusses the differences
+between these implementations. </p>
+
+<p> Topics covered in this document: </p>
+
+<ul>
+
+<li><a href="#how">How Postfix TLS support works</a>
+
+<li><a href="#build_tls">Building Postfix with TLS support</a>
+
+<li><a href="#server_tls">SMTP Server specific settings</a>
+
+<li> <a href="#client_tls">SMTP Client specific settings</a>
+
+<li><a href="#tlsmgr_controls"> TLS manager specific settings </a>
+
+<li><a href="#problems"> Reporting problems </a>
+
+<li><a href="#compat">Compatibility with Postfix < 2.2 TLS support</a>
+
+<li><a href="#credits"> Credits </a>
+
+</ul>
+
+<p> And last but not least, for the impatient: </p>
+
+<ul>
+
+<li><a href="#quick-start">Getting started, quick and dirty</a>
+
+</ul>
+
+<h2><a name="how">How Postfix TLS support works</a></h2>
+
+<p> The diagram below shows the main elements of the Postfix TLS
+architecture and their relationships. Colored boxes with numbered
+names represent Postfix daemon programs. Other colored boxes
+represent storage elements. </p>
<ul>
<li> <p> The <a href="tlsmgr.8.html">tlsmgr(8)</a> server maintains the pseudo-random number
generator (PRNG) that seeds the TLS engines in the <a href="smtpd.8.html">smtpd(8)</a> server
-and <a href="smtp.8.html">smtp(8)</a> client processes, and maintains the TLS session cache
-files with TLS session keys. </p>
+and <a href="smtp.8.html">smtp(8)</a> client processes, and maintains the TLS session key
+cache files. </p>
</ul>
-<p> The following diagram shows the relationship between these
-architecture elements. </p>
-
<table>
<tr> <td>Network<tt>-> </tt> </td> <td align="center"
</tr> </table> </td> <td colspan="3"> </td> </tr>
<tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff">
-smtpd<br> session<br> cache </td> <td> </td> <td align="center"
+smtpd<br> session<br> key cache </td> <td> </td> <td align="center"
bgcolor="#f0f0ff"> PRNG<br> state <br>file </td> <td> </td> <td
-align="center" bgcolor="#f0f0ff"> smtp<br> session<br> cache </td>
+align="center" bgcolor="#f0f0ff"> smtp<br> session<br> key cache
+</td>
<td colspan="2"> </td> </tr>
</table>
-<p> Topics covered in this document: </p>
-
-<ul>
-
-<li><a href="#build_tls">Building Postfix with TLS support</a>
-
-<li><a href="#server_tls">SMTP Server specific settings</a>
-
-<li> <a href="#client_tls">SMTP Client specific settings</a>
-
-<li><a href="#tlsmgr_controls"> TLS manager specific settings </a>
-
-<li><a href="#problems"> Reporting problems </a>
-
-<li><a href="#compat">Compatibility with Postfix < 2.2 TLS support</a>
-
-<li><a href="#credits"> Credits </a>
-
-</ul>
-
-<p> And last but not least, for the impatient: </p>
-
-<ul>
-
-<li><a href="#quick-start">Getting started, quick and dirty</a>
-
-</ul>
-
<h2><a name="build_tls">Building Postfix with TLS support</a></h2>
<p> To build Postfix with TLS support, first we need to generate
<ul>
-<li> <p> main.cf: Use <b>btree</b> instead of <b>sdbm</b> for TLS
+<li> <p> main.cf: Specify "btree" instead of "sdbm" for TLS
session cache databases. </p>
<p> TLS session cache databases are now accessed only by the
<a href="tlsmgr.8.html">tlsmgr(8)</a> process, so there are no more concurrency issues. Although
-Postfix has an <b>sdbm</b> client, the <b>sdbm</b> library (1000
+Postfix has an sdbm client, the sdbm library (1000
lines of code) is not included with Postfix. </p>
<p> TLS session caches can use any database that can store objects
of several kbytes or more, and that implements the sequence operation.
-In most cases, <b>btree</b> databases should be adequate. </p>
+In most cases, btree databases should be adequate. </p>
-<p> NOTE: You cannot use <b>dbm</b> databases. TLS session objects
+<p> NOTE: You cannot use dbm databases. TLS session objects
are too large. </p>
-<li> <p> master.cf: Specify <b>unix</b> instead of <b>fifo</b> as
+<li> <p> master.cf: Specify "unix" instead of "fifo" as
the tlsmgr service type. </p>
<p> The <a href="smtp.8.html">smtp(8)</a> and <a href="smtpd.8.html">smtpd(8)</a> processes now use a client-server
ACCESS(5) ACCESS(5)
<b>NAME</b>
- access - format of Postfix access table
+ access - Postfix access table format
<b>SYNOPSIS</b>
<b>postmap /etc/postfix/access</b>
<b>postmap -q - /etc/postfix/access</b> <<i>inputfile</i>
<b>DESCRIPTION</b>
- The optional <b>access</b> table directs the Postfix SMTP server
- to selectively reject or accept mail. Access can be
+ The optional <a href="access.5.html"><b>access</b>(5)</a> table directs the Postfix SMTP
+ server to selectively reject or accept mail. Access can be
allowed or denied for specific host names, domain names,
networks, host addresses or mail addresses.
For an example, see the EXAMPLE section at the end of this
manual page.
- Normally, the <b>access</b> table is specified as a text file
+ Normally, the <a href="access.5.html"><b>access</b>(5)</a> table is specified as a text file
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
enclosed with "[]" characters.
NOTE 2: use the <b>cidr</b> lookup table type to specify
- network/netmask patterns. See <a href="cidr_table.5.html">cidr_table(5)</a> for
+ network/netmask patterns. See <a href="cidr_table.5.html"><b>cidr_table</b>(5)</a> for
details.
<i>net:work:addr:ess</i>
enclosed with "[]" characters.
NOTE 3: use the <b>cidr</b> lookup table type to specify
- network/netmask patterns. See <a href="cidr_table.5.html">cidr_table(5)</a> for
+ network/netmask patterns. See <a href="cidr_table.5.html"><b>cidr_table</b>(5)</a> for
details.
IPv6 support is available in Postfix 2.2 and later.
After the message is queued, send the entire mes-
sage through the specified external content filter.
The <i>transport:destination</i> syntax is described in
- the <a href="transport.5.html">transport(5)</a> manual page. More information
+ the <a href="transport.5.html"><b>transport</b>(5)</a> manual page. More information
about external content filters is in the Postfix
<a href="FILTER_README.html">FILTER_README</a> file.
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available in Postfix
- version 2.1.
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
+ including Postfix version 2.2.
Each lookup operation uses the entire query string once.
Depending on the application, that string is an entire
ALIASES(5) ALIASES(5)
<b>NAME</b>
- aliases - format of the Postfix alias database
+ aliases - Postfix local alias database format
<b>SYNOPSIS</b>
<b>newaliases</b>
<b>DESCRIPTION</b>
- The <b>aliases</b> table provides a system-wide mechanism to
+ The <a href="aliases.5.html"><b>aliases</b>(5)</a> table provides a system-wide mechanism to
redirect mail for local recipients. The redirections are
processed by the Postfix <a href="local.8.html"><b>local</b>(8)</a> delivery agent.
- Normally, the <b>aliases</b> table is specified as a text file
+ Normally, the <a href="aliases.5.html"><b>aliases</b>(5)</a> table is specified as a text file
that serves as input to the <a href="postalias.1.html"><b>postalias</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast lookup by the mail system. Execute the command
Users can control delivery of their own mail by setting up
<b>.forward</b> files in their home directory. Lines in per-user
<b>.forward</b> files have the same syntax as the right-hand side
- of <b>aliases</b> entries.
+ of <a href="aliases.5.html"><b>aliases</b>(5)</a> entries.
The format of the alias database input file is as follows:
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#alias_database">alias_database</a></b>
List of alias databases that are updated by the
<b>anvil</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The Postfix <b>anvil</b> server maintains short-term statistics
- to defend against clients that hammer a server with either
- too many simultaneous sessions, or with too many succes-
- sive requests within a configurable time interval. This
- server is designed to run under control by the Postfix
- master server.
+ The Postfix <a href="anvil.8.html"><b>anvil</b>(8)</a> server maintains short-term statis-
+ tics to defend against clients that hammer a server with
+ either too many simultaneous sessions, or with too many
+ successive requests within a configurable time interval.
+ This server is designed to run under control by the Post-
+ fix <a href="master.8.html"><b>master</b>(8)</a> server.
- The <b>anvil</b> server maintains no persistent database. Stan-
- dard library utilities do not meet Postfix performance and
- robustness requirements.
+ The <a href="anvil.8.html"><b>anvil</b>(8)</a> server maintains no persistent database.
+ Standard library utilities do not meet Postfix performance
+ and robustness requirements.
<b>CONNECTION COUNT/RATE LIMITING</b>
When a remote client connects, a connection count (or
rate) limited server should send the following request to
- the <b>anvil</b> server:
+ the <a href="anvil.8.html"><b>anvil</b>(8)</a> server:
<b>request=connect</b>
<b>ident=</b><i>string</i>
This registers a new connection for the (service, client)
- combination specified with <b>ident</b>. The <b>anvil</b> server answers
- with the number of simultaneous connections and the number
- of connections per unit time for that (service, client)
- combination:
+ combination specified with <b>ident</b>. The <a href="anvil.8.html"><b>anvil</b>(8)</a> server
+ answers with the number of simultaneous connections and
+ the number of connections per unit time for that (service,
+ client) combination:
<b>status=0</b>
<b>count=</b><i>number</i>
When a remote client disconnects, a connection count (or
rate) limited server should send the following request to
- the <b>anvil</b> server:
+ the <a href="anvil.8.html"><b>anvil</b>(8)</a> server:
<b>request=disconnect</b>
<b>ident=</b><i>string</i>
This registers a disconnect event for the (service,
- client) combination specified with <b>ident</b>. The <b>anvil</b> server
- replies with:
+ client) combination specified with <b>ident</b>. The <a href="anvil.8.html"><b>anvil</b>(8)</a>
+ server replies with:
<b>status=0</b>
<b>MESSAGE RATE LIMITING</b>
When a remote client sends a message delivery request, a
message rate limited server should send the following
- request to the <b>anvil</b> server:
+ request to the <a href="anvil.8.html"><b>anvil</b>(8)</a> server:
<b>request=message</b>
<b>ident=</b><i>string</i>
This registers a message delivery request for the (ser-
- vice, client) combination specified with <b>ident</b>. The <b>anvil</b>
- server answers with the number of message delivery
- requests per unit time for that (service, client) combina-
- tion:
+ vice, client) combination specified with <b>ident</b>. The
+ <a href="anvil.8.html"><b>anvil</b>(8)</a> server answers with the number of message deliv-
+ ery requests per unit time for that (service, client) com-
+ bination:
<b>status=0</b>
<b>rate=</b><i>number</i>
- In order prevent the anvil server from discarding client
- request rates too early or too late, a message rate lim-
- ited service should also register connect/disconnect
+ In order to prevent the <a href="anvil.8.html"><b>anvil</b>(8)</a> server from discarding
+ client request rates too early or too late, a message rate
+ limited service should also register connect/disconnect
events.
- This feature is available in Postfix 2.2 and later.
-
<b>RECIPIENT RATE LIMITING</b>
When a remote client sends a recipient address, a recipi-
ent rate limited server should send the following request
- to the <b>anvil</b> server:
+ to the <a href="anvil.8.html"><b>anvil</b>(8)</a> server:
<b>request=recipient</b>
<b>ident=</b><i>string</i>
- This registers a recipient address for the (service,
- client) combination specified with <b>ident</b>. The <b>anvil</b> server
- answers with the number of recipient addresses per unit
- time for that (service, client) combination:
+ This registers a recipient request for the (service,
+ client) combination specified with <b>ident</b>. The <a href="anvil.8.html"><b>anvil</b>(8)</a>
+ server answers with the number of recipient addresses per
+ unit time for that (service, client) combination:
<b>status=0</b>
<b>rate=</b><i>number</i>
- In order prevent the anvil server from discarding client
- request rates too early or too late, a recipient rate lim-
- ited service should also register connect/disconnect
- events.
-
- This feature is available in Postfix 2.2 and later.
+ In order to prevent the <a href="anvil.8.html"><b>anvil</b>(8)</a> server from discarding
+ client request rates too early or too late, a recipient
+ rate limited service should also register connect/discon-
+ nect events.
<b>SECURITY</b>
- The <b>anvil</b> server does not talk to the network or to local
- users, and can run chrooted at fixed low privilege.
+ The <a href="anvil.8.html"><b>anvil</b>(8)</a> server does not talk to the network or to
+ local users, and can run chrooted at fixed low privilege.
- The <b>anvil</b> server maintains an in-memory table with infor-
- mation about recent clients of a connection count (or
- rate) limited service. Although state is kept only tem-
+ The <a href="anvil.8.html"><b>anvil</b>(8)</a> server maintains an in-memory table with
+ information about recent clients of a connection count (or
+ rate) limited service. Although state is kept only tem-
porarily, this may require a lot of memory on systems that
- handle connections from many remote clients. To reduce
- memory usage, reduce the time unit over which state is
+ handle connections from many remote clients. To reduce
+ memory usage, reduce the time unit over which state is
kept.
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
Upon exit, and every <b><a href="postconf.5.html#anvil_status_update_time">anvil_status_update_time</a></b> seconds, the
- server logs the maximal count and rate values measured,
- together with (service, client) information and the time
- of day associated with those events. In order to avoid
- unnecessary overhead, no measurements are done for activ-
+ server logs the maximal count and rate values measured,
+ together with (service, client) information and the time
+ of day associated with those events. In order to avoid
+ unnecessary overhead, no measurements are done for activ-
ity that isn't concurrency limited or rate limited.
<b>BUGS</b>
- Systems behind network address translating routers or
+ Systems behind network address translating routers or
proxies appear to have the same client address and can run
into connection count and/or rate limits falsely.
In this preliminary implementation, a count (or rate) lim-
- ited server can have only one remote client at a time. If
- a server reports multiple simultaneous clients, all but
+ ited server can have only one remote client at a time. If
+ a server reports multiple simultaneous clients, all but
the last reported client are ignored.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically as <a href="anvil.8.html">anvil(8)</a>
- processes run for only a limited amount of time. Use the
+ Changes to <b>main.cf</b> are picked up automatically as <a href="anvil.8.html"><b>anvil</b>(8)</a>
+ processes run for only a limited amount of time. Use the
command "<b>postfix reload</b>" to speed up a change.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> (60s)</b>
- The time unit over which client connection rates
+ The time unit over which client connection rates
and other rates are calculated.
<b><a href="postconf.5.html#anvil_status_update_time">anvil_status_update_time</a> (600s)</b>
- How frequently the <a href="anvil.8.html">anvil(8)</a> connection and rate
+ How frequently the <a href="anvil.8.html"><b>anvil</b>(8)</a> connection and rate
limiting server logs peak usage information.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<a href="TUNING_README.html">TUNING_README</a>, performance tuning
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>HISTORY</b>
- The anvil service was introduced with Postfix 2.1.
+ The anvil service is available in Postfix 2.2 and later.
<b>AUTHOR(S)</b>
Wietse Venema
<b>bounce</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>bounce</b> daemon maintains per-message log files with
+ The <a href="bounce.8.html"><b>bounce</b>(8)</a> daemon maintains per-message log files with
non-delivery status information. Each log file is named
after the queue file that it corresponds to, and is kept
in a queue subdirectory named after the service name in
program expects to be run from the <a href="master.8.html"><b>master</b>(8)</a> process man-
ager.
- The <b>bounce</b> daemon processes two types of service requests:
+ The <a href="bounce.8.html"><b>bounce</b>(8)</a> daemon processes two types of service
+ requests:
<b>o</b> Append a recipient (non-)delivery status record to
a per-message log file.
<b>CONFIGURATION PARAMETERS</b>
Changes to <b>main.cf</b> are picked up automatically, as
- <a href="bounce.8.html">bounce(8)</a> processes run for only a limited amount of time.
+ <a href="bounce.8.html"><b>bounce</b>(8)</a> processes run for only a limited amount of time.
Use the command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#2bounce_notice_recipient">2bounce_notice_recipient</a> (postmaster)</b>
The recipient of undeliverable mail that cannot be
returned to the sender.
<b><a href="postconf.5.html#backwards_bounce_logfile_compatibility">backwards_bounce_logfile_compatibility</a> (yes)</b>
- Produce additional <a href="bounce.8.html">bounce(8)</a> logfile records that
- can be read by older Postfix versions.
+ Produce additional <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile records that
+ can be read by Postfix versions before 2.0.
<b><a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> (postmaster)</b>
The recipient of postmaster notifications with the
<b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b>
The maximal number of attempts to acquire an exclu-
- sive lock on a mailbox file or <a href="bounce.8.html">bounce(8)</a> logfile.
+ sive lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
The time between attempts to acquire an exclusive
- lock on a mailbox file or <a href="bounce.8.html">bounce(8)</a> logfile.
+ lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
The time limit for sending or receiving information
CANONICAL(5) CANONICAL(5)
<b>NAME</b>
- canonical - format of Postfix canonical table
+ canonical - Postfix canonical table format
<b>SYNOPSIS</b>
<b>postmap /etc/postfix/canonical</b>
<b>postmap -q - /etc/postfix/canonical</b> <<i>inputfile</i>
<b>DESCRIPTION</b>
- The optional <b>canonical</b> table specifies an address mapping
- for local and non-local addresses. The mapping is used by
- the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon. The address mapping is recursive.
+ The optional <a href="canonical.5.html"><b>canonical</b>(5)</a> table specifies an address map-
+ ping for local and non-local addresses. The mapping is
+ used by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon. The address mapping is
+ recursive.
- Normally, the <b>canonical</b> table is specified as a text file
-
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
+ Normally, the <a href="canonical.5.html"><b>canonical</b>(5)</a> table is specified as a text
+
file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
- <b>postmap /etc/postfix/canonical</b> in order to rebuild the
+ "<b>postmap /etc/postfix/canonical</b>" in order to rebuild the
indexed file after changing the text file.
When the table is provided via other means such as NIS,
way as described below under "REGULAR EXPRESSION TABLES"
and "TCP-BASED TABLES".
- By default the <b>canonical</b> mapping affects both message
+ By default the <a href="canonical.5.html"><b>canonical</b>(5)</a> mapping affects both message
header addresses (i.e. addresses that appear inside mes-
sages) and message envelope addresses (for example, the
addresses that are used in SMTP protocol commands). Think
Sendmail rule set <b>S3</b>, if you like. This is controlled
with the <b><a href="postconf.5.html#canonical_classes">canonical_classes</a></b> parameter.
- Typically, one would use the <b>canonical</b> table to replace
+ Typically, one would use the <a href="canonical.5.html"><b>canonical</b>(5)</a> table to replace
login names by <i>Firstname.Lastname</i>, or to clean up
addresses produced by legacy mail systems.
- The <b>canonical</b> mapping is not to be confused with <i>virtual</i>
- <i>domain</i> support. Use the <a href="virtual.5.html"><b>virtual</b>(5)</a> map for that purpose.
+ The <a href="canonical.5.html"><b>canonical</b>(5)</a> mapping is not to be confused with <i>vir-</i>
+ <i>tual domain</i> support. Use the <a href="virtual.5.html"><b>virtual</b>(5)</a> map for that pur-
+ pose.
- The <b>canonical</b> mapping is not to be confused with local
+ The <a href="canonical.5.html"><b>canonical</b>(5)</a> mapping is not to be confused with local
aliasing. Use the <a href="aliases.5.html"><b>aliases</b>(5)</a> map for that purpose.
<b>TABLE FORMAT</b>
- The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
+ make# The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as
+ follows:
<i>pattern result</i>
- When <i>pattern</i> matches a mail address, replace it by
+ When <i>pattern</i> matches a mail address, replace it by
the corresponding <i>result</i>.
blank lines and comments
- Empty lines and whitespace-only lines are ignored,
- as are lines whose first non-whitespace character
+ Empty lines and whitespace-only lines are ignored,
+ as are lines whose first non-whitespace character
is a `#'.
multi-line text
- A logical line starts with non-whitespace text. A
- line that starts with whitespace continues a logi-
+ A logical line starts with non-whitespace text. A
+ line that starts with whitespace continues a logi-
cal line.
With lookups from indexed files such as DB or DBM, or from
- networked tables such as NIS, LDAP or SQL, patterns are
+ networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user</i>@<i>domain address</i>
- <i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
+ <i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
the highest precedence.
- This is useful to clean up addresses produced by
- legacy mail systems. It can also be used to pro-
- duce <i>Firstname.Lastname</i> style addresses, but see
+ This is useful to clean up addresses produced by
+ legacy mail systems. It can also be used to pro-
+ duce <i>Firstname.Lastname</i> style addresses, but see
below for a simpler solution.
<i>user address</i>
<i>user</i>@<i>site</i> is replaced by <i>address</i> when <i>site</i> is equal
- to
$<b><a href="postconf.5.html#myorigin">myorigin</a></b>, when <i>site</i> is listed in $<b><a href="postconf.5.html#mydestination">mydestina</a>-</b>
- <b><a href="postconf.5.html#mydestination">tion</a></b>, or when it is listed in $<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> or
+ to
$<b><a href="postconf.5.html#myorigin">myorigin</a></b>, when <i>site</i> is listed in $<b><a href="postconf.5.html#mydestination">mydestina</a>-</b>
+ <b><a href="postconf.5.html#mydestination">tion</a></b>, or when it is listed in $<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> or
$<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a></b>.
- This form is useful for replacing login names by
+ This form is useful for replacing login names by
<i>Firstname.Lastname</i>.
@<i>domain address</i>
- Every address in <i>domain</i> is replaced by <i>address</i>.
+ Every address in <i>domain</i> is replaced by <i>address</i>.
This form has the lowest precedence.
- In all the above forms, when <i>address</i> has the form @<i>other-</i>
+ In all the above forms, when <i>address</i> has the form @<i>other-</i>
<i>domain</i>, the result is the same user in <i>otherdomain</i>.
<b>ADDRESS EXTENSION</b>
When a mail address localpart contains the optional recip-
- ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
+ ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
@<i>domain</i>.
- The <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> parameter controls
- whether an unmatched address extension (<i>+foo</i>) is propa-
+ The <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> parameter controls
+ whether an unmatched address extension (<i>+foo</i>) is propa-
gated to the result of table lookup.
<b>REGULAR EXPRESSION TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
the table is given in the form of regular expressions. For
- a description of regular expression lookup table syntax,
+ a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
- Each pattern is a regular expression that is applied to
+ Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail
- addresses are not broken up into their <i>user</i> and <i>@domain</i>
+ addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Results are the same as with indexed file lookups, with
- the additional feature that parenthesized substrings from
+ Results are the same as with indexed file lookups, with
+ the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available in Postfix
- version 2.1.
+ tion of the TCP client/server lookup protocol, see
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
+ including Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
- <i>user@domain</i> mail addresses are not broken up into their
+ <i>user@domain</i> mail addresses are not broken up into their
<i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>.
Results are the same as with indexed file lookups.
<b>BUGS</b>
- The table format does not understand quoting conventions.
+ The table format does not understand quoting conventions.
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The following <b>main.cf</b> parameters are especially relevant.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#canonical_classes">canonical_classes</a></b>
- What addresses are subject to canonical address
+ What addresses are subject to canonical address
mapping.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a></b>
header sender addresses.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b>
- A list of address rewriting or forwarding mecha-
- nisms that propagate an address extension from the
- original address to the result. Specify zero or
- more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>, <b>forward</b>, or
+ A list of address rewriting or forwarding mecha-
+ nisms that propagate an address extension from the
+ original address to the result. Specify zero or
+ more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>, <b>forward</b>, or
<b>include</b>.
Other parameters of interest:
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b>
- The network interface addresses that this system
+ The network interface addresses that this system
receives mail on. You need to stop and start Post-
fix when this parameter changes.
tor.
<b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a></b>
- List of address classes subject to masquerading:
- zero or more of <b>envelope_sender</b>, <b>envelope_recipi-</b>
+ List of address classes subject to masquerading:
+ zero or more of <b>envelope_sender</b>, <b>envelope_recipi-</b>
<b>ent</b>, <b>header_sender</b>, <b>header_recipient</b>.
<b><a href="postconf.5.html#masquerade_domains">masquerade_domains</a></b>
- List of domains that hide their subdomain struc-
+ List of domains that hide their subdomain struc-
ture.
<b><a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a></b>
- List of user names that are not subject to address
+ List of user names that are not subject to address
masquerading.
<b><a href="postconf.5.html#mydestination">mydestination</a></b>
- List of domains that this mail system considers
+ List of domains that this mail system considers
local.
<b><a href="postconf.5.html#myorigin">myorigin</a></b>
<a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a>, address rewriting guide
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
Inter-Domain Routing) form.
To find out what types of lookup tables your Postfix sys-
- tem supports use the <b>postconf -m</b> command.
+ tem supports use the "<b>postconf -m</b>" command.
- To test lookup tables, use the <b>postmap</b> command as
+ To test lookup tables, use the "<b>postmap -q</b>" command as
described in the SYNOPSIS above.
<b>TABLE FORMAT</b>
<b>SEE ALSO</b>
<a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager
- <a href="regexp_table.5.html">regexp_table(5)</a> format of regular expression tables
- <a href="pcre_table.5.html">pcre_table(5)</a> format of PCRE tables
+ <a href="regexp_table.5.html">regexp_table(5)</a>, format of regular expression tables
+ <a href="pcre_table.5.html">pcre_table(5)</a>, format of PCRE tables
<b>README FILES</b>
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>cleanup</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>cleanup</b> daemon processes inbound mail, inserts it into
- the <b>incoming</b> mail queue, and informs the queue manager of
- its arrival.
+ The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon processes inbound mail, inserts it
+ into the <b>incoming</b> mail queue, and informs the queue man-
+ ager of its arrival.
- The <b>cleanup</b> daemon always performs the following transfor-
- mations:
+ The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon always performs the following trans-
+ formations:
<b>o</b> Insert missing message headers: (<b>Resent-</b>) <b>From:</b>,
<b>To:</b>, <b>Message-Id:</b>, and <b>Date:</b>.
<b>o</b> Optionally, expand envelope recipients according to
information found in the <a href="virtual.5.html"><b>virtual</b>(5)</a> lookup tables.
- The <b>cleanup</b> daemon performs sanity checks on the content
- of each message. When it finds a problem, by default it
- returns a diagnostic status to the client, and leaves it
- up to the client to deal with the problem. Alternatively,
- the client can request the <b>cleanup</b> daemon to bounce the
- message back to the sender in case of trouble.
+ The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon performs sanity checks on the con-
+ tent of each message. When it finds a problem, by default
+ it returns a diagnostic status to the client, and leaves
+ it up to the client to deal with the problem. Alterna-
+ tively, the client can request the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon to
+ bounce the message back to the sender in case of trouble.
<b>STANDARDS</b>
<a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
Problems and transactions are logged to <b>syslogd</b>(8).
<b>BUGS</b>
- Table-driven rewriting rules make it hard to express <b>if</b>
+ Table-driven rewriting rules make it hard to express <b>if</b>
<b>then else</b> and other logical relationships.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically, as
- <a href="cleanup.8.html">cleanup(8)</a> processes run for only a limited amount of
- time. Use the command "<b>postfix reload</b>" to speed up a
+ Changes to <b>main.cf</b> are picked up automatically, as
+ <a href="cleanup.8.html"><b>cleanup</b>(8)</a> processes run for only a limited amount of
+ time. Use the command "<b>postfix reload</b>" to speed up a
change.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>COMPATIBILITY CONTROLS</b>
<b><a href="postconf.5.html#undisclosed_recipients_header">undisclosed_recipients_header</a> (To: undisclosed-recipi-</b>
<b>ents:;)</b>
- Message header that the Postfix <a href="cleanup.8.html">cleanup(8)</a> server
- inserts when a message contains no To: or Cc: mes-
+ Message header that the Postfix <a href="cleanup.8.html"><b>cleanup</b>(8)</a> server
+ inserts when a message contains no To: or Cc: mes-
sage header.
Available in Postfix version 2.1 and later:
<b>BUILT-IN CONTENT FILTERING CONTROLS</b>
- Postfix built-in content filtering is meant to stop a
- flood of worms or viruses. It is not a general content
+ Postfix built-in content filtering is meant to stop a
+ flood of worms or viruses. It is not a general content
filter.
<b><a href="postconf.5.html#body_checks">body_checks</a> (empty)</b>
- Optional lookup tables for content inspection as
- specified in the <a href="header_checks.5.html">body_checks(5)</a> manual page.
+ Optional lookup tables for content inspection as
+ specified in the <b><a href="postconf.5.html#body_checks">body_checks</a></b>(5) manual page.
<b><a href="postconf.5.html#header_checks">header_checks</a> (empty)</b>
- Optional lookup tables for content inspection of
- primary non-MIME message headers, as specified in
- the <a href="header_checks.5.html">header_checks(5)</a> manual page.
+ Optional lookup tables for content inspection of
+ primary non-MIME message headers, as specified in
+ the <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) manual page.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#body_checks_size_limit">body_checks_size_limit</a> (51200)</b>
How much text in a message body segment (or attach-
- ment, if you prefer to use that term) is subjected
+ ment, if you prefer to use that term) is subjected
to <a href="postconf.5.html#body_checks">body_checks</a> inspection.
<b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b>
- Optional lookup tables for content inspection of
- MIME related message headers, as described in the
- <a href="header_checks.5.html">header_checks(5)</a> manual page.
+ Optional lookup tables for content inspection of
+ MIME related message headers, as described in the
+ <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) manual page.
<b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b>
- Optional lookup tables for content inspection of
- non-MIME message headers in attached messages, as
- described in the <a href="header_checks.5.html">header_checks(5)</a> manual page.
+ Optional lookup tables for content inspection of
+ non-MIME message headers in attached messages, as
+ described in the <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) manual page.
<b>MIME PROCESSING CONTROLS</b>
Available in Postfix version 2.0 and later:
will handle.
<b><a href="postconf.5.html#strict_8bitmime">strict_8bitmime</a> (no)</b>
- Enable both <a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> and strict_8bit-
+ Enable both <a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> and strict_8bit-
mime_body.
<b><a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> (no)</b>
Reject mail with 8-bit text in message headers.
<b><a href="postconf.5.html#strict_8bitmime_body">strict_8bitmime_body</a> (no)</b>
- Reject 8-bit message body text without 8-bit MIME
+ Reject 8-bit message body text without 8-bit MIME
content encoding information.
<b><a href="postconf.5.html#strict_mime_encoding_domain">strict_mime_encoding_domain</a> (no)</b>
Reject mail with invalid Content-Transfer-Encoding:
- information for the message/* or multipart/* MIME
+ information for the message/* or multipart/* MIME
content types.
<b>AUTOMATIC BCC RECIPIENT CONTROLS</b>
mail enters the mail system:
<b><a href="postconf.5.html#always_bcc">always_bcc</a> (empty)</b>
- Optional address that receives a "blind carbon
+ Optional address that receives a "blind carbon
copy" of each message that is received by the Post-
fix mail system.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#sender_bcc_maps">sender_bcc_maps</a> (empty)</b>
- Optional BCC (blind carbon-copy) address lookup
+ Optional BCC (blind carbon-copy) address lookup
tables, indexed by sender address.
<b><a href="postconf.5.html#recipient_bcc_maps">recipient_bcc_maps</a> (empty)</b>
- Optional BCC (blind carbon-copy) address lookup
+ Optional BCC (blind carbon-copy) address lookup
tables, indexed by recipient address.
<b>ADDRESS TRANSFORMATION CONTROLS</b>
- Address rewriting is delegated to the <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>
- daemon. The <a href="cleanup.8.html">cleanup(8)</a> server implements table driven
+ Address rewriting is delegated to the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
+ daemon. The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> server implements table driven
address mapping.
<b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a> (MAILER-DAEMON)</b>
- The recipient of mail addressed to the null
+ The recipient of mail addressed to the null
address.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b>
- Optional address mapping lookup tables for message
+ Optional address mapping lookup tables for message
headers and envelopes.
<b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for envelope
and header sender addresses.
- <b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a> (envelope_sender, header_sender,</b>
+ <b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a> (envelope_sender, header_sender,</b>
<b>header_recipient)</b>
What addresses are subject to address masquerading.
<b><a href="postconf.5.html#masquerade_domains">masquerade_domains</a> (empty)</b>
- Optional list of domains whose subdomain structure
+ Optional list of domains whose subdomain structure
will be stripped off in email addresses.
<b><a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a> (empty)</b>
- Optional list of user names that are not subjected
- to address masquerading, even when their address
+ Optional list of user names that are not subjected
+ to address masquerading, even when their address
matches $<a href="postconf.5.html#masquerade_domains">masquerade_domains</a>.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> (canonical, virtual)</b>
- What address lookup tables copy an address exten-
+ What address lookup tables copy an address exten-
sion from the lookup key to the lookup result.
Available before Postfix version 2.0:
<b><a href="postconf.5.html#virtual_maps">virtual_maps</a> (empty)</b>
Optional lookup tables with a) names of domains for
- which all addresses are aliased to addresses in
- other local or remote domains, and b) addresses
- that are aliased to addresses in other local or
+ which all addresses are aliased to addresses in
+ other local or remote domains, and b) addresses
+ that are aliased to addresses in other local or
remote domains.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
- Optional lookup tables that alias specific mail
- addresses or domains to other local or remote
+ Optional lookup tables that alias specific mail
+ addresses or domains to other local or remote
address.
Available in Postfix version 2.2 and later:
- <b><a href="postconf.5.html#canonical_classes">canonical_classes</a> (envelope_sender, envelope_recipient,</b>
+ <b><a href="postconf.5.html#canonical_classes">canonical_classes</a> (envelope_sender, envelope_recipient,</b>
<b>header_sender, header_recipient)</b>
- What
addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a>
+ What
addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a>
address mapping.
<b><a href="postconf.5.html#recipient_canonical_classes">recipient_canonical_classes</a> (envelope_recipient,</b>
<b>header_recipient)</b>
- What
addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canoni</a>-
+ What
addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canoni</a>-
<a href="postconf.5.html#recipient_canonical_maps">cal_maps</a> address mapping.
<b><a href="postconf.5.html#sender_canonical_classes">sender_canonical_classes</a> (envelope_sender, header_sender)</b>
address mapping.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
- Don't rewrite message headers from remote clients
- at all when this parameter is empty; otherwise,
+ Don't rewrite message headers from remote clients
+ at all when this parameter is empty; otherwise,
rewrite remote message headers and append the spec-
ified domain name to incomplete addresses.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#duplicate_filter_limit">duplicate_filter_limit</a> (1000)</b>
- The maximal number of addresses remembered by the
- address duplicate filter for <a href="aliases.5.html">aliases(5)</a> or vir-
- tual(5) alias expansion, or for <a href="showq.8.html">showq(8)</a> queue dis-
+ The maximal number of addresses remembered by the
+ address duplicate filter for <a href="aliases.5.html"><b>aliases</b>(5)</a> or <b>vir-</b>
+ <b>tual</b>(5) alias expansion, or for <a href="showq.8.html"><b>showq</b>(8)</a> queue dis-
plays.
<b><a href="postconf.5.html#header_size_limit">header_size_limit</a> (102400)</b>
message header.
<b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
- The maximal number of Received: message headers
+ The maximal number of Received: message headers
that is allowed in the primary message headers.
<b><a href="postconf.5.html#in_flow_delay">in_flow_delay</a> (1s)</b>
- Time to pause before accepting a new message, when
+ Time to pause before accepting a new message, when
the message arrival rate exceeds the message deliv-
ery rate.
<b><a href="postconf.5.html#message_size_limit">message_size_limit</a> (10240000)</b>
- The maximal size in bytes of a message, including
+ The maximal size in bytes of a message, including
envelope information.
Available in Postfix version 2.0 and later:
will handle.
<b><a href="postconf.5.html#queue_file_attribute_count_limit">queue_file_attribute_count_limit</a> (100)</b>
- The maximal number of (name=value) attributes that
+ The maximal number of (name=value) attributes that
may be stored in a Postfix queue file.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#virtual_alias_expansion_limit">virtual_alias_expansion_limit</a> (1000)</b>
- The maximal number of addresses that virtual alias
+ The maximal number of addresses that virtual alias
expansion produces from each original recipient.
<b><a href="postconf.5.html#virtual_alias_recursion_limit">virtual_alias_recursion_limit</a> (1000)</b>
- The maximal nesting depth of virtual alias expan-
+ The maximal nesting depth of virtual alias expan-
sion.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
- The time after which the sender receives the mes-
+ The time after which the sender receives the mes-
sage headers of mail that is still queued.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b>
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The domain name that locally-posted mail appears to
- come from, and that locally posted mail is deliv-
+ come from, and that locally posted mail is deliv-
ered to.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#enable_original_recipient">enable_original_recipient</a> (yes)</b>
- Enable support for the X-Original-To message
+ Enable support for the X-Original-To message
header.
<b>FILES</b>
<a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> Postfix address manipulation
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
<b>discard</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The Postfix discard delivery agent processes delivery
+ The Postfix <a href="discard.8.html"><b>discard</b>(8)</a> delivery agent processes delivery
requests from the queue manager. Each request specifies a
queue file, a sender address, a domain or host name that
is treated as the reason for discarding the mail, and
recipient information. This program expects to be run
from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
- The discard delivery agent pretends to deliver all recipi-
- ents in the delivery request, logs the "next-hop" domain
- or host information as the reason for discarding the mail,
- updates the queue file and marks recipients as finished or
- informs the queue manager that delivery should be tried
- again at a later time.
+ The <a href="discard.8.html"><b>discard</b>(8)</a> delivery agent pretends to deliver all
+ recipients in the delivery request, logs the "next-hop"
+ domain or host information as the reason for discarding
+ the mail, updates the queue file and marks recipients as
+ finished or informs the queue manager that delivery should
+ be tried again at a later time.
Delivery status reports are sent to the <a href="trace.8.html"><b>trace</b>(8)</a> daemon as
appropriate.
<b>SECURITY</b>
- The discard mailer is not security-sensitive. It does not
- talk to the network, and can be run chrooted at fixed low
- privilege.
+ The <a href="discard.8.html"><b>discard</b>(8)</a> mailer is not security-sensitive. It does
+ not talk to the network, and can be run chrooted at fixed
+ low privilege.
<b>STANDARDS</b>
None.
ble.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically as dis-
- card(8) processes run for only a limited amount of time.
+ Changes to <b>main.cf</b> are picked up automatically as <a href="discard.8.html"><b>dis-</b></a>
+ <a href="discard.8.html"><b>card</b>(8)</a> processes run for only a limited amount of time.
Use the command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
<b>error</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The Postfix error delivery agent processes delivery
+ The Postfix <a href="error.8.html"><b>error</b>(8)</a> delivery agent processes delivery
requests from the queue manager. Each request specifies a
queue file, a sender address, a domain or host name that
is treated as the reason for non-delivery, and recipient
information. This program expects to be run from the <a href="master.8.html"><b>mas-</b></a>
<a href="master.8.html"><b>ter</b>(8)</a> process manager.
- The error delivery agent bounces all recipients in the
+ The <a href="error.8.html"><b>error</b>(8)</a> delivery agent bounces all recipients in the
delivery request using the "next-hop" domain or host
information as the reason for non-delivery, updates the
queue file and marks recipients as finished or informs the
<a href="defer.8.html"><b>defer</b>(8)</a> or <a href="trace.8.html"><b>trace</b>(8)</a> daemon as appropriate.
<b>SECURITY</b>
- The error mailer is not security-sensitive. It does not
+ The <a href="error.8.html"><b>error</b>(8)</a> mailer is not security-sensitive. It does not
talk to the network, and can be run chrooted at fixed low
privilege.
ble.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically as <a href="error.8.html">error(8)</a>
+ Changes to <b>main.cf</b> are picked up automatically as <a href="error.8.html"><b>error</b>(8)</a>
processes run for only a limited amount of time. Use the
command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#2bounce_notice_recipient">2bounce_notice_recipient</a> (postmaster)</b>
The recipient of undeliverable mail that cannot be
<b>flush</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The flush server maintains a record of deferred mail by
+ The <a href="flush.8.html"><b>flush</b>(8)</a> server maintains a record of deferred mail by
destination. This information is used to improve the per-
formance of the SMTP <b>ETRN</b> request, and of its command-line
equivalent, "<b>sendmail -qR</b>" or "<b>postqueue -f</b>". This pro-
This server implements the following requests:
<b>add</b> <i>sitename queueid</i>
- Inform the fast flush server that the message with
+ Inform the <a href="flush.8.html"><b>flush</b>(8)</a> server that the message with
the specified queue ID is queued for the specified
destination.
<b>purge</b> Do a <b>refresh</b> for all per-destination logfiles.
<b>SECURITY</b>
- The fast flush server is not security-sensitive. It does
- not talk to the network, and it does not talk to local
- users. The fast flush server can run chrooted at fixed
- low privilege.
+ The <a href="flush.8.html"><b>flush</b>(8)</a> server is not security-sensitive. It does not
+ talk to the network, and it does not talk to local users.
+ The fast flush server can run chrooted at fixed low privi-
+ lege.
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
setting in the <b>master.cf</b> configuration file.
Upon receipt of a request to deliver mail for an eligible
- destination, the <b>flush</b> server requests delivery of all
+ destination, the <a href="flush.8.html"><b>flush</b>(8)</a> server requests delivery of all
messages that are listed in that destination's logfile,
regardless of the recipients of those messages. This is
not an issue for mail that is sent to a <b><a href="postconf.5.html#relay_domains">relay_domains</a></b> des-
in one domain.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically as <a href="flush.8.html">flush(8)</a>
+ Changes to <b>main.cf</b> are picked up automatically as <a href="flush.8.html"><b>flush</b>(8)</a>
processes run for only a limited amount of time. Use the
command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
lookup tables. Usually the best performance is obtained
with <b>pcre</b> (Perl Compatible Regular Expression) tables, but
the slower <b>regexp</b> (POSIX regular expressions) support is
- more widely available. Use the command <b>postconf -m</b> to
+ more widely available. Use the command "<b>postconf -m</b>" to
find out what lookup table types your Postfix system sup-
ports.
<b>TEXT SUBSTITUTION</b>
Substitution of substrings from the matched expression
into the <i>action</i> string is possible using the conventional
- Perl syntax ($1, $2, etc.). The macros in the result
- string may need to be written as ${n} or $(n) if they
+ Perl syntax (<b>$1</b>, <b>$2</b>, etc.). The macros in the result
+ string may need to be written as <b>${n}</b> or <b>$(n)</b> if they
aren't followed by whitespace.
Note: since negated patterns (those preceded by <b>!</b>) return
Prepend one line with the specified text and
inspect the next input line.
- Note: the prepended text is output immediately
- before the input that triggered the <b>PREPEND</b> action.
- A body action cannot prepend a message header.
+ Notes:
- Note: this action cannot be used to prepend multi-
- line text.
+ <b>o</b> The prepended text is output on a separate
+ line, immediately before the input that
+ triggered the <b>PREPEND</b> action.
+
+ <b>o</b> When prepending text before a message header
+ line, the prepended text must begin with a
+ valid message header label.
+
+ <b>o</b> This action cannot be used to prepend multi-
+ line text.
This feature is available in Postfix 2.1 and later.
This feature is available in Postfix 2.1 and later.
+ <b>REPLACE</b> <i>text...</i>
+ Replace the current line with the specified text
+ and inspect the next input line.
+
+ Note: when replacing a message header line, the
+ replacement text must begin with a valid header
+ label.
+
+ This feature is available in Postfix 2.2 and later.
+
<b>REJECT</b> <i>optional text...</i>
Reject the entire message. Reply with <i>optional</i>
<i>text...</i> when the optional text is specified, other-
and of other trouble.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically, as <a href="lmtp.8.html">lmtp(8)</a>
+ Changes to <b>main.cf</b> are picked up automatically, as <a href="lmtp.8.html"><b>lmtp</b>(8)</a>
processes run for only a limited amount of time. Use the
command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>COMPATIBILITY CONTROLS</b>
<b><a href="postconf.5.html#lmtp_skip_quit_response">lmtp_skip_quit_response</a> (no)</b>
<b>local</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>local</b> daemon processes delivery requests from the
+ The <a href="local.8.html"><b>local</b>(8)</a> daemon processes delivery requests from the
Postfix queue manager to deliver mail to local recipients.
Each delivery request specifies a queue file, a sender
address, a domain or host to deliver to, and one or more
recipients. This program expects to be run from the <a href="master.8.html"><b>mas-</b></a>
<a href="master.8.html"><b>ter</b>(8)</a> process manager.
- The <b>local</b> daemon updates queue files and marks recipients
- as finished, or it informs the queue manager that delivery
- should be tried again at a later time. Delivery status
- reports are sent to the <a href="bounce.8.html"><b>bounce</b>(8)</a>, <a href="defer.8.html"><b>defer</b>(8)</a> or <a href="trace.8.html"><b>trace</b>(8)</a>
- daemon as appropriate.
+ The <a href="local.8.html"><b>local</b>(8)</a> daemon updates queue files and marks recipi-
+ ents as finished, or it informs the queue manager that
+ delivery should be tried again at a later time. Delivery
+ status reports are sent to the <a href="bounce.8.html"><b>bounce</b>(8)</a>, <a href="defer.8.html"><b>defer</b>(8)</a> or
+ <a href="trace.8.html"><b>trace</b>(8)</a> daemon as appropriate.
<b>SYSTEM-WIDE AND USER-LEVEL ALIASING</b>
The system administrator can set up one or more system-
message transport for recipients that are not found in the
UNIX passwd database.
- In the case of UNIX-style mailbox delivery, the <b>local</b> dae-
- mon prepends a "<b>From</b> <i>sender time</i><b>_</b><i>stamp</i>" envelope header to
- each message, prepends an <b>X-Original-To:</b> header with the
- recipient address as given to Postfix, prepends an
+ In the case of UNIX-style mailbox delivery, the <a href="local.8.html"><b>local</b>(8)</a>
+ daemon prepends a "<b>From</b> <i>sender time</i><b>_</b><i>stamp</i>" envelope header
+ to each message, prepends an <b>X-Original-To:</b> header with
+ the recipient address as given to Postfix, prepends an
optional <b>Delivered-To:</b> header with the final envelope
recipient address, prepends a <b>Return-Path:</b> header with the
envelope sender address, prepends a > character to lines
The current working directory is the mail queue directory.
- The <b>local</b> daemon prepends a "<b>From</b> <i>sender time</i><b>_</b><i>stamp</i>" enve-
- lope header to each message, prepends an <b>X-Original-To:</b>
- header with the recipient address as given to Postfix,
+ The <a href="local.8.html"><b>local</b>(8)</a> daemon prepends a "<b>From</b> <i>sender time</i><b>_</b><i>stamp</i>"
+ envelope header to each message, prepends an <b>X-Original-</b>
+ <b>To:</b> header with the recipient address as given to Postfix,
prepends an optional <b>Delivered-To:</b> header with the final
recipient envelope address, prepends a <b>Return-Path:</b> header
with the sender envelope address, and appends no empty
delivery to external files. The default setting (<b>alias,</b>
<b>forward</b>) forbids file destinations in <b>:include:</b> files.
- In the case of UNIX-style mailbox delivery, the <b>local</b> dae-
- mon prepends a "<b>From</b> <i>sender time</i><b>_</b><i>stamp</i>" envelope header to
- each message, prepends an <b>X-Original-To:</b> header with the
- recipient address as given to Postfix, prepends an
+ In the case of UNIX-style mailbox delivery, the <a href="local.8.html"><b>local</b>(8)</a>
+ daemon prepends a "<b>From</b> <i>sender time</i><b>_</b><i>stamp</i>" envelope header
+ to each message, prepends an <b>X-Original-To:</b> header with
+ the recipient address as given to Postfix, prepends an
optional <b>Delivered-To:</b> header with the final recipient
envelope address, prepends a > character to lines begin-
ning with "<b>From</b> ", and appends an empty line. The enve-
<b>ward</b>+<i>foo</i> or in ~<i>name</i>/.<b>forward</b>, to the mailbox owned by the
user <i>name</i>, or it is sent back as undeliverable.
- In all cases the <b>local</b> daemon prepends an optional `<b>Deliv-</b>
- <b>ered-To:</b> header line with the final recipient address.
+ In all cases the <a href="local.8.html"><b>local</b>(8)</a> daemon prepends an optional
+ `<b>Delivered-To:</b> header line with the final recipient
+ address.
<b>DELIVERY RIGHTS</b>
- Deliveries to external files and external commands are
+ Deliveries to external files and external commands are
made with the rights of the receiving user on whose behalf
- the delivery is made. In the absence of a user context,
- the <b>local</b> daemon uses the owner rights of the <b>:include:</b>
+ the delivery is made. In the absence of a user context,
+ the <a href="local.8.html"><b>local</b>(8)</a> daemon uses the owner rights of the <b>:include:</b>
file or alias database. When those files are owned by the
superuser, delivery is made with the rights specified with
the <b><a href="postconf.5.html#default_privs">default_privs</a></b> configuration parameter.
<a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
<b>DIAGNOSTICS</b>
- Problems and transactions are logged to <b>syslogd</b>(8). Cor-
- rupted message files are marked so that the queue manager
+ Problems and transactions are logged to <b>syslogd</b>(8). Cor-
+ rupted message files are marked so that the queue manager
can move them to the <b>corrupt</b> queue afterwards.
- Depending on the setting of the <b><a href="postconf.5.html#notify_classes">notify_classes</a></b> parameter,
- the postmaster is notified of bounces and of other trou-
+ Depending on the setting of the <b><a href="postconf.5.html#notify_classes">notify_classes</a></b> parameter,
+ the postmaster is notified of bounces and of other trou-
ble.
<b>SECURITY</b>
The <a href="local.8.html"><b>local</b>(8)</a> delivery agent needs a dual personality 1) to
access the private Postfix queue and IPC mechanisms, 2) to
- impersonate the recipient and deliver to recipient-speci-
- fied files or commands. It is therefore security sensi-
+ impersonate the recipient and deliver to recipient-speci-
+ fied files or commands. It is therefore security sensi-
tive.
- The <a href="local.8.html"><b>local</b>(8)</a> delivery agent disallows regular expression
- substitution of $1 etc. in <b><a href="postconf.5.html#alias_maps">alias_maps</a></b>, because that would
+ The <a href="local.8.html"><b>local</b>(8)</a> delivery agent disallows regular expression
+ substitution of $1 etc. in <b><a href="postconf.5.html#alias_maps">alias_maps</a></b>, because that would
open a security hole.
- The <a href="local.8.html"><b>local</b>(8)</a> delivery agent will silently ignore requests
- to use the <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server within <b><a href="postconf.5.html#alias_maps">alias_maps</a></b>. Instead
- it will open the table directly. Before Postfix version
- 2.2, the <a href="local.8.html"><b>local</b>(8)</a> delivery agent will terminate with a
+ The <a href="local.8.html"><b>local</b>(8)</a> delivery agent will silently ignore requests
+ to use the <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server within <b><a href="postconf.5.html#alias_maps">alias_maps</a></b>. Instead
+ it will open the table directly. Before Postfix version
+ 2.2, the <a href="local.8.html"><b>local</b>(8)</a> delivery agent will terminate with a
fatal error.
<b>BUGS</b>
- For security reasons, the message delivery status of
- external commands or of external files is never check-
+ For security reasons, the message delivery status of
+ external commands or of external files is never check-
pointed to file. As a result, the program may occasionally
deliver more than once to a command or external file. Bet-
ter safe than sorry.
- Mutually-recursive aliases or ~/.<b>forward</b> files are not
- detected early. The resulting mail forwarding loop is
+ Mutually-recursive aliases or ~/.<b>forward</b> files are not
+ detected early. The resulting mail forwarding loop is
broken by the use of the <b>Delivered-To:</b> message header.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically, as
- <a href="local.8.html"><b>local</b>(8)</a> processes run for only a limited amount of time.
+ Changes to <b>main.cf</b> are picked up automatically, as
+ <a href="local.8.html"><b>local</b>(8)</a> processes run for only a limited amount of time.
Use the command "<b>postfix reload</b>" to speed up a change.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>COMPATIBILITY CONTROLS</b>
<b><a href="postconf.5.html#biff">biff</a> (yes)</b>
<b><a href="postconf.5.html#expand_owner_alias">expand_owner_alias</a> (no)</b>
When delivering to an alias "aliasname" that has an
"owner-aliasname" companion alias, set the envelope
- sender address to the expansion of the "owner-
+ sender address to the expansion of the "owner-
aliasname" alias.
<b><a href="postconf.5.html#owner_request_special">owner_request_special</a> (yes)</b>
- Give special treatment to owner-listname and list-
- name-request address localparts: don't split such
- addresses when the <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> is set to
+ Give special treatment to owner-listname and list-
+ name-request address localparts: don't split such
+ addresses when the <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> is set to
"-".
<b><a href="postconf.5.html#sun_mailtool_compatibility">sun_mailtool_compatibility</a> (no)</b>
Obsolete SUN mailtool compatibility feature.
<b>DELIVERY METHOD CONTROLS</b>
- The precedence of <a href="local.8.html"><b>local</b>(8)</a> delivery methods from high to
- low
is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>, <a href="postconf.5.html#mailbox_command_maps">mail</a>-
+ The precedence of <a href="local.8.html"><b>local</b>(8)</a> delivery methods from high to
+ low
is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>, <a href="postconf.5.html#mailbox_command_maps">mail</a>-
<a href="postconf.5.html#mailbox_command_maps">box_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>,
- <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
<a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.
+ <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
<a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.
<b><a href="postconf.5.html#alias_maps">alias_maps</a> (see 'postconf -d' output)</b>
- The alias databases that are used for <a href="local.8.html">local(8)</a>
+ The alias databases that are used for <a href="local.8.html"><b>local</b>(8)</a>
delivery.
<b><a href="postconf.5.html#forward_path">forward_path</a> (see 'postconf -d' output)</b>
- The <a href="local.8.html">local(8)</a> delivery agent search list for finding
- a .forward file with user-specified delivery meth-
+ The <a href="local.8.html"><b>local</b>(8)</a> delivery agent search list for finding
+ a .forward file with user-specified delivery meth-
ods.
<b><a href="postconf.5.html#mailbox_transport">mailbox_transport</a> (empty)</b>
- Optional message delivery transport that the
- <a href="local.8.html">local(8)</a> delivery agent should use for mailbox
- delivery to all local recipients, whether or not
+ Optional message delivery transport that the
+ <a href="local.8.html"><b>local</b>(8)</a> delivery agent should use for mailbox
+ delivery to all local recipients, whether or not
they are found in the UNIX passwd database.
<b><a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a> (empty)</b>
- Optional lookup tables with per-recipient external
- commands to use for <a href="local.8.html">local(8)</a> mailbox delivery.
+ Optional lookup tables with per-recipient external
+ commands to use for <a href="local.8.html"><b>local</b>(8)</a> mailbox delivery.
<b><a href="postconf.5.html#mailbox_command">mailbox_command</a> (empty)</b>
- Optional external command that the <a href="local.8.html">local(8)</a> deliv-
+ Optional external command that the <a href="local.8.html"><b>local</b>(8)</a> deliv-
ery agent should use for mailbox delivery.
<b><a href="postconf.5.html#home_mailbox">home_mailbox</a> (empty)</b>
- Optional pathname of a mailbox file relative to a
- <a href="local.8.html">local(8)</a> user's home directory.
+ Optional pathname of a mailbox file relative to a
+ <a href="local.8.html"><b>local</b>(8)</a> user's home directory.
<b><a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a> (see 'postconf -d' output)</b>
- The directory where <a href="local.8.html">local(8)</a> UNIX-style mailboxes
+ The directory where <a href="local.8.html"><b>local</b>(8)</a> UNIX-style mailboxes
are kept.
<b><a href="postconf.5.html#fallback_transport">fallback_transport</a> (empty)</b>
- Optional message delivery transport that the
- <a href="local.8.html">local(8)</a> delivery agent should use for names that
- are not found in the <a href="aliases.5.html">aliases(5)</a> database or in the
+ Optional message delivery transport that the
+ <a href="local.8.html"><b>local</b>(8)</a> delivery agent should use for names that
+ are not found in the <a href="aliases.5.html"><b>aliases</b>(5)</a> database or in the
UNIX passwd database.
<b><a href="postconf.5.html#luser_relay">luser_relay</a> (empty)</b>
- Optional catch-all destination for unknown <a href="local.8.html">local(8)</a>
+ Optional catch-all destination for unknown <a href="local.8.html"><b>local</b>(8)</a>
recipients.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#command_execution_directory">command_execution_directory</a> (empty)</b>
- The <a href="local.8.html">local(8)</a> delivery agent working directory for
+ The <a href="local.8.html"><b>local</b>(8)</a> delivery agent working directory for
delivery to external command.
<b>MAILBOX LOCKING CONTROLS</b>
<b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b>
The maximal number of attempts to acquire an exclu-
- sive lock on a mailbox file or <a href="bounce.8.html">bounce(8)</a> logfile.
+ sive lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
- The time between attempts to acquire an exclusive
- lock on a mailbox file or <a href="bounce.8.html">bounce(8)</a> logfile.
+ The time between attempts to acquire an exclusive
+ lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#stale_lock_time">stale_lock_time</a> (500s)</b>
- The time after which a stale exclusive mailbox
+ The time after which a stale exclusive mailbox
lockfile is removed.
<b><a href="postconf.5.html#mailbox_delivery_lock">mailbox_delivery_lock</a> (see 'postconf -d' output)</b>
- How to lock a UNIX-style <a href="local.8.html">local(8)</a> mailbox before
+ How to lock a UNIX-style <a href="local.8.html"><b>local</b>(8)</a> mailbox before
attempting delivery.
<b>RESOURCE AND RATE CONTROLS</b>
Time limit for delivery to external commands.
<b><a href="postconf.5.html#duplicate_filter_limit">duplicate_filter_limit</a> (1000)</b>
- The maximal number of addresses remembered by the
- address duplicate filter for <a href="aliases.5.html">aliases(5)</a> or vir-
- tual(5) alias expansion, or for <a href="showq.8.html">showq(8)</a> queue dis-
+ The maximal number of addresses remembered by the
+ address duplicate filter for <a href="aliases.5.html"><b>aliases</b>(5)</a> or <b>vir-</b>
+ <b>tual</b>(5) alias expansion, or for <a href="showq.8.html"><b>showq</b>(8)</a> queue dis-
plays.
<b><a href="postconf.5.html#local_destination_concurrency_limit">local_destination_concurrency_limit</a> (2)</b>
- The maximal number of parallel deliveries via the
+ The maximal number of parallel deliveries via the
local mail delivery transport to the same recipient
- (when "<a href="postconf.5.html#local_destination_recipient_limit">local_destination_recipient_limit</a> = 1") or
- the maximal number of parallel deliveries to the
- same <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> (when "local_destination_recipi-
+ (when "<a href="postconf.5.html#local_destination_recipient_limit">local_destination_recipient_limit</a> = 1") or
+ the maximal number of parallel deliveries to the
+ same <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> (when "local_destination_recipi-
ent_limit > 1").
<b><a href="postconf.5.html#local_destination_recipient_limit">local_destination_recipient_limit</a> (1)</b>
ery via the local mail delivery transport.
<b><a href="postconf.5.html#mailbox_size_limit">mailbox_size_limit</a> (51200000)</b>
- The maximal size of any <a href="local.8.html">local(8)</a> individual mailbox
+ The maximal size of any <a href="local.8.html"><b>local</b>(8)</a> individual mailbox
or maildir file, or zero (no limit).
<b>SECURITY CONTROLS</b>
<b><a href="postconf.5.html#allow_mail_to_commands">allow_mail_to_commands</a> (alias, forward)</b>
- Restrict <a href="local.8.html">local(8)</a> mail delivery to external com-
+ Restrict <a href="local.8.html"><b>local</b>(8)</a> mail delivery to external com-
mands.
<b><a href="postconf.5.html#allow_mail_to_files">allow_mail_to_files</a> (alias, forward)</b>
- Restrict <a href="local.8.html">local(8)</a> mail delivery to external files.
+ Restrict <a href="local.8.html"><b>local</b>(8)</a> mail delivery to external files.
<b><a href="postconf.5.html#command_expansion_filter">command_expansion_filter</a> (see 'postconf -d' output)</b>
- Restrict the characters that the <a href="local.8.html">local(8)</a> delivery
- agent allows in $name expansions of $mailbox_com-
+ Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery
+ agent allows in $name expansions of $mailbox_com-
mand.
<b><a href="postconf.5.html#default_privs">default_privs</a> (nobody)</b>
- The default rights used by the <a href="local.8.html">local(8)</a> delivery
+ The default rights used by the <a href="local.8.html"><b>local</b>(8)</a> delivery
agent for delivery to external file or command.
<b><a href="postconf.5.html#forward_expansion_filter">forward_expansion_filter</a> (see 'postconf -d' output)</b>
- Restrict the characters that the <a href="local.8.html">local(8)</a> delivery
- agent
allows in $name expansions of $<a href="postconf.5.html#forward_path">forward_path</a>.
+ Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery
+ agent
allows in $name expansions of $<a href="postconf.5.html#forward_path">forward_path</a>.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#execution_directory_expansion_filter">execution_directory_expansion_filter</a> (see 'postconf -d'</b>
<b>output)</b>
- Restrict the characters that the <a href="local.8.html">local(8)</a> delivery
+ Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery
agent allows in $name expansions of $<a href="postconf.5.html#command_execution_directory">command_execu</a>-
<a href="postconf.5.html#command_execution_directory">tion_directory</a>.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#export_environment">export_environment</a> (see 'postconf -d' output)</b>
- The list of environment variables that a Postfix
+ The list of environment variables that a Postfix
process will export to non-Postfix processes.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#local_command_shell">local_command_shell</a> (empty)</b>
- Optional shell program for <a href="local.8.html">local(8)</a> delivery to
+ Optional shell program for <a href="local.8.html"><b>local</b>(8)</a> delivery to
non-Postfix command.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#prepend_delivered_header">prepend_delivered_header</a> (command, file, forward)</b>
- The message delivery contexts where the Postfix
- <a href="local.8.html">local(8)</a> delivery agent prepends a Delivered-To:
+ The message delivery contexts where the Postfix
+ <a href="local.8.html"><b>local</b>(8)</a> delivery agent prepends a Delivered-To:
message header.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> (canonical, virtual)</b>
- What address lookup tables copy an address exten-
+ What address lookup tables copy an address exten-
sion from the lookup key to the lookup result.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
sions (user+foo).
<b><a href="postconf.5.html#require_home_directory">require_home_directory</a> (no)</b>
- Whether or not a <a href="local.8.html">local(8)</a> recipient's home direc-
- tory must exist before mail delivery is attempted.
+ Whether or not a <a href="local.8.html"><b>local</b>(8)</a> recipient's home direc-
+ tory must exist before mail delivery is attempted.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
syslogd(8), system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>HISTORY</b>
The <b>Delivered-To:</b> message header appears in the <b>qmail</b> sys-
tem by Daniel Bernstein.
- The <i>maildir</i> structure appears in the <b>qmail</b> system by
+ The <i>maildir</i> structure appears in the <b>qmail</b> system by
Daniel Bernstein.
<b>AUTHOR(S)</b>
main.cf file).
Chroot should not be used with the <a href="local.8.html"><b>local</b>(8)</a>,
- <a href="pipe.8.html"><b>pipe</b>(8)</a>, <a href="spawn.8.html"><b>spawn</b>(8)</a>, and <a href="virtual.8.html">virtual(8)</a> daemons.
+ <a href="pipe.8.html"><b>pipe</b>(8)</a>, <a href="spawn.8.html"><b>spawn</b>(8)</a>, and <a href="virtual.8.html"><b>virtual</b>(8)</a> daemons.
Although the <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server can run chrooted,
doing so defeats most of the purpose of having that
service in the first place.
<b>master</b> [<b>-Dtv</b>] [<b>-c</b> <i>config</i><b>_</b><i>dir</i>] [<b>-e</b> <i>exit</i><b>_</b><i>time</i>]
<b>DESCRIPTION</b>
- The <b>master</b> daemon is the resident process that runs Post-
- fix daemons on demand: daemons to send or receive messages
- via the network, daemons to deliver mail locally, etc.
- These daemons are created on demand up to a configurable
- maximum number per service.
+ The <a href="master.8.html"><b>master</b>(8)</a> daemon is the resident process that runs
+ Postfix daemons on demand: daemons to send or receive mes-
+ sages via the network, daemons to deliver mail locally,
+ etc. These daemons are created on demand up to a config-
+ urable maximum number per service.
Postfix daemons terminate voluntarily, either after being
idle for a configurable amount of time, or after having
serviced a configurable number of requests. Exceptions to
- this rule are the resident queue manager and the resident
- address verification server.
+ this rule are the resident queue manager, address verifi-
+ cation server, and the TLS session cache and pseudo-random
+ number server.
- The behavior of the <b>master</b> daemon is controlled by the
- <b>master.cf</b> configuration file, as described in <a href="master.5.html">master(5)</a>.
+ The behavior of the <a href="master.8.html"><b>master</b>(8)</a> daemon is controlled by the
+ <b>master.cf</b> configuration file, as described in <a href="master.5.html"><b>master</b>(5)</a>.
Options:
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
- Read the <b>main.cf</b> and <b>master.cf</b> configuration files
- in the named directory instead of the default con-
+ Read the <b>main.cf</b> and <b>master.cf</b> configuration files
+ in the named directory instead of the default con-
figuration directory. This also overrides the con-
- figuration files for other Postfix daemon pro-
+ figuration files for other Postfix daemon pro-
cesses.
<b>-e</b> <i>exit</i><b>_</b><i>time</i>
- Terminate the master process after <i>exit</i><b>_</b><i>time</i> sec-
- onds. Child processes terminate at their conve-
+ Terminate the master process after <i>exit</i><b>_</b><i>time</i> sec-
+ onds. Child processes terminate at their conve-
nience.
- <b>-D</b> After initialization, run a debugger on the master
- process. The debugging command is specified with
+ <b>-D</b> After initialization, run a debugger on the master
+ process. The debugging command is specified with
the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> in the <b>main.cf</b> global configu-
ration file.
- <b>-t</b> Test mode. Return a zero exit status when the <b>mas-</b>
- <b>ter.pid</b> lock file does not exist or when that file
- is not locked. This is evidence that the <b>master</b>
+ <b>-t</b> Test mode. Return a zero exit status when the <b>mas-</b>
+ <b>ter.pid</b> lock file does not exist or when that file
+ is not locked. This is evidence that the <a href="master.8.html"><b>master</b>(8)</a>
daemon is not running.
<b>-v</b> Enable verbose logging for debugging purposes. This
Signals:
- <b>SIGHUP</b> Upon receipt of a <b>HUP</b> signal (e.g., after <b>postfix</b>
- <b>reload</b>), the master process re-reads its configura-
- tion files. If a service has been removed from the
- <b>master.cf</b> file, its running processes are termi-
- nated immediately. Otherwise, running processes
- are allowed to terminate as soon as is convenient,
- so that changes in configuration settings affect
+ <b>SIGHUP</b> Upon receipt of a <b>HUP</b> signal (e.g., after "<b>postfix</b>
+ <b>reload</b>"), the master process re-reads its configu-
+ ration files. If a service has been removed from
+ the <b>master.cf</b> file, its running processes are ter-
+ minated immediately. Otherwise, running processes
+ are allowed to terminate as soon as is convenient,
+ so that changes in configuration settings affect
only new service requests.
<b>SIGTERM</b>
- Upon receipt of a <b>TERM</b> signal (e.g., after <b>postfix</b>
- <b>abort</b>), the master process passes the signal on to
+ Upon receipt of a <b>TERM</b> signal (e.g., after "<b>postfix</b>
+ <b>abort</b>"), the master process passes the signal on to
its child processes and terminates. This is useful
- for an emergency shutdown. Normally one would ter-
- minate only the master (<b>postfix stop</b>) and allow
+ for an emergency shutdown. Normally one would ter-
+ minate only the master ("<b>postfix stop</b>") and allow
running processes to finish what they are doing.
<b>DIAGNOSTICS</b>
<b>ENVIRONMENT</b>
<b>MAIL_DEBUG</b>
After initialization, start a debugger as specified
- with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration parameter
+ with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration parameter
in the <b>main.cf</b> configuration file.
<b>MAIL_CONFIG</b>
Directory with Postfix configuration files.
<b>CONFIGURATION PARAMETERS</b>
- Unlike most Postfix daemon processes, the <a href="master.8.html">master(8)</a> server
+ Unlike most Postfix daemon processes, the <a href="master.8.html"><b>master</b>(8)</a> server
does not automatically pick up changes to <b>main.cf</b>. Changes
- to <b>master.cf</b> are never picked up automatically. Use the
- <b>postfix reload</b> command after a configuration change.
+ to <b>master.cf</b> are never picked up automatically. Use the
+ "<b>postfix reload</b>" command after a configuration change.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#default_process_limit">default_process_limit</a> (100)</b>
- The default maximal number of Postfix child pro-
+ The default maximal number of Postfix child pro-
cesses that provide a given service.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#service_throttle_time">service_throttle_time</a> (60s)</b>
- How long the Postfix <a href="master.8.html">master(8)</a> waits before forking
+ How long the Postfix <a href="master.8.html"><b>master</b>(8)</a> waits before forking
a server that appears to be malfunctioning.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
- The directory with Postfix support programs and
+ The directory with Postfix support programs and
daemon programs.
<b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
tem receives mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (ipv4)</b>
- The Internet protocols Postfix will attempt to use
+ The Internet protocols Postfix will attempt to use
when making or accepting connections.
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
- The list of environment parameters that a Postfix
- process will import from a non-Postfix parent pro-
+ The list of environment parameters that a Postfix
+ process will import from a non-Postfix parent pro-
cess.
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
and most Postfix daemon processes.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
syslogd(8), system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
To find out what types of lookup tables your Postfix sys-
tem supports use the "<b>postconf -m</b>" command.
- To test Postfix NIS+ lookup tables, use the <b>postmap</b> com-
- mand as described in the SYNOPSIS above.
+ To test Postfix NIS+ lookup tables, use the "<b>postmap -q</b>"
+ command as described in the SYNOPSIS above.
<b>QUERY SYNTAX</b>
Most of the NIS+ query is specified via the NIS+ map name.
<b>oqmgr</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>oqmgr</b> daemon awaits the arrival of incoming mail and
- arranges for its delivery via Postfix delivery processes.
- The actual mail routing strategy is delegated to the <a href="trivial-rewrite.8.html"><b>triv-</b></a>
- <a href="trivial-rewrite.8.html"><b>ial-rewrite</b>(8)</a> daemon. This program expects to be run
- from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
+ The <a href="qmgr.8.html"><b>oqmgr</b>(8)</a> daemon awaits the arrival of incoming mail
+ and arranges for its delivery via Postfix delivery pro-
+ cesses. The actual mail routing strategy is delegated to
+ the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a> daemon. This program expects to be
+
run from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
Mail addressed to the local <b>double-bounce</b> address is
logged and discarded. This stops potential loops caused
by undeliverable bounce notifications.
<b>MAIL QUEUES</b>
- The <b>oqmgr</b> daemon maintains the following queues:
+ The <a href="qmgr.8.html"><b>oqmgr</b>(8)</a> daemon maintains the following queues:
<b>incoming</b>
Inbound mail from the network, or mail picked up by
- the local <b>pickup</b> agent from the <b>maildrop</b> directory.
+ the local <a href="pickup.8.html"><b>pickup</b>(8)</a> agent from the <b>maildrop</b> direc-
+ tory.
<b>active</b> Messages that the queue manager has opened for
delivery. Only a limited number of messages is
until someone sets them free.
<b>DELIVERY STATUS REPORTS</b>
- The <b>oqmgr</b> daemon keeps an eye on per-message delivery sta-
- tus reports in the following directories. Each status
+ The <a href="qmgr.8.html"><b>oqmgr</b>(8)</a> daemon keeps an eye on per-message delivery
+ status reports in the following directories. Each status
report file has the same name as the corresponding message
file:
mand. These files are maintained by the <a href="trace.8.html"><b>trace</b>(8)</a>
daemon.
- The <b>oqmgr</b> daemon is responsible for asking the <a href="bounce.8.html"><b>bounce</b>(8)</a>,
- <a href="defer.8.html"><b>defer</b>(8)</a> or <a href="trace.8.html"><b>trace</b>(8)</a> daemons to send delivery reports.
+ The <a href="qmgr.8.html"><b>oqmgr</b>(8)</a> daemon is responsible for asking the
+ <a href="bounce.8.html"><b>bounce</b>(8)</a>, <a href="defer.8.html"><b>defer</b>(8)</a> or <a href="trace.8.html"><b>trace</b>(8)</a> daemons to send delivery
+ reports.
<b>STRATEGIES</b>
- The queue manager implements a variety of strategies for
+ The queue manager implements a variety of strategies for
either opening queue files (input) or for message delivery
(output).
<b>leaky bucket</b>
- This strategy limits the number of messages in the
- <b>active</b> queue and prevents the queue manager from
+ This strategy limits the number of messages in the
+ <b>active</b> queue and prevents the queue manager from
running out of memory under heavy load.
<b>fairness</b>
- When the <b>active</b> queue has room, the queue manager
- takes one message from the <a href="QSHAPE_README.html#incoming_queue"><b>incoming</b> queue</a> and one
+ When the <b>active</b> queue has room, the queue manager
+ takes one message from the <a href="QSHAPE_README.html#incoming_queue"><b>incoming</b> queue</a> and one
from the <b>deferred</b> queue. This prevents a large mail
backlog from blocking the delivery of new mail.
<b>round robin</b>
The queue manager sorts delivery requests by desti-
- nation. Round-robin selection prevents one desti-
+ nation. Round-robin selection prevents one desti-
nation from dominating deliveries to other destina-
tions.
<b>exponential backoff</b>
Mail that cannot be delivered upon the first
- attempt is deferred. The time interval between
+ attempt is deferred. The time interval between
delivery attempts is doubled after each attempt.
<b>destination status cache</b>
- The queue manager avoids unnecessary delivery
- attempts by maintaining a short-term, in-memory
+ The queue manager avoids unnecessary delivery
+ attempts by maintaining a short-term, in-memory
list of unreachable destinations.
<b>TRIGGERS</b>
On an idle system, the queue manager waits for the arrival
- of trigger events, or it waits for a timer to go off. A
- trigger is a one-byte message. Depending on the message
- received, the queue manager performs one of the following
- actions (the message is followed by the symbolic constant
+ of trigger events, or it waits for a timer to go off. A
+ trigger is a one-byte message. Depending on the message
+ received, the queue manager performs one of the following
+ actions (the message is followed by the symbolic constant
used internally by the software):
<b>D (QMGR_REQ_SCAN_DEFERRED)</b>
- Start a <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scan. If a deferred queue
- scan is already in progress, that scan will be
+ Start a <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scan. If a deferred queue
+ scan is already in progress, that scan will be
restarted as soon as it finishes.
<b>I (QMGR_REQ_SCAN_INCOMING)</b>
- Start an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> scan. If an incoming queue
- scan is already in progress, that scan will be
+ Start an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> scan. If an incoming queue
+ scan is already in progress, that scan will be
restarted as soon as it finishes.
<b>A (QMGR_REQ_SCAN_ALL)</b>
affects the next <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scan.
<b>F (QMGR_REQ_FLUSH_DEAD)</b>
- Purge all information about dead transports and
+ Purge all information about dead transports and
destinations.
<b>W (TRIGGER_REQ_WAKEUP)</b>
- Wakeup call, This is used by the master server to
- instantiate servers that should not go away for-
- ever. The action is to start an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>
+ Wakeup call, This is used by the master server to
+ instantiate servers that should not go away for-
+ ever. The action is to start an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>
scan.
- The <b>oqmgr</b> daemon reads an entire buffer worth of triggers.
- Multiple identical trigger requests are collapsed into
- one, and trigger requests are sorted so that <b>A</b> and <b>F</b> pre-
- cede <b>D</b> and <b>I</b>. Thus, in order to force a <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>
+ The <a href="qmgr.8.html"><b>oqmgr</b>(8)</a> daemon reads an entire buffer worth of trig-
+ gers. Multiple identical trigger requests are collapsed
+ into one, and trigger requests are sorted so that <b>A</b> and <b>F</b>
+ precede <b>D</b> and <b>I</b>. Thus, in order to force a <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>
run, one would request <b>A F D</b>; in order to notify the queue
manager of the arrival of new mail one would request <b>I</b>.
<b>STANDARDS</b>
- None. The <b>oqmgr</b> daemon does not interact with the outside
- world.
+ None. The <a href="qmgr.8.html"><b>oqmgr</b>(8)</a> daemon does not interact with the out-
+ side world.
<b>SECURITY</b>
- The <b>oqmgr</b> daemon is not security sensitive. It reads sin-
- gle-character messages from untrusted local users, and
- thus may be susceptible to denial of service attacks. The
- <b>oqmgr</b> daemon does not talk to the outside world, and it
- can be run at fixed low privilege in a chrooted environ-
+ The <a href="qmgr.8.html"><b>oqmgr</b>(8)</a> daemon is not security sensitive. It reads
+ single-character messages from untrusted local users, and
+ thus may be susceptible to denial of service attacks. The
+ <a href="qmgr.8.html"><b>oqmgr</b>(8)</a> daemon does not talk to the outside world, and it
+ can be run at fixed low privilege in a chrooted environ-
ment.
<b>DIAGNOSTICS</b>
- Problems and transactions are logged to the syslog daemon.
- Corrupted message files are saved to the <b>corrupt</b> queue for
- further inspection.
+ Problems and transactions are logged to the <b>syslog</b>(8) dae-
+ mon. Corrupted message files are saved to the <b>corrupt</b>
+ queue for further inspection.
- Depending on the setting of the <b><a href="postconf.5.html#notify_classes">notify_classes</a></b> parameter,
- the postmaster is notified of bounces and of other trou-
+ Depending on the setting of the <b><a href="postconf.5.html#notify_classes">notify_classes</a></b> parameter,
+ the postmaster is notified of bounces and of other trou-
ble.
<b>BUGS</b>
- A single queue manager process has to compete for disk
- access with multiple front-end processes such as <b>smtpd</b>. A
- sudden burst of inbound mail can negatively impact out-
- bound delivery rates.
+ A single queue manager process has to compete for disk
+ access with multiple front-end processes such as
+ <a href="cleanup.8.html"><b>cleanup</b>(8)</a>. A sudden burst of inbound mail can negatively
+ impact outbound delivery rates.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are not picked up automatically, as
- <a href="qmgr.8.html">oqmgr(8)</a> is a persistent process. Use the command "<b>postfix</b>
+ Changes to <b>main.cf</b> are not picked up automatically, as
+ <a href="qmgr.8.html"><b>oqmgr</b>(8)</a> is a persistent process. Use the command "<b>postfix</b>
<b>reload</b>" after a configuration change.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
- In the text below, <i>transport</i> is the first field in a <b>mas-</b>
+ In the text below, <i>transport</i> is the first field in a <b>mas-</b>
<b>ter.cf</b> entry.
<b>COMPATIBILITY CONTROLS</b>
<b><a href="postconf.5.html#allow_min_user">allow_min_user</a> (no)</b>
- Allow a recipient address to have `-' as the first
+ Allow a recipient address to have `-' as the first
character.
<b>ACTIVE QUEUE CONTROLS</b>
<b><a href="postconf.5.html#qmgr_clog_warn_time">qmgr_clog_warn_time</a> (300s)</b>
- The minimal delay between warnings that a specific
+ The minimal delay between warnings that a specific
destination is clogging up the Postfix active
queue.
The maximal number of messages in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
<b><a href="postconf.5.html#qmgr_message_recipient_limit">qmgr_message_recipient_limit</a> (20000)</b>
- The maximal number of recipients held in memory by
- the Postfix queue manager, and the maximal size of
+ The maximal number of recipients held in memory by
+ the Postfix queue manager, and the maximal size of
the size of the short-term, in-memory "dead" desti-
nation status cache.
<b>DELIVERY CONCURRENCY CONTROLS</b>
<b><a href="postconf.5.html#qmgr_fudge_factor">qmgr_fudge_factor</a> (100)</b>
- Obsolete feature: the percentage of delivery
- resources that a busy mail system will use up for
+ Obsolete feature: the percentage of delivery
+ resources that a busy mail system will use up for
delivery of a large mailing list message.
<b><a href="postconf.5.html#initial_destination_concurrency">initial_destination_concurrency</a> (5)</b>
- The initial per-destination concurrency level for
+ The initial per-destination concurrency level for
parallel delivery to the same destination.
<b><a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a> (20)</b>
- The default maximal number of parallel deliveries
+ The default maximal number of parallel deliveries
to the same destination.
<i>transport</i><b>_destination_concurrency_limit</b>
<b>RECIPIENT SCHEDULING CONTROLS</b>
<b><a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a> (50)</b>
- The default maximal number of recipients per mes-
+ The default maximal number of recipients per mes-
sage delivery.
<i>transport</i><b>_destination_recipient_limit</b>
<b>OTHER RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a> (1000s)</b>
- The minimal time between attempts to deliver a
+ The minimal time between attempts to deliver a
deferred message.
<b><a href="postconf.5.html#maximal_backoff_time">maximal_backoff_time</a> (4000s)</b>
- The maximal time between attempts to deliver a
+ The maximal time between attempts to deliver a
deferred message.
<b><a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a> (5d)</b>
- The maximal time a message is queued before it is
+ The maximal time a message is queued before it is
sent back as undeliverable.
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (1000s)</b>
- The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
+ The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
manager.
<b><a href="postconf.5.html#transport_retry_time">transport_retry_time</a> (60s)</b>
The time between attempts by the Postfix queue man-
- ager to contact a malfunctioning message delivery
+ ager to contact a malfunctioning message delivery
transport.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a> (5d)</b>
- The maximal time a bounce message is queued before
+ The maximal time a bounce message is queued before
it is considered undeliverable.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#defer_transports">defer_transports</a> (empty)</b>
The names of message delivery transports that
- should not be delivered to unless someone issues
+ should not be delivered to unless someone issues
"<b>sendmail -q</b>" or equivalent.
<b><a href="postconf.5.html#helpful_warnings">helpful_warnings</a> (yes)</b>
- Log warnings about problematic configuration set-
+ Log warnings about problematic configuration set-
tings, and provide helpful suggestions.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager
- syslogd(8) system logging
+ syslogd(8), system logging
<b>README FILES</b>
<a href="QSHAPE_README.html">QSHAPE_README</a>, Postfix queue analysis
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
is found the corresponding result is returned.
To find out what types of lookup tables your Postfix sys-
- tem supports use the <b>postconf -m</b> command.
+ tem supports use the "<b>postconf -m</b>" command.
- To test lookup tables, use the <b>postmap -fq</b> command as
+ To test lookup tables, use the "<b>postmap -fq</b>" command as
described in the SYNOPSIS above.
<b>TABLE FORMAT</b>
<b>pickup</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>pickup</b> daemon waits for hints that new mail has been
- dropped into the <b>maildrop</b> directory, and feeds it into the
- <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon. Ill-formatted files are deleted with-
- out notifying the originator. This program expects to be
- run from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
+ The <a href="pickup.8.html"><b>pickup</b>(8)</a> daemon waits for hints that new mail has
+ been dropped into the <b>maildrop</b> directory, and feeds it
+ into the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon. Ill-formatted files are
+ deleted without notifying the originator. This program
+
expects to be run from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
<b>STANDARDS</b>
- None. The <b>pickup</b> daemon does not interact with the outside
- world.
+ None. The <a href="pickup.8.html"><b>pickup</b>(8)</a> daemon does not interact with the out-
+ side world.
<b>SECURITY</b>
- The <b>pickup</b> daemon is moderately security sensitive. It
+ The <a href="pickup.8.html"><b>pickup</b>(8)</a> daemon is moderately security sensitive. It
runs with fixed low privilege and can run in a chrooted
environment. However, the program reads files from poten-
- tially hostile users. The <b>pickup</b> daemon opens no files
+ tially hostile users. The <a href="pickup.8.html"><b>pickup</b>(8)</a> daemon opens no files
for writing, is careful about what files it opens for
reading, and does not actually touch any data that is sent
to its public service endpoint.
Problems and transactions are logged to <b>syslogd</b>(8).
<b>BUGS</b>
- The <b>pickup</b> daemon copies mail from file to the <a href="cleanup.8.html"><b>cleanup</b>(8)</a>
- daemon. It could avoid message copying overhead by send-
- ing a file descriptor instead of file data, but then the
- already complex <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon would have to deal with
- unfiltered user data.
+ The <a href="pickup.8.html"><b>pickup</b>(8)</a> daemon copies mail from file to the
+ <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon. It could avoid message copying over-
+ head by sending a file descriptor instead of file data,
+ but then the already complex <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon would have
+ to deal with unfiltered user data.
<b>CONFIGURATION PARAMETERS</b>
- As the <a href="pickup.8.html">pickup(8)</a> daemon is a relatively long-running pro-
+ As the <a href="pickup.8.html"><b>pickup</b>(8)</a> daemon is a relatively long-running pro-
cess, up to an hour may pass before a <b>main.cf</b> change takes
effect. Use the command "<b>postfix reload</b>" command to speed
up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>CONTENT INSPECTION CONTROLS</b>
<b><a href="postconf.5.html#content_filter">content_filter</a> (empty)</b>
<b>pipe</b> [generic Postfix daemon options] command_attributes...
<b>DESCRIPTION</b>
- The <b>pipe</b> daemon processes requests from the Postfix queue
- manager to deliver messages to external commands. This
- program expects to be run from the <a href="master.8.html"><b>master</b>(8)</a> process man-
- ager.
+ The <a href="pipe.8.html"><b>pipe</b>(8)</a> daemon processes requests from the Postfix
+ queue manager to deliver messages to external commands.
+ This program expects to be run from the <a href="master.8.html"><b>master</b>(8)</a> process
+ manager.
Message attributes such as sender address, recipient
address and next-hop host name can be specified as com-
mand-line macros that are expanded before the external
command is executed.
- The <b>pipe</b> daemon updates queue files and marks recipients
- as finished, or it informs the queue manager that delivery
- should be tried again at a later time. Delivery status
- reports are sent to the <a href="bounce.8.html"><b>bounce</b>(8)</a>, <a href="defer.8.html"><b>defer</b>(8)</a> or <a href="trace.8.html"><b>trace</b>(8)</a>
- daemon as appropriate.
+ The <a href="pipe.8.html"><b>pipe</b>(8)</a> daemon updates queue files and marks recipi-
+ ents as finished, or it informs the queue manager that
+ delivery should be tried again at a later time. Delivery
+ status reports are sent to the <a href="bounce.8.html"><b>bounce</b>(8)</a>, <a href="defer.8.html"><b>defer</b>(8)</a> or
+ <a href="trace.8.html"><b>trace</b>(8)</a> daemon as appropriate.
<b>SINGLE-RECIPIENT DELIVERY</b>
Some external commands cannot handle more than one recipi-
The result is compatible with the address
parsing of command-line recipients by the
- Postfix <b>sendmail</b> mail submission command.
+ Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> mail submission command.
- The <b>q</b> flag affects only entire addresses,
+ The <b>q</b> flag affects only entire addresses,
not the partial address information from the
- <b>$user</b>, <b>$extension</b> or <b>$mailbox</b> command-line
+ <b>$user</b>, <b>$extension</b> or <b>$mailbox</b> command-line
macros.
<b>u</b> Fold the command-line <b>$recipient</b> address
- localpart (text to the left of the right-
- most <b>@</b> character) to lower case. This is
+ localpart (text to the left of the right-
+ most <b>@</b> character) to lower case. This is
recommended for delivery via <b>UUCP</b>.
<b>.</b> Prepend "<b>.</b>" to lines starting with "<b>.</b>". This
is needed by, for example, <b>BSMTP</b> software.
- > Prepend ">" to lines starting with "<b>From</b> ".
+ > Prepend ">" to lines starting with "<b>From</b> ".
This is expected by, for example, <b>UUCP</b> soft-
ware.
<b>user</b>=<i>username</i>:<i>groupname</i>
The external command is executed with the rights of
- the specified <i>username</i>. The software refuses to
- execute commands with root privileges, or with the
- privileges of the mail system owner. If <i>groupname</i>
- is specified, the corresponding group ID is used
+ the specified <i>username</i>. The software refuses to
+ execute commands with root privileges, or with the
+ privileges of the mail system owner. If <i>groupname</i>
+ is specified, the corresponding group ID is used
instead of the group ID of <i>username</i>.
<b>argv</b>=<i>command</i>... (required)
- The command to be executed. This must be specified
+ The command to be executed. This must be specified
as the last command attribute. The command is exe-
cuted directly, i.e. without interpretation of
- shell meta characters by a shell command inter-
+ shell meta characters by a shell command inter-
preter.
In the command argument vector, the following
macros are recognized and replaced with correspond-
- ing information from the Postfix queue manager
+ ing information from the Postfix queue manager
delivery request.
- In addition to the form ${<i>name</i>}, the forms $<i>name</i>
- and $(<i>name</i>) are also recognized. Specify <b>$$</b> where
+ In addition to the form ${<i>name</i>}, the forms $<i>name</i>
+ and $(<i>name</i>) are also recognized. Specify <b>$$</b> where
a single <b>$</b> is wanted.
<b>${client_address</b>}
This macro expands to the remote client net-
work address.
- This is available in Postfix 2.2 and later.
+ This is available in Postfix 2.2 and later.
<b>${client_helo</b>}
This macro expands to the remote client HELO
command parameter.
- This is available in Postfix 2.2 and later.
+ This is available in Postfix 2.2 and later.
<b>${client_hostname</b>}
- This macro expands to the remote client
+ This macro expands to the remote client
hostname.
- This is available in Postfix 2.2 and later.
+ This is available in Postfix 2.2 and later.
<b>${client_protocol</b>}
This macro expands to the remote client pro-
tocol.
- This is available in Postfix 2.2 and later.
+ This is available in Postfix 2.2 and later.
<b>${extension</b>}
- This macro expands to the extension part of
- a recipient address. For example, with an
+ This macro expands to the extension part of
+ a recipient address. For example, with an
address <i>user+foo@domain</i> the extension is
<i>foo</i>.
- A command-line argument that contains
- <b>${extension</b>} expands into as many command-
+ A command-line argument that contains
+ <b>${extension</b>} expands into as many command-
line arguments as there are recipients.
- This information is modified by the <b>u</b> flag
+ This information is modified by the <b>u</b> flag
for case folding.
<b>${mailbox</b>}
- This macro expands to the complete local
- part of a recipient address. For example,
- with an address <i>user+foo@domain</i> the mailbox
+ This macro expands to the complete local
+ part of a recipient address. For example,
+ with an address <i>user+foo@domain</i> the mailbox
is <i>user+foo</i>.
- A command-line argument that contains
+ A command-line argument that contains
<b>${mailbox</b>} expands into as many command-line
arguments as there are recipients.
- This information is modified by the <b>u</b> flag
+ This information is modified by the <b>u</b> flag
for case folding.
<b>${nexthop</b>}
This macro expands to the next-hop hostname.
- This information is modified by the <b>h</b> flag
+ This information is modified by the <b>h</b> flag
for case folding.
<b>${recipient</b>}
This macro expands to the complete recipient
address.
- A command-line argument that contains
- <b>${recipient</b>} expands into as many command-
+ A command-line argument that contains
+ <b>${recipient</b>} expands into as many command-
line arguments as there are recipients.
- This information is modified by the <b>hqu</b>
+ This information is modified by the <b>hqu</b>
flags for quoting and case folding.
<b>${sasl_method</b>}
- This macro expands to the SASL authentica-
- tion mechanism used during the reception of
- the message. An empty string is passed if
- the message has been received without SASL
+ This macro expands to the SASL authentica-
+ tion mechanism used during the reception of
+ the message. An empty string is passed if
+ the message has been received without SASL
authentication.
- This is available in Postfix 2.2 and later.
+ This is available in Postfix 2.2 and later.
<b>${sasl_sender</b>}
- This macro expands to the SASL sender name
- (i.e. the original submitter as per RFC
- 2554) used during the reception of the mes-
+ This macro expands to the SASL sender name
+ (i.e. the original submitter as per RFC
+ 2554) used during the reception of the mes-
sage.
- This is available in Postfix 2.2 and later.
+ This is available in Postfix 2.2 and later.
<b>${sasl_username</b>}
- This macro expands to the SASL user name
+ This macro expands to the SASL user name
used during the reception of the message. An
- empty string is passed if the message has
+ empty string is passed if the message has
been received without SASL authentication.
- This is available in Postfix 2.2 and later.
+ This is available in Postfix 2.2 and later.
<b>${sender</b>}
- This macro expands to the envelope sender
+ This macro expands to the envelope sender
address.
- This information is modified by the <b>q</b> flag
+ This information is modified by the <b>q</b> flag
for quoting.
<b>${size</b>}
- This macro expands to Postfix's idea of the
- message size, which is an approximation of
+ This macro expands to Postfix's idea of the
+ message size, which is an approximation of
the size of the message as delivered.
<b>${user</b>}
This macro expands to the username part of a
- recipient address. For example, with an
+ recipient address. For example, with an
address <i>user+foo@domain</i> the username part is
<i>user</i>.
- A command-line argument that contains
- <b>${user</b>} expands into as many command-line
+ A command-line argument that contains
+ <b>${user</b>} expands into as many command-line
arguments as there are recipients.
- This information is modified by the <b>u</b> flag
+ This information is modified by the <b>u</b> flag
for case folding.
<b>DIAGNOSTICS</b>
- Command exit status codes are expected to follow the con-
+ Command exit status codes are expected to follow the con-
ventions defined in <<b>sysexits.h</b>>.
- Problems and transactions are logged to <b>syslogd</b>(8). Cor-
- rupted message files are marked so that the queue manager
+ Problems and transactions are logged to <b>syslogd</b>(8). Cor-
+ rupted message files are marked so that the queue manager
can move them to the <b>corrupt</b> queue for further inspection.
<b>SECURITY</b>
- This program needs a dual personality 1) to access the
- private Postfix queue and IPC mechanisms, and 2) to exe-
+ This program needs a dual personality 1) to access the
+ private Postfix queue and IPC mechanisms, and 2) to exe-
cute external commands as the specified user. It is there-
fore security sensitive.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically as <a href="pipe.8.html">pipe(8)</a>
- processes run for only a limited amount of time. Use the
+ Changes to <b>main.cf</b> are picked up automatically as <a href="pipe.8.html"><b>pipe</b>(8)</a>
+ processes run for only a limited amount of time. Use the
command "<b>postfix reload</b>" to speed up a change.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>RESOURCE AND RATE CONTROLS</b>
- In the text below, <i>transport</i> is the first field in a <b>mas-</b>
+ In the text below, <i>transport</i> is the first field in a <b>mas-</b>
<b>ter.cf</b> entry.
<i>transport</i><b>_destination_concurrency_limit ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b>
Limit the number of parallel deliveries to the same
- destination, for delivery via the named <i>transport</i>.
+ destination, for delivery via the named <i>transport</i>.
The limit is enforced by the Postfix queue manager.
<i>transport</i><b>_destination_recipient_limit ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b>
- Limit the number of recipients per message deliv-
- ery, for delivery via the named <i>transport</i>. The
+ Limit the number of recipients per message deliv-
+ ery, for delivery via the named <i>transport</i>. The
limit is enforced by the Postfix queue manager.
<i>transport</i><b>_time_limit ($<a href="postconf.5.html#command_time_limit">command_time_limit</a>)</b>
- Limit the time for delivery to external command,
+ Limit the time for delivery to external command,
for delivery via the named <i>transport</i>. The limit is
enforced by the pipe delivery agent.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#export_environment">export_environment</a> (see 'postconf -d' output)</b>
- The list of environment variables that a Postfix
+ The list of environment variables that a Postfix
process will export to non-Postfix processes.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
and most Postfix daemon processes.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
syslogd(8), system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
[<i>file</i><b>_</b><i>type</i>:]<i>file</i><b>_</b><i>name</i> ...
<b>DESCRIPTION</b>
- The <b>postalias</b> command creates or queries one or more Post-
- fix alias databases, or updates an existing one. The input
- and output file formats are expected to be compatible with
- Sendmail version 8, and are expected to be suitable for
- the use as NIS alias maps.
+ The <a href="postalias.1.html"><b>postalias</b>(1)</a> command creates or queries one or more
+ Postfix alias databases, or updates an existing one. The
+ input and output file formats are expected to be compati-
+ ble with Sendmail version 8, and are expected to be suit-
+ able for the use as NIS alias maps.
If the result files do not exist they will be created with
the same group and other read permissions as the source
<b>-i</b> Incremental mode. Read entries from standard input
and do not truncate an existing database. By
- default, <b>postalias</b> creates a new database from the
- entries in <i>file</i><b>_</b><i>name</i>.
+ default, <a href="postalias.1.html"><b>postalias</b>(1)</a> creates a new database from
+ the entries in <i>file</i><b>_</b><i>name</i>.
<b>-N</b> Include the terminating null character that termi-
- nates lookup keys and values. By default, Postfix
- does whatever is the default for the host operating
- system.
+ nates lookup keys and values. By default, <b>postal-</b>
+ <b>ias</b>(1) does whatever is the default for the host
+ operating system.
<b>-n</b> Don't include the terminating null character that
terminates lookup keys and values. By default,
- Postfix does whatever is the default for the host
- operating system.
+ <a href="postalias.1.html"><b>postalias</b>(1)</a> does whatever is the default for the
+ host operating system.
<b>-o</b> Do not release root privileges when processing a
- non-root input file. By default, <b>postalias</b> drops
+ non-root input file. By default, <a href="postalias.1.html"><b>postalias</b>(1)</a> drops
root privileges and runs as the source file owner
instead.
The database type. To find out what types are sup-
ported, use the "<b>postconf -m</b>" command.
- The <b>postalias</b> command can query any supported file
- type, but it can create only the following file
- types:
+ The <a href="postalias.1.html"><b>postalias</b>(1)</a> command can query any supported
+ file type, but it can create only the following
+ file types:
<b>btree</b> The output is a btree file, named
<i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
detected. Duplicate entries are skipped and are flagged
with a warning.
- <b>postalias</b> terminates with zero exit status in case of suc-
- cess (including successful <b>postalias -q</b> lookup) and termi-
- nates with non-zero exit status in case of failure.
+ <a href="postalias.1.html"><b>postalias</b>(1)</a> terminates with zero exit status in case of
+ success (including successful "<b>postalias -q</b>" lookup) and
+ terminates with non-zero exit status in case of failure.
<b>ENVIRONMENT</b>
<b>MAIL_CONFIG</b>
to this program.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
- The alias databases for <a href="local.8.html">local(8)</a> delivery that are
+ The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
updated with "<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
read Berkeley DB hash or btree tables.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
- The default database type for use in <a href="newaliases.1.html">newaliases(1)</a>,
- <a href="postalias.1.html">postalias(1)</a> and <a href="postmap.1.html">postmap(1)</a> commands.
+ The default database type for use in <a href="newaliases.1.html"><b>newaliases</b>(1)</a>,
+ <a href="postalias.1.html"><b>postalias</b>(1)</a> and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b>postcat</b> [<b>-oqv</b>] [<b>-c</b> <i>config</i><b>_</b><i>dir</i>] [<i>files</i>...]
<b>DESCRIPTION</b>
- The <b>postcat</b> command prints the contents of the named <i>files</i>
- in human-readable form. The files are expected to be in
- Postfix queue file format. If no <i>files</i> are specified on
+ The <a href="postcat.1.html"><b>postcat</b>(1)</a> command prints the contents of the named
+ <i>files</i> in human-readable form. The files are expected to be
+ in Postfix queue file format. If no <i>files</i> are specified on
the command line, the program reads from standard input.
Options:
to this program.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
<b>postconf</b> [<b>-ev</b>] [<b>-c</b> <i>config</i><b>_</b><i>dir</i>] [<i>parameter=value ...</i>]
<b>DESCRIPTION</b>
- The <b>postconf</b> command prints the actual value of <i>parameter</i>
- (all known parameters by default) one parameter per line,
- changes its value, or prints other information about the
- Postfix mail system.
+ The <a href="postconf.1.html"><b>postconf</b>(1)</a> command prints the actual value of <i>parame-</i>
+ <i>ter</i> (all known parameters by default) one parameter per
+ line, changes its value, or prints other information about
+ the Postfix mail system.
Options:
<b>tcp</b> (read-only)
Perform lookups using a simple request-reply
- protocol that is described in <a href="tcp_table.5.html">tcp_table(5)</a>.
+ protocol that is described in <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
This feature is not included with Postfix
2.1.
The table is the UNIX password
database. The key is a login name.
The result is a password file entry
- in passwd(5) format.
+ in <b>passwd</b>(5) format.
<b>unix:group.byname</b>
The table is the UNIX group
database. The key is a group name.
The result is a group file entry in
- group(5) format.
+ <b>group</b>(5) format.
Other table types may exist depending on how Postfix was
built.
to this program.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
<p> The remainder of this document is a description of all Postfix
configuration parameters. Default values are shown after the
parameter name in parentheses, and can be looked up with the
-<b>postconf -d</b> command. </p>
+"<b>postconf -d</b>" command. </p>
<p> Note: this is not an invitation to make changes to Postfix
configuration parameters. Unnecessary changes are likely to impair
</p>
<p>
-This feature is implemented by the <a href="anvil.8.html">anvil(8)</a> service which is not
-part of the stable Postfix 2.1 release.
+This feature is available in Postfix 2.2 and later.
</p>
<p>
<p>
Produce additional <a href="bounce.8.html">bounce(8)</a> logfile records that can be read by
-older Postfix versions. The current and more extensible "name =
+Postfix versions before 2.0. The current and more extensible "name =
value" format is needed in order to implement more sophisticated
functionality.
</p>
<p>
For compatibility reasons this feature is on by default. On systems
with lots of interactive users, the <a href="postconf.5.html#biff">biff</a> service can be a performance
-drain. Specify "<a href="postconf.5.html#biff">biff</a> = no" to disable.
+drain. Specify "<a href="postconf.5.html#biff">biff</a> = no" in main.cf to disable.
</p>
</p>
<p>
-Specify "<b><a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> = yes</b>" to have Postfix advertise
+Specify "<a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> = yes" to have Postfix advertise
AUTH support in a non-standard way.
</p>
parameter in the default main.cf file. </p>
+</DD>
+
+<DT><b><a name="connection_cache_service">connection_cache_service</a>
+(default: scache)</b></DT><DD>
+
+<p> The name of the <a href="scache.8.html">scache(8)</a> connection cache service. This service
+maintains a limited pool of cached sessions. </p>
+
+
+</DD>
+
+<DT><b><a name="connection_cache_status_update_time">connection_cache_status_update_time</a>
+(default: 600s)</b></DT><DD>
+
+<p> How frequently the <a href="scache.8.html">scache(8)</a> server logs usage statistics with
+connection cache hit and miss rates for logical destinations and for
+physical endpoints. </p>
+
+
+</DD>
+
+<DT><b><a name="connection_cache_ttl_limit">connection_cache_ttl_limit</a>
+(default: 2s)</b></DT><DD>
+
+<p> The maximal time-to-live value that the connection cache server
+allows. Requests that specify a larger TTL will be stored with the
+maximum allowed TTL. The purpose of this additional control is to
+protect the infrastructure against careless people. The cache TTL
+is already bounded by $<a href="postconf.5.html#max_idle">max_idle</a>. </p>
+
+
</DD>
<DT><b><a name="content_filter">content_filter</a>
<dt><b>$client_name</b></dt>
-<dd>The client hostname or "<b>unknown</b>". </dd>
+<dd>The client hostname or "unknown". </dd>
<dt><b>$helo_name</b></dt>
<p> Report mail delivery errors to the address specified with the
non-standard Errors-To: message header, instead of the envelope
-sender address. This support is disabled by default with Postfix
-2.1 and later, and is always turned on with older Postfix versions.
-</p>
+sender address (this feature is removed with Postfix 2.2, is
+turned off by default with Postfix 2.1, and is always turned on
+with older Postfix versions). </p>
</DD>
<p>
The maximal number of recipient addresses that Postfix will extract
-from message headers when mail is submitted with "sendmail -t".
+from message headers when mail is submitted with "<b>sendmail -t</b>".
</p>
<p>
<ul>
-<li> In main.cf specify "<tt><a href="postconf.5.html#relay_transport">relay_transport</a> = relay</tt>",
+<li> In main.cf specify "<a href="postconf.5.html#relay_transport">relay_transport</a> = relay",
-<li> In master.cf specify "<tt>-o <a href="postconf.5.html#fallback_relay">fallback_relay</a> =</tt>" at the
-end of the <tt>relay</tt> entry.
+<li> In master.cf specify "-o <a href="postconf.5.html#fallback_relay">fallback_relay</a> =" (i.e., empty) at
+the end of the <tt>relay</tt> entry.
-<li> In transport maps, specify "<tt>relay:<i>nexthop...</i></tt>"
+<li> In transport maps, specify "relay:<i>nexthop...</i>"
as the right-hand side for backup or primary MX domain entries.
</ul>
as lookup key. </p>
<p>
-Specify "<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> =" to disable the feature altogether.
+Specify "<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> =" (i.e., empty) to disable the feature
+altogether.
</p>
delay. This behavior is required by the SMTP standard. </p>
<p>
-Specify "<b><a href="postconf.5.html#ignore_mx_lookup_error">ignore_mx_lookup_error</a> = yes</b>" to force a DNS A record
+Specify "<a href="postconf.5.html#ignore_mx_lookup_error">ignore_mx_lookup_error</a> = yes" to force a DNS A record
lookup instead. This violates the SMTP standard and can result in
mis-delivery of mail.
</p>
</p>
<p>
-With the default 100 SMTP server process limit, "<b><a href="postconf.5.html#in_flow_delay">in_flow_delay</a>
-= 1s</b>" limits the mail inflow to 100 messages per second above the
+With the default 100 SMTP server process limit, "<a href="postconf.5.html#in_flow_delay">in_flow_delay</a>
+= 1s" limits the mail inflow to 100 messages per second above the
number of messages delivered per second.
</p>
(default: all)</b></DT><DD>
<p> The network interface addresses that this mail system receives
-mail on. By default, the software claims all active interfaces on
-the machine; with Postfix 2.2 and later, specify "<b>loopback-only</b>"
-to select only local interfaces. The parameter also controls
-delivery of mail to user@[ip.address]. </p>
+mail on. Specify "all" to receive mail on all network
+interfaces (default), and "loopback-only" to receive mail
+on loopback network interfaces only (Postfix 2.2 and later). The
+parameter also controls delivery of mail to <tt>user@[ip.address]</tt>.
+</p>
<p>
Note: you need to stop and start Postfix when this parameter changes.
<p>
A better solution for multi-homed firewalls is to leave <a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
-at the default value
-and instead use explicit IP addresses in master.cf. This preserves SMTP
+at the default value and instead use explicit IP addresses in
+the master.cf SMTP server definitions. This preserves the SMTP client's
loop detection, by ensuring that each side of the firewall knows that the
other IP address is still the same host. Setting $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> to a
single IPv4 and/or IPV6 address is primarily useful with virtual
<pre>
<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = all (DEFAULT)
-<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only
+<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only (Postfix 2.2 and later)
<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = 127.0.0.1
+<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = 127.0.0.1, [::1] (Postfix 2.2 and later)
<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = 192.168.1.2, 127.0.0.1
</pre>
(default: ipv4)</b></DT><DD>
<p> The Internet protocols Postfix will attempt to use when making
-or accepting connections. Specify one or more of "ipv4" or "ipv6",
-separated by whitespace or commas. The form "all" is equivalent to
-"ipv4, ipv6". </p>
+or accepting connections. Specify one or more of "ipv4"
+or "ipv6", separated by whitespace or commas. The form
+"all" is equivalent to "ipv4, ipv6". </p>
<p> This feature is available in Postfix version 2.2 and later. </p>
client IP address matches any network or network address listed in
$<a href="postconf.5.html#mynetworks">mynetworks</a>. This setting will not prevent remote mail header
address rewriting when mail from a remote client is forwarded by
-a neighboring system. </p>
+a neighboring system. </dd>
<dt><b> <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a> </b></dt>
<li>You redefine the local delivery agent in master.cf.
-<li>
You redefine the "<a href="postconf.5.html#local_transport">local_transport</a>" setting in main.cf.
+<li>You redefine the "<a href="postconf.5.html#local_transport">local_transport</a>" setting in main.cf.
<li>You use the "<a href="postconf.5.html#luser_relay">luser_relay</a>", "<a href="postconf.5.html#mailbox_transport">mailbox_transport</a>", or "<a href="postconf.5.html#fallback_transport">fallback_transport</a>"
feature of the Postfix <a href="local.8.html">local(8)</a> delivery agent.
<p>
NOTE: if you use this feature for accounts not in the UNIX password
-file, then you must specify "<b><a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =</b>" (i.e. empty)
+file, then you must specify "<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =" (i.e. empty)
in the main.cf file, otherwise the Postfix SMTP server will reject mail
for non-UNIX accounts with "User unknown in local recipient table".
</p>
<p>
The numerical Postfix SMTP server response code when a remote SMTP
-client request is rejected by the "<b>reject</b>" restriction.
+client request is rejected by the "reject" restriction.
</p>
<p>
operators remain visible. This behavior is safe but it is also
technically incorrect. </p>
-<p> If you specify "<a href="postconf.5.html#resolve_dequoted_address">resolve_dequoted_address</a> = no", then the Postfix
+<p> If you specify "<a href="postconf.5.html#resolve_dequoted_address">resolve_dequoted_address</a> = no", then
+the Postfix
resolver will not know about additional @ etc. operators in the
address localpart. This opens opportunities for obscure mail relay
attacks with user@domain@domain addresses when Postfix provides
</p>
-</DD>
-
-<DT><b><a name="session_cache_service">session_cache_service</a>
-(default: scache)</b></DT><DD>
-
-<p> The name of the <a href="scache.8.html">scache(8)</a> connection cache service. This service
-maintains a limited pool of cached sessions. </p>
-
-
-</DD>
-
-<DT><b><a name="session_cache_status_update_time">session_cache_status_update_time</a>
-(default: 600s)</b></DT><DD>
-
-<p> How frequently the <a href="scache.8.html">scache(8)</a> server logs usage statistics with
-connection cache hit and miss rates for logical destinations and for
-physical endpoints. </p>
-
-
-</DD>
-
-<DT><b><a name="session_cache_ttl_limit">session_cache_ttl_limit</a>
-(default: 2s)</b></DT><DD>
-
-<p> The maximal time-to-live value that the connection cache server
-allows. Requests that specify a larger TTL will be stored with the
-maximum allowed TTL. The purpose of this additional control is to
-protect the infrastructure against careless people. The cache TTL
-is already bounded by $<a href="postconf.5.html#max_idle">max_idle</a>. </p>
-
-
</DD>
<DT><b><a name="setgid_group">setgid_group</a>
<p>
The group ownership of set-gid Postfix commands and of group-writable
Postfix directories. When this parameter value is changed you need
-to re-run "<b>post-install set-permissions</b>".
+to re-run "<b>postfix set-permissions</b>" (with Postfix 2.0 and
+earlier: "<b>/etc/postfix/post-install set-permissions</b>".
</p>
<dd>Pause for the specified number of seconds and proceed with
the next restriction in the list, if any. This may stop zombie
-mail when used as: </dd>
+mail when used as:
-<blockquote>
<pre>
/etc/postfix/main.cf:
<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> =
sleep 1, <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a>
<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = no
</pre>
-</blockquote>
+This feature is available in Postfix 2.3. </dd>
<dt><b><a name="warn_if_reject">warn_if_reject</a></b></dt>
<p> Note 1: this mode implies "<a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> = yes". </p>
-<p> Note 2: when invoked via "sendmail -bs", Postfix will never offer
+<p> Note 2: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
STARTTLS due to insufficient privileges to access the server private
key. This is intended behavior. </p>
<p> Opportunistic mode: announce STARTTLS support to SMTP clients,
but do not require that clients use TLS encryption. </p>
-<p> Note: when invoked via "sendmail -bs", Postfix will never offer
+<p> Note: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
STARTTLS due to insufficient privileges to access the server private
key. This is intended behavior. </p>
<p>
Obsolete SUN mailtool compatibility feature. Instead, use
-"<b><a href="postconf.5.html#mailbox_delivery_lock">mailbox_delivery_lock</a> = dotlock</b>".
+"<a href="postconf.5.html#mailbox_delivery_lock">mailbox_delivery_lock</a> = dotlock".
</p>
<p>
The minimum user ID value that the <a href="virtual.8.html">virtual(8)</a> delivery agent accepts
-as a result from <b>$<a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a></b> table lookup. Returned
+as a result from $<a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a> table lookup. Returned
values less than this will be rejected, and the message will be
deferred.
</p>
<b>postdrop</b> [<b>-rv</b>] [<b>-c</b> <i>config</i><b>_</b><i>dir</i>]
<b>DESCRIPTION</b>
- The <b>postdrop</b> command creates a file in the <b>maildrop</b> direc-
- tory and copies its standard input to the file.
+ The <a href="postdrop.1.html"><b>postdrop</b>(1)</a> command creates a file in the <b>maildrop</b>
+ directory and copies its standard input to the file.
Options:
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html">postconf(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b><a href="postconf.5.html#alternate_config_directories">alternate_config_directories</a> (empty)</b>
<b><a href="postconf.5.html#trigger_timeout">trigger_timeout</a> (10s)</b>
The time limit for sending a trigger to a Postfix
- daemon (for example, the <a href="pickup.8.html">pickup(8)</a> or <a href="qmgr.8.html">qmgr(8)</a> dae-
+ daemon (for example, the <a href="pickup.8.html"><b>pickup</b>(8)</a> or <a href="qmgr.8.html"><b>qmgr</b>(8)</a> dae-
mon).
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (static:anyone)</b>
List of users who are authorized to submit mail
- with the <a href="sendmail.1.html">sendmail(1)</a> command (and with the privi-
- leged <a href="postdrop.1.html">postdrop(1)</a> helper command).
+ with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
+ leged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper command).
<b>FILES</b>
/var/spool/postfix/<a href="QSHAPE_README.html#maildrop_queue">maildrop</a>, <a href="QSHAPE_README.html#maildrop_queue">maildrop queue</a>
<li> <a href="postcat.1.html">postcat(1)</a>, examine Postfix queue file
+<li> <a href="postconf.1.html">postconf(1)</a>, Postfix configuration utility
+
<li> <a href="postkick.1.html">postkick(1)</a>, trigger Postfix daemon
<li> <a href="postlock.1.html">postlock(1)</a>, Postfix-compatible locking
<b>DESCRIPTION</b>
This command is reserved for the superuser. To submit
- mail, use the Postfix <b>sendmail</b> command.
+ mail, use the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command.
- The <b>postfix</b> command controls the operation of the Postfix
- mail system: start or stop the <b>master</b> daemon, do a health
- check, and other maintenance.
+ The <a href="postfix.1.html"><b>postfix</b>(1)</a> command controls the operation of the Post-
+ fix mail system: start or stop the <a href="master.8.html"><b>master</b>(8)</a> daemon, do a
+ health check, and other maintenance.
- The <b>postfix</b> command sets up a standardized environment and
- runs the <b>postfix-script</b> shell script to do the actual
+ The <a href="postfix.1.html"><b>postfix</b>(1)</a> command sets up a standardized environment
+ and runs the <b>postfix-script</b> shell script to do the actual
work.
The following commands are implemented:
verbose.
<b>ENVIRONMENT</b>
- The <b>postfix</b> command exports the following environment
+ The <a href="postfix.1.html"><b>postfix</b>(1)</a> command exports the following environment
variables before executing the <b>postfix-script</b> file:
<b>MAIL_CONFIG</b>
<b><a href="postconf.5.html#sendmail_path">sendmail_path</a> (see 'postconf -d' output)</b>
A Sendmail compatibility feature that specifies the
- location of the Postfix <a href="sendmail.1.html">sendmail(1)</a> command.
+ location of the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command.
<b><a href="postconf.5.html#newaliases_path">newaliases_path</a> (see 'postconf -d' output)</b>
Sendmail compatibility feature that specifies the
- location of the <a href="newaliases.1.html">newaliases(1)</a> command.
+ location of the <a href="newaliases.1.html"><b>newaliases</b>(1)</a> command.
<b><a href="postconf.5.html#mailq_path">mailq_path</a> (see 'postconf -d' output)</b>
Sendmail compatibility feature that specifies where
- the Postfix <a href="mailq.1.html">mailq(1)</a> command is installed.
+ the Postfix <a href="mailq.1.html"><b>mailq</b>(1)</a> command is installed.
<b><a href="postconf.5.html#html_directory">html_directory</a> (see 'postconf -d' output)</b>
The location of Postfix HTML files that describe
Commands:
<a href="postalias.1.html">postalias(1)</a>, create/update/query alias database
<a href="postcat.1.html">postcat(1)</a>, examine Postfix queue file
+ <a href="postconf.1.html">postconf(1)</a>, Postfix configuration utility
<a href="postkick.1.html">postkick(1)</a>, trigger Postfix daemon
<a href="postlock.1.html">postlock(1)</a>, Postfix-compatible locking
<a href="postlog.1.html">postlog(1)</a>, Postfix-compatible logging
<b>postkick</b> [<b>-c</b> <i>config</i><b>_</b><i>dir</i>] [<b>-v</b>] <i>class service request</i>
<b>DESCRIPTION</b>
- The <b>postkick</b> command sends <i>request</i> to the specified <i>ser-</i>
- <i>vice</i> over a local transport channel. This command makes
- Postfix private IPC accessible for use in, for example,
- shell scripts.
+ The <a href="postkick.1.html"><b>postkick</b>(1)</a> command sends <i>request</i> to the specified
+ <i>service</i> over a local transport channel. This command
+ makes Postfix private IPC accessible for use in, for exam-
+ ple, shell scripts.
Options:
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html">postconf(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
master.cf configuration files.
<b><a href="postconf.5.html#application_event_drain_time">application_event_drain_time</a> (100s)</b>
- How long the <a href="postkick.1.html">postkick(1)</a> command waits for a
+ How long the <a href="postkick.1.html"><b>postkick</b>(1)</a> command waits for a
request to enter the server's input buffer before
giving up.
<b>[-v</b>] <i>file command...</i>
<b>DESCRIPTION</b>
- The <b>postlock</b> command locks <i>file</i> for exclusive access, and
- executes <i>command</i>. The locking method is compatible with
- the Postfix UNIX-style local delivery agent.
+ The <a href="postlock.1.html"><b>postlock</b>(1)</a> command locks <i>file</i> for exclusive access,
+ and executes <i>command</i>. The locking method is compatible
+ with the Postfix UNIX-style local delivery agent.
Options:
command interpreter.
<b>DIAGNOSTICS</b>
- The result status is 75 (EX_TEMPFAIL) when <b>postlock</b> could
- not perform the requested operation. Otherwise, the exit
- status is the exit status from the command.
+ The result status is 75 (EX_TEMPFAIL) when <a href="postlock.1.html"><b>postlock</b>(1)</a>
+ could not perform the requested operation. Otherwise, the
+ exit status is the exit status from the command.
<b>BUGS</b>
With remote file systems, the ability to acquire a lock
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html">postconf(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b>LOCKING CONTROLS</b>
<b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b>
The maximal number of attempts to acquire an exclu-
- sive lock on a mailbox file or <a href="bounce.8.html">bounce(8)</a> logfile.
+ sive lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
The time between attempts to acquire an exclusive
- lock on a mailbox file or <a href="bounce.8.html">bounce(8)</a> logfile.
+ lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#stale_lock_time">stale_lock_time</a> (500s)</b>
The time after which a stale exclusive mailbox
lockfile is removed.
<b><a href="postconf.5.html#mailbox_delivery_lock">mailbox_delivery_lock</a> (see 'postconf -d' output)</b>
- How to lock a UNIX-style <a href="local.8.html">local(8)</a> mailbox before
+ How to lock a UNIX-style <a href="local.8.html"><b>local</b>(8)</a> mailbox before
attempting delivery.
<b>RESOURCE AND RATE CONTROLS</b>
[<b>-p</b> <i>priority</i><b>] [-t</b> <i>tag</i>] [<i>text...</i>]
<b>DESCRIPTION</b>
- The <b>postlog</b> command implements a Postfix-compatible log-
- ging interface for use in, for example, shell scripts.
+ The <a href="postlog.1.html"><b>postlog</b>(1)</a> command implements a Postfix-compatible
+ logging interface for use in, for example, shell scripts.
- By default, <b>postlog</b> logs the <i>text</i> given on the command
+ By default, <a href="postlog.1.html"><b>postlog</b>(1)</a> logs the <i>text</i> given on the command
line as one record. If no <i>text</i> is specified on the command
- line, <b>postlog</b> reads from standard input and logs each
+ line, <a href="postlog.1.html"><b>postlog</b>(1)</a> reads from standard input and logs each
input line as one record.
- Logging is sent to <b>syslogd</b>(8); when the standard error
- stream is connected to a terminal, logging is sent there
+ Logging is sent to <b>syslogd</b>(8); when the standard error
+ stream is connected to a terminal, logging is sent there
as well.
The following options are implemented:
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
- Read the <b>main.cf</b> configuration file in the named
+ Read the <b>main.cf</b> configuration file in the named
directory instead of the default configuration
directory.
<b>-i</b> Include the process ID in the logging tag.
<b>-p</b> <i>priority</i>
- Specifies the logging severity: <b>info</b> (default),
+ Specifies the logging severity: <b>info</b> (default),
<b>warn</b>, <b>error</b>, <b>fatal</b>, or <b>panic</b>.
<b>-t</b> <i>tag</i> Specifies the logging tag, that is, the identifying
- name that appears at the beginning of each logging
- record. A default tag is used when none is speci-
+ name that appears at the beginning of each logging
+ record. A default tag is used when none is speci-
fied.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
<b>ENVIRONMENT</b>
Directory with the <b>main.cf</b> file.
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
+ The following <b>main.cf</b> parameters are especially relevant
to this program.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
syslogd(8), syslog daemon
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
[<i>file</i><b>_</b><i>type</i>:]<i>file</i><b>_</b><i>name</i> ...
<b>DESCRIPTION</b>
- The <b>postmap</b> command creates or queries one or more Postfix
- lookup tables, or updates an existing one. The input and
- output file formats are expected to be compatible with:
+ The <a href="postmap.1.html"><b>postmap</b>(1)</a> command creates or queries one or more
+ Postfix lookup tables, or updates an existing one. The
+ input and output file formats are expected to be compati-
+ ble with:
<b>makemap</b> <i>file</i><b>_</b><i>type file</i><b>_</b><i>name</i> < <i>file</i><b>_</b><i>name</i>
If the result files do not exist they will be created with
- the same group and other read permissions as the source
+ the same group and other read permissions as the source
file.
- While the table update is in progress, signal delivery is
- postponed, and an exclusive, advisory, lock is placed on
+ While the table update is in progress, signal delivery is
+ postponed, and an exclusive, advisory, lock is placed on
the entire table, in order to avoid surprises in spectator
programs.
<i>key</i> whitespace <i>value</i>
- <b>o</b> Empty lines and whitespace-only lines are ignored,
- as are lines whose first non-whitespace character
+ <b>o</b> Empty lines and whitespace-only lines are ignored,
+ as are lines whose first non-whitespace character
is a `#'.
- <b>o</b> A logical line starts with non-whitespace text. A
- line that starts with whitespace continues a logi-
+ <b>o</b> A logical line starts with non-whitespace text. A
+ line that starts with whitespace continues a logi-
cal line.
- The <i>key</i> and <i>value</i> are processed as is, except that sur-
- rounding white space is stripped off. Unlike with Postfix
- alias databases, quotes cannot be used to protect lookup
- keys that contain special characters such as `#' or
+ The <i>key</i> and <i>value</i> are processed as is, except that sur-
+ rounding white space is stripped off. Unlike with Postfix
+ alias databases, quotes cannot be used to protect lookup
+ keys that contain special characters such as `#' or
whitespace. The <i>key</i> is mapped to lowercase to make mapping
lookups case insensitive.
<b>COMMAND-LINE ARGUMENTS</b>
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
- Read the <b>main.cf</b> configuration file in the named
+ Read the <b>main.cf</b> configuration file in the named
directory instead of the default configuration
directory.
- <b>-d</b> <i>key</i> Search the specified maps for <i>key</i> and remove one
- entry per map. The exit status is zero when the
+ <b>-d</b> <i>key</i> Search the specified maps for <i>key</i> and remove one
+ entry per map. The exit status is zero when the
requested information was found.
If a key value of <b>-</b> is specified, the program reads
key values from the standard input stream. The exit
- status is zero when at least one of the requested
+ status is zero when at least one of the requested
keys was found.
<b>-f</b> Do not fold the lookup key to lower case while cre-
ating or querying a map.
- <b>-i</b> Incremental mode. Read entries from standard input
+ <b>-i</b> Incremental mode. Read entries from standard input
and do not truncate an existing database. By
- default, <b>postmap</b> creates a new database from the
+ default, <a href="postmap.1.html"><b>postmap</b>(1)</a> creates a new database from the
entries in <b>file_name</b>.
- <b>-N</b> Include the terminating null character that termi-
- nates lookup keys and values. By default, Postfix
- does whatever is the default for the host operating
- system.
+ <b>-N</b> Include the terminating null character that termi-
+ nates lookup keys and values. By default,
+ <a href="postmap.1.html"><b>postmap</b>(1)</a> does whatever is the default for the
+ host operating system.
- <b>-n</b> Don't include the terminating null character that
- terminates lookup keys and values. By default,
- Postfix does whatever is the default for the host
- operating system.
+ <b>-n</b> Don't include the terminating null character that
+ terminates lookup keys and values. By default,
+ <a href="postmap.1.html"><b>postmap</b>(1)</a> does whatever is the default for the
+ host operating system.
- <b>-o</b> Do not release root privileges when processing a
- non-root input file. By default, <b>postmap</b> drops root
- privileges and runs as the source file owner
+ <b>-o</b> Do not release root privileges when processing a
+ non-root input file. By default, <a href="postmap.1.html"><b>postmap</b>(1)</a> drops
+ root privileges and runs as the source file owner
instead.
<b>-p</b> Do not inherit the file access permissions from the
input file when creating a new file. Instead, cre-
- ate a new file with default access permissions
+ ate a new file with default access permissions
(mode 0644).
- <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
- first value found to the standard output stream.
+ <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
+ first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of <b>-</b> is specified, the program reads
- key values from the standard input stream and
- writes one line of <i>key value</i> output for each key
- that was found. The exit status is zero when at
+ key values from the standard input stream and
+ writes one line of <i>key value</i> output for each key
+ that was found. The exit status is zero when at
least one of the requested keys was found.
<b>-r</b> When updating a table, do not complain about
attempts to update existing entries, and make those
updates anyway.
- <b>-s</b> Retrieve all database elements, and write one line
- of <i>key value</i> output for each element. The elements
- are printed in database order, which is not neces-
- sarily the same as the original input order. This
- feature is available in Postfix version 2.2 and
+ <b>-s</b> Retrieve all database elements, and write one line
+ of <i>key value</i> output for each element. The elements
+ are printed in database order, which is not neces-
+ sarily the same as the original input order. This
+ feature is available in Postfix version 2.2 and
later, and is not available for all database types.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
<b>-w</b> When updating a table, do not complain about
- attempts to update existing entries, and ignore
+ attempts to update existing entries, and ignore
those attempts.
Arguments:
<i>file</i><b>_</b><i>type</i>
- The database type. To find out what types are sup-
+ The database type. To find out what types are sup-
ported, use the "<b>postconf -m</b>" command.
- The <b>postmap</b> command can query any supported file
- type, but it can create only the following file
+ The <a href="postmap.1.html"><b>postmap</b>(1)</a> command can query any supported file
+ type, but it can create only the following file
types:
- <b>btree</b> The output file is a btree file, named
- <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
+ <b>btree</b> The output file is a btree file, named
+ <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
with support for <b>db</b> databases.
<b>cdb</b> The output consists of one file, named
<i>file</i><b>_</b><i>name</i><b>.cdb</b>. This is available on systems
with support for <b>cdb</b> databases.
- <b>dbm</b> The output consists of two files, named
- <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
- available on systems with support for <b>dbm</b>
+ <b>dbm</b> The output consists of two files, named
+ <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
+ available on systems with support for <b>dbm</b>
databases.
- <b>hash</b> The output file is a hashed file, named
- <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
+ <b>hash</b> The output file is a hashed file, named
+ <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
with support for <b>db</b> databases.
- <b>sdbm</b> The output consists of two files, named
- <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
- available on systems with support for <b>sdbm</b>
+ <b>sdbm</b> The output consists of two files, named
+ <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
+ available on systems with support for <b>sdbm</b>
databases.
- When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
- the database type specified via the
+ When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
+ the database type specified via the
<b><a href="postconf.5.html#default_database_type">default_database_type</a></b> configuration parameter.
<i>file</i><b>_</b><i>name</i>
- The name of the lookup table source file when
+ The name of the lookup table source file when
rebuilding a database.
<b>DIAGNOSTICS</b>
- Problems are logged to the standard error stream and to
- <b>syslogd</b>(8). No output means that no problems were
- detected. Duplicate entries are skipped and are flagged
+ Problems are logged to the standard error stream and to
+ <b>syslogd</b>(8). No output means that no problems were
+ detected. Duplicate entries are skipped and are flagged
with a warning.
- <b>postmap</b> terminates with zero exit status in case of suc-
- cess (including successful <b>postmap -q</b> lookup) and termi-
- nates with non-zero exit status in case of failure.
+ <a href="postmap.1.html"><b>postmap</b>(1)</a> terminates with zero exit status in case of
+ success (including successful "<b>postmap -q</b>" lookup) and
+ terminates with non-zero exit status in case of failure.
<b>ENVIRONMENT</b>
<b>MAIL_CONFIG</b>
Enable verbose logging for debugging purposes.
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
+ The following <b>main.cf</b> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html">postconf(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b><a href="postconf.5.html#berkeley_db_create_buffer_size">berkeley_db_create_buffer_size</a> (16777216)</b>
- The per-table I/O buffer size for programs that
+ The per-table I/O buffer size for programs that
create Berkeley DB hash or btree tables.
<b><a href="postconf.5.html#berkeley_db_read_buffer_size">berkeley_db_read_buffer_size</a> (131072)</b>
- The per-table I/O buffer size for programs that
+ The per-table I/O buffer size for programs that
read Berkeley DB hash or btree tables.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
- The default database type for use in <a href="newaliases.1.html">newaliases(1)</a>,
- <a href="postalias.1.html">postalias(1)</a> and <a href="postmap.1.html">postmap(1)</a> commands.
+ The default database type for use in <a href="newaliases.1.html"><b>newaliases</b>(1)</a>,
+ <a href="postalias.1.html"><b>postalias</b>(1)</a> and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
<b>postqueue</b> [<b>-c</b> <i>config</i><b>_</b><i>dir</i>] <b>-s</b> <i>site</i>
<b>DESCRIPTION</b>
- The <b>postqueue</b> program implements the Postfix user inter-
- face for queue management. It implements operations that
- are traditionally available via the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command.
- See the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command for queue operations that
- require super-user privileges such as deleting a message
- from the queue or changing the status of a message.
+ The <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command implements the Postfix user
+ interface for queue management. It implements operations
+ that are traditionally available via the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> com-
+ mand. See the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command for queue operations
+ that require super-user privileges such as deleting a mes-
+ sage from the queue or changing the status of a message.
The following options are recognized:
<b>-f</b> Flush the queue: attempt to deliver all queued
mail.
- This option implements the traditional <b>sendmail -q</b>
- command, by contacting the Postfix <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon.
+ This option implements the traditional "<b>sendmail</b>
+ <b>-q</b>" command, by contacting the Postfix <a href="qmgr.8.html"><b>qmgr</b>(8)</a> dae-
+ mon.
Warning: flushing undeliverable mail frequently
will result in poor delivery performance of all
See <a href="flush.8.html"><b>flush</b>(8)</a> for more information about the "fast
flush" service.
- This option implements the traditional <b>sendmail</b>
- <b>-qR</b><i>site</i> command, by contacting the Postfix <a href="flush.8.html"><b>flush</b>(8)</a>
- daemon.
+ This option implements the traditional "<b>sendmail</b>
+ <b>-qR</b><i>site</i>" command, by contacting the Postfix
+ <a href="flush.8.html"><b>flush</b>(8)</a> daemon.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
tiple <b>-v</b> options make the software increasingly
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html">postconf(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b><a href="postconf.5.html#alternate_config_directories">alternate_config_directories</a> (empty)</b>
<b><a href="postconf.5.html#trigger_timeout">trigger_timeout</a> (10s)</b>
The time limit for sending a trigger to a Postfix
- daemon (for example, the <a href="pickup.8.html">pickup(8)</a> or <a href="qmgr.8.html">qmgr(8)</a> dae-
+ daemon (for example, the <a href="pickup.8.html"><b>pickup</b>(8)</a> or <a href="qmgr.8.html"><b>qmgr</b>(8)</a> dae-
mon).
Available in Postfix version 2.2 and later:
[<b>-r</b> <i>queue</i><b>_</b><i>id</i>] [<i>directory ...</i>]
<b>DESCRIPTION</b>
- The <b>postsuper</b> command does maintenance jobs on the Postfix
- queue. Use of the command is restricted to the superuser.
- See the <b>postqueue</b> command for unprivileged queue opera-
- tions such as listing or flushing the mail queue.
-
- By default, <b>postsuper</b> performs the operations requested
- with the <b>-s</b> and <b>-p</b> command-line options on all Postfix
+ The <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command does maintenance jobs on the
+ Postfix queue. Use of the command is restricted to the
+ superuser. See the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command for unprivileged
+ queue operations such as listing or flushing the mail
+ queue.
+
+ By default, <a href="postsuper.1.html"><b>postsuper</b>(1)</a> performs the operations requested
+ with the <b>-s</b> and <b>-p</b> command-line options on all Postfix
queue directories - this includes the <b>incoming</b>, <b>active</b> and
- <b>deferred</b> directories with mail files and the <b>bounce</b>,
+ <b>deferred</b> directories with mail files and the <b>bounce</b>,
<b>defer</b>, <b>trace</b> and <b>flush</b> directories with log files.
Options:
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
- The <b>main.cf</b> configuration file is in the named
+ The <b>main.cf</b> configuration file is in the named
directory instead of the default configuration
- directory. See also the MAIL_CONFIG environment
+ directory. See also the MAIL_CONFIG environment
setting below.
<b>-d</b> <i>queue</i><b>_</b><i>id</i>
Delete one message with the named queue ID from the
- named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
+ named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
<b>active</b> and <b>deferred</b>). If a <i>queue</i><b>_</b><i>id</i> of <b>-</b> is speci-
- fied, the program reads queue IDs from standard
- input. For example, to delete all mail from or to
- <b>user@example.com</b>:
-
- mailq | tail +2 | awk 'BEGIN { RS = "" } \
- / user@example\.com$/ { print $1 } \
+ fied, the program reads queue IDs from standard
+ input. For example, to delete all mail with exactly
+ one recipient <b>user@example.com</b>:
+
+ mailq | tail +2 | awk 'BEGIN { RS = "" }
+ # $7=sender, $8=recipient1, $9=recipient2
+ { if ($8 == "user@example.com" && $9 == "")
+ print $1 }
' | tr -d '*!' | postsuper -d -
Specify <b>-d ALL</b> to remove all messages; for example,
- specify <b>-d ALL deferred</b> to delete mail in the
- <b>deferred</b> queue. As a safety measure, the word <b>ALL</b>
+ specify <b>-d ALL deferred</b> to delete mail in the
+ <b>deferred</b> queue. As a safety measure, the word <b>ALL</b>
must be specified in upper case.
- Warning: Postfix queue IDs are reused. There is a
- very small possibility that postsuper deletes the
- wrong message file when it is executed while the
+ Warning: Postfix queue IDs are reused. There is a
+ very small possibility that postsuper deletes the
+ wrong message file when it is executed while the
Postfix mail system is delivering mail.
The scenario is as follows:
- 1) The Postfix queue manager deletes the mes-
- sage that <b>postsuper</b> is asked to delete,
+ 1) The Postfix queue manager deletes the mes-
+ sage that <a href="postsuper.1.html"><b>postsuper</b>(1)</a> is asked to delete,
because Postfix is finished with the message
- (it is delivered, or it is returned to the
+ (it is delivered, or it is returned to the
sender).
- 2) New mail arrives, and the new message is
- given the same queue ID as the message that
- <b>postsuper</b> is supposed to delete. The proba-
- bility for reusing a deleted queue ID is
- about 1 in 2**15 (the number of different
+ 2) New mail arrives, and the new message is
+ given the same queue ID as the message that
+ <a href="postsuper.1.html"><b>postsuper</b>(1)</a> is supposed to delete. The
+ probability for reusing a deleted queue ID
+ is about 1 in 2**15 (the number of different
microsecond values that the system clock can
distinguish within a second).
- 3) <b>postsuper</b> deletes the new message, instead
- of the old message that it should have
- deleted.
+ 3) <a href="postsuper.1.html"><b>postsuper</b>(1)</a> deletes the new message,
+ instead of the old message that it should
+ have deleted.
<b>-h</b> <i>queue</i><b>_</b><i>id</i>
- Put mail "on hold" so that no attempt is made to
- deliver it. Move one message with the named queue
+ Put mail "on hold" so that no attempt is made to
+ deliver it. Move one message with the named queue
ID from the named mail queue(s) (default: <b>incoming</b>,
- <b>active</b> and <b>deferred</b>) to the <b>hold</b> queue. If a
+ <b>active</b> and <b>deferred</b>) to the <b>hold</b> queue. If a
<i>queue</i><b>_</b><i>id</i> of <b>-</b> is specified, the program reads queue
IDs from standard input.
- Specify <b>-h ALL</b> to hold all messages; for example,
+ Specify <b>-h ALL</b> to hold all messages; for example,
specify <b>-h ALL deferred</b> to hold mail in the
- <b>deferred</b> queue. As a safety measure, the word <b>ALL</b>
+ <b>deferred</b> queue. As a safety measure, the word <b>ALL</b>
must be specified in upper case.
- Note: while mail is "on hold" it will not expire
- when
its time in the queue exceeds the <b><a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
+ Note: while mail is "on hold" it will not expire
+ when
its time in the queue exceeds the <b><a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
<b><a href="postconf.5.html#maximal_queue_lifetime">mal_queue_lifetime</a></b> or <b><a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b> set-
- ting. It becomes subject to expiration after it is
+ ting. It becomes subject to expiration after it is
released from "hold".
<b>-H</b> <i>queue</i><b>_</b><i>id</i>
Release mail that was put "on hold". Move one mes-
- sage with the named queue ID from the named mail
+ sage with the named queue ID from the named mail
queue(s) (default: <b>hold</b>) to the <b>deferred</b> queue. If
- a <i>queue</i><b>_</b><i>id</i> of <b>-</b> is specified, the program reads
+ a <i>queue</i><b>_</b><i>id</i> of <b>-</b> is specified, the program reads
queue IDs from standard input.
- Note: use "<b>postsuper -r</b>" to release mail that was
- kept
on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
+ Note: use "<b>postsuper -r</b>" to release mail that was
+ kept
on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
<b><a href="postconf.5.html#maximal_queue_lifetime">mal_queue_lifetime</a></b> or <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>, or
longer.
- Specify <b>-H ALL</b> to release all mail that is "on
- hold". As a safety measure, the word <b>ALL</b> must be
+ Specify <b>-H ALL</b> to release all mail that is "on
+ hold". As a safety measure, the word <b>ALL</b> must be
specified in upper case.
- <b>-p</b> Purge old temporary files that are left over after
+ <b>-p</b> Purge old temporary files that are left over after
system or software crashes.
<b>-r</b> <i>queue</i><b>_</b><i>id</i>
- Requeue the message with the named queue ID from
- the named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
- <b>active</b> and <b>deferred</b>). To requeue multiple mes-
- sages, specify multiple <b>-r</b> command-line options.
+ Requeue the message with the named queue ID from
+ the named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
+ <b>active</b> and <b>deferred</b>). To requeue multiple mes-
+ sages, specify multiple <b>-r</b> command-line options.
Alternatively, if a <i>queue</i><b>_</b><i>id</i> of <b>-</b> is specified, the
program reads queue IDs from standard input.
Specify <b>-r ALL</b> to requeue all messages. As a safety
- measure, the word <b>ALL</b> must be specified in upper
+ measure, the word <b>ALL</b> must be specified in upper
case.
- A requeued message is moved to the <b>maildrop</b> queue,
- from where it is copied by the pickup daemon to a
- new file whose name is guaranteed to match the new
+ A requeued message is moved to the <b>maildrop</b> queue,
+ from where it is copied by the pickup daemon to a
+ new file whose name is guaranteed to match the new
queue file inode number. The new queue file is sub-
- jected again to mail address rewriting and substi-
+ jected again to mail address rewriting and substi-
tution. This is useful when rewriting rules or vir-
tual mappings have changed.
- Warning: Postfix queue IDs are reused. There is a
- very small possibility that <b>postsuper</b> requeues the
- wrong message file when it is executed while the
- Postfix mail system is running, but no harm should
- be done.
+ Warning: Postfix queue IDs are reused. There is a
+ very small possibility that <a href="postsuper.1.html"><b>postsuper</b>(1)</a> requeues
+ the wrong message file when it is executed while
+ the Postfix mail system is running, but no harm
+ should be done.
- <b>-s</b> Structure check and structure repair. This should
+ <b>-s</b> Structure check and structure repair. This should
be done once before Postfix startup.
- <b>o</b> Rename files whose name does not match the
+ <b>o</b> Rename files whose name does not match the
message file inode number. This operation is
- necessary after restoring a mail queue from
+ necessary after restoring a mail queue from
a different machine, or from backup media.
<b>o</b> Move queue files that are in the wrong place
in the file system hierarchy and remove sub-
directories that are no longer needed. File
- position rearrangements are necessary after
+ position rearrangements are necessary after
a change in the <b><a href="postconf.5.html#hash_queue_names">hash_queue_names</a></b> and/or
<b><a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a></b> configuration parameters.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
<b>DIAGNOSTICS</b>
- Problems are reported to the standard error stream and to
+ Problems are reported to the standard error stream and to
<b>syslogd</b>(8).
- <b>postsuper</b> reports the number of messages deleted with <b>-d</b>,
- the number of messages requeued with <b>-r</b>, and the number of
- messages whose queue file name was fixed with <b>-s</b>. The
- report is written to the standard error stream and to <b>sys-</b>
- <b>logd</b>(8).
+ <a href="postsuper.1.html"><b>postsuper</b>(1)</a> reports the number of messages deleted with
+ <b>-d</b>, the number of messages requeued with <b>-r</b>, and the num-
+ ber of messages whose queue file name was fixed with <b>-s</b>.
+ The report is written to the standard error stream and to
+ <b>syslogd</b>(8).
<b>ENVIRONMENT</b>
MAIL_CONFIG
Directory with the <b>main.cf</b> file.
<b>BUGS</b>
- Mail that is not sanitized by Postfix (i.e. mail in the
+ Mail that is not sanitized by Postfix (i.e. mail in the
<b>maildrop</b> queue) cannot be placed "on hold".
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
+ The following <b>main.cf</b> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html">postconf(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> (1)</b>
- The number of subdirectory levels for queue direc-
- tories listed with the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> parameter.
+ The number of subdirectory levels for queue direc-
+ tories listed with the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> parameter.
- <b><a href="postconf.5.html#hash_queue_names">hash_queue_names</a> (see 'postconf -d' output)</b>
- The names of queue directories that are split
+ <b><a href="postconf.5.html#hash_queue_names">hash_queue_names</a> (deferred, defer)</b>
+ The names of queue directories that are split
across multiple subdirectory levels.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<a href="postqueue.1.html">postqueue(1)</a>, unprivileged queue operations
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
<b>proxymap</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>proxymap</b> server provides read-only table lookup ser-
- vice to Postfix processes. The purpose of the service is:
-
- <b>o</b> To overcome chroot restrictions. For example, a
- chrooted SMTP server needs access to the system
- passwd file in order to reject mail for non-exis-
- tent local addresses, but it is not practical to
- maintain a copy of the passwd file in the chroot
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server provides read-only table lookup
+ service to Postfix processes. The purpose of the service
+ is:
+
+ <b>o</b> To overcome chroot restrictions. For example, a
+ chrooted SMTP server needs access to the system
+ passwd file in order to reject mail for non-exis-
+ tent local addresses, but it is not practical to
+ maintain a copy of the passwd file in the chroot
jail. The solution:
<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =
<a href="proxymap.8.html">proxy</a>:unix:passwd.byname $<a href="postconf.5.html#alias_maps">alias_maps</a>
- <b>o</b> To consolidate the number of open lookup tables by
- sharing one open table among multiple processes.
- For example, making mysql connections from every
+ <b>o</b> To consolidate the number of open lookup tables by
+ sharing one open table among multiple processes.
+ For example, making mysql connections from every
Postfix daemon process results in "too many connec-
tions" errors. The solution:
<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> =
<a href="proxymap.8.html">proxy</a>:<a href="mysql_table.5.html">mysql</a>:/etc/postfix/virtual_alias.cf
- The total number of connections is limited by the
+ The total number of connections is limited by the
number of proxymap server processes.
- The proxymap server implements the following requests:
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server implements the following requests:
<b>open</b> <i>maptype:mapname flags</i>
- Open the table with type <i>maptype</i> and name <i>mapname</i>,
+ Open the table with type <i>maptype</i> and name <i>mapname</i>,
as controlled by <i>flags</i>. The reply includes the <i>map-</i>
<i>type</i> dependent flags (to distinguish a fixed string
table from a regular expression table).
<b>lookup</b> <i>maptype:mapname flags key</i>
- Look up the data stored under the requested key.
- The reply is the request completion status code
- (below) and the lookup result value. The <i>map-</i>
- <i>type:mapname</i> and <i>flags</i> are the same as with the
+ Look up the data stored under the requested key.
+ The reply is the request completion status code
+ (below) and the lookup result value. The <i>map-</i>
+ <i>type:mapname</i> and <i>flags</i> are the same as with the
<b>open</b> request.
- There is no <b>close</b> command, nor are tables implicitly
- closed when a client disconnects. The purpose is to share
+ There is no <b>close</b> command, nor are tables implicitly
+ closed when a client disconnects. The purpose is to share
tables among multiple client processes.
<b>SERVER PROCESS MANAGEMENT</b>
- <b>proxymap</b> servers run under control by the Postfix <b>master</b>
- server. Each server can handle multiple simultaneous con-
- nections. When all servers are busy while a client con-
- nects, the <b>master</b> creates a new <b>proxymap</b> server process,
- provided that the process limit is not exceeded. Each
- server terminates after serving at least <b>$<a href="postconf.5.html#max_use">max_use</a></b> clients
- or after <b>$<a href="postconf.5.html#max_idle">max_idle</a></b> seconds of idle time.
+ <a href="proxymap.8.html"><b>proxymap</b>(8)</a> servers run under control by the Postfix <a href="master.8.html"><b>mas-</b></a>
+ <a href="master.8.html"><b>ter</b>(8)</a> server. Each server can handle multiple simultane-
+ ous connections. When all servers are busy while a client
+ connects, the <a href="master.8.html"><b>master</b>(8)</a> creates a new <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server
+ process, provided that the process limit is not exceeded.
+ Each server terminates after serving at least <b>$<a href="postconf.5.html#max_use">max_use</a></b>
+
clients or after <b>$<a href="postconf.5.html#max_idle">max_idle</a></b> seconds of idle time.
<b>SECURITY</b>
- The proxymap server opens only tables that are approved
- via the <b><a href="postconf.5.html#proxy_read_maps">proxy_read_maps</a></b> configuration parameter, does not
- talk to users, and can run at fixed low privilege,
- chrooted or not. However, running the proxymap server
- chrooted severely limits usability, because it can open
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server opens only tables that are approved
+ via the <b><a href="postconf.5.html#proxy_read_maps">proxy_read_maps</a></b> configuration parameter, does not
+ talk to users, and can run at fixed low privilege,
+ chrooted or not. However, running the proxymap server
+ chrooted severely limits usability, because it can open
only chrooted tables.
- The proxymap server is not a trusted daemon process, and
- must not be used to look up sensitive information such as
- user or group IDs, mailbox file/directory names or exter-
- nal commands.
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server is not a trusted daemon process,
+ and must not be used to look up sensitive information such
+ as user or group IDs, mailbox file/directory names or
+ external commands.
In Postfix version 2.2 and later, the proxymap client rec-
- ognizes requests to access a table for security-sensitive
- purposes, and opens the table directly. This allows the
- same main.cf setting to be used by sensitive and non-sen-
+ ognizes requests to access a table for security-sensitive
+ purposes, and opens the table directly. This allows the
+ same main.cf setting to be used by sensitive and non-sen-
sitive processes.
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
<b>BUGS</b>
- The proxymap server provides service to multiple clients,
- and must therefore not be used for tables that have high-
- latency lookups.
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server provides service to multiple
+ clients, and must therefore not be used for tables that
+ have high-latency lookups.
<b>CONFIGURATION PARAMETERS</b>
- On busy mail systems a long time may pass before <a href="proxymap.8.html">prox-</a>
- <a href="proxymap.8.html">ymap(8)</a> relevant changes to <b>main.cf</b> are picked up. Use the
+ On busy mail systems a long time may pass before <a href="proxymap.8.html"><b>prox-</b></a>
+ <a href="proxymap.8.html"><b>ymap</b>(8)</a> relevant changes to <b>main.cf</b> are picked up. Use the
command "<b>postfix reload</b>" to speed up a change.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#proxy_read_maps">proxy_read_maps</a> (see 'postconf -d' output)</b>
- The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is
+ The lookup tables that the <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server is
allowed to access.
<b>SEE ALSO</b>
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>HISTORY</b>
<b>qmgr</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>qmgr</b> daemon awaits the arrival of incoming mail and
+ The <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon awaits the arrival of incoming mail and
arranges for its delivery via Postfix delivery processes.
The actual mail routing strategy is delegated to the <a href="trivial-rewrite.8.html"><b>triv-</b></a>
<a href="trivial-rewrite.8.html"><b>ial-rewrite</b>(8)</a> daemon. This program expects to be run
by undeliverable bounce notifications.
<b>MAIL QUEUES</b>
- The <b>qmgr</b> daemon maintains the following queues:
+ The <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon maintains the following queues:
<b>incoming</b>
Inbound mail from the network, or mail picked up by
- the local <b>pickup</b> agent from the <b>maildrop</b> directory.
+ the local <a href="pickup.8.html"><b>pickup</b>(8)</a> daemon from the <b>maildrop</b> direc-
+ tory.
<b>active</b> Messages that the queue manager has opened for
delivery. Only a limited number of messages is
until someone sets them free.
<b>DELIVERY STATUS REPORTS</b>
- The <b>qmgr</b> daemon keeps an eye on per-message delivery sta-
- tus reports in the following directories. Each status
+ The <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon keeps an eye on per-message delivery
+ status reports in the following directories. Each status
report file has the same name as the corresponding message
file:
mand. These files are maintained by the <a href="trace.8.html"><b>trace</b>(8)</a>
daemon.
- The <b>qmgr</b> daemon is responsible for asking the <a href="bounce.8.html"><b>bounce</b>(8)</a>,
- <a href="defer.8.html"><b>defer</b>(8)</a> or <a href="trace.8.html"><b>trace</b>(8)</a> daemons to send delivery reports.
+ The <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon is responsible for asking the
+ <a href="bounce.8.html"><b>bounce</b>(8)</a>, <a href="defer.8.html"><b>defer</b>(8)</a> or <a href="trace.8.html"><b>trace</b>(8)</a> daemons to send delivery
+ reports.
<b>STRATEGIES</b>
- The queue manager implements a variety of strategies for
+ The queue manager implements a variety of strategies for
either opening queue files (input) or for message delivery
(output).
<b>leaky bucket</b>
- This strategy limits the number of messages in the
- <b>active</b> queue and prevents the queue manager from
+ This strategy limits the number of messages in the
+ <b>active</b> queue and prevents the queue manager from
running out of memory under heavy load.
<b>fairness</b>
- When the <b>active</b> queue has room, the queue manager
- takes one message from the <a href="QSHAPE_README.html#incoming_queue"><b>incoming</b> queue</a> and one
+ When the <b>active</b> queue has room, the queue manager
+ takes one message from the <a href="QSHAPE_README.html#incoming_queue"><b>incoming</b> queue</a> and one
from the <b>deferred</b> queue. This prevents a large mail
backlog from blocking the delivery of new mail.
<b>round robin</b>
The queue manager sorts delivery requests by desti-
- nation. Round-robin selection prevents one desti-
+ nation. Round-robin selection prevents one desti-
nation from dominating deliveries to other destina-
tions.
<b>exponential backoff</b>
Mail that cannot be delivered upon the first
- attempt is deferred. The time interval between
+ attempt is deferred. The time interval between
delivery attempts is doubled after each attempt.
<b>destination status cache</b>
- The queue manager avoids unnecessary delivery
- attempts by maintaining a short-term, in-memory
+ The queue manager avoids unnecessary delivery
+ attempts by maintaining a short-term, in-memory
list of unreachable destinations.
<b>preemptive message scheduling</b>
- The queue manager attempts to minimize the average
+ The queue manager attempts to minimize the average
per-recipient delay while still preserving the cor-
rect per-message delays, using a sophisticated pre-
emptive message scheduling.
<b>TRIGGERS</b>
On an idle system, the queue manager waits for the arrival
- of trigger events, or it waits for a timer to go off. A
- trigger is a one-byte message. Depending on the message
- received, the queue manager performs one of the following
- actions (the message is followed by the symbolic constant
+ of trigger events, or it waits for a timer to go off. A
+ trigger is a one-byte message. Depending on the message
+ received, the queue manager performs one of the following
+ actions (the message is followed by the symbolic constant
used internally by the software):
<b>D (QMGR_REQ_SCAN_DEFERRED)</b>
- Start a <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scan. If a deferred queue
- scan is already in progress, that scan will be
+ Start a <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scan. If a deferred queue
+ scan is already in progress, that scan will be
restarted as soon as it finishes.
<b>I (QMGR_REQ_SCAN_INCOMING)</b>
- Start an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> scan. If an incoming queue
- scan is already in progress, that scan will be
+ Start an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> scan. If an incoming queue
+ scan is already in progress, that scan will be
restarted as soon as it finishes.
<b>A (QMGR_REQ_SCAN_ALL)</b>
affects the next <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scan.
<b>F (QMGR_REQ_FLUSH_DEAD)</b>
- Purge all information about dead transports and
+ Purge all information about dead transports and
destinations.
<b>W (TRIGGER_REQ_WAKEUP)</b>
- Wakeup call, This is used by the master server to
- instantiate servers that should not go away for-
- ever. The action is to start an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>
+ Wakeup call, This is used by the master server to
+ instantiate servers that should not go away for-
+ ever. The action is to start an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>
scan.
- The <b>qmgr</b> daemon reads an entire buffer worth of triggers.
- Multiple identical trigger requests are collapsed into
- one, and trigger requests are sorted so that <b>A</b> and <b>F</b> pre-
- cede <b>D</b> and <b>I</b>. Thus, in order to force a <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>
+ The <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon reads an entire buffer worth of trig-
+ gers. Multiple identical trigger requests are collapsed
+ into one, and trigger requests are sorted so that <b>A</b> and <b>F</b>
+ precede <b>D</b> and <b>I</b>. Thus, in order to force a <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>
run, one would request <b>A F D</b>; in order to notify the queue
manager of the arrival of new mail one would request <b>I</b>.
<b>STANDARDS</b>
- None. The <b>qmgr</b> daemon does not interact with the outside
- world.
+ None. The <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon does not interact with the out-
+ side world.
<b>SECURITY</b>
- The <b>qmgr</b> daemon is not security sensitive. It reads sin-
- gle-character messages from untrusted local users, and
- thus may be susceptible to denial of service attacks. The
- <b>qmgr</b> daemon does not talk to the outside world, and it can
- be run at fixed low privilege in a chrooted environment.
+ The <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon is not security sensitive. It reads
+ single-character messages from untrusted local users, and
+ thus may be susceptible to denial of service attacks. The
+ <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon does not talk to the outside world, and it
+ can be run at fixed low privilege in a chrooted environ-
+ ment.
<b>DIAGNOSTICS</b>
Problems and transactions are logged to the syslog daemon.
<b>BUGS</b>
A single queue manager process has to compete for disk
- access with multiple front-end processes such as <b>smtpd</b>. A
- sudden burst of inbound mail can negatively impact out-
- bound delivery rates.
+ access with multiple front-end processes such as
+ <a href="cleanup.8.html"><b>cleanup</b>(8)</a>. A sudden burst of inbound mail can negatively
+ impact outbound delivery rates.
<b>CONFIGURATION PARAMETERS</b>
Changes to <b>main.cf</b> are not picked up automatically as
- <a href="qmgr.8.html">qmgr(8)</a> is a persistent process. Use the <b>postfix reload</b>
+ <a href="qmgr.8.html"><b>qmgr</b>(8)</a> is a persistent process. Use the "<b>postfix reload</b>"
command after a configuration change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
In the text below, <i>transport</i> is the first field in a <b>mas-</b>
<b>ter.cf</b> entry.
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager
- syslogd(8) system logging
+ syslogd(8), system logging
<b>README FILES</b>
<a href="SCHEDULER_README.html">SCHEDULER_README</a>, scheduling algorithm
<b>CONFIGURATION PARAMETERS</b>
Changes to <b>main.cf</b> are picked up automatically, as
- <a href="qmqpd.8.html">qmqpd(8)</a> processes run for only a limited amount of time.
+ <a href="qmqpd.8.html"><b>qmqpd</b>(8)</a> processes run for only a limited amount of time.
Use the command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>CONTENT INSPECTION CONTROLS</b>
<b><a href="postconf.5.html#content_filter">content_filter</a> (empty)</b>
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
The characters Postfix accepts as VERP delimiter
- characters on the Postfix <a href="sendmail.1.html">sendmail(1)</a> command line
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
and in SMTP commands.
<b>SEE ALSO</b>
<a href="QSHAPE_README.html#incoming_queue">incoming</a> and <a href="QSHAPE_README.html#active_queue">active queue</a> distribution.
<b>SEE ALSO</b>
- <a href="mailq.1.html">mailq(1)</a> List all messages in the queue.
+ <a href="mailq.1.html">mailq(1)</a>, List all messages in the queue.
<a href="QSHAPE_README.html">QSHAPE_README</a> Examples and background material.
<b>FILES</b>
found the corresponding result is returned.
To find out what types of lookup tables your Postfix sys-
- tem supports use the <b>postconf -m</b> command.
+ tem supports use the "<b>postconf -m</b>" command.
- To test lookup tables, use the <b>postmap -fq</b> command as
+ To test lookup tables, use the "<b>postmap -fq</b>" command as
described in the SYNOPSIS above.
<b>TABLE FORMAT</b>
Each pattern is a POSIX regular expression enclosed by a
pair of delimiters. The regular expression syntax is docu-
- mented in re_format(7) with 4.4BSD, in regex(5) with
- Solaris, and in regex(7) with Linux. Other systems may use
+ mented in <b>re_format</b>(7) with 4.4BSD, in <b>regex</b>(5) with
+ Solaris, and in <b>regex</b>(7) with Linux. Other systems may use
other document names.
The expression delimiter can be any character, except
RELOCATED(5) RELOCATED(5)
<b>NAME</b>
- relocated - format of Postfix relocated table
+ relocated - Postfix relocated table format
<b>SYNOPSIS</b>
<b>postmap /etc/postfix/relocated</b>
<b>DESCRIPTION</b>
- The optional <b>relocated</b> table provides the information that
- is used in "user has moved to <i>new</i><b>_</b><i>location</i>" bounce mes-
- sages.
+ The optional <a href="relocated.5.html"><b>relocated</b>(5)</a> table provides the information
+ that is used in "user has moved to <i>new</i><b>_</b><i>location</i>" bounce
+ messages.
- Normally, the <b>relocated</b> table is specified as a text file
- that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
+ Normally, the <a href="relocated.5.html"><b>relocated</b>(5)</a> table is specified as a text
+ file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
- <b>postmap /etc/postfix/relocated</b> in order to rebuild the
+ "<b>postmap /etc/postfix/relocated</b>" in order to rebuild the
indexed file after changing the relocated table.
When the table is provided via other means such as NIS,
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available in Postfix
- version 2.1.
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
+ including Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
<i>user@domain</i> mail addresses are not broken up into their
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#relocated_maps">relocated_maps</a></b>
List of lookup tables for relocated users or sites.
<b>scache</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>scache</b> server maintains a shared multi-connection
+ The <a href="scache.8.html"><b>scache</b>(8)</a> server maintains a shared multi-connection
cache. This information can be used by, for example, Post-
fix SMTP clients or other Postfix delivery agents.
one endpoint may refer to zero or more connections.
The exact syntax of a logical destination or endpoint name
- is application dependent; the <b>scache</b> service does not
+ is application dependent; the <a href="scache.8.html"><b>scache</b>(8)</a> server does not
care. A connection is stored as a file descriptor
together with application-dependent information that is
needed to re-activate a connection object. Again, the
- <b>scache</b> service is completely unaware about the details of
+ <a href="scache.8.html"><b>scache</b>(8)</a> server is completely unaware of the details of
that information.
All information is stored with a finite time to live
the specified logical destination.
<b>SECURITY</b>
- The connection cache server is not security-sensitive. It
- does not talk to the network, and it does not talk to
- local users. The scache server can run chrooted at fixed
- low privilege.
+ The <a href="scache.8.html"><b>scache</b>(8)</a> server is not security-sensitive. It does
+ not talk to the network, and it does not talk to local
+ users. The <a href="scache.8.html"><b>scache</b>(8)</a> server can run chrooted at fixed low
+ privilege.
- The connection cache server is not a trusted process. It
- must not be used to store information that is security
- sensitive.
+ The <a href="scache.8.html"><b>scache</b>(8)</a> server is not a trusted process. It must not
+ be used to store information that is security sensitive.
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
<b>BUGS</b>
- Sessions cannot be cached across multiple machines.
+ The session cache cannot be shared among multiple
+ machines.
- When a connection expires from the cache it is closed
- without protocol specific handshake.
+ When a connection expires from the cache, it is closed
+ without the appropriate protocol specific handshake.
<b>CONFIGURATION PARAMETERS</b>
Changes to <b>main.cf</b> are picked up automatically as
- <a href="scache.8.html">scache(8)</a> processes run for only a limited amount of time.
+ <a href="scache.8.html"><b>scache</b>(8)</a> processes run for only a limited amount of time.
Use the command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>RESOURCE CONTROLS</b>
<b><a href="postconf.5.html#connection_cache_ttl_limit">connection_cache_ttl_limit</a> (2s)</b>
cache server allows.
<b><a href="postconf.5.html#connection_cache_status_update_time">connection_cache_status_update_time</a> (600s)</b>
- How frequently the <a href="scache.8.html">scache(8)</a> server logs usage
+ How frequently the <a href="scache.8.html"><b>scache</b>(8)</a> server logs usage
statistics with connection cache hit and miss rates
for logical destinations and for physical end-
points.
<b>sendmail -I</b>
<b>DESCRIPTION</b>
- The Postfix <b>sendmail</b> command implements the Postfix to
+ The Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command implements the Postfix to
Sendmail compatibility interface. For the sake of compat-
ibility with existing applications, some Sendmail command-
line options are recognized but silently ignored.
- By default, Postfix <b>sendmail</b> reads a message from standard
- input until EOF or until it reads a line with only a <b>.</b>
- character, and arranges for delivery. Postfix <b>sendmail</b>
- relies on the <a href="postdrop.1.html"><b>postdrop</b>(1)</a> command to create a queue file
- in the <b>maildrop</b> directory.
+ By default, Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> reads a message from stan-
+ dard input until EOF or until it reads a line with only a
+ <b>.</b> character, and arranges for delivery. Postfix <a href="sendmail.1.html"><b>send-</b></a>
+ <a href="sendmail.1.html"><b>mail</b>(1)</a> relies on the <a href="postdrop.1.html"><b>postdrop</b>(1)</a> command to create a
+ queue file in the <b>maildrop</b> directory.
Specific command aliases are provided for other common
modes of operation:
implemented by running the <a href="postalias.1.html"><b>postalias</b>(1)</a> command.
Note: it may take a minute or so before an alias
- database update becomes visible. Use the <b>postfix</b>
- <b>reload</b> command to eliminate this delay.
+ database update becomes visible. Use the "<b>postfix</b>
+ <b>reload</b>" command to eliminate this delay.
These and other features can be selected by specifying the
appropriate combination of command-line options. Some fea-
The message body MIME type: <b>7BIT</b> or <b>8BITMIME</b>.
<b>-bd</b> Go into daemon mode. This mode of operation is
- implemented by executing the <b>postfix start</b> command.
+ implemented by executing the "<b>postfix start</b>" com-
+ mand.
<b>-bh</b> (ignored)
<b>-f</b> <i>sender</i>
Set the envelope sender address. This is the
- address where delivery problems are sent to, unless
- the message contains an <b>Errors-To:</b> message header.
+ address where delivery problems are sent to. With
+ Postfix versions before 2.1, the <b>Errors-To:</b> message
+ header overrides the error return address.
<b>-G</b> (ignored)
Gateway (relay) submission, as opposed to initial
<b>-r</b> <i>sender</i>
Set the envelope sender address. This is the
- address where delivery problems are sent to, unless
- the message contains an <b>Errors-To:</b> message header.
+ address where delivery problems are sent to. With
+ Postfix versions before 2.1, the <b>Errors-To:</b> message
+ header overrides the error return address.
<b>-R</b> <i>return</i><b>_</b><i>limit</i> (ignored)
Limit the size of bounced mail. Use the
<b>-qS</b><i>site</i>
This command is not implemented. Use the slower
- <b>sendmail -q</b> command instead.
+ "<b>sendmail -q</b>" command instead.
<b>-t</b> Extract recipients from message headers. These are
added to any recipients specified on the command
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html">postconf(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b>TROUBLE SHOOTING CONTROLS</b>
<b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (static:anyone)</b>
List of users who are authorized to submit mail
- with the <a href="sendmail.1.html">sendmail(1)</a> command (and with the privi-
- leged <a href="postdrop.1.html">postdrop(1)</a> helper command).
+ with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
+ leged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper command).
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
The characters Postfix accepts as VERP delimiter
- characters on the Postfix <a href="sendmail.1.html">sendmail(1)</a> command line
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
and in SMTP commands.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
- The alias databases for <a href="local.8.html">local(8)</a> delivery that are
+ The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
updated with "<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
daemon programs.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
- The default database type for use in <a href="newaliases.1.html">newaliases(1)</a>,
- <a href="postalias.1.html">postalias(1)</a> and <a href="postmap.1.html">postmap(1)</a> commands.
+ The default database type for use in <a href="newaliases.1.html"><b>newaliases</b>(1)</a>,
+ <a href="postalias.1.html"><b>postalias</b>(1)</a> and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
The time after which the sender receives the mes-
sage headers of mail that is still queued.
+ <b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix 2.2, is
+ turned off by default with Postfix 2.1, and is
+ always turned on with older Postfix versions).
+
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
The UNIX system account that owns the Postfix queue
and most Postfix daemon processes.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b><a href="postconf.5.html#trigger_timeout">trigger_timeout</a> (10s)</b>
- The time limit for sending a trigger to a Postfix
- daemon (for example, the <a href="pickup.8.html">pickup(8)</a> or <a href="qmgr.8.html">qmgr(8)</a> dae-
+ The time limit for sending a trigger to a Postfix
+ daemon (for example, the <a href="pickup.8.html"><b>pickup</b>(8)</a> or <a href="qmgr.8.html"><b>qmgr</b>(8)</a> dae-
mon).
<b>FILES</b>
<a href="VERP_README.html">VERP_README</a>, Postfix VERP howto
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
<b>showq</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>showq</b> daemon reports the Postfix mail queue status.
+ The <a href="showq.8.html"><b>showq</b>(8)</a> daemon reports the Postfix mail queue status.
It is the program that emulates the sendmail `mailq' com-
mand.
- The <b>showq</b> daemon can also be run in stand-alone mode by
+ The <a href="showq.8.html"><b>showq</b>(8)</a> daemon can also be run in stand-alone mode by
the superuser. This mode of operation is used to emulate
the `mailq' command while the Postfix mail system is down.
<b>SECURITY</b>
- The <b>showq</b> daemon can run in a chroot jail at fixed low
+ The <a href="showq.8.html"><b>showq</b>(8)</a> daemon can run in a chroot jail at fixed low
privilege, and takes no input from the client. Its service
port is accessible to local untrusted users, so the ser-
vice can be susceptible to denial of service attacks.
<b>STANDARDS</b>
- None. The showq daemon does not interact with the outside
- world.
+ None. The <a href="showq.8.html"><b>showq</b>(8)</a> daemon does not interact with the out-
+ side world.
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
<b>BUGS</b>
- The <b>showq</b> daemon runs at a fixed low privilege; conse-
+ The <a href="showq.8.html"><b>showq</b>(8)</a> daemon runs at a fixed low privilege; conse-
quently, it cannot extract information from queue files in
the <b>maildrop</b> directory.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically as <a href="showq.8.html">showq(8)</a>
+ Changes to <b>main.cf</b> are picked up automatically as <a href="showq.8.html"><b>showq</b>(8)</a>
processes run for only a limited amount of time. Use the
command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
<b><a href="postconf.5.html#duplicate_filter_limit">duplicate_filter_limit</a> (1000)</b>
The maximal number of addresses remembered by the
- address duplicate filter for <a href="aliases.5.html">aliases(5)</a> or vir-
- tual(5) alias expansion, or for <a href="showq.8.html">showq(8)</a> queue dis-
+ address duplicate filter for <a href="aliases.5.html"><b>aliases</b>(5)</a> or <a href="virtual.5.html"><b>vir-</b></a>
+ <a href="virtual.5.html"><b>tual</b>(5)</a> alias expansion, or for <a href="showq.8.html"><b>showq</b>(8)</a> queue dis-
plays.
<b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a> (MAILER-DAEMON)</b>
<i>backlog</i>
The maximum length the queue of pending connec-
- tions, as defined by the listen(2) call.
+ tions, as defined by the <b>listen</b>(2) system call.
<b>SEE ALSO</b>
<a href="smtp-source.1.html">smtp-source(1)</a>, SMTP/LMTP message generator
SMTP(8) SMTP(8)
<b>NAME</b>
- smtp - Postfix remote delivery via SMTP
+ smtp - Postfix SMTP client
<b>SYNOPSIS</b>
<b>smtp</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The SMTP client processes message delivery requests from
- the queue manager. Each request specifies a queue file, a
- sender address, a domain or host to deliver to, and recip-
- ient information. This program expects to be run from the
- <a href="master.8.html"><b>master</b>(8)</a> process manager.
+ The Postfix SMTP client processes message delivery
+ requests from the queue manager. Each request specifies a
+ queue file, a sender address, a domain or host to deliver
+ to, and recipient information. This program expects to be
+
run from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
The SMTP client updates the queue file and marks recipi-
ents as finished, or it informs the queue manager that
client will try to deliver the mail to an alternate host.
After a successful mail transaction, a connection may be
- saved to the <a href="scache.8.html"><b>scache(8)</a></b> connection cache server, so that it
+ saved to the <a href="scache.8.html"><b>scache</b>(8)</a> connection cache server, so that it
may be used by any SMTP client for a subsequent transac-
tion.
address and TCP port.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically, as <a href="smtp.8.html">smtp(8)</a>
+ Changes to <b>main.cf</b> are picked up automatically, as <a href="smtp.8.html"><b>smtp</b>(8)</a>
processes run for only a limited amount of time. Use the
command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>COMPATIBILITY CONTROLS</b>
<b><a href="postconf.5.html#ignore_mx_lookup_error">ignore_mx_lookup_error</a> (no)</b>
sion cache information.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
- The number of pseudo-random bytes that an <a href="smtp.8.html">smtp(8)</a>
- or <a href="smtpd.8.html">smtpd(8)</a> process requests from the <a href="tlsmgr.8.html">tlsmgr(8)</a>
+ The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
+ or <a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
server in order to seed its internal pseudo random
number generator (PRNG).
<b>CONFIGURATION PARAMETERS</b>
Changes to <b>main.cf</b> are picked up automatically, as
- <a href="smtpd.8.html">smtpd(8)</a> processes run for only a limited amount of time.
+ <a href="smtpd.8.html"><b>smtpd</b>(8)</a> processes run for only a limited amount of time.
Use the command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>COMPATIBILITY CONTROLS</b>
The following parameters work around implementation errors
mand.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
- The number of pseudo-random bytes that an <a href="smtp.8.html">smtp(8)</a>
- or <a href="smtpd.8.html">smtpd(8)</a> process requests from the <a href="tlsmgr.8.html">tlsmgr(8)</a>
+ The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
+ or <a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
server in order to seed its internal pseudo random
number generator (PRNG).
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
The characters Postfix accepts as VERP delimiter
- characters on the Postfix <a href="sendmail.1.html">sendmail(1)</a> command line
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
and in SMTP commands.
Available in Postfix version 1.1 and 2.0:
receipt of EHLO, RSET, or end of DATA.
The per SMTP client connection count and request rate lim-
- its are implemented in co-operation with the <a href="anvil.8.html">anvil(8)</a> ser-
+ its are implemented in co-operation with the <a href="anvil.8.html"><b>anvil</b>(8)</a> ser-
vice, and are available in Postfix version 2.2 and later.
<b><a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a> (50)</b>
tions.
<b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a> (</b><><b>)</b>
- The lookup key to be used in SMTP <a href="access.5.html">access(5)</a> tables
+ The lookup key to be used in SMTP <a href="access.5.html"><b>access</b>(5)</a> tables
instead of the null sender address.
<b><a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> (empty)</b>
ered. This feature is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>-
<a href="postconf.5.html#reject_unverified_sender">fied_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
restrictions. The status of verification probes is main-
- tained by the <a href="verify.8.html">verify(8)</a> server. See the file ADDRESS_VER-
+ tained by the <a href="verify.8.html"><b>verify</b>(8)</a> server. See the file ADDRESS_VER-
<a href="IFICATION_README.html">IFICATION_README</a> for information about how to configure
and operate the Postfix sender/recipient address verifica-
tion service.
<b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (3)</b>
- How many times to query the <a href="verify.8.html">verify(8)</a> service for
+ How many times to query the <a href="verify.8.html"><b>verify</b>(8)</a> service for
the completion of an address verification request
in progress.
<b><a href="postconf.5.html#access_map_reject_code">access_map_reject_code</a> (554)</b>
The numerical Postfix SMTP server response code
- when a client is rejected by an <a href="access.5.html">access(5)</a> map
+ when a client is rejected by an <a href="access.5.html"><b>access</b>(5)</a> map
restriction.
<b><a href="postconf.5.html#defer_code">defer_code</a> (450)</b>
<b><a href="postconf.5.html#reject_code">reject_code</a> (554)</b>
The numerical Postfix SMTP server response code
when a remote SMTP client request is rejected by
- the "<b>reject</b>" restriction.
+ the "reject" restriction.
<b><a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> (554)</b>
The numerical Postfix SMTP server response code
<b>spawn</b> [generic Postfix daemon options] command_attributes...
<b>DESCRIPTION</b>
- The <b>spawn</b> daemon provides the Postfix equivalent of <b>inetd</b>.
- It listens on a port as specified in the Postfix <b>master.cf</b>
- file and spawns an external command whenever a connection
- is established. The connection can be made over local IPC
- (such as UNIX-domain sockets) or over non-local IPC (such
- as TCP sockets). The command's standard input, output and
- error streams are connected directly to the communication
- endpoint.
+ The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon provides the Postfix equivalent of
+ <b>inetd</b>. It listens on a port as specified in the Postfix
+ <b>master.cf</b> file and spawns an external command whenever a
+ connection is established. The connection can be made
+ over local IPC (such as UNIX-domain sockets) or over non-
+ local IPC (such as TCP sockets). The command's standard
+ input, output and error streams are connected directly to
+ the communication endpoint.
This daemon expects to be run from the <a href="master.8.html"><b>master</b>(8)</a> process
manager.
execute commands with root privileges, or with the
privileges of the mail system owner. If <i>groupname</i>
is specified, the corresponding group ID is used
- instead of the group ID of of <i>username</i>.
+ instead of the group ID of <i>username</i>.
<b>argv</b>=<i>command</i>... (required)
The command to be executed. This must be specified
<b>BUGS</b>
In order to enforce standard Postfix process resource con-
- trols, the <b>spawn</b> daemon runs only one external command at
- a time. As such, it presents a noticeable overhead by
- wasting precious process resources. The <b>spawn</b> daemon is
+ trols, the <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon runs only one external command
+ at a time. As such, it presents a noticeable overhead by
+ wasting precious process resources. The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon is
expected to be replaced by a more structural solution.
<b>DIAGNOSTICS</b>
- The <b>spawn</b> daemon reports abnormal child exits. Problems
- are logged to <b>syslogd</b>(8).
+ The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon reports abnormal child exits. Prob-
+ lems are logged to <b>syslogd</b>(8).
<b>SECURITY</b>
This program needs root privilege in order to execute
external commands as the specified user. It is therefore
- security sensitive. However the <b>spawn</b> daemon does not
+ security sensitive. However the <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon does not
talk to the external command and thus is not vulnerable to
data-driven attacks.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically as <a href="spawn.8.html">spawn(8)</a>
+ Changes to <b>main.cf</b> are picked up automatically as <a href="spawn.8.html"><b>spawn</b>(8)</a>
processes run for only a limited amount of time. Use the
command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
In the text below, <i>transport</i> is the first field of the
entry in the <b>master.cf</b> file.
to a TCP server.
To find out what types of lookup tables your Postfix sys-
- tem supports use the <b>postconf -m</b> command.
+ tem supports use the "<b>postconf -m</b>" command.
- To test lookup tables, use the <b>postmap</b> command as
+ To test lookup tables, use the "<b>postmap -q</b>" command as
described in the SYNOPSIS above.
<b>PROTOCOL DESCRIPTION</b>
<b>SEE ALSO</b>
<a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager
- <a href="regexp_table.5.html">regexp_table(5)</a> format of regular expression tables
- <a href="pcre_table.5.html">pcre_table(5)</a> format of PCRE tables
- <a href="cidr_table.5.html">cidr_table(5)</a> format of CIDR tables
+ <a href="regexp_table.5.html">regexp_table(5)</a>, format of regular expression tables
+ <a href="pcre_table.5.html">pcre_table(5)</a>, format of PCRE tables
+ <a href="cidr_table.5.html">cidr_table(5)</a>, format of CIDR tables
<b>README FILES</b>
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>tlsmgr</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <a href="tlsmgr.8.html">tlsmgr(8)</a> manages the TLS session caches for Postfix
- SMTP client and server processes. It stores and retrieves
- cache entries on request by <a href="smtpd.8.html">smtpd(8)</a> and <a href="smtp.8.html">smtp(8)</a> pro-
- cesses, and periodically removes entries that have
- expired.
-
- The <a href="tlsmgr.8.html">tlsmgr(8)</a> also manages the PRNG (pseudo random number
- generator) pool. It answers queries by the <a href="smtpd.8.html">smtpd(8)</a> and
- <a href="smtp.8.html">smtp(8)</a> processes to seed their internal PRNG pools.
-
- The <a href="tlsmgr.8.html">tlsmgr(8)</a>'s PRNG pool is initially seeded from an
- external source (EGD, /dev/urandom, or regular file). It
- is updated at configurable pseudo-random intervals with
- data from the external source. It is updated periodically
+ The <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> manages the Postfix TLS session caches. It
+ stores and retrieves cache entries on request by <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
+ and <a href="smtp.8.html"><b>smtp</b>(8)</a> processes, and periodically removes entries
+ that have expired.
+
+ The <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> also manages the PRNG (pseudo random number
+ generator) pool. It answers queries by the <a href="smtpd.8.html"><b>smtpd</b>(8)</a> and
+ <a href="smtp.8.html"><b>smtp</b>(8)</a> processes to seed their internal PRNG pools.
+
+ The <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>'s PRNG pool is initially seeded from an
+ external source (EGD, /dev/urandom, or regular file). It
+ is updated at configurable pseudo-random intervals with
+ data from the external source. It is updated periodically
with data from TLS session cache entries and with the time
- of day, and is updated with the time of day whenever a
- process requests <a href="tlsmgr.8.html">tlsmgr(8)</a> service.
+ of day, and is updated with the time of day whenever a
+ process requests <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> service.
- The <a href="tlsmgr.8.html">tlsmgr(8)</a> saves the PRNG state to an exchange file
- periodically and when the process terminates, and reads
+ The <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> saves the PRNG state to an exchange file
+ periodically and when the process terminates, and reads
the exchange file when initializing its PRNG.
<b>SECURITY</b>
- <a href="tlsmgr.8.html">tlsmgr(8)</a> is not security-sensitive. The code that main-
- tains the external and internal PRNG pools does not
- "trust" the data that it manipulates, and the code that
- maintains the TLS session cache does not touch the con-
+ The <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> is not security-sensitive. The code that
+ maintains the external and internal PRNG pools does not
+ "trust" the data that it manipulates, and the code that
+ maintains the TLS session cache does not touch the con-
tents of the cached entries, except for seeding its inter-
nal PRNG pool.
- The <a href="tlsmgr.8.html">tlsmgr(8)</a> can be run chrooted and with reduced privi-
- leges. At process startup it connects to the entropy
- source and exchange file, and creates or truncates the
+ The <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> can be run chrooted and with reduced privi-
+ leges. At process startup it connects to the entropy
+ source and exchange file, and creates or truncates the
optional TLS session cache files.
<b>DIAGNOSTICS</b>
<b>CONFIGURATION PARAMETERS</b>
Changes to <b>main.cf</b> are not picked up automatically,
- because <a href="tlsmgr.8.html">tlsmgr(8)</a> is a persistent processes. Use the com-
+ because <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> is a persistent processes. Use the com-
mand "<b>postfix reload</b>" after a configuration change.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>TLS SESSION CACHE</b>
<b><a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a> (empty)</b>
- Name of the file containing the optional Postfix
+ Name of the file containing the optional Postfix
SMTP server TLS session cache.
<b><a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a> (3600s)</b>
sion cache information.
<b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
- Name of the file containing the optional Postfix
+ Name of the file containing the optional Postfix
SMTP client TLS session cache.
<b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b>
<b>PSEUDO RANDOM NUMBER GENERATOR</b>
<b><a href="postconf.5.html#tls_random_source">tls_random_source</a> (see 'postconf -d' output)</b>
The external entropy source for the in-memory
- <a href="tlsmgr.8.html">tlsmgr(8)</a> pseudo random number generator (PRNG)
+ <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> pseudo random number generator (PRNG)
pool.
<b><a href="postconf.5.html#tls_random_bytes">tls_random_bytes</a> (32)</b>
- The number of bytes that <a href="tlsmgr.8.html">tlsmgr(8)</a> reads from
- $<a href="postconf.5.html#tls_random_source">tls_random_source</a> when (re)seeding the in-memory
+ The number of bytes that <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> reads from
+ $<a href="postconf.5.html#tls_random_source">tls_random_source</a> when (re)seeding the in-memory
pseudo random number generator (PRNG) pool.
<b><a href="postconf.5.html#tls_random_exchange_name">tls_random_exchange_name</a> (${<a href="postconf.5.html#config_directory">config_directory</a>}/prng_exch)</b>
- Name of the pseudo random number generator (PRNG)
- state file that is maintained by <a href="tlsmgr.8.html">tlsmgr(8)</a>.
+ Name of the pseudo random number generator (PRNG)
+ state file that is maintained by <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>.
<b><a href="postconf.5.html#tls_random_prng_update_period">tls_random_prng_update_period</a> (3600s)</b>
- The time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to save the
- state of the pseudo random number generator (PRNG)
+ The time between attempts by <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> to save the
+ state of the pseudo random number generator (PRNG)
to the file specified with $<a href="postconf.5.html#tls_random_exchange_name">tls_ran</a>-
<a href="postconf.5.html#tls_random_exchange_name">dom_exchange_name</a>.
<b><a href="postconf.5.html#tls_random_reseed_period">tls_random_reseed_period</a> (3600s)</b>
- The maximal time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to
- re-seed the in-memory pseudo random number genera-
+ The maximal time between attempts by <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> to
+ re-seed the in-memory pseudo random number genera-
tor (PRNG) pool from external sources.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
- <a href="smtp.8.html">smtp(8)</a> Postfix SMTP client
- <a href="smtpd.8.html">smtpd(8)</a> Postfix SMTP server
+ <a href="smtp.8.html">smtp(8)</a>, Postfix SMTP client
+ <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager
<a href="TLS_README.html">TLS_README</a>, Postfix TLS configuration and operation
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
TRANSPORT(5) TRANSPORT(5)
<b>NAME</b>
- transport - format of Postfix transport table
+ transport - Postfix transport table format
<b>SYNOPSIS</b>
<b>postmap /etc/postfix/transport</b>
<b>postmap -q - /etc/postfix/transport</b> <<i>inputfile</i>
<b>DESCRIPTION</b>
- The optional <b>transport</b> table specifies a mapping from
+ The optional <a href="transport.5.html"><b>transport</b>(5)</a> table specifies a mapping from
email addresses to message delivery transports and/or
relay hosts. The mapping is used by the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
daemon.
Mail for any other destination is by default deliv-
ered via <b>$<a href="postconf.5.html#default_transport">default_transport</a></b>.
- Normally, the <b>transport</b> table is specified as a text file
-
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
+ Normally, the <a href="transport.5.html"><b>transport</b>(5)</a> table is specified as a text
+
file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
- <b>postmap /etc/postfix/transport</b> in order to rebuild the
+ "<b>postmap /etc/postfix/transport</b>" in order to rebuild the
indexed file after changing the transport table.
When the table is provided via other means such as NIS,
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available in Postfix
- version 2.1.
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
+ including Postfix version 2.2.
Each lookup operation uses the entire recipient address
once. Thus, <i>some.domain.hierarchy</i> is not looked up via
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a></b>
The address that is looked up instead of the null
<b>trivial-rewrite</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>trivial-rewrite</b> daemon processes three types of client
- service requests:
+ The <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a> daemon processes three types of
+ client service requests:
<b>rewrite</b> <i>context address</i>
Rewrite an address to standard form, according to
poses.
<b>SERVER PROCESS MANAGEMENT</b>
- The trivial-rewrite servers run under control by the Post-
- fix master server. Each server can handle multiple simul-
- taneous connections. When all servers are busy while a
- client connects, the master creates a new server process,
- provided that the trivial-rewrite server process limit is
- not exceeded. Each trivial-rewrite server terminates
- after serving at least <b>$<a href="postconf.5.html#max_use">max_use</a></b> clients of after <b>$<a href="postconf.5.html#max_idle">max_idle</a></b>
- seconds of idle time.
+ The <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a> servers run under control by the
+ Postfix master server. Each server can handle multiple
+ simultaneous connections. When all servers are busy while
+ a client connects, the master creates a new server pro-
+ cess, provided that the trivial-rewrite server process
+ limit is not exceeded. Each trivial-rewrite server termi-
+ nates after serving at least <b>$<a href="postconf.5.html#max_use">max_use</a></b> clients of after
+ <b>$<a href="postconf.5.html#max_idle">max_idle</a></b> seconds of idle time.
<b>STANDARDS</b>
None. The command does not interact with the outside
world.
<b>SECURITY</b>
- The <b>trivial-rewrite</b> daemon is not security sensitive. By
- default, this daemon does not talk to remote or local
+ The <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a> daemon is not security sensitive.
+ By default, this daemon does not talk to remote or local
users. It can run at a fixed low privilege in a chrooted
environment.
<b>CONFIGURATION PARAMETERS</b>
On busy mail systems a long time may pass before a <b>main.cf</b>
- change affecting trivial_rewrite(8) is picked up. Use the
+ change affecting <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a> is picked up. Use the
command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>COMPATIBILITY CONTROLS</b>
<b><a href="postconf.5.html#resolve_dequoted_address">resolve_dequoted_address</a> (yes)</b>
<b><a href="postconf.5.html#relayhost">relayhost</a> (empty)</b>
The default host to send non-local mail to when no
- entry is matched in the optional <a href="transport.5.html">transport(5)</a>
+ entry is matched in the optional <a href="transport.5.html"><b>transport</b>(5)</a>
table.
<b><a href="postconf.5.html#transport_maps">transport_maps</a> (empty)</b>
<b>verify</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The Postfix address verification server maintains a record
- of what recipient addresses are known to be deliverable or
- undeliverable.
+ The <a href="verify.8.html"><b>verify</b>(8)</a> address verification server maintains a
+ record of what recipient addresses are known to be deliv-
+ erable or undeliverable.
Addresses are verified by injecting probe messages into
the Postfix queue. Probe messages are run through all the
MTA for the specified address, and will therefore not
detect all undeliverable addresses.
- This server is designed to run under control by the Post-
- fix master server. It maintains an optional persistent
- database. To avoid being interrupted by "postfix stop" in
- the middle of a database update, the process runs in a
- separate process group.
+ The <a href="verify.8.html"><b>verify</b>(8)</a> server is designed to run under control by
+ the Postfix master server. It maintains an optional per-
+ sistent database. To avoid being interrupted by "postfix
+ stop" in the middle of a database update, the process runs
+ in a separate process group.
- This server implements the following requests:
+ The <a href="verify.8.html"><b>verify</b>(8)</a> server implements the following requests:
<b>update</b> <i>address status text</i>
Update the status and text of the specified
<b>CONFIGURATION PARAMETERS</b>
Changes to <b>main.cf</b> are not picked up automatically, as
- <a href="verify.8.html">verify(8)</a> processes are persistent. Use the command "<b>post-</b>
+ <a href="verify.8.html"><b>verify</b>(8)</a> processes are persistent. Use the command "<b>post-</b>
<b>fix reload</b>" after a configuration change.
The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>CACHE CONTROLS</b>
<b><a href="postconf.5.html#address_verify_map">address_verify_map</a> (empty)</b>
VIRTUAL(5) VIRTUAL(5)
<b>NAME</b>
- virtual - format of Postfix virtual alias table
+ virtual - Postfix virtual alias table format
<b>SYNOPSIS</b>
<b>postmap /etc/postfix/virtual</b>
<b>postmap -q - /etc/postfix/virtual</b> <<i>inputfile</i>
<b>DESCRIPTION</b>
- The optional <b>virtual</b> alias table specifies address alias-
- ing for arbitrary local or non-local recipient addresses.
- Virtual aliasing is recursive, and is done by the Postfix
- <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon.
+ The optional <a href="virtual.5.html"><b>virtual</b>(5)</a> alias table specifies address
+ aliasing for arbitrary local or non-local recipient
+ addresses. Virtual aliasing is recursive, and is done by
+
the Postfix <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon.
The main applications of virtual aliasing are:
Sendmail rule set <b>S0</b>, if you like. Use <a href="canonical.5.html"><b>canonical</b>(5)</a> map-
ping to rewrite header and envelope addresses in general.
- Normally, the <b>virtual</b> alias table is specified as a text
- file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
- result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
- fast searching by the mail system. Execute the command
- <b>postmap /etc/postfix/virtual</b> in order to rebuild the
+ Normally, the <a href="virtual.5.html"><b>virtual</b>(5)</a> alias table is specified as a
+ text file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command.
+ The result, an indexed file in <b>dbm</b> or <b>db</b> format, is used
+ for fast searching by the mail system. Execute the command
+ "<b>postmap /etc/postfix/virtual</b>" in order to rebuild the
indexed file after changing the text file.
When the table is provided via other means such as NIS,
This functionality overlaps with functionality of
the local <i>aliases</i>(5) database. The difference is
- that <b>virtual</b> mapping can be applied to non-local
+ that <a href="virtual.5.html"><b>virtual</b>(5)</a> mapping can be applied to non-local
addresses.
@<i>domain address, address, ...</i>
<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = hash:/etc/postfix/virtual
Note: some systems use <b>dbm</b> databases instead of <b>hash</b>.
- See the output from <b>postconf -m</b> for available database
- types.
+ See the output from "<b>postconf -m</b>" for available
+ database types.
/etc/postfix/virtual:
<i>virtual-alias.domain anything</i> (right-hand content does not matter)
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available in Postfix
- version 2.1.
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
+ including Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
<i>user@domain</i> mail addresses are not broken up into their
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this topic. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix reload</b>
+ details and for default values. Use the "<b>postfix reload</b>"
command after a configuration change.
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a></b>
<b>DESCRIPTION</b>
The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent is designed for virtual mail
- hosting services. Originally based on the Postfix <a href="local.8.html">local(8)</a>
+ hosting services. Originally based on the Postfix <a href="local.8.html"><b>local</b>(8)</a>
delivery agent, this agent looks up recipients with map
lookups of their full recipient address, instead of using
hard-coded unix password file lookups of the address local
is delivered in UNIX mailbox format. This format stores
multiple messages in one textfile.
- The <b>virtual</b> delivery agent prepends a "<b>From</b> <i>sender</i>
+ The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent prepends a "<b>From</b> <i>sender</i>
<i>time</i><b>_</b><i>stamp</i>" envelope header to each message, prepends a
<b>Delivered-To:</b> message header with the envelope recipient
address, prepends an <b>X-Original-To:</b> header with the recip-
ered in qmail <b>maildir</b> format. This format stores one mes-
sage per file.
- The <b>virtual</b> delivery agent daemon prepends a <b>Delivered-To:</b>
+ The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent prepends a <b>Delivered-To:</b>
message header with the final envelope recipient address,
prepends an <b>X-Original-To:</b> header with the recipient
address as given to Postfix, and prepends a <b>Return-Path:</b>
given to the regular-expression map.
<b>SECURITY</b>
- The virtual delivery agent is not security sensitive, pro-
- vided that the lookup tables with recipient user/group ID
- information are adequately protected. This program is not
- designed to run chrooted.
+ The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent is not security sensitive,
+ provided that the lookup tables with recipient user/group
+ ID information are adequately protected. This program is
+ not designed to run chrooted.
- The virtual delivery agent disallows regular expression
+ The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent disallows regular expression
substitution of $1 etc. in regular expression lookup
tables, because that would open a security hole.
- The virtual delivery agent will silently ignore requests
- to use the <a href="proxymap.8.html">proxymap(8)</a> server. Instead it will open the
- table directly. Before Postfix version 2.2, the virtual
- delivery agent will terminate with a fatal error.
+ The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent will silently ignore
+ requests to use the <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server. Instead it will
+ open the table directly. Before Postfix version 2.2, the
+ virtual delivery agent will terminate with a fatal error.
<b>STANDARDS</b>
<a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
recipient is over disk quota. In all other cases, mail for
an existing recipient is deferred and a warning is logged.
- Problems and transactions are logged to <b>syslogd</b>(8). Cor-
- rupted message files are marked so that the queue manager
+ Problems and transactions are logged to <b>syslogd</b>(8). Cor-
+ rupted message files are marked so that the queue manager
can move them to the <b>corrupt</b> queue afterwards.
- Depending on the setting of the <b><a href="postconf.5.html#notify_classes">notify_classes</a></b> parameter,
- the postmaster is notified of bounces and of other trou-
+ Depending on the setting of the <b><a href="postconf.5.html#notify_classes">notify_classes</a></b> parameter,
+ the postmaster is notified of bounces and of other trou-
ble.
<b>BUGS</b>
- This delivery agent supports address extensions in email
+ This delivery agent supports address extensions in email
addresses and in lookup table keys, but does not propagate
- address extension information to the result of table
+ address extension information to the result of table
lookup.
Postfix should have lookup tables that can return multiple
- result attributes. In order to avoid the inconvenience of
+ result attributes. In order to avoid the inconvenience of
maintaining three tables, use an LDAP or MYSQL database.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically, as vir-
- tual(8) processes run for only a limited amount of time.
+ Changes to <b>main.cf</b> are picked up automatically, as <a href="virtual.8.html"><b>vir-</b></a>
+ <a href="virtual.8.html"><b>tual</b>(8)</a> processes run for only a limited amount of time.
Use the command "<b>postfix reload</b>" to speed up a change.
- The text below provides only a parameter summary. See
- <a href="postconf.5.html">postconf(5)</a> for more details including examples.
+ The text below provides only a parameter summary. See
+ <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b>MAILBOX DELIVERY CONTROLS</b>
<b><a href="postconf.5.html#virtual_mailbox_base">virtual_mailbox_base</a> (empty)</b>
- A prefix that the <a href="virtual.8.html">virtual(8)</a> delivery agent
- prepends
to all pathname results from $<a href="postconf.5.html#virtual_mailbox_maps">vir</a>-
+ A prefix that the <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent
+ prepends
to all pathname results from $<a href="postconf.5.html#virtual_mailbox_maps">vir</a>-
<a href="postconf.5.html#virtual_mailbox_maps">tual_mailbox_maps</a> table lookups.
<b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> (empty)</b>
- Optional lookup tables with all valid addresses in
+ Optional lookup tables with all valid addresses in
the domains that match $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
<b><a href="postconf.5.html#virtual_minimum_uid">virtual_minimum_uid</a> (100)</b>
- The minimum user ID value that the <a href="virtual.8.html">virtual(8)</a>
- delivery agent accepts as a result from <b>$<a href="postconf.5.html#virtual_uid_maps">vir</a>-</b>
- <b><a href="postconf.5.html#virtual_uid_maps">tual_uid_maps</a></b> table lookup.
+ The minimum user ID value that the <a href="virtual.8.html"><b>virtual</b>(8)</a>
+ delivery agent accepts as a result from $<a href="postconf.5.html#virtual_uid_maps">vir</a>-
+ <a href="postconf.5.html#virtual_uid_maps">tual_uid_maps</a> table lookup.
<b><a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a> (empty)</b>
- Lookup tables with the per-recipient user ID that
- the <a href="virtual.8.html">virtual(8)</a> delivery agent uses while writing to
+ Lookup tables with the per-recipient user ID that
+ the <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent uses while writing to
the recipient's mailbox.
<b><a href="postconf.5.html#virtual_gid_maps">virtual_gid_maps</a> (empty)</b>
- Lookup tables with the per-recipient group ID for
- <a href="virtual.8.html">virtual(8)</a> mailbox delivery.
+ Lookup tables with the per-recipient group ID for
+ <a href="virtual.8.html"><b>virtual</b>(8)</a> mailbox delivery.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> ($<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b>
Postfix is final destination for the specified list
- of
domains; mail is delivered via the $<a href="postconf.5.html#virtual_transport">vir</a>-
+ of
domains; mail is delivered via the $<a href="postconf.5.html#virtual_transport">vir</a>-
<a href="postconf.5.html#virtual_transport">tual_transport</a> mail delivery transport.
<b><a href="postconf.5.html#virtual_transport">virtual_transport</a> (virtual)</b>
- The default mail delivery transport for domains
- that match the $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> parameter
+ The default mail delivery transport for domains
+ that match the $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> parameter
value.
<b>LOCKING CONTROLS</b>
<b><a href="postconf.5.html#virtual_mailbox_lock">virtual_mailbox_lock</a> (see 'postconf -d' output)</b>
- How to lock a UNIX-style <a href="virtual.8.html">virtual(8)</a> mailbox before
+ How to lock a UNIX-style <a href="virtual.8.html"><b>virtual</b>(8)</a> mailbox before
attempting delivery.
<b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b>
The maximal number of attempts to acquire an exclu-
- sive lock on a mailbox file or <a href="bounce.8.html">bounce(8)</a> logfile.
+ sive lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
- The time between attempts to acquire an exclusive
- lock on a mailbox file or <a href="bounce.8.html">bounce(8)</a> logfile.
+ The time between attempts to acquire an exclusive
+ lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#stale_lock_time">stale_lock_time</a> (500s)</b>
- The time after which a stale exclusive mailbox
+ The time after which a stale exclusive mailbox
lockfile is removed.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#virtual_destination_concurrency_limit">virtual_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b>
- The maximal number of parallel deliveries to the
- same destination via the virtual message delivery
+ The maximal number of parallel deliveries to the
+ same destination via the virtual message delivery
transport.
<b><a href="postconf.5.html#virtual_destination_recipient_limit">virtual_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b>
- The maximal number of recipients per delivery via
+ The maximal number of recipients per delivery via
the virtual message delivery transport.
<b><a href="postconf.5.html#virtual_mailbox_limit">virtual_mailbox_limit</a> (51200000)</b>
- The maximal size in bytes of an individual mailbox
+ The maximal size in bytes of an individual mailbox
or maildir file, or zero (no limit).
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<a href="VIRTUAL_README.html">VIRTUAL_README</a>, domain hosting howto
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>HISTORY</b>
- This delivery agent was originally based on the Postfix
- local delivery agent. Modifications mainly consisted of
- removing code that either was not applicable or that was
- not safe in this context: aliases, ~user/.forward files,
+ This delivery agent was originally based on the Postfix
+ local delivery agent. Modifications mainly consisted of
+ removing code that either was not applicable or that was
+ not safe in this context: aliases, ~user/.forward files,
delivery to "|command" or to /file/name.
The <b>Delivered-To:</b> message header appears in the <b>qmail</b> sys-
tem by Daniel Bernstein.
- The <b>maildir</b> structure appears in the <b>qmail</b> system by
+ The <b>maildir</b> structure appears in the <b>qmail</b> system by
Daniel Bernstein.
<b>AUTHOR(S)</b>
# \fIinclude\fR directory.
# The following directives are special:
# .RS
-# .IP \fB-DUSE_TLS\f
-# Build with TLS (transport level security) support. This
-# requires that OpenSSL is installed.
-# .IP \fB-DNO_TLS\fR
-# Do not build with TLS support.
# .IP \fB-DNO_IPV6\fR
# Do not build with IPv6 support.
-# .IP \fB-DHAS_PCRE\fR
-# Build with PCRE (Perl-compatible regular expression) support.
-# By default, PCRE support is enabled when the \fBpcre-config\fR
-# utility is installed.
+# By default, IPv6 support is compiled in on platforms that
+# are known to have IPv6 support.
# .IP \fB-DNO_PCRE\fR
# Do not build with PCRE support.
+# By default, PCRE support is compiled in when the \fBpcre-config\fR
+# utility is installed.
# .RE
# .IP \fBDEBUG=\fIdebug_level\fR
# Specifies a non-default debugging level. The default is \fB-g\fR.
.SH DESCRIPTION
.ad
.fi
-The \fBpostalias\fR command creates or queries one or more Postfix
+The \fBpostalias\fR(1) command creates or queries one or more Postfix
alias databases, or updates an existing one. The input and output
file formats are expected to be compatible with Sendmail version 8,
and are expected to be suitable for the use as NIS alias maps.
a map.
.IP \fB-i\fR
Incremental mode. Read entries from standard input and do not
-truncate an existing database. By default, \fBpostalias\fR creates
+truncate an existing database. By default, \fBpostalias\fR(1) creates
a new database from the entries in \fIfile_name\fR.
.IP \fB-N\fR
Include the terminating null character that terminates lookup keys
-and values. By default, Postfix does whatever is the default for
+and values. By default, \fBpostalias\fR(1) does whatever
+is the default for
the host operating system.
.IP \fB-n\fR
Don't include the terminating null character that terminates lookup
-keys and values. By default, Postfix does whatever is the default for
+keys and values. By default, \fBpostalias\fR(1) does whatever
+is the default for
the host operating system.
.IP \fB-o\fR
Do not release root privileges when processing a non-root
-input file. By default, \fBpostalias\fR drops root privileges
+input file. By default, \fBpostalias\fR(1) drops root privileges
and runs as the source file owner instead.
.IP \fB-p\fR
Do not inherit the file access permissions from the input file
The database type. To find out what types are supported, use
the "\fBpostconf -m\fR" command.
-The \fBpostalias\fR command can query any supported file type,
+The \fBpostalias\fR(1) command can query any supported file type,
but it can create only the following file types:
.RS
.IP \fBbtree\fR
no problems were detected. Duplicate entries are skipped and are
flagged with a warning.
-\fBpostalias\fR terminates with zero exit status in case of success
-(including successful \fBpostalias -q\fR lookup) and terminates
+\fBpostalias\fR(1) terminates with zero exit status in case of success
+(including successful "\fBpostalias -q\fR" lookup) and terminates
with non-zero exit status in case of failure.
.SH "ENVIRONMENT"
.na
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBalias_database (see 'postconf -d' output)\fR"
-The alias databases for local(8) delivery that are updated with
+The alias databases for \fBlocal\fR(8) delivery that are updated with
"\fBnewaliases\fR" or with "\fBsendmail -bi\fR".
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
The per-table I/O buffer size for programs that read Berkeley DB
hash or btree tables.
.IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
-The default database type for use in newaliases(1), postalias(1)
-and postmap(1) commands.
+The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+and \fBpostmap\fR(1) commands.
.IP "\fBsyslog_facility (mail)\fR"
The syslog facility of Postfix logging.
.IP "\fBsyslog_name (postfix)\fR"
.SH DESCRIPTION
.ad
.fi
-The \fBpostcat\fR command prints the contents of the named
+The \fBpostcat\fR(1) command prints the contents of the named
\fIfiles\fR in human-readable form. The files are expected
to be in Postfix queue file format. If no
\fIfiles\fR are specified on the command line, the program
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
.SH DESCRIPTION
.ad
.fi
-The \fBpostconf\fR command prints the actual value of
+The \fBpostconf\fR(1) command prints the actual value of
\fIparameter\fR (all known parameters by default) one
parameter per line, changes its value, or prints other
information about the Postfix mail system.
result.
.IP "\fBtcp\fR (read-only)"
Perform lookups using a simple request-reply protocol that is
-described in tcp_table(5).
+described in \fBtcp_table\fR(5).
This feature is not included with Postfix 2.1.
.IP "\fBunix\fR (read-only)"
A limited way to query the UNIX authentication database. The
.RS
. IP \fBunix:passwd.byname\fR
The table is the UNIX password database. The key is a login name.
-The result is a password file entry in passwd(5) format.
+The result is a password file entry in \fBpasswd\fR(5) format.
.IP \fBunix:group.byname\fR
The table is the UNIX group database. The key is a group name.
-The result is a group file entry in group(5) format.
+The result is a group file entry in \fBgroup\fR(5) format.
.RE
.RE
.sp
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
.SH DESCRIPTION
.ad
.fi
-The \fBpostdrop\fR command creates a file in the \fBmaildrop\fR
+The \fBpostdrop\fR(1) command creates a file in the \fBmaildrop\fR
directory and copies its standard input to the file.
Options:
The following \fBmain.cf\fR parameters are especially relevant to
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBalternate_config_directories (empty)\fR"
A list of non-default Postfix configuration directories that may
be specified with "-c config_directory" on the command line, or
records, so that "smtpd" becomes, for example, "postfix/smtpd".
.IP "\fBtrigger_timeout (10s)\fR"
The time limit for sending a trigger to a Postfix daemon (for
-example, the pickup(8) or qmgr(8) daemon).
+example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
.PP
Available in Postfix version 2.2 and later:
.IP "\fBauthorized_submit_users (static:anyone)\fR"
-List of users who are authorized to submit mail with the sendmail(1)
-command (and with the privileged postdrop(1) helper command).
+List of users who are authorized to submit mail with the \fBsendmail\fR(1)
+command (and with the privileged \fBpostdrop\fR(1) helper command).
.SH "FILES"
.na
.nf
.ad
.fi
This command is reserved for the superuser. To submit mail,
-use the Postfix \fBsendmail\fR command.
+use the Postfix \fBsendmail\fR(1) command.
-The \fBpostfix\fR command controls the operation of the Postfix
-mail system: start or stop the \fBmaster\fR daemon, do a health
+The \fBpostfix\fR(1) command controls the operation of the Postfix
+mail system: start or stop the \fBmaster\fR(8) daemon, do a health
check, and other maintenance.
-The \fBpostfix\fR command sets up a standardized environment and
+The \fBpostfix\fR(1) command sets up a standardized environment and
runs the \fBpostfix-script\fR shell script to do the actual work.
The following commands are implemented:
.nf
.ad
.fi
-The \fBpostfix\fR command exports the following environment
+The \fBpostfix\fR(1) command exports the following environment
variables before executing the \fBpostfix-script\fR file:
.IP \fBMAIL_CONFIG\fR
This is set when the -c command-line option is present.
Postfix directories.
.IP "\fBsendmail_path (see 'postconf -d' output)\fR"
A Sendmail compatibility feature that specifies the location of
-the Postfix sendmail(1) command.
+the Postfix \fBsendmail\fR(1) command.
.IP "\fBnewaliases_path (see 'postconf -d' output)\fR"
Sendmail compatibility feature that specifies the location of the
-newaliases(1) command.
+\fBnewaliases\fR(1) command.
.IP "\fBmailq_path (see 'postconf -d' output)\fR"
Sendmail compatibility feature that specifies where the Postfix
-mailq(1) command is installed.
+\fBmailq\fR(1) command is installed.
.IP "\fBhtml_directory (see 'postconf -d' output)\fR"
The location of Postfix HTML files that describe how to build,
configure or operate a specific Postfix subsystem or feature.
Commands:
postalias(1), create/update/query alias database
postcat(1), examine Postfix queue file
+postconf(1), Postfix configuration utility
postkick(1), trigger Postfix daemon
postlock(1), Postfix-compatible locking
postlog(1), Postfix-compatible logging
.SH DESCRIPTION
.ad
.fi
-The \fBpostkick\fR command sends \fIrequest\fR to the
+The \fBpostkick\fR(1) command sends \fIrequest\fR to the
specified \fIservice\fR over a local transport channel.
This command makes Postfix private IPC accessible
for use in, for example, shell scripts.
The following \fBmain.cf\fR parameters are especially relevant to
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
.IP "\fBapplication_event_drain_time (100s)\fR"
-How long the postkick(1) command waits for a request to enter the
+How long the \fBpostkick\fR(1) command waits for a request to enter the
server's input buffer before giving up.
.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
The location of the Postfix top-level queue directory.
.SH DESCRIPTION
.ad
.fi
-The \fBpostlock\fR command locks \fIfile\fR for exclusive
+The \fBpostlock\fR(1) command locks \fIfile\fR for exclusive
access, and executes \fIcommand\fR. The locking method is
compatible with the Postfix UNIX-style local delivery agent.
.SH DIAGNOSTICS
.ad
.fi
-The result status is 75 (EX_TEMPFAIL) when \fBpostlock\fR
+The result status is 75 (EX_TEMPFAIL) when \fBpostlock\fR(1)
could not perform the requested operation. Otherwise, the
exit status is the exit status from the command.
.SH BUGS
The following \fBmain.cf\fR parameters are especially relevant to
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "LOCKING CONTROLS"
.na
.nf
.fi
.IP "\fBdeliver_lock_attempts (20)\fR"
The maximal number of attempts to acquire an exclusive lock on a
-mailbox file or bounce(8) logfile.
+mailbox file or \fBbounce\fR(8) logfile.
.IP "\fBdeliver_lock_delay (1s)\fR"
The time between attempts to acquire an exclusive lock on a mailbox
-file or bounce(8) logfile.
+file or \fBbounce\fR(8) logfile.
.IP "\fBstale_lock_time (500s)\fR"
The time after which a stale exclusive mailbox lockfile is removed.
.IP "\fBmailbox_delivery_lock (see 'postconf -d' output)\fR"
-How to lock a UNIX-style local(8) mailbox before attempting delivery.
+How to lock a UNIX-style \fBlocal\fR(8) mailbox before attempting delivery.
.SH "RESOURCE AND RATE CONTROLS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The \fBpostlog\fR command implements a Postfix-compatible logging
+The \fBpostlog\fR(1) command implements a Postfix-compatible logging
interface for use in, for example, shell scripts.
-By default, \fBpostlog\fR logs the \fItext\fR given on the command
+By default, \fBpostlog\fR(1) logs the \fItext\fR given on the command
line as one record. If no \fItext\fR is specified on the command
-line, \fBpostlog\fR reads from standard input and logs each input
+line, \fBpostlog\fR(1) reads from standard input and logs each input
line as one record.
Logging is sent to \fBsyslogd\fR(8); when the standard error stream
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
.SH DESCRIPTION
.ad
.fi
-The \fBpostmap\fR command creates or queries one or more Postfix
+The \fBpostmap\fR(1) command creates or queries one or more Postfix
lookup tables, or updates an existing one. The input and output
file formats are expected to be compatible with:
a map.
.IP \fB-i\fR
Incremental mode. Read entries from standard input and do not
-truncate an existing database. By default, \fBpostmap\fR creates
+truncate an existing database. By default, \fBpostmap\fR(1) creates
a new database from the entries in \fBfile_name\fR.
.IP \fB-N\fR
Include the terminating null character that terminates lookup keys
-and values. By default, Postfix does whatever is the default for
+and values. By default, \fBpostmap\fR(1) does whatever is
+the default for
the host operating system.
.IP \fB-n\fR
Don't include the terminating null character that terminates lookup
-keys and values. By default, Postfix does whatever is the default for
+keys and values. By default, \fBpostmap\fR(1) does whatever
+is the default for
the host operating system.
.IP \fB-o\fR
Do not release root privileges when processing a non-root
-input file. By default, \fBpostmap\fR drops root privileges
+input file. By default, \fBpostmap\fR(1) drops root privileges
and runs as the source file owner instead.
.IP \fB-p\fR
Do not inherit the file access permissions from the input file
The database type. To find out what types are supported, use
the "\fBpostconf -m\fR" command.
-The \fBpostmap\fR command can query any supported file type,
+The \fBpostmap\fR(1) command can query any supported file type,
but it can create only the following file types:
.RS
.IP \fBbtree\fR
No output means that no problems were detected. Duplicate entries are
skipped and are flagged with a warning.
-\fBpostmap\fR terminates with zero exit status in case of success
-(including successful \fBpostmap -q\fR lookup) and terminates
+\fBpostmap\fR(1) terminates with zero exit status in case of success
+(including successful "\fBpostmap -q\fR" lookup) and terminates
with non-zero exit status in case of failure.
.SH "ENVIRONMENT"
.na
The following \fBmain.cf\fR parameters are especially relevant to
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBberkeley_db_create_buffer_size (16777216)\fR"
The per-table I/O buffer size for programs that create Berkeley DB
hash or btree tables.
The default location of the Postfix main.cf and master.cf
configuration files.
.IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
-The default database type for use in newaliases(1), postalias(1)
-and postmap(1) commands.
+The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+and \fBpostmap\fR(1) commands.
.IP "\fBsyslog_facility (mail)\fR"
The syslog facility of Postfix logging.
.IP "\fBsyslog_name (postfix)\fR"
.SH DESCRIPTION
.ad
.fi
-The \fBpostqueue\fR program implements the Postfix user interface
+The \fBpostqueue\fR(1) command implements the Postfix user interface
for queue management. It implements operations that are
traditionally available via the \fBsendmail\fR(1) command.
See the \fBpostsuper\fR(1) command for queue operations
.IP \fB-f\fR
Flush the queue: attempt to deliver all queued mail.
-This option implements the traditional \fBsendmail -q\fR command,
+This option implements the traditional "\fBsendmail -q\fR" command,
by contacting the Postfix \fBqmgr\fR(8) daemon.
Warning: flushing undeliverable mail frequently will result in
See \fBflush\fR(8) for more information about the "fast flush"
service.
-This option implements the traditional \fBsendmail -qR\fIsite\fR
+This option implements the traditional "\fBsendmail -qR\fIsite\fR"
command, by contacting the Postfix \fBflush\fR(8) daemon.
.IP \fB-v\fR
Enable verbose logging for debugging purposes. Multiple \fB-v\fR
The following \fBmain.cf\fR parameters are especially relevant to
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBalternate_config_directories (empty)\fR"
A list of non-default Postfix configuration directories that may
be specified with "-c config_directory" on the command line, or
records, so that "smtpd" becomes, for example, "postfix/smtpd".
.IP "\fBtrigger_timeout (10s)\fR"
The time limit for sending a trigger to a Postfix daemon (for
-example, the pickup(8) or qmgr(8) daemon).
+example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
.PP
Available in Postfix version 2.2 and later:
.IP "\fBauthorized_flush_users (static:anyone)\fR"
.SH DESCRIPTION
.ad
.fi
-The \fBpostsuper\fR command does maintenance jobs on the Postfix
+The \fBpostsuper\fR(1) command does maintenance jobs on the Postfix
queue. Use of the command is restricted to the superuser.
-See the \fBpostqueue\fR command for unprivileged queue operations
+See the \fBpostqueue\fR(1) command for unprivileged queue operations
such as listing or flushing the mail queue.
-By default, \fBpostsuper\fR performs the operations requested with the
+By default, \fBpostsuper\fR(1) performs the operations
+requested with the
\fB-s\fR and \fB-p\fR command-line options on all Postfix queue
directories - this includes the \fBincoming\fR, \fBactive\fR and
\fBdeferred\fR directories with mail files and the \fBbounce\fR,
\fBdeferred\fR).
If a \fIqueue_id\fR of \fB-\fR is specified, the program reads
queue IDs from standard input. For example, to delete all mail
-from or to \fBuser@example.com\fR:
+with exactly one recipient \fBuser@example.com\fR:
.sp
-mailq | tail +2 | awk \'BEGIN { RS = "" } \e
+mailq | tail +2 | awk \'BEGIN { RS = "" }
.ti +4
-/ user@example\e.com$/ { print $1 } \e
+# $7=sender, $8=recipient1, $9=recipient2
+.ti +4
+{ if ($8 == "user@example.com" && $9 == "")
+.ti +6
+print $1 }
.br
\' | tr -d '*!' | postsuper -d -
.sp
The scenario is as follows:
.RS
.IP 1)
-The Postfix queue manager deletes the message that \fBpostsuper\fR
+The Postfix queue manager deletes the message that \fBpostsuper\fR(1)
is asked to delete, because Postfix is finished with the
message (it is delivered, or it is returned to the sender).
.IP 2)
New mail arrives, and the new message is given the same queue ID
-as the message that \fBpostsuper\fR is supposed to delete.
+as the message that \fBpostsuper\fR(1) is supposed to delete.
The probability for reusing a deleted queue ID is about 1 in 2**15
(the number of different microsecond values that the system clock
can distinguish within a second).
.IP 3)
-\fBpostsuper\fR deletes the new message, instead of the old
+\fBpostsuper\fR(1) deletes the new message, instead of the old
message that it should have deleted.
.RE
.IP "\fB-h \fIqueue_id\fR"
mappings have changed.
.sp
Warning: Postfix queue IDs are reused.
-There is a very small possibility that \fBpostsuper\fR requeues
+There is a very small possibility that \fBpostsuper\fR(1) requeues
the wrong message file when it is executed while the Postfix mail
system is running, but no harm should be done.
.IP \fB-s\fR
Problems are reported to the standard error stream and to
\fBsyslogd\fR(8).
-\fBpostsuper\fR reports the number of messages deleted with \fB-d\fR,
+\fBpostsuper\fR(1) reports the number of messages deleted with \fB-d\fR,
the number of messages requeued with \fB-r\fR, and the number of
messages whose queue file name was fixed with \fB-s\fR. The report
is written to the standard error stream and to \fBsyslogd\fR(8).
The following \fBmain.cf\fR parameters are especially relevant to
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
.IP "\fBhash_queue_depth (1)\fR"
The number of subdirectory levels for queue directories listed with
the hash_queue_names parameter.
-.IP "\fBhash_queue_names (see 'postconf -d' output)\fR"
+.IP "\fBhash_queue_names (deferred, defer)\fR"
The names of queue directories that are split across multiple
subdirectory levels.
.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
.SH "SEE ALSO"
.na
.nf
-mailq(1) List all messages in the queue.
+mailq(1), List all messages in the queue.
QSHAPE_README Examples and background material.
.SH "FILES"
.na
.SH DESCRIPTION
.ad
.fi
-The Postfix \fBsendmail\fR command implements the Postfix to Sendmail
-compatibility interface.
+The Postfix \fBsendmail\fR(1) command implements the Postfix
+to Sendmail compatibility interface.
For the sake of compatibility with existing applications, some
Sendmail command-line options are recognized but silently ignored.
-By default, Postfix \fBsendmail\fR reads a message from standard input
+By default, Postfix \fBsendmail\fR(1) reads a message from
+standard input
until EOF or until it reads a line with only a \fB.\fR character,
-and arranges for delivery. Postfix \fBsendmail\fR relies on the
+and arranges for delivery. Postfix \fBsendmail\fR(1) relies on the
\fBpostdrop\fR(1) command to create a queue file in the \fBmaildrop\fR
directory.
command.
.sp
Note: it may take a minute or so before an alias database update
-becomes visible. Use the \fBpostfix reload\fR command to eliminate
+becomes visible. Use the "\fBpostfix reload\fR" command to eliminate
this delay.
.PP
These and other features can be selected by specifying the
The message body MIME type: \fB7BIT\fR or \fB8BITMIME\fR.
.IP \fB-bd\fR
Go into daemon mode. This mode of operation is implemented by
-executing the \fBpostfix start\fR command.
+executing the "\fBpostfix start\fR" command.
.IP "\fB-bh\fR (ignored)"
.IP "\fB-bH\fR (ignored)"
Postfix has no persistent host status database.
have no \fBFrom:\fR message header.
.IP "\fB-f \fIsender\fR"
Set the envelope sender address. This is the address where
-delivery problems are sent to, unless the message contains an
-\fBErrors-To:\fR message header.
+delivery problems are sent to. With Postfix versions before 2.1, the
+\fBErrors-To:\fR message header overrides the error return address.
.IP "\fB-G\fR (ignored)"
Gateway (relay) submission, as opposed to initial user submission.
.IP "\fB-h \fIhop_count\fR (ignored)"
configuration parameter in \fBmain.cf\fR instead.
.IP "\fB-r \fIsender\fR"
Set the envelope sender address. This is the address where
-delivery problems are sent to, unless the message contains an
-\fBErrors-To:\fR message header.
+delivery problems are sent to. With Postfix versions before 2.1, the
+\fBErrors-To:\fR message header overrides the error return address.
.IP "\fB-R \fIreturn_limit\fR (ignored)"
Limit the size of bounced mail. Use the \fBbounce_size_limit\fR
configuration parameter instead.
See \fBflush\fR(8) for more information about the "fast flush"
service.
.IP \fB-qS\fIsite\fR
-This command is not implemented. Use the slower \fBsendmail -q\fR
+This command is not implemented. Use the slower "\fBsendmail -q\fR"
command instead.
.IP \fB-t\fR
Extract recipients from message headers. These are added to any
The following \fBmain.cf\fR parameters are especially relevant to
this program.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "TROUBLE SHOOTING CONTROLS"
.na
.nf
.IP "\fBauthorized_mailq_users (static:anyone)\fR"
List of users who are authorized to view the queue.
.IP "\fBauthorized_submit_users (static:anyone)\fR"
-List of users who are authorized to submit mail with the sendmail(1)
-command (and with the privileged postdrop(1) helper command).
+List of users who are authorized to submit mail with the \fBsendmail\fR(1)
+command (and with the privileged \fBpostdrop\fR(1) helper command).
.SH "RESOURCE AND RATE CONTROLS"
.na
.nf
The two default VERP delimiter characters.
.IP "\fBverp_delimiter_filter (-=+)\fR"
The characters Postfix accepts as VERP delimiter characters on the
-Postfix sendmail(1) command line and in SMTP commands.
+Postfix \fBsendmail\fR(1) command line and in SMTP commands.
.SH "MISCELLANEOUS CONTROLS"
.na
.nf
.ad
.fi
.IP "\fBalias_database (see 'postconf -d' output)\fR"
-The alias databases for local(8) delivery that are updated with
+The alias databases for \fBlocal\fR(8) delivery that are updated with
"\fBnewaliases\fR" or with "\fBsendmail -bi\fR".
.IP "\fBcommand_directory (see 'postconf -d' output)\fR"
The location of all postfix administrative commands.
.IP "\fBdaemon_directory (see 'postconf -d' output)\fR"
The directory with Postfix support programs and daemon programs.
.IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
-The default database type for use in newaliases(1), postalias(1)
-and postmap(1) commands.
+The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+and \fBpostmap\fR(1) commands.
.IP "\fBdelay_warning_time (0h)\fR"
The time after which the sender receives the message headers of
mail that is still queued.
+.IP "\fBenable_errors_to (no)\fR"
+Report mail delivery errors to the address specified with the
+non-standard Errors-To: message header, instead of the envelope
+sender address (this feature is removed with Postfix 2.2, is
+turned off by default with Postfix 2.1, and is always turned on
+with older Postfix versions).
.IP "\fBmail_owner (postfix)\fR"
The UNIX system account that owns the Postfix queue and most Postfix
daemon processes.
records, so that "smtpd" becomes, for example, "postfix/smtpd".
.IP "\fBtrigger_timeout (10s)\fR"
The time limit for sending a trigger to a Postfix daemon (for
-example, the pickup(8) or qmgr(8) daemon).
+example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
.SH "FILES"
.na
.nf
Listen on the UNIX-domain socket at \fIpathname\fR.
.IP \fIbacklog\fR
The maximum length the queue of pending connections,
-as defined by the listen(2) call.
+as defined by the \fBlisten\fR(2) system call.
.SH "SEE ALSO"
.na
.nf
.SH NAME
access
\-
-format of Postfix access table
+Postfix access table format
.SH "SYNOPSIS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The optional \fBaccess\fR table directs the Postfix SMTP server
+The optional \fBaccess\fR(5) table directs the Postfix SMTP server
to selectively reject or accept mail. Access can be allowed or
denied for specific host names, domain names, networks, host
addresses or mail addresses.
For an example, see the EXAMPLE section at the end of this
manual page.
-Normally, the \fBaccess\fR table is specified as a text file
+Normally, the \fBaccess\fR(5) table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
is used for fast searching by the mail system. Execute the command
Address information must not be enclosed with "[]" characters.
NOTE 2: use the \fBcidr\fR lookup table type to specify
-network/netmask patterns. See cidr_table(5) for details.
+network/netmask patterns. See \fBcidr_table\fR(5) for details.
.IP \fInet:work:addr:ess\fR
.IP \fInet:work:addr\fR
.IP \fInet:work\fR
Address information must not be enclosed with "[]" characters.
NOTE 3: use the \fBcidr\fR lookup table type to specify
-network/netmask patterns. See cidr_table(5) for details.
+network/netmask patterns. See \fBcidr_table\fR(5) for details.
IPv6 support is available in Postfix 2.2 and later.
.SH "ACCEPT ACTIONS"
.IP "\fBFILTER \fItransport:destination\fR"
After the message is queued, send the entire message through
the specified external content filter. The \fItransport:destination\fR
-syntax is described in the transport(5) manual page. More information
+syntax is described in the \fBtransport\fR(5) manual page.
+More information
about external content filters is in the Postfix FILTER_README file.
.sp
Note: this action overrides the \fBmain.cf content_filter\fR setting,
This section describes how the table lookups change when lookups
are directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see \fBtcp_table\fR(5).
-This feature is not available in Postfix version 2.1.
+This feature is not available up to and including Postfix version 2.2.
Each lookup operation uses the entire query string once.
Depending on the application, that string is an entire client
.SH NAME
aliases
\-
-format of the Postfix alias database
+Postfix local alias database format
.SH "SYNOPSIS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The \fBaliases\fR table provides a system-wide mechanism to
+The \fBaliases\fR(5) table provides a system-wide mechanism to
redirect mail for local recipients. The redirections are
processed by the Postfix \fBlocal\fR(8) delivery agent.
-Normally, the \fBaliases\fR table is specified as a text file
+Normally, the \fBaliases\fR(5) table is specified as a text file
that serves as input to the \fBpostalias\fR(1) command. The
result, an indexed file in \fBdbm\fR or \fBdb\fR format, is
used for fast lookup by the mail system. Execute the command
Users can control delivery of their own mail by setting
up \fB.forward\fR files in their home directory.
Lines in per-user \fB.forward\fR files have the same syntax
-as the right-hand side of \fBaliases\fR entries.
+as the right-hand side of \fBaliases\fR(5) entries.
The format of the alias database input file is as follows:
.IP \(bu
.fi
The following \fBmain.cf\fR parameters are especially relevant.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP \fBalias_database\fR
List of alias databases that are updated by the
\fBnewaliases\fR(1) command.
.SH NAME
canonical
\-
-format of Postfix canonical table
+Postfix canonical table format
.SH "SYNOPSIS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The optional \fBcanonical\fR table specifies an address mapping for
+The optional \fBcanonical\fR(5) table specifies an address mapping for
local and non-local addresses. The mapping is used by the
\fBcleanup\fR(8) daemon. The address mapping is recursive.
-Normally, the \fBcanonical\fR table is specified as a text file
+Normally, the \fBcanonical\fR(5) table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
is used for fast searching by the mail system. Execute the command
-\fBpostmap /etc/postfix/canonical\fR in order to rebuild the indexed
+"\fBpostmap /etc/postfix/canonical\fR" in order to rebuild the indexed
file after changing the text file.
When the table is provided via other means such as NIS, LDAP
done in a slightly different way as described below under
"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
-By default the \fBcanonical\fR mapping affects both message
+By default the \fBcanonical\fR(5) mapping affects both message
header addresses (i.e. addresses that appear inside messages)
and message envelope addresses (for example, the addresses
that are used in SMTP protocol commands). Think Sendmail
rule set \fBS3\fR, if you like. This is controlled with
the \fBcanonical_classes\fR parameter.
-Typically, one would use the \fBcanonical\fR table to replace login
+Typically, one would use the \fBcanonical\fR(5) table to replace login
names by \fIFirstname.Lastname\fR, or to clean up addresses produced
by legacy mail systems.
-The \fBcanonical\fR mapping is not to be confused with \fIvirtual
+The \fBcanonical\fR(5) mapping is not to be confused with \fIvirtual
domain\fR support. Use the \fBvirtual\fR(5) map for that purpose.
-The \fBcanonical\fR mapping is not to be confused with local aliasing.
+The \fBcanonical\fR(5) mapping is not to be confused with local aliasing.
Use the \fBaliases\fR(5) map for that purpose.
.SH "TABLE FORMAT"
.na
.nf
.ad
.fi
-The input format for the \fBpostmap\fR(1) command is as follows:
+make# The input format for the \fBpostmap\fR(1) command is as follows:
.IP "\fIpattern result\fR"
When \fIpattern\fR matches a mail address, replace it by the
corresponding \fIresult\fR.
This section describes how the table lookups change when lookups
are directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see \fBtcp_table\fR(5).
-This feature is not available in Postfix version 2.1.
+This feature is not available up to and including Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
\fIuser@domain\fR mail addresses are not broken up into their
.fi
The following \fBmain.cf\fR parameters are especially relevant.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP \fBcanonical_classes\fR
What addresses are subject to canonical address mapping.
.IP \fBcanonical_maps\fR
(Classless Inter-Domain Routing) form.
To find out what types of lookup tables your Postfix system
-supports use the \fBpostconf -m\fR command.
+supports use the "\fBpostconf -m\fR" command.
-To test lookup tables, use the \fBpostmap\fR command as
+To test lookup tables, use the "\fBpostmap -q\fR" command as
described in the SYNOPSIS above.
.SH "TABLE FORMAT"
.na
.na
.nf
postmap(1), Postfix lookup table manager
-regexp_table(5) format of regular expression tables
-pcre_table(5) format of PCRE tables
+regexp_table(5), format of regular expression tables
+pcre_table(5), format of PCRE tables
.SH "README FILES"
.na
.nf
best performance is obtained with \fBpcre\fR (Perl Compatible Regular
Expression) tables, but the slower \fBregexp\fR (POSIX regular
expressions) support is more widely available.
-Use the command \fBpostconf -m\fR to find out what lookup table
+Use the command "\fBpostconf -m\fR" to find out what lookup table
types your Postfix system supports.
The general format of Postfix regular expression tables is
.fi
Substitution of substrings from the matched expression into the
\fIaction\fR
-string is possible using the conventional Perl syntax ($1, $2, etc.).
-The macros in the result string may need to be written as ${n}
-or $(n) if they aren't followed by whitespace.
+string is possible using the conventional Perl syntax
+(\fB$1\fR, \fB$2\fR, etc.).
+The macros in the result string may need to be written as \fB${n}\fR
+or \fB$(n)\fR if they aren't followed by whitespace.
Note: since negated patterns (those preceded by \fB!\fR) return a
result when the expression does not match, substitutions are not
Prepend one line with the specified text and inspect the next
input line.
.sp
-Note: the prepended text is output immediately before the
-input that triggered the \fBPREPEND\fR action. A body action
-cannot prepend a message header.
-.sp
-Note: this action cannot be used to prepend multi-line text.
-.sp
+Notes:
+.RS
+.IP \(bu
+The prepended text is output on a separate line, immediately
+before the input that triggered the \fBPREPEND\fR action.
+.IP \(bu
+When prepending text before a message header line, the prepended
+text must begin with a valid message header label.
+.IP \(bu
+This action cannot be used to prepend multi-line text.
+.RE
+.IP
This feature is available in Postfix 2.1 and later.
.IP "\fBREDIRECT \fIuser@domain\fR"
Write a message redirection request to the queue file and
fire, only the last one is executed.
.sp
This feature is available in Postfix 2.1 and later.
+.IP "\fBREPLACE \fItext...\fR"
+Replace the current line with the specified text and inspect the next
+input line.
+.sp
+Note: when replacing a message header line, the replacement text
+must begin with a valid header label.
+.sp
+This feature is available in Postfix 2.2 and later.
.IP "\fBREJECT \fIoptional text...\fR
Reject the entire message. Reply with \fIoptional text...\fR when
the optional text is specified, otherwise reply with a generic error
configuration variable in the main.cf file).
.sp
Chroot should not be used with the \fBlocal\fR(8),
-\fBpipe\fR(8), \fBspawn\fR(8), and virtual(8) daemons.
+\fBpipe\fR(8), \fBspawn\fR(8), and \fBvirtual\fR(8) daemons.
Although the
\fBproxymap\fR(8) server can run chrooted, doing so defeats
most of the purpose of having that service in the first
To find out what types of lookup tables your Postfix system
supports use the "\fBpostconf -m\fR" command.
-To test Postfix NIS+ lookup tables, use the \fBpostmap\fR
+To test Postfix NIS+ lookup tables, use the "\fBpostmap -q\fR"
command as described in the SYNOPSIS above.
.SH "QUERY SYNTAX"
.na
corresponding result is returned.
To find out what types of lookup tables your Postfix system
-supports use the \fBpostconf -m\fR command.
+supports use the "\fBpostconf -m\fR" command.
-To test lookup tables, use the \fBpostmap -fq\fR command as
+To test lookup tables, use the "\fBpostmap -fq\fR" command as
described in the SYNOPSIS above.
.SH "TABLE FORMAT"
.na
The remainder of this document is a description of all Postfix
configuration parameters. Default values are shown after the
parameter name in parentheses, and can be looked up with the
-\fBpostconf -d\fR command.
+"\fBpostconf -d\fR" command.
.PP
Note: this is not an invitation to make changes to Postfix
configuration parameters. Unnecessary changes can impair the
parameter.
.SH access_map_reject_code (default: 554)
The numerical Postfix SMTP server response code when a client
-is rejected by an access(5) map restriction.
+is rejected by an \fBaccess\fR(5) map restriction.
.PP
Do not change this unless you have a complete understanding of RFC 821.
.SH address_verify_default_transport (default: $default_transport)
This feature is available in Postfix 2.1 and later.
.SH address_verify_map (default: empty)
Optional lookup table for persistent address verification status
-storage. The table is maintained by the verify(8) service, and
+storage. The table is maintained by the \fBverify\fR(8) service, and
is opened before the process releases privileges.
.PP
By default, the information is kept in volatile memory, and is lost
.PP
This feature is available in Postfix 2.1 and later.
.SH address_verify_poll_count (default: 3)
-How many times to query the verify(8) service for the completion
+How many times to query the \fBverify\fR(8) service for the completion
of an address verification request in progress.
.PP
The default poll count is 3.
.PP
This feature is available in Postfix 2.1 and later.
.SH address_verify_service_name (default: verify)
-The name of the verify(8) address verification service. This service
+The name of the \fBverify\fR(8) address verification service. This service
maintains the status of sender and/or recipient address verification
probes, and generates probes on request by other Postfix processes.
.SH address_verify_transport_maps (default: $transport_maps)
.PP
This feature is available in Postfix 2.1 and later.
.SH alias_database (default: see "postconf -d" output)
-The alias databases for local(8) delivery that are updated with
+The alias databases for \fBlocal\fR(8) delivery that are updated with
"\fBnewaliases\fR" or with "\fBsendmail -bi\fR".
.PP
This is a separate configuration parameter because not all the
.ad
.ft R
.SH alias_maps (default: see "postconf -d" output)
-The alias databases that are used for local(8) delivery. See
-aliases(5) for syntax details.
+The alias databases that are used for \fBlocal\fR(8) delivery. See
+\fBaliases\fR(5) for syntax details.
.PP
The default list is system dependent. On systems with NIS, the
default is to search the local alias database, then the NIS alias
(or wherever your system stores the mail alias file), or simply
run "\fBnewaliases\fR" to build the necessary DBM or DB file.
.PP
-The local(8) delivery agent disallows regular expression substitution
+The \fBlocal\fR(8) delivery agent disallows regular expression substitution
of $1 etc. in alias_maps, because that would open a security hole.
.PP
-The local(8) delivery agent will silently ignore requests to use
-the proxymap(8) server within alias_maps. Instead it will open the
-table directly. Before Postfix version 2.2, the local(8) delivery
+The \fBlocal\fR(8) delivery agent will silently ignore requests to use
+the \fBproxymap\fR(8) server within alias_maps. Instead it will open the
+table directly. Before Postfix version 2.2, the \fBlocal\fR(8) delivery
agent will terminate with a fatal error.
.PP
Examples:
.ad
.ft R
.SH allow_mail_to_commands (default: alias, forward)
-Restrict local(8) mail delivery to external commands. The default
+Restrict \fBlocal\fR(8) mail delivery to external commands. The default
is to disallow delivery to "|command" in :include: files (see
-aliases(5) for the text that defines this terminology).
+\fBaliases\fR(5) for the text that defines this terminology).
.PP
Specify zero or more of: \fBalias\fR, \fBforward\fR or \fBinclude\fR,
-in order to allow commands in aliases(5), .forward files or in
+in order to allow commands in \fBaliases\fR(5), .forward files or in
:include: files, respectively.
.PP
Example:
.ad
.ft R
.SH allow_mail_to_files (default: alias, forward)
-Restrict local(8) mail delivery to external files. The default is
+Restrict \fBlocal\fR(8) mail delivery to external files. The default is
to disallow "/file/name" destinations in :include: files (see
-aliases(5) for the text that defines this terminology).
+\fBaliases\fR(5) for the text that defines this terminology).
.PP
Specify zero or more of: \fBalias\fR, \fBforward\fR or \fBinclude\fR,
-in order to allow "/file/name" destinations in aliases(5), .forward
+in order to allow "/file/name" destinations in \fBaliases\fR(5), .forward
files and in :include: files, respectively.
.PP
Example:
via the MAIL_CONFIG environment parameter.
.PP
This list must be specified in the default Postfix configuration
-directory, and is used by set-gid Postfix commands such as postqueue(1)
-and postdrop(1).
+directory, and is used by set-gid Postfix commands such as \fBpostqueue\fR(1)
+and \fBpostdrop\fR(1).
.SH always_bcc (default: empty)
Optional address that receives a "blind carbon copy" of each message
that is received by the Postfix mail system.
The time unit over which client connection rates and other rates
are calculated.
.PP
-This feature is implemented by the anvil(8) service which is not
+This feature is implemented by the \fBanvil\fR(8) service which is not
part of the stable Postfix 2.1 release.
.PP
The default interval is relatively short. Because of the high
-frequency of updates, the anvil(8) server uses volatile memory
+frequency of updates, the \fBanvil\fR(8) server uses volatile memory
only. Thus, information is lost whenever the process terminates.
.PP
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
The default time unit is s (seconds).
.SH anvil_status_update_time (default: 600s)
-How frequently the anvil(8) connection and rate limiting server
+How frequently the \fBanvil\fR(8) connection and rate limiting server
logs peak usage information.
.PP
-This feature is implemented by the anvil(8) service which is not
-part of the stable Postfix 2.1 release.
+This feature is available in Postfix 2.2 and later.
.PP
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
The default time unit is s (seconds).
able to send mail to "user@partialdomainname" but will have to
specify full domain names instead.
.SH application_event_drain_time (default: 100s)
-How long the postkick(1) command waits for a request to enter the
+How long the \fBpostkick\fR(1) command waits for a request to enter the
server's input buffer before giving up.
.PP
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
.PP
This feature is available in Postfix 2.2 and later.
.SH authorized_submit_users (default: static:anyone)
-List of users who are authorized to submit mail with the sendmail(1)
-command (and with the privileged postdrop(1) helper command).
+List of users who are authorized to submit mail with the \fBsendmail\fR(1)
+command (and with the privileged \fBpostdrop\fR(1) helper command).
.PP
By default, all users are allowed to submit mail. Otherwise, the
real UID of the process is looked up in the system password file,
":" character, and would otherwise be confused with a "type:table"
pattern.
.SH backwards_bounce_logfile_compatibility (default: yes)
-Produce additional bounce(8) logfile records that can be read by
-older Postfix versions. The current and more extensible "name =
+Produce additional \fBbounce\fR(8) logfile records that can be read by
+Postfix versions before 2.0. The current and more extensible "name =
value" format is needed in order to implement more sophisticated
functionality.
.PP
the Postfix SMTP client returns such mail as undeliverable.
.PP
Specify, for example, "best_mx_transport = local" to pass the mail
-from the SMTP client to the local(8) delivery agent. You can specify
+from the SMTP client to the \fBlocal\fR(8) delivery agent. You can specify
any message delivery "transport" or "transport:nexthop" that is
-defined in the master.cf file. See the transport(5) manual page
+defined in the master.cf file. See the \fBtransport\fR(5) manual page
for the syntax and meaning of "transport" or "transport:nexthop".
.PP
However, this feature is expensive because it ties up a Postfix
-SMTP client process while the local(8) delivery agent is doing its
+SMTP client process while the \fBlocal\fR(8) delivery agent is doing its
work. It is more efficient (for Postfix) to list all hosted domains
in a table or database.
.SH biff (default: yes)
.PP
For compatibility reasons this feature is on by default. On systems
with lots of interactive users, the biff service can be a performance
-drain. Specify "biff = no" to disable.
+drain. Specify "biff = no" in main.cf to disable.
.SH body_checks (default: empty)
Optional lookup tables for content inspection as specified in
-the body_checks(5) manual page.
+the \fBbody_checks\fR(5) manual page.
.PP
Note: with Postfix versions before 2.0, these rules inspect
all content after the primary message headers.
.PP
This feature is available in Postfix 2.1 and later.
.SH bounce_service_name (default: bounce)
-The name of the bounce(8) service. This service maintains a record
+The name of the \fBbounce\fR(8) service. This service maintains a record
of failed delivery attempts and generates non-delivery notifications.
.PP
This feature is available in Postfix 2.0 and later.
are MicroSoft Outlook Express version 4 and MicroSoft Exchange
version 5.0.
.PP
-Specify "\fBbroken_sasl_auth_clients = yes\fR" to have Postfix advertise
+Specify "broken_sasl_auth_clients = yes" to have Postfix advertise
AUTH support in a non-standard way.
.SH canonical_classes (default: envelope_sender, envelope_recipient, header_sender, header_recipient)
What addresses are subject to canonical_maps address mapping.
with the canonical_classes parameter. This is typically used
to clean up dirty addresses from legacy mail systems, or to replace
login names by Firstname.Lastname. The table format and lookups
-are documented in canonical(5).
+are documented in \fBcanonical\fR(5).
.PP
If you use this feature, run "\fBpostmap /etc/postfix/canonical\fR" to
build the necessary DBM or DB file after every change. The changes
.ad
.ft R
.SH cleanup_service_name (default: cleanup)
-The name of the cleanup(8) service. This service rewrites addresses
-into the standard form, and performs canonical(5) address mapping
-and virtual(5) aliasing.
+The name of the \fBcleanup\fR(8) service. This service rewrites addresses
+into the standard form, and performs \fBcanonical\fR(5) address mapping
+and \fBvirtual\fR(5) aliasing.
.PP
This feature is available in Postfix 2.0 and later.
.SH command_directory (default: see "postconf -d" output)
The location of all postfix administrative commands.
.SH command_execution_directory (default: empty)
-The local(8) delivery agent working directory for delivery to
+The \fBlocal\fR(8) delivery agent working directory for delivery to
external command. Failure to change directory causes the delivery
to be deferred.
.PP
.PP
This feature is available in Postfix 2.2 and later.
.SH command_expansion_filter (default: see "postconf -d" output)
-Restrict the characters that the local(8) delivery agent allows in
+Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
$name expansions of $mailbox_command. Characters outside the
allowed set are replaced by underscores.
.SH command_time_limit (default: 1000s)
Time limit for delivery to external commands. This limit is used
-by the local(8) delivery agent, and is the default time limit for
-delivery by the pipe(8) delivery agent.
+by the \fBlocal\fR(8) delivery agent, and is the default time limit for
+delivery by the \fBpipe\fR(8) delivery agent.
.PP
Note: if you set this time limit to a large value you must update the
global ipc_timeout parameter as well.
config_directory override requires either root privileges, or it
requires that the directory is listed with the alternate_config_directories
parameter in the default main.cf file.
+.SH connection_cache_service (default: scache)
+The name of the \fBscache\fR(8) connection cache service. This service
+maintains a limited pool of cached sessions.
+.SH connection_cache_status_update_time (default: 600s)
+How frequently the \fBscache\fR(8) server logs usage statistics with
+connection cache hit and miss rates for logical destinations and for
+physical endpoints.
+.SH connection_cache_ttl_limit (default: 2s)
+The maximal time-to-live value that the connection cache server
+allows. Requests that specify a larger TTL will be stored with the
+maximum allowed TTL. The purpose of this additional control is to
+protect the infrastructure against careless people. The cache TTL
+is already bounded by $max_idle.
.SH content_filter (default: empty)
The name of a mail delivery transport that filters mail after
it is queued.
.PP
This parameter uses the same syntax as the right-hand side of a
-Postfix transport(5) table. This setting has a lower precedence
-than a content filter that is specified with an access(5) table or
-in a header_checks(5) or body_checks(5) table.
+Postfix \fBtransport\fR(5) table. This setting has a lower precedence
+than a content filter that is specified with an \fBaccess\fR(5) table or
+in a \fBheader_checks\fR(5) or \fBbody_checks\fR(5) table.
.SH daemon_directory (default: see "postconf -d" output)
The directory with Postfix support programs and daemon programs.
These should not be invoked directly by humans. The directory must
.ad
.ft R
.SH default_database_type (default: see "postconf -d" output)
-The default database type for use in newaliases(1), postalias(1)
-and postmap(1) commands. On many UNIX systems the default type is
+The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+and \fBpostmap\fR(1) commands. On many UNIX systems the default type is
either \fBdbm\fR or \fBhash\fR. The default setting is frozen
when the Postfix system is built.
.PP
another preemption can take place later.
.SH default_destination_concurrency_limit (default: 20)
The default maximal number of parallel deliveries to the same
-destination. This is the default limit for delivery via the lmtp(8),
-pipe(8), smtp(8) and virtual(8) delivery agents.
+destination. This is the default limit for delivery via the \fBlmtp\fR(8),
+\fBpipe\fR(8), \fBsmtp\fR(8) and \fBvirtual\fR(8) delivery agents.
.SH default_destination_recipient_limit (default: 50)
The default maximal number of recipients per message delivery.
-This is the default limit for delivery via the lmtp(8), pipe(8),
-smtp(8) and virtual(8) delivery agents.
+This is the default limit for delivery via the \fBlmtp\fR(8), \fBpipe\fR(8),
+\fBsmtp\fR(8) and \fBvirtual\fR(8) delivery agents.
.PP
Setting this parameter to a value of 1 changes the meaning of
the corresponding per-destination concurrency limit from concurrency
which would never accumulate at least this many delivery slots
(subject to slot cost parameter as well) are never preempted.
.SH default_privs (default: nobody)
-The default rights used by the local(8) delivery agent for delivery
+The default rights used by the \fBlocal\fR(8) delivery agent for delivery
to external file or command. These rights are used when delivery
-is requested from an aliases(5) file that is owned by \fBroot\fR, or
+is requested from an \fBaliases\fR(5) file that is owned by \fBroot\fR, or
when delivery is done on behalf of \fBroot\fR. \fBDO NOT SPECIFY A
PRIVILEGED USER OR THE POSTFIX OWNER\fR.
.SH default_process_limit (default: 100)
.IP "\fB$client_address\fR"
The client IP address.
.IP "\fB$client_name\fR"
-The client hostname or "\fBunknown\fR".
+The client hostname or "unknown".
.IP "\fB$helo_name\fR"
The hostname given in HELO or EHLO command or empty string.
.IP "\fB$rbl_class\fR"
The default mail delivery transport for domains that do not match
$mydestination, $inet_interfaces, $proxy_interfaces,
$virtual_alias_domains, $virtual_mailbox_domains, or $relay_domains.
-This information can be overruled with the transport(5) table.
+This information can be overruled with the \fBtransport\fR(5) table.
.PP
Specify a string of the form \fItransport:nexthop\fR, where \fItransport\fR
is the name of a mail delivery transport defined in master.cf.
The \fI:nexthop\fR part is optional. For more details see the
-transport(5) manual page.
+\fBtransport\fR(5) manual page.
.PP
Example:
.PP
.PP
Do not change this unless you have a complete understanding of RFC 821.
.SH defer_service_name (default: defer)
-The name of the defer(8) service. This service maintains a record
+The name of the \fBdefer\fR(8) service. This service maintains a record
of failed delivery attempts and generates non-delivery notifications.
.PP
This feature is available in Postfix 2.0 and later.
The default time unit is h (hours).
.SH deliver_lock_attempts (default: 20)
The maximal number of attempts to acquire an exclusive lock on a
-mailbox file or bounce(8) logfile.
+mailbox file or \fBbounce\fR(8) logfile.
.SH deliver_lock_delay (default: 1s)
The time between attempts to acquire an exclusive lock on a mailbox
-file or bounce(8) logfile.
+file or \fBbounce\fR(8) logfile.
.PP
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
The default time unit is s (seconds).
.SH dont_remove (default: 0)
Don't remove queue files and save them to the "saved" mail queue.
This is a debugging aid. To inspect the envelope information and
-content of a Postfix queue file, use the postcat(1) command.
+content of a Postfix queue file, use the \fBpostcat\fR(1) command.
.SH double_bounce_sender (default: double-bounce)
The sender address of postmaster notifications that are generated
by the mail system. All mail to this address is silently discarded,
in order to terminate mail bounce loops.
.SH duplicate_filter_limit (default: 1000)
The maximal number of addresses remembered by the address
-duplicate filter for aliases(5) or virtual(5) alias expansion, or
-for showq(8) queue displays.
+duplicate filter for \fBaliases\fR(5) or \fBvirtual\fR(5) alias expansion, or
+for \fBshowq\fR(8) queue displays.
.SH empty_address_recipient (default: MAILER-DAEMON)
The recipient of mail addressed to the null address. Postfix does
not accept such addresses in SMTP commands, but they may still be
.SH enable_errors_to (default: no)
Report mail delivery errors to the address specified with the
non-standard Errors-To: message header, instead of the envelope
-sender address. This support is disabled by default with Postfix
-2.1 and later, and is always turned on with older Postfix versions.
+sender address (this feature is removed with Postfix 2.2, is
+turned off by default with Postfix 2.1, and is always turned on
+with older Postfix versions).
.SH enable_original_recipient (default: yes)
Enable support for the X-Original-To message header. This header
is needed for multi-recipient mailboxes.
.PP
-When this parameter is set to yes, the cleanup(8) daemon performs
+When this parameter is set to yes, the \fBcleanup\fR(8) daemon performs
duplicate elimination on distinct pairs of (original recipient,
rewritten recipient), and generates non-empty original recipient
queue file records.
.PP
-When this parameter is set to no, the cleanup(8) daemon performs
+When this parameter is set to no, the \fBcleanup\fR(8) daemon performs
duplicate elimination on the rewritten recipient address only, and
generates empty original recipient queue file records.
.PP
errors. These notifications are enabled with the notify_classes
parameter.
.SH error_service_name (default: error)
-The name of the error(8) pseudo delivery agent. This service always
+The name of the \fBerror\fR(8) pseudo delivery agent. This service always
returns mail as undeliverable.
.PP
This feature is available in Postfix 2.0 and later.
.SH execution_directory_expansion_filter (default: see "postconf -d" output)
-Restrict the characters that the local(8) delivery agent allows
+Restrict the characters that the \fBlocal\fR(8) delivery agent allows
in $name expansions of $command_execution_directory. Characters
outside the allowed set are replaced by underscores.
.PP
.ft R
.SH extract_recipient_limit (default: 10240)
The maximal number of recipient addresses that Postfix will extract
-from message headers when mail is submitted with "sendmail -t".
+from message headers when mail is submitted with "\fBsendmail -t\fR".
.PP
This feature was removed in Postfix 2.1.
.SH fallback_relay (default: empty)
Postfix MX host and the fallback_relay host when the final destination
is unavailable.
.IP \(bu
-In main.cf specify "<tt>relay_transport = relay</tt>",
+In main.cf specify "relay_transport = relay",
.IP \(bu
-In master.cf specify "<tt>-o fallback_relay =</tt>" at the
-end of the <tt>relay</tt> entry.
+In master.cf specify "-o fallback_relay =" (i.e., empty) at
+the end of the <tt>relay</tt> entry.
.IP \(bu
-In transport maps, specify "<tt>relay:\fInexthop...\fR</tt>"
+In transport maps, specify "relay:\fInexthop...\fR"
as the right-hand side for backup or primary MX domain entries.
.PP
These are default settings in Postfix version 2.2 and later.
.SH fallback_transport (default: empty)
-Optional message delivery transport that the local(8) delivery
-agent should use for names that are not found in the aliases(5)
+Optional message delivery transport that the \fBlocal\fR(8) delivery
+agent should use for names that are not found in the \fBaliases\fR(5)
database or in the UNIX passwd database.
.SH fast_flush_domains (default: $relay_domains)
Optional list of destinations that are eligible for per-destination
By default, Postfix maintains "fast flush" logfiles only for
destinations that the Postfix SMTP server is willing to relay to
(i.e. the default is: "fast_flush_domains = $relay_domains"; see
-the relay_domains parameter in the postconf(5) manual).
+the relay_domains parameter in the \fBpostconf\fR(5) manual).
.PP
Specify a list of hosts or domains, "/file/name" patterns or
"type:table" lookup tables, separated by commas and/or whitespace.
lookup table is matched when the domain or its parent domain appears
as lookup key.
.PP
-Specify "fast_flush_domains =" to disable the feature altogether.
+Specify "fast_flush_domains =" (i.e., empty) to disable the feature
+altogether.
.SH fast_flush_purge_time (default: 7d)
The time after which an empty per-destination "fast flush" logfile
is deleted.
Force specific internal tests to fail, to test the handling of
errors that are difficult to reproduce otherwise.
.SH flush_service_name (default: flush)
-The name of the flush(8) service. This service maintains per-destination
+The name of the \fBflush\fR(8) service. This service maintains per-destination
logfiles with the queue file names of mail that is queued for those
destinations.
.PP
Time units: s (seconds), m (minutes), h (hours), d (days), w
(weeks). The default time unit is s (seconds).
.SH forward_expansion_filter (default: see "postconf -d" output)
-Restrict the characters that the local(8) delivery agent allows in
+Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
$name expansions of $forward_path. Characters outside the
allowed set are replaced by underscores.
.SH forward_path (default: see "postconf -d" output)
-The local(8) delivery agent search list for finding a .forward
+The \fBlocal\fR(8) delivery agent search list for finding a .forward
file with user-specified delivery methods. The first file that is
found is used.
.PP
.SH header_address_token_limit (default: 10240)
The maximal number of address tokens are allowed in an address
message header. Information that exceeds the limit is discarded.
-The limit is enforced by the cleanup(8) server.
+The limit is enforced by the \fBcleanup\fR(8) server.
.SH header_checks (default: empty)
Optional lookup tables for content inspection of primary non-MIME
-message headers, as specified in the header_checks(5) manual page.
+message headers, as specified in the \fBheader_checks\fR(5) manual page.
.SH header_size_limit (default: 102400)
The maximal amount of memory in bytes for storing a message header.
If a header is larger, the excess is discarded. The limit is
-enforced by the cleanup(8) server.
+enforced by the \fBcleanup\fR(8) server.
.SH helpful_warnings (default: yes)
Log warnings about problematic configuration settings, and provide
helpful suggestions.
.PP
This feature is available in Postfix 2.0 and later.
.SH home_mailbox (default: empty)
-Optional pathname of a mailbox file relative to a local(8) user's
+Optional pathname of a mailbox file relative to a \fBlocal\fR(8) user's
home directory.
.PP
Specify a pathname ending "/" for qmail-style delivery.
.PP
-The precedence of local(8) delivery features from high to low is:
+The precedence of \fBlocal\fR(8) delivery features from high to low is:
aliases, .forward files, mailbox_transport, mailbox_command_maps,
mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
and luser_relay.
the Postfix SMTP client defers delivery and tries again after some
delay. This behavior is required by the SMTP standard.
.PP
-Specify "\fBignore_mx_lookup_error = yes\fR" to force a DNS A record
+Specify "ignore_mx_lookup_error = yes" to force a DNS A record
lookup instead. This violates the SMTP standard and can result in
mis-delivery of mail.
.SH import_environment (default: see "postconf -d" output)
arrival rate exceeds the message delivery rate. This feature is
turned on by default (it's disabled on SCO UNIX due to an SCO bug).
.PP
-With the default 100 SMTP server process limit, "\fBin_flow_delay
-= 1s\fR" limits the mail inflow to 100 messages per second above the
+With the default 100 SMTP server process limit, "in_flow_delay
+= 1s" limits the mail inflow to 100 messages per second above the
number of messages delivered per second.
.PP
Specify 0 to disable the feature. Valid delays are 0..10.
.SH inet_interfaces (default: all)
The network interface addresses that this mail system receives
-mail on. By default, the software claims all active interfaces on
-the machine; with Postfix 2.2 and later, specify "\fBloopback-only\fR"
-to select only local interfaces. The parameter also controls
-delivery of mail to user@[ip.address].
+mail on. Specify "all" to receive mail on all network
+interfaces (default), and "loopback-only" to receive mail
+on loopback network interfaces only (Postfix 2.2 and later). The
+parameter also controls delivery of mail to <tt>user@[ip.address]</tt>.
.PP
Note: you need to stop and start Postfix when this parameter changes.
.PP
for IPv6.
.PP
A better solution for multi-homed firewalls is to leave inet_interfaces
-at the default value
-and instead use explicit IP addresses in master.cf. This preserves SMTP
+at the default value and instead use explicit IP addresses in
+the master.cf SMTP server definitions. This preserves the SMTP client's
loop detection, by ensuring that each side of the firewall knows that the
other IP address is still the same host. Setting $inet_interfaces to a
single IPv4 and/or IPV6 address is primarily useful with virtual
.na
.ft C
inet_interfaces = all (DEFAULT)
-inet_interfaces = loopback-only
+inet_interfaces = loopback-only (Postfix 2.2 and later)
inet_interfaces = 127.0.0.1
+inet_interfaces = 127.0.0.1, [::1] (Postfix 2.2 and later)
inet_interfaces = 192.168.1.2, 127.0.0.1
.fi
.ad
.ft R
.SH inet_protocols (default: ipv4)
The Internet protocols Postfix will attempt to use when making
-or accepting connections. Specify one or more of "ipv4" or "ipv6",
-separated by whitespace or commas. The form "all" is equivalent to
-"ipv4, ipv6".
+or accepting connections. Specify one or more of "ipv4"
+or "ipv6", separated by whitespace or commas. The form
+"all" is equivalent to "ipv4, ipv6".
.PP
This feature is available in Postfix version 2.2 and later.
.PP
.ft R
.SH initial_destination_concurrency (default: 5)
The initial per-destination concurrency level for parallel delivery
-to the same destination. This limit applies to delivery via smtp(8),
-and via the pipe(8) and virtual(8) delivery agents.
+to the same destination. This limit applies to delivery via \fBsmtp\fR(8),
+and via the \fBpipe\fR(8) and \fBvirtual\fR(8) delivery agents.
.PP
Warning: with concurrency of 1, one bad message can be enough to
block all mail to a site.
.ft R
.SH lmtp_send_xforward_command (default: no)
Send an XFORWARD command to the LMTP server when the LMTP LHLO
-server response announces XFORWARD support. This allows an lmtp(8)
+server response announces XFORWARD support. This allows an \fBlmtp\fR(8)
delivery agent, used for content filter message injection, to
forward the name, address, protocol and HELO name of the original
client to the content filter and downstream queuing LMTP server.
.PP
This feature is available in Postfix 2.1 and later.
.SH local_command_shell (default: empty)
-Optional shell program for local(8) delivery to non-Postfix command.
+Optional shell program for \fBlocal\fR(8) delivery to non-Postfix command.
By default, non-Postfix commands are executed directly; commands
are given to given to /bin/sh only when they contain shell meta
characters or shell built-in commands.
You redefine the "local_transport" setting in main.cf.
.IP \(bu
You use the "luser_relay", "mailbox_transport", or "fallback_transport"
-feature of the Postfix local(8) delivery agent.
+feature of the Postfix \fBlocal\fR(8) delivery agent.
.PP
Details are described in the LOCAL_RECIPIENT_README file.
.PP
Beware: if the Postfix SMTP server runs chrooted, you need to access
-the passwd file via the proxymap(8) service, in order to overcome
+the passwd file via the \fBproxymap\fR(8) service, in order to overcome
chroot access restrictions. The alternative, maintaining a copy of
the system password file in the chroot jail is not practical.
.PP
.SH local_transport (default: local:$myhostname)
The default mail delivery transport for domains that match
$mydestination, $inet_interfaces or $proxy_interfaces. This
-information can be overruled with the transport(5) table.
+information can be overruled with the \fBtransport\fR(5) table.
.PP
By default, local mail is delivered to the transport called "local",
which is just the name of a service that is defined the master.cf file.
Specify a string of the form \fItransport:nexthop\fR, where \fItransport\fR
is the name of a mail delivery transport defined in master.cf.
The \fI:nexthop\fR part is optional. For more details see the
-transport(5) manual page.
+\fBtransport\fR(5) manual page.
.PP
Beware: if you override the default local delivery agent then you
need to review the LOCAL_RECIPIENT_README document, otherwise the
SMTP server may reject mail for local recipients.
.SH luser_relay (default: empty)
-Optional catch-all destination for unknown local(8) recipients.
+Optional catch-all destination for unknown \fBlocal\fR(8) recipients.
By default, mail for unknown recipients in domains that match
$mydestination, $inet_interfaces or $proxy_interfaces is returned
as undeliverable.
.PP
Instead of $name you can also specify ${name} or $(name).
.PP
-Note: luser_relay works only for the Postfix local(8) delivery agent.
+Note: luser_relay works only for the Postfix \fBlocal\fR(8) delivery agent.
.PP
NOTE: if you use this feature for accounts not in the UNIX password
-file, then you must specify "\fBlocal_recipient_maps =\fR" (i.e. empty)
+file, then you must specify "local_recipient_maps =" (i.e. empty)
in the main.cf file, otherwise the Postfix SMTP server will reject mail
for non-UNIX accounts with "User unknown in local recipient table".
.PP
.SH mail_release_date (default: see "postconf -d" output)
The Postfix release date, in "YYYYMMDD" format.
.SH mail_spool_directory (default: see "postconf -d" output)
-The directory where local(8) UNIX-style mailboxes are kept. The
+The directory where \fBlocal\fR(8) UNIX-style mailboxes are kept. The
default setting depends on the system type. Specify a name ending
in / for maildir-style delivery.
.PP
also include the release date. The version string can be used in,
for example, the SMTP greeting banner.
.SH mailbox_command (default: empty)
-Optional external command that the local(8) delivery agent should
+Optional external command that the \fBlocal\fR(8) delivery agent should
use for mailbox delivery. The command is run with the user ID and
the primary group ID privileges of the recipient. Exception:
command delivery for root executes with $default_privs privileges.
system-wide, you must set up an alias that forwards mail for root
to a real user.
.PP
-The precedence of local(8) delivery features from high to low is:
+The precedence of \fBlocal\fR(8) delivery features from high to low is:
aliases, .forward files, mailbox_transport, mailbox_command_maps,
mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
and luser_relay.
.ft R
.SH mailbox_command_maps (default: empty)
Optional lookup tables with per-recipient external commands to use
-for local(8) mailbox delivery. Behavior is as with mailbox_command.
+for \fBlocal\fR(8) mailbox delivery. Behavior is as with mailbox_command.
.PP
-The precedence of local(8) delivery features from high to low is:
+The precedence of \fBlocal\fR(8) delivery features from high to low is:
aliases, .forward files, mailbox_transport, mailbox_command_maps,
mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
and luser_relay.
.SH mailbox_delivery_lock (default: see "postconf -d" output)
-How to lock a UNIX-style local(8) mailbox before attempting delivery.
+How to lock a UNIX-style \fBlocal\fR(8) mailbox before attempting delivery.
For a list of available file locking methods, use the "\fBpostconf
-l\fR" command.
.PP
.PP
Note: the default setting of this parameter is system dependent.
.SH mailbox_size_limit (default: 51200000)
-The maximal size of any local(8) individual mailbox or maildir
+The maximal size of any \fBlocal\fR(8) individual mailbox or maildir
file, or zero (no limit). In fact, this limits the size of any
file that is written to upon local delivery, including files written
-by external commands that are executed by the local(8) delivery
+by external commands that are executed by the \fBlocal\fR(8) delivery
agent.
.PP
This limit must not be smaller than the message size limit.
.SH mailbox_transport (default: empty)
-Optional message delivery transport that the local(8) delivery
+Optional message delivery transport that the \fBlocal\fR(8) delivery
agent should use for mailbox delivery to all local recipients,
whether or not they are found in the UNIX passwd database.
.PP
-The precedence of local(8) delivery features from high to low is:
+The precedence of \fBlocal\fR(8) delivery features from high to low is:
aliases, .forward files, mailbox_transport, mailbox_command_maps,
mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
and luser_relay.
.SH mailq_path (default: see "postconf -d" output)
Sendmail compatibility feature that specifies where the Postfix
-mailq(1) command is installed. This command can be used to
+\fBmailq\fR(1) command is installed. This command can be used to
list the Postfix mail queue.
.SH manpage_directory (default: see "postconf -d" output)
Where the Postfix manual pages are installed.
This feature is available in Postfix 2.0 and later.
.SH mime_header_checks (default: $header_checks)
Optional lookup tables for content inspection of MIME related
-message headers, as described in the header_checks(5) manual page.
+message headers, as described in the \fBheader_checks\fR(5) manual page.
.PP
This feature is available in Postfix 2.0 and later.
.SH mime_nesting_limit (default: 100)
This feature is available in Postfix 2.1 and later.
.SH mydestination (default: $myhostname, localhost.$mydomain, localhost)
The list of domains that are delivered via the $local_transport
-mail delivery transport. By default this is the Postfix local(8)
+mail delivery transport. By default this is the Postfix \fBlocal\fR(8)
delivery agent which looks up all recipients in /etc/passwd and
/etc/aliases. The SMTP server validates recipient addresses with
$local_recipient_maps and rejects non-existent recipients. See also
.IP \(bu
By default, the Postfix SMTP server rejects mail for recipients
not listed with the local_recipient_maps parameter. See the
-postconf(5) manual for a description of the local_recipient_maps
+\fBpostconf\fR(5) manual for a description of the local_recipient_maps
and unknown_local_recipient_reject_code parameters.
.PP
Specify a list of host or domain names, "/file/name" or "type:table"
.PP
In particular, "trusted" SMTP clients are allowed to relay mail
through Postfix. See the smtpd_recipient_restrictions parameter
-description in the postconf(5) manual.
+description in the \fBpostconf\fR(5) manual.
.PP
You can specify the list of "trusted" network addresses by hand
or you can let Postfix do it for you (which is the default).
.ft R
.SH nested_header_checks (default: $header_checks)
Optional lookup tables for content inspection of non-MIME message
-headers in attached messages, as described in the header_checks(5)
+headers in attached messages, as described in the \fBheader_checks\fR(5)
manual page.
.PP
This feature is available in Postfix 2.0 and later.
.SH newaliases_path (default: see "postconf -d" output)
Sendmail compatibility feature that specifies the location of the
-newaliases(1) command. This command can be used to rebuild the
-local(8) aliases(5) database.
+\fBnewaliases\fR(1) command. This command can be used to rebuild the
+\fBlocal\fR(8) \fBaliases\fR(5) database.
.SH non_fqdn_reject_code (default: 504)
The numerical Postfix SMTP server reply code when a client request
is rejected by the reject_non_fqdn_hostname, reject_non_fqdn_sender
Restrict the use of the permit_mx_backup SMTP access feature to
only domains whose primary MX hosts match the listed networks.
.SH pickup_service_name (default: pickup)
-The name of the pickup(8) service. This service picks up local mail
+The name of the \fBpickup\fR(8) service. This service picks up local mail
submissions from the Postfix maildrop queue.
.PP
This feature is available in Postfix 2.0 and later.
.SH prepend_delivered_header (default: command, file, forward)
-The message delivery contexts where the Postfix local(8) delivery
+The message delivery contexts where the Postfix \fBlocal\fR(8) delivery
agent prepends a Delivered-To: message header.
.PP
By default, the Postfix local delivery agent prepends a Delivered-To:
What address lookup tables copy an address extension from the lookup
key to the lookup result.
.PP
-For example, with a virtual(5) mapping of "\fIjoe@domain ->
+For example, with a \fBvirtual\fR(5) mapping of "\fIjoe@domain ->
joe.user\fR", the address "\fIjoe+foo@domain\fR" would rewrite
to "\fIjoe.user+foo\fR".
.PP
Specify zero or more of \fBcanonical\fR, \fBvirtual\fR, \fBalias\fR,
\fBforward\fR or \fBinclude\fR. These cause address extension
-propagation with canonical(5), virtual(5), and aliases(5) maps,
-and with local(8) .forward and :include: file lookups, respectively.
+propagation with \fBcanonical\fR(5), \fBvirtual\fR(5), and \fBaliases\fR(5) maps,
+and with \fBlocal\fR(8) .forward and :include: file lookups, respectively.
.PP
Note: enabling this feature for types other than \fBcanonical\fR
and \fBvirtual\fR is likely to cause problems when mail is forwarded
.ad
.ft R
.SH proxy_read_maps (default: see "postconf -d" output)
-The lookup tables that the proxymap(8) server is allowed to access.
+The lookup tables that the \fBproxymap\fR(8) server is allowed to access.
Table references that don't begin with proxy: are ignored. The
-proxymap(8) table accesses are read-only.
+\fBproxymap\fR(8) table accesses are read-only.
.PP
This feature is available in Postfix 2.0 and later.
.SH qmgr_clog_warn_time (default: 300s)
mail system will use up for delivery of a large mailing list
message.
.PP
-This feature exists only in the oqmgr(8) old queue manager. The
+This feature exists only in the \fBoqmgr\fR(8) old queue manager. The
current queue manager solves the problem in a better way.
.SH qmgr_message_active_limit (default: 20000)
The maximal number of messages in the active queue.
root directory of Postfix daemon processes that run chrooted.
.SH queue_file_attribute_count_limit (default: 100)
The maximal number of (name=value) attributes that may be stored
-in a Postfix queue file. The limit is enforced by the cleanup(8)
+in a Postfix queue file. The limit is enforced by the \fBcleanup\fR(8)
server.
.PP
This feature is available in Postfix 2.0 and later.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
The default time unit is s (seconds).
.SH queue_service_name (default: qmgr)
-The name of the qmgr(8) service. This service manages the Postfix
+The name of the \fBqmgr\fR(8) service. This service manages the Postfix
queue and schedules delivery requests.
.PP
This feature is available in Postfix 2.0 and later.
.SH receive_override_options (default: empty)
Enable or disable recipient validation, built-in content
filtering, or address mapping. Typically, these are specified in
-master.cf as command-line arguments for the smtpd(8), qmqpd(8) or
-pickup(8) daemons.
+master.cf as command-line arguments for the \fBsmtpd\fR(8), \fBqmqpd\fR(8) or
+\fBpickup\fR(8) daemons.
.PP
Specify zero or more of the following options. The options
-override main.cf settings and are either implemented by smtpd(8),
-qmqpd(8), or pickup(8) themselves, or they are forwarded to the
+override main.cf settings and are either implemented by \fBsmtpd\fR(8),
+\fBqmqpd\fR(8), or \fBpickup\fR(8) themselves, or they are forwarded to the
cleanup server.
.IP "\fBno_unknown_recipient_checks\fR"
Do not try to reject unknown recipients (SMTP server only).
.SH recipient_canonical_maps (default: empty)
Optional address mapping lookup tables for envelope and header
recipient addresses.
-The table format and lookups are documented in canonical(5).
+The table format and lookups are documented in \fBcanonical\fR(5).
.PP
Note: $recipient_canonical_maps is processed before $canonical_maps.
.PP
.ft R
.SH recipient_delimiter (default: empty)
The separator between user names and address extensions (user+foo).
-See canonical(5), local(8), relocated(5) and virtual(5) for the
+See \fBcanonical\fR(5), \fBlocal\fR(8), \fBrelocated\fR(5) and \fBvirtual\fR(5) for the
effects this has on aliases, canonical, virtual, relocated and
on .forward file lookups. Basically, the software tries user+foo
and .forward+foo before trying user and .forward.
.ft R
.SH reject_code (default: 554)
The numerical Postfix SMTP server response code when a remote SMTP
-client request is rejected by the "\fBreject\fR" restriction.
+client request is rejected by the "reject" restriction.
.PP
Do not change this unless you have a complete understanding of RFC 821.
.SH relay_clientcerts (default: empty)
.PP
NOTE: Postfix will not automatically forward mail for domains
that list this system as their primary or backup MX host. See the
-permit_mx_backup restriction in the postconf(5) manual page.
+permit_mx_backup restriction in the \fBpostconf\fR(5) manual page.
.PP
Specify a list of host or domain names, "/file/name" patterns
or "type:table" lookup tables, separated by commas and/or whitespace.
.SH relay_transport (default: relay)
The default mail delivery transport and next-hop information for
domains that match the $relay_domains parameter value. This
-information can be overruled with the transport(5) table.
+information can be overruled with the \fBtransport\fR(5) table.
.PP
Specify a string of the form \fItransport:nexthop\fR, where \fItransport\fR
is the name of a mail delivery transport defined in master.cf.
The \fI:nexthop\fR part is optional. For more details see the
-transport(5) manual page.
+\fBtransport\fR(5) manual page.
.PP
See also the relay domains address class in the ADDRESS_CLASS_README
file.
This feature is available in Postfix 2.0 and later.
.SH relayhost (default: empty)
The default host to send non-local mail to when no entry is matched
-in the optional transport(5) table. When no relayhost is given,
+in the optional \fBtransport\fR(5) table. When no relayhost is given,
mail is routed directly to the destination.
.PP
On an intranet, specify the organizational domain name. If your
.SH relocated_maps (default: empty)
Optional lookup tables with new contact information for users or
domains that no longer exist. The table format and lookups are
-documented in relocated(5).
+documented in \fBrelocated\fR(5).
.PP
If you use this feature, run "\fBpostmap /etc/postfix/relocated\fR" to
build the necessary DBM or DB file after change, then "\fBpostfix
.ad
.ft R
.SH require_home_directory (default: no)
-Whether or not a local(8) recipient's home directory must exist
+Whether or not a \fBlocal\fR(8) recipient's home directory must exist
before mail delivery is attempted. By default this test is disabled.
It can be useful for environments that import home directories to
the mail server (NOT RECOMMENDED).
operators remain visible. This behavior is safe but it is also
technically incorrect.
.PP
-If you specify "resolve_dequoted_address = no", then the Postfix
+If you specify "resolve_dequoted_address = no", then
+the Postfix
resolver will not know about additional @ etc. operators in the
address localpart. This opens opportunities for obscure mail relay
attacks with user@domain@domain addresses when Postfix provides
.SH sender_canonical_maps (default: empty)
Optional address mapping lookup tables for envelope and header
sender addresses.
-The table format and lookups are documented in canonical(5).
+The table format and lookups are documented in \fBcanonical\fR(5).
.PP
Example: you want to rewrite the SENDER address "user@ugly.domain"
to "user@pretty.domain", while still being able to send mail to
.ft R
.SH sendmail_path (default: see "postconf -d" output)
A Sendmail compatibility feature that specifies the location of
-the Postfix sendmail(1) command. This command can be used to
+the Postfix \fBsendmail\fR(1) command. This command can be used to
submit mail into the Postfix queue.
.SH service_throttle_time (default: 60s)
-How long the Postfix master(8) waits before forking a server that
+How long the Postfix \fBmaster\fR(8) waits before forking a server that
appears to be malfunctioning.
.PP
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
The default time unit is s (seconds).
-.SH session_cache_service (default: scache)
-The name of the scache(8) connection cache service. This service
-maintains a limited pool of cached sessions.
-.SH session_cache_status_update_time (default: 600s)
-How frequently the scache(8) server logs usage statistics with
-connection cache hit and miss rates for logical destinations and for
-physical endpoints.
-.SH session_cache_ttl_limit (default: 2s)
-The maximal time-to-live value that the connection cache server
-allows. Requests that specify a larger TTL will be stored with the
-maximum allowed TTL. The purpose of this additional control is to
-protect the infrastructure against careless people. The cache TTL
-is already bounded by $max_idle.
.SH setgid_group (default: postdrop)
The group ownership of set-gid Postfix commands and of group-writable
Postfix directories. When this parameter value is changed you need
-to re-run "\fBpost-install set-permissions\fR".
+to re-run "\fBpostfix set-permissions\fR" (with Postfix 2.0 and
+earlier: "\fB/etc/postfix/post-install set-permissions\fR".
.SH show_user_unknown_table_name (default: yes)
Display the name of the recipient table in the "User unknown"
responses. The extra detail makes trouble shooting easier but also
.PP
This feature is available in Postfix 2.0 and later.
.SH showq_service_name (default: showq)
-The name of the showq(8) service. This service produces mail queue
+The name of the \fBshowq\fR(8) service. This service produces mail queue
status reports.
.PP
This feature is available in Postfix 2.0 and later.
.ft R
.PP
and route mail for the destination in question to the "broken-smtp"
-message delivery with a transport(5) table.
+message delivery with a \fBtransport\fR(5) table.
.PP
This feature is available in Postfix 2.1 and later.
.SH smtp_randomize_addresses (default: yes)
.PP
Special hint for enforcement mode: since no secure DNS lookup
mechanism is available, the recommended setup is: specify local
-transport(5) table entries for sensitive domains with explicit
+\fBtransport\fR(5) table entries for sensitive domains with explicit
smtp:[mailhost] destinations (since you can assure security of this
table unlike DNS), then specify MUST for these mail hosts in the
smtp_tls_per_site table.
.IP "\fBcheck_client_access \fItype:table\fR\fR"
Search the specified access database for the client hostname,
parent domains, client IP address, or networks obtained by stripping
-least significant octets. See the access(5) manual page for details.
+least significant octets. See the \fBaccess\fR(5) manual page for details.
.IP "\fBpermit_inet_interfaces\fR"
Permit the request when the client IP address matches
$inet_interfaces.
Pause for the specified number of seconds and proceed with
the next restriction in the list, if any. This may stop zombie
mail when used as:
-.na
-.nf
-.in +4
+.PP
.nf
.na
.ft C
.fi
.ad
.ft R
-.in -4
-.fi
-.ad
+This feature is available in Postfix 2.3.
.IP "\fBwarn_if_reject\fR"
Change the meaning of the next restriction, so that it logs
a warning instead of rejecting a request (look for logfile records
.PP
Note 1: this mode implies "smtpd_tls_auth_only = yes".
.PP
-Note 2: when invoked via "sendmail -bs", Postfix will never offer
+Note 2: when invoked via "\fBsendmail -bs\fR", Postfix will never offer
STARTTLS due to insufficient privileges to access the server private
key. This is intended behavior.
.SH smtpd_error_sleep_time (default: 1s)
received with the ETRN command.
.IP "\fBcheck_etrn_access \fItype:table\fR\fR"
Search the specified access database for the ETRN domain name
-or its parent domains. See the access(5) manual page for details.
+or its parent domains. See the \fBaccess\fR(5) manual page for details.
.PP
Other restrictions that are valid in this context:
.IP \(bu
The following restrictions are specific to the hostname information
received with the HELO or EHLO command.
.IP "\fBcheck_helo_access \fItype:table\fR\fR"
-Search the specified access(5) database for the HELO or EHLO
+Search the specified \fBaccess\fR(5) database for the HELO or EHLO
hostname or parent domains, and execute the corresponding action.
.IP "\fBcheck_helo_mx_access \fItype:table\fR\fR"
-Search the specified access(5) database for the MX hosts for
+Search the specified \fBaccess\fR(5) database for the MX hosts for
the HELO or EHLO hostname, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later.
.IP "\fBcheck_helo_ns_access \fItype:table\fR\fR"
-Search the specified access(5) database for the DNS servers
+Search the specified \fBaccess\fR(5) database for the DNS servers
for the HELO or EHLO hostname, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
Ok", without doing any syntax checks and without changing state.
This list overrides any commands built into the Postfix SMTP server.
.SH smtpd_null_access_lookup_key (default: <>)
-The lookup key to be used in SMTP access(5) tables instead of the
+The lookup key to be used in SMTP \fBaccess\fR(5) tables instead of the
null sender address.
.SH smtpd_policy_service_max_idle (default: 300s)
The time after which an idle SMTPD policy service connection is
The following restrictions are specific to the recipient address
that is received with the RCPT TO command.
.IP "\fBcheck_recipient_access \fItype:table\fR\fR"
-Search the specified access(5) database for the resolved RCPT
+Search the specified \fBaccess\fR(5) database for the resolved RCPT
TO address, domain, parent domains, or localpart@, and execute the
corresponding action.
.IP "\fBcheck_recipient_mx_access \fItype:table\fR\fR"
-Search the specified access(5) database for the MX hosts for
+Search the specified \fBaccess\fR(5) database for the MX hosts for
the RCPT TO address, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later.
.IP "\fBcheck_recipient_ns_access \fItype:table\fR\fR"
-Search the specified access(5) database for the DNS servers
+Search the specified \fBaccess\fR(5) database for the DNS servers
for the RCPT TO address, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
.IP "\fBreject_unverified_recipient\fR"
Reject the request when mail to the RCPT TO address is known
to bounce, or when the recipient address destination is not reachable.
-Address verification information is managed by the verify(8) server;
+Address verification information is managed by the \fBverify\fR(8) server;
see the ADDRESS_VERIFICATION_README file for details.
.br
The
.SH smtpd_restriction_classes (default: empty)
User-defined aliases for groups of access restrictions. The aliases
can be specified in smtpd_recipient_restrictions etc., and on the
-right-hand side of a Postfix access(5) table.
+right-hand side of a Postfix \fBaccess\fR(5) table.
.PP
One major application is for implementing per-recipient UCE control.
See the RESTRICTION_CLASS_README document for other examples.
The following restrictions are specific to the sender address
received with the MAIL FROM command.
.IP "\fBcheck_sender_access \fItype:table\fR\fR"
-Search the specified access(5) database for the MAIL FROM
+Search the specified \fBaccess\fR(5) database for the MAIL FROM
address, domain, parent domains, or localpart@, and execute the
corresponding action.
.IP "\fBcheck_sender_mx_access \fItype:table\fR\fR"
-Search the specified access(5) database for the MX hosts for
+Search the specified \fBaccess\fR(5) database for the MX hosts for
the MAIL FROM address, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later.
.IP "\fBcheck_sender_ns_access \fItype:table\fR\fR"
-Search the specified access(5) database for the DNS servers
+Search the specified \fBaccess\fR(5) database for the DNS servers
for the MAIL FROM address, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
.IP "\fBreject_unverified_sender\fR"
Reject the request when mail to the MAIL FROM address is known to
bounce, or when the sender address destination is not reachable.
-Address verification information is managed by the verify(8) server;
+Address verification information is managed by the \fBverify\fR(8) server;
see the ADDRESS_VERIFICATION_README file for details.
.br
The
Opportunistic mode: announce STARTTLS support to SMTP clients,
but do not require that clients use TLS encryption.
.PP
-Note: when invoked via "sendmail -bs", Postfix will never offer
+Note: when invoked via "\fBsendmail -bs\fR", Postfix will never offer
STARTTLS due to insufficient privileges to access the server private
key. This is intended behavior.
.SH soft_bounce (default: no)
FROM and RCPT TO addresses.
.SH sun_mailtool_compatibility (default: no)
Obsolete SUN mailtool compatibility feature. Instead, use
-"\fBmailbox_delivery_lock = dotlock\fR".
+"mailbox_delivery_lock = dotlock".
.SH swap_bangpath (default: yes)
Enable the rewriting of "site!user" into "user@site". This is
necessary if your machine is connected to UUCP networks. It is
.ft R
.SH syslog_facility (default: mail)
The syslog facility of Postfix logging. Specify a facility as
-defined in syslog.conf(5). The default facility is "mail".
+defined in syslog.\fBconf\fR(5). The default facility is "mail".
.PP
Warning: a non-default syslog_facility setting takes effect only
after a Postfix process has completed initialization. Errors during
are errors while parsing the command line arguments, and errors
while accessing the Postfix main.cf configuration file.
.SH tls_daemon_random_bytes (default: 32)
-The number of pseudo-random bytes that an smtp(8) or smtpd(8)
-process requests from the tlsmgr(8) server in order to seed its
+The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
+process requests from the \fBtlsmgr\fR(8) server in order to seed its
internal pseudo random number generator (PRNG). The default of 32
bytes (equivalent to 256 bits) is sufficient to generate a 128bit
(or 168bit) session key.
.SH tls_random_bytes (default: 32)
-The number of bytes that tlsmgr(8) reads from $tls_random_source
+The number of bytes that \fBtlsmgr\fR(8) reads from $tls_random_source
when (re)seeding the in-memory pseudo random number generator (PRNG)
pool. The default of 32 bytes (256 bits) is good enough for 128bit
symmetric keys. If using EGD or a device file, a maximum of 255
bytes is read.
.SH tls_random_exchange_name (default: ${config_directory}/prng_exch)
Name of the pseudo random number generator (PRNG) state file
-that is maintained by tlsmgr(8). The file is created when it does
+that is maintained by \fBtlsmgr\fR(8). The file is created when it does
not exist, and its length is fixed at 1024 bytes.
.PP
Since this file is modified by Postfix, it should probably be
kept in the /var file system, instead of under $config_directory.
The location should not be inside the chroot jail.
.SH tls_random_prng_update_period (default: 3600s)
-The time between attempts by tlsmgr(8) to save the state of
+The time between attempts by \fBtlsmgr\fR(8) to save the state of
the pseudo random number generator (PRNG) to the file specified
with $tls_random_exchange_name.
.SH tls_random_reseed_period (default: 3600s)
-The maximal time between attempts by tlsmgr(8) to re-seed the
+The maximal time between attempts by \fBtlsmgr\fR(8) to re-seed the
in-memory pseudo random number generator (PRNG) pool from external
sources. The actual time between re-seeding attempts is calculated
using the PRNG, and is between 0 and the time specified.
.SH tls_random_source (default: see "postconf -d" output)
-The external entropy source for the in-memory tlsmgr(8) pseudo
+The external entropy source for the in-memory \fBtlsmgr\fR(8) pseudo
random number generator (PRNG) pool. Be sure to specify a non-blocking
source. If this source is not a regular file, the entropy source
type must be prepended: egd:/path/to/egd_socket for a source with
Note: on OpenBSD systems specify /dev/arandom when /dev/urandom
gives timeout errors.
.SH trace_service_name (default: trace)
-The name of the trace(8) service. This service maintains a record
+The name of the \fBtrace\fR(8) service. This service maintains a record
of mail deliveries and produces a mail delivery report when verbose
delivery is requested with "\fBsendmail -v\fR".
.PP
This feature is available in Postfix 2.1 and later.
.SH transport_maps (default: empty)
Optional lookup tables with mappings from recipient address to
-(message delivery transport, next-hop destination). See transport(5)
+(message delivery transport, next-hop destination). See \fBtransport\fR(5)
for details.
.PP
Specify zero or more "type:table" lookup tables. If you use this
The default time unit is s (seconds).
.SH trigger_timeout (default: 10s)
The time limit for sending a trigger to a Postfix daemon (for
-example, the pickup(8) or qmgr(8) daemon). This time limit prevents
+example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon). This time limit prevents
programs from getting stuck when the mail system is under heavy
load.
.PP
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
The default time unit is s (seconds).
.SH undisclosed_recipients_header (default: To: undisclosed-recipients:;)
-Message header that the Postfix cleanup(8) server inserts when a
+Message header that the Postfix \fBcleanup\fR(8) server inserts when a
message contains no To: or Cc: message header.
.SH unknown_address_reject_code (default: 450)
The numerical Postfix SMTP server response code when a sender or
This feature is available in Postfix 2.1 and later.
.SH verp_delimiter_filter (default: -=+)
The characters Postfix accepts as VERP delimiter characters on the
-Postfix sendmail(1) command line and in SMTP commands.
+Postfix \fBsendmail\fR(1) command line and in SMTP commands.
.PP
This feature is available in Postfix 1.1 and later.
.SH virtual_alias_domains (default: $virtual_alias_maps)
.SH virtual_alias_maps (default: $virtual_maps)
Optional lookup tables that alias specific mail addresses or domains
to other local or remote address. The table format and lookups
-are documented in virtual(5).
+are documented in \fBvirtual\fR(5).
.PP
This feature is available in Postfix 2.0 and later. The default
value is backwards compatible with Postfix 1.1.
virtual_destination_concurrency_limit from concurrency per domain
into concurrency per recipient.
.SH virtual_gid_maps (default: empty)
-Lookup tables with the per-recipient group ID for virtual(8) mailbox
+Lookup tables with the per-recipient group ID for \fBvirtual\fR(8) mailbox
delivery.
.PP
In a lookup table, specify a left-hand side of "@domain.tld" to
"user@domain.tld" entry.
.PP
When a recipient address has an optional address extension
-(user+foo@domain.tld), the virtual(8) delivery agent looks up
+(user+foo@domain.tld), the \fBvirtual\fR(8) delivery agent looks up
the full address first, and when the lookup fails, it looks up the
unextended address (user@domain.tld).
.PP
-Note 1: for security reasons, the virtual(8) delivery agent disallows
+Note 1: for security reasons, the \fBvirtual\fR(8) delivery agent disallows
regular expression substitution of $1 etc. in regular expression
lookup tables, because that would open a security hole.
.PP
-Note 2: for security reasons, the virtual(8) delivery agent will
-silently ignore requests to use the proxymap(8) server. Instead
+Note 2: for security reasons, the \fBvirtual\fR(8) delivery agent will
+silently ignore requests to use the \fBproxymap\fR(8) server. Instead
it will open the table directly. Before Postfix version 2.2, the
-virtual(8) delivery agent will terminate with a fatal error.
+\fBvirtual\fR(8) delivery agent will terminate with a fatal error.
.SH virtual_mailbox_base (default: empty)
-A prefix that the virtual(8) delivery agent prepends to all pathname
+A prefix that the \fBvirtual\fR(8) delivery agent prepends to all pathname
results from $virtual_mailbox_maps table lookups. This is a safety
measure to ensure that an out of control map doesn't litter the
file system with mailboxes. While virtual_mailbox_base could be
.SH virtual_mailbox_domains (default: $virtual_mailbox_maps)
Postfix is final destination for the specified list of domains;
mail is delivered via the $virtual_transport mail delivery transport.
-By default this is the Postfix virtual(8) delivery agent. The SMTP
+By default this is the Postfix \fBvirtual\fR(8) delivery agent. The SMTP
server validates recipient addresses with $virtual_mailbox_maps
and rejects mail for non-existent recipients. See also the virtual
mailbox domain class in the ADDRESS_CLASS_README file.
The maximal size in bytes of an individual mailbox or maildir file,
or zero (no limit).
.SH virtual_mailbox_lock (default: see "postconf -d" output)
-How to lock a UNIX-style virtual(8) mailbox before attempting
+How to lock a UNIX-style \fBvirtual\fR(8) mailbox before attempting
delivery. For a list of available file locking methods, use the
"\fBpostconf -l\fR" command.
.PP
match any user in the specified domain that does not have a specific
"user@domain.tld" entry.
.PP
-The virtual(8) delivery agent uses this table to look up the
+The \fBvirtual\fR(8) delivery agent uses this table to look up the
per-recipient mailbox or maildir pathname. If the lookup result
ends in a slash ("/"), maildir-style delivery is carried out,
otherwise the path is assumed to specify a UNIX-style mailbox file.
this path.
.PP
When a recipient address has an optional address extension
-(user+foo@domain.tld), the virtual(8) delivery agent looks up
+(user+foo@domain.tld), the \fBvirtual\fR(8) delivery agent looks up
the full address first, and when the lookup fails, it looks up the
unextended address (user@domain.tld).
.PP
-Note 1: for security reasons, the virtual(8) delivery agent disallows
+Note 1: for security reasons, the \fBvirtual\fR(8) delivery agent disallows
regular expression substitution of $1 etc. in regular expression
lookup tables, because that would open a security hole.
.PP
-Note 2: for security reasons, the virtual(8) delivery agent will
-silently ignore requests to use the proxymap(8) server. Instead
+Note 2: for security reasons, the \fBvirtual\fR(8) delivery agent will
+silently ignore requests to use the \fBproxymap\fR(8) server. Instead
it will open the table directly. Before Postfix version 2.2, the
-virtual(8) delivery agent will terminate with a fatal error.
+\fBvirtual\fR(8) delivery agent will terminate with a fatal error.
.SH virtual_maps (default: empty)
Optional lookup tables with a) names of domains for which all
addresses are aliased to addresses in other local or remote domains,
and later, this is replaced by separate controls: virtual_alias_domains
and virtual_alias_maps.
.SH virtual_minimum_uid (default: 100)
-The minimum user ID value that the virtual(8) delivery agent accepts
-as a result from \fB$virtual_uid_maps\fR table lookup. Returned
+The minimum user ID value that the \fBvirtual\fR(8) delivery agent accepts
+as a result from $virtual_uid_maps table lookup. Returned
values less than this will be rejected, and the message will be
deferred.
.SH virtual_transport (default: virtual)
The default mail delivery transport for domains that match the
$virtual_mailbox_domains parameter value. This information can
-be overruled with the transport(5) table.
+be overruled with the \fBtransport\fR(5) table.
.PP
Specify a string of the form \fItransport:nexthop\fR, where \fItransport\fR
is the name of a mail delivery transport defined in master.cf.
The \fI:nexthop\fR part is optional. For more details see the
-transport(5) manual page.
+\fBtransport\fR(5) manual page.
.PP
This feature is available in Postfix 2.0 and later.
.SH virtual_uid_maps (default: empty)
-Lookup tables with the per-recipient user ID that the virtual(8)
+Lookup tables with the per-recipient user ID that the \fBvirtual\fR(8)
delivery agent uses while writing to the recipient's mailbox.
.PP
In a lookup table, specify a left-hand side of "@domain.tld"
specific "user@domain.tld" entry.
.PP
When a recipient address has an optional address extension
-(user+foo@domain.tld), the virtual(8) delivery agent looks up
+(user+foo@domain.tld), the \fBvirtual\fR(8) delivery agent looks up
the full address first, and when the lookup fails, it looks up the
unextended address (user@domain.tld).
.PP
-Note 1: for security reasons, the virtual(8) delivery agent disallows
+Note 1: for security reasons, the \fBvirtual\fR(8) delivery agent disallows
regular expression substitution of $1 etc. in regular expression
lookup tables, because that would open a security hole.
.PP
-Note 2: for security reasons, the virtual(8) delivery agent will
-silently ignore requests to use the proxymap(8) server. Instead
+Note 2: for security reasons, the \fBvirtual\fR(8) delivery agent will
+silently ignore requests to use the \fBproxymap\fR(8) server. Instead
it will open the table directly. Before Postfix version 2.2, the
-virtual(8) delivery agent will terminate with a fatal error.
+\fBvirtual\fR(8) delivery agent will terminate with a fatal error.
.SH SEE ALSO
.na
.nf
-postconf(1) Postfix configuration parameter maintenance
-master(5) Postfix daemon configuration maintenance
+postconf(1), Postfix configuration parameter maintenance
+master(5), Postfix daemon configuration maintenance
.SH LICENSE
.ad
.fi
result is returned.
To find out what types of lookup tables your Postfix system
-supports use the \fBpostconf -m\fR command.
+supports use the "\fBpostconf -m\fR" command.
-To test lookup tables, use the \fBpostmap -fq\fR command as
+To test lookup tables, use the "\fBpostmap -fq\fR" command as
described in the SYNOPSIS above.
.SH "TABLE FORMAT"
.na
.PP
Each pattern is a POSIX regular expression enclosed by a pair of
delimiters. The regular expression syntax is documented in
-re_format(7) with 4.4BSD, in regex(5) with Solaris, and in
-regex(7) with Linux. Other systems may use other document names.
+\fBre_format\fR(7) with 4.4BSD, in \fBregex\fR(5) with Solaris, and in
+\fBregex\fR(7) with Linux. Other systems may use other document names.
The expression delimiter can be any character, except whitespace
or characters that have special meaning (traditionally the forward
.SH NAME
relocated
\-
-format of Postfix relocated table
+Postfix relocated table format
.SH "SYNOPSIS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The optional \fBrelocated\fR table provides the information that is
+The optional \fBrelocated\fR(5) table provides the information that is
used in "user has moved to \fInew_location\fR" bounce messages.
-Normally, the \fBrelocated\fR table is specified as a text file
+Normally, the \fBrelocated\fR(5) table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
is used for fast searching by the mail system. Execute the command
-\fBpostmap /etc/postfix/relocated\fR in order to rebuild the indexed
+"\fBpostmap /etc/postfix/relocated\fR" in order to rebuild the indexed
file after changing the relocated table.
When the table is provided via other means such as NIS, LDAP
This section describes how the table lookups change when lookups
are directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see \fBtcp_table\fR(5).
-This feature is not available in Postfix version 2.1.
+This feature is not available up to and including Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
\fIuser@domain\fR mail addresses are not broken up into their
.fi
The following \fBmain.cf\fR parameters are especially relevant.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP \fBrelocated_maps\fR
List of lookup tables for relocated users or sites.
.PP
can be directed to a TCP server.
To find out what types of lookup tables your Postfix system
-supports use the \fBpostconf -m\fR command.
+supports use the "\fBpostconf -m\fR" command.
-To test lookup tables, use the \fBpostmap\fR command as
+To test lookup tables, use the "\fBpostmap -q\fR" command as
described in the SYNOPSIS above.
.SH "PROTOCOL DESCRIPTION"
.na
.na
.nf
postmap(1), Postfix lookup table manager
-regexp_table(5) format of regular expression tables
-pcre_table(5) format of PCRE tables
-cidr_table(5) format of CIDR tables
+regexp_table(5), format of regular expression tables
+pcre_table(5), format of PCRE tables
+cidr_table(5), format of CIDR tables
.SH "README FILES"
.na
.nf
.SH NAME
transport
\-
-format of Postfix transport table
+Postfix transport table format
.SH "SYNOPSIS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The optional \fBtransport\fR table specifies a mapping from email
+The optional \fBtransport\fR(5) table specifies a mapping from email
addresses to message delivery transports and/or relay hosts. The
mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
Mail for any other destination is by default delivered via
\fB$default_transport\fR.
.PP
-Normally, the \fBtransport\fR table is specified as a text file
+Normally, the \fBtransport\fR(5) table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
for fast searching by the mail system. Execute the command
-\fBpostmap /etc/postfix/transport\fR in order to rebuild the indexed
+"\fBpostmap /etc/postfix/transport\fR" in order to rebuild the indexed
file after changing the transport table.
When the table is provided via other means such as NIS, LDAP
This section describes how the table lookups change when lookups
are directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see \fBtcp_table\fR(5).
-This feature is not available in Postfix version 2.1.
+This feature is not available up to and including Postfix version 2.2.
Each lookup operation uses the entire recipient address once. Thus,
\fIsome.domain.hierarchy\fR is not looked up via its parent domains,
.fi
The following \fBmain.cf\fR parameters are especially relevant.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP \fBempty_address_recipient\fR
The address that is looked up instead of the null sender address.
.IP \fBparent_domain_matches_subdomains\fR
.SH NAME
virtual
\-
-format of Postfix virtual alias table
+Postfix virtual alias table format
.SH "SYNOPSIS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The optional \fBvirtual\fR alias table specifies address aliasing
+The optional \fBvirtual\fR(5) alias table specifies address aliasing
for arbitrary local or non-local recipient addresses. Virtual aliasing
is recursive, and is done by the Postfix \fBcleanup\fR(8) daemon.
Think Sendmail rule set \fBS0\fR, if you like. Use \fBcanonical\fR(5)
mapping to rewrite header and envelope addresses in general.
-Normally, the \fBvirtual\fR alias table is specified as a text file
+Normally, the \fBvirtual\fR(5) alias table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
is used for fast searching by the mail system. Execute the command
-\fBpostmap /etc/postfix/virtual\fR in order to rebuild the indexed
+"\fBpostmap /etc/postfix/virtual\fR" in order to rebuild the indexed
file after changing the text file.
When the table is provided via other means such as NIS, LDAP
or $\fBproxy_interfaces\fR.
.sp
This functionality overlaps with functionality of the local
-\fIaliases\fR(5) database. The difference is that \fBvirtual\fR
+\fIaliases\fR(5) database. The difference is that \fBvirtual\fR(5)
mapping can be applied to non-local addresses.
.IP "@\fIdomain address, address, ...\fR"
Mail for any user in \fIdomain\fR is redirected to \fIaddress\fR.
virtual_alias_maps = hash:/etc/postfix/virtual
Note: some systems use \fBdbm\fR databases instead of \fBhash\fR.
-See the output from \fBpostconf -m\fR for available database types.
+See the output from "\fBpostconf -m\fR" for available database types.
.ti -4
/etc/postfix/virtual:
This section describes how the table lookups change when lookups
are directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see \fBtcp_table\fR(5).
-This feature is not available in Postfix version 2.1.
+This feature is not available up to and including Postfix version 2.2.
Each lookup operation uses the entire address once. Thus,
\fIuser@domain\fR mail addresses are not broken up into their
.fi
The following \fBmain.cf\fR parameters are especially relevant to
this topic. See the Postfix \fBmain.cf\fR file for syntax details
-and for default values. Use the \fBpostfix reload\fR command after
+and for default values. Use the "\fBpostfix reload\fR" command after
a configuration change.
.IP \fBvirtual_alias_maps\fR
List of virtual aliasing tables.
.SH DESCRIPTION
.ad
.fi
-The Postfix \fBanvil\fR server maintains short-term statistics
+The Postfix \fBanvil\fR(8) server maintains short-term statistics
to defend against clients that hammer a server with either too
many simultaneous sessions, or with too many successive requests
within a configurable time interval.
This server is designed to run under control by the Postfix
-master server.
+\fBmaster\fR(8) server.
-The \fBanvil\fR server maintains no persistent database. Standard
+The \fBanvil\fR(8) server maintains no persistent database. Standard
library utilities do not meet Postfix performance and robustness
requirements.
.SH "CONNECTION COUNT/RATE LIMITING"
.ad
.fi
When a remote client connects, a connection count (or rate) limited
-server should send the following request to the \fBanvil\fR server:
+server should send the following request to the \fBanvil\fR(8) server:
.PP
.in +4
\fBrequest=connect\fR
.in
.PP
This registers a new connection for the (service, client)
-combination specified with \fBident\fR. The \fBanvil\fR server
+combination specified with \fBident\fR. The \fBanvil\fR(8) server
answers with the number of simultaneous connections and the
number of connections per unit time for that (service, client)
combination:
exceeds the connection count (or rate) limit.
.PP
When a remote client disconnects, a connection count (or rate) limited
-server should send the following request to the \fBanvil\fR server:
+server should send the following request to the \fBanvil\fR(8) server:
.PP
.in +4
\fBrequest=disconnect\fR
.in
.PP
This registers a disconnect event for the (service, client)
-combination specified with \fBident\fR. The \fBanvil\fR
+combination specified with \fBident\fR. The \fBanvil\fR(8)
server replies with:
.PP
.ti +4
.fi
When a remote client sends a message delivery request, a
message rate limited server should send the following
-request to the \fBanvil\fR server:
+request to the \fBanvil\fR(8) server:
.PP
.in +4
\fBrequest=message\fR
.in
.PP
This registers a message delivery request for the (service, client)
-combination specified with \fBident\fR. The \fBanvil\fR server
+combination specified with \fBident\fR. The \fBanvil\fR(8) server
answers with the number of message delivery requests per unit time
for that (service, client) combination:
.PP
\fBrate=\fInumber\fR
.in
.PP
-In order prevent the anvil server from discarding client
+In order to prevent the \fBanvil\fR(8) server from discarding client
request rates too early or too late, a message rate limited
service should also register connect/disconnect events.
-.PP
-This feature is available in Postfix 2.2 and later.
.SH "RECIPIENT RATE LIMITING"
.na
.nf
.fi
When a remote client sends a recipient address, a recipient
rate limited server should send the following request to
-the \fBanvil\fR server:
+the \fBanvil\fR(8) server:
.PP
.in +4
\fBrequest=recipient\fR
\fBident=\fIstring\fR
.in
.PP
-This registers a recipient address for the (service, client)
-combination specified with \fBident\fR. The \fBanvil\fR server
+This registers a recipient request for the (service, client)
+combination specified with \fBident\fR. The \fBanvil\fR(8) server
answers with the number of recipient addresses per unit time
for that (service, client) combination:
.PP
\fBrate=\fInumber\fR
.in
.PP
-In order prevent the anvil server from discarding client
+In order to prevent the \fBanvil\fR(8) server from discarding client
request rates too early or too late, a recipient rate limited
service should also register connect/disconnect events.
-.PP
-This feature is available in Postfix 2.2 and later.
.SH "SECURITY"
.na
.nf
.ad
.fi
-The \fBanvil\fR server does not talk to the network or to local
+The \fBanvil\fR(8) server does not talk to the network or to local
users, and can run chrooted at fixed low privilege.
-The \fBanvil\fR server maintains an in-memory table with information
+The \fBanvil\fR(8) server maintains an in-memory table with information
about recent clients of a connection count (or rate) limited service.
Although state is kept only temporarily, this may require a lot of
memory on systems that handle connections from many remote clients.
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically as anvil(8)
+Changes to \fBmain.cf\fR are picked up automatically as \fBanvil\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBanvil_rate_time_unit (60s)\fR"
The time unit over which client connection rates and other rates
are calculated.
.IP "\fBanvil_status_update_time (600s)\fR"
-How frequently the anvil(8) connection and rate limiting server
+How frequently the \fBanvil\fR(8) connection and rate limiting server
logs peak usage information.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
.nf
.ad
.fi
-The anvil service was introduced with Postfix 2.1.
+The anvil service is available in Postfix 2.2 and later.
.SH "AUTHOR(S)"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The \fBbounce\fR daemon maintains per-message log files with
+The \fBbounce\fR(8) daemon maintains per-message log files with
non-delivery status information. Each log file is named after the
queue file that it corresponds to, and is kept in a queue subdirectory
named after the service name in the \fBmaster.cf\fR file (either
This program expects to be run from the \fBmaster\fR(8) process
manager.
-The \fBbounce\fR daemon processes two types of service requests:
+The \fBbounce\fR(8) daemon processes two types of service requests:
.IP \(bu
Append a recipient (non-)delivery status record to a per-message
log file.
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically, as bounce(8)
+Changes to \fBmain.cf\fR are picked up automatically, as \fBbounce\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fB2bounce_notice_recipient (postmaster)\fR"
The recipient of undeliverable mail that cannot be returned to
the sender.
.IP "\fBbackwards_bounce_logfile_compatibility (yes)\fR"
-Produce additional bounce(8) logfile records that can be read by
-older Postfix versions.
+Produce additional \fBbounce\fR(8) logfile records that can be read by
+Postfix versions before 2.0.
.IP "\fBbounce_notice_recipient (postmaster)\fR"
The recipient of postmaster notifications with the message headers
of mail that Postfix did not deliver and of SMTP conversation
units.
.IP "\fBdeliver_lock_attempts (20)\fR"
The maximal number of attempts to acquire an exclusive lock on a
-mailbox file or bounce(8) logfile.
+mailbox file or \fBbounce\fR(8) logfile.
.IP "\fBdeliver_lock_delay (1s)\fR"
The time between attempts to acquire an exclusive lock on a mailbox
-file or bounce(8) logfile.
+file or \fBbounce\fR(8) logfile.
.IP "\fBipc_timeout (3600s)\fR"
The time limit for sending or receiving information over an internal
communication channel.
.SH DESCRIPTION
.ad
.fi
-The \fBcleanup\fR daemon processes inbound mail, inserts it
+The \fBcleanup\fR(8) daemon processes inbound mail, inserts it
into the \fBincoming\fR mail queue, and informs the queue
manager of its arrival.
-The \fBcleanup\fR daemon always performs the following transformations:
+The \fBcleanup\fR(8) daemon always performs the following transformations:
.IP \(bu
Insert missing message headers: (\fBResent-\fR) \fBFrom:\fR,
\fBTo:\fR, \fBMessage-Id:\fR, and \fBDate:\fR.
Optionally, expand envelope recipients according to information
found in the \fBvirtual\fR(5) lookup tables.
.PP
-The \fBcleanup\fR daemon performs sanity checks on the content of
+The \fBcleanup\fR(8) daemon performs sanity checks on the content of
each message. When it finds a problem, by default it returns a
diagnostic status to the client, and leaves it up to the client
to deal with the problem. Alternatively, the client can request
-the \fBcleanup\fR daemon to bounce the message back to the sender
+the \fBcleanup\fR(8) daemon to bounce the message back to the sender
in case of trouble.
.SH "STANDARDS"
.na
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically, as cleanup(8)
+Changes to \fBmain.cf\fR are picked up automatically, as
+\fBcleanup\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "COMPATIBILITY CONTROLS"
.na
.nf
.ad
.fi
.IP "\fBundisclosed_recipients_header (To: undisclosed-recipients:;)\fR"
-Message header that the Postfix cleanup(8) server inserts when a
+Message header that the Postfix \fBcleanup\fR(8) server inserts when a
message contains no To: or Cc: message header.
.PP
Available in Postfix version 2.1 and later:
worms or viruses. It is not a general content filter.
.IP "\fBbody_checks (empty)\fR"
Optional lookup tables for content inspection as specified in
-the body_checks(5) manual page.
+the \fBbody_checks\fR(5) manual page.
.IP "\fBheader_checks (empty)\fR"
Optional lookup tables for content inspection of primary non-MIME
-message headers, as specified in the header_checks(5) manual page.
+message headers, as specified in the \fBheader_checks\fR(5) manual page.
.PP
Available in Postfix version 2.0 and later:
.IP "\fBbody_checks_size_limit (51200)\fR"
prefer to use that term) is subjected to body_checks inspection.
.IP "\fBmime_header_checks ($header_checks)\fR"
Optional lookup tables for content inspection of MIME related
-message headers, as described in the header_checks(5) manual page.
+message headers, as described in the \fBheader_checks\fR(5) manual page.
.IP "\fBnested_header_checks ($header_checks)\fR"
Optional lookup tables for content inspection of non-MIME message
-headers in attached messages, as described in the header_checks(5)
+headers in attached messages, as described in the \fBheader_checks\fR(5)
manual page.
.SH "MIME PROCESSING CONTROLS"
.na
.nf
.ad
.fi
-Address rewriting is delegated to the trivial-rewrite(8) daemon.
-The cleanup(8) server implements table driven address mapping.
+Address rewriting is delegated to the \fBtrivial-rewrite\fR(8) daemon.
+The \fBcleanup\fR(8) server implements table driven address mapping.
.IP "\fBempty_address_recipient (MAILER-DAEMON)\fR"
The recipient of mail addressed to the null address.
.IP "\fBcanonical_maps (empty)\fR"
.fi
.IP "\fBduplicate_filter_limit (1000)\fR"
The maximal number of addresses remembered by the address
-duplicate filter for aliases(5) or virtual(5) alias expansion, or
-for showq(8) queue displays.
+duplicate filter for \fBaliases\fR(5) or \fBvirtual\fR(5) alias expansion, or
+for \fBshowq\fR(8) queue displays.
.IP "\fBheader_size_limit (102400)\fR"
The maximal amount of memory in bytes for storing a message header.
.IP "\fBhopcount_limit (50)\fR"
.SH DESCRIPTION
.ad
.fi
-The Postfix discard delivery agent processes delivery requests from
+The Postfix \fBdiscard\fR(8) delivery agent processes
+delivery requests from
the queue manager. Each request specifies a queue file, a sender
address, a domain or host name that is treated as the reason for
discarding the mail, and recipient information.
This program expects to be run from the \fBmaster\fR(8) process
manager.
-The discard delivery agent pretends to deliver all recipients
+The \fBdiscard\fR(8) delivery agent pretends to deliver all recipients
in the delivery request, logs the "next-hop" domain or host
information as the reason for discarding the mail, updates the
queue file and marks recipients as finished or informs the
.nf
.ad
.fi
-The discard mailer is not security-sensitive. It does not talk
+The \fBdiscard\fR(8) mailer is not security-sensitive. It does not talk
to the network, and can be run chrooted at fixed low privilege.
.SH "STANDARDS"
.na
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically as discard(8)
+Changes to \fBmain.cf\fR are picked up automatically as \fBdiscard\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
.SH DESCRIPTION
.ad
.fi
-The Postfix error delivery agent processes delivery requests from
+The Postfix \fBerror\fR(8) delivery agent processes delivery
+requests from
the queue manager. Each request specifies a queue file, a sender
address, a domain or host name that is treated as the reason for
non-delivery, and recipient information.
This program expects to be run from the \fBmaster\fR(8) process
manager.
-The error delivery agent bounces all recipients in the delivery
+The \fBerror\fR(8) delivery agent bounces all recipients in the delivery
request using the "next-hop"
domain or host information as the reason for non-delivery, updates
the queue file and marks recipients as finished or informs the
.nf
.ad
.fi
-The error mailer is not security-sensitive. It does not talk
+The \fBerror\fR(8) mailer is not security-sensitive. It does not talk
to the network, and can be run chrooted at fixed low privilege.
.SH "STANDARDS"
.na
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically as error(8)
+Changes to \fBmain.cf\fR are picked up automatically as \fBerror\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fB2bounce_notice_recipient (postmaster)\fR"
The recipient of undeliverable mail that cannot be returned to
the sender.
.SH DESCRIPTION
.ad
.fi
-The flush server maintains a record of deferred mail by destination.
+The \fBflush\fR(8) server maintains a record of deferred
+mail by destination.
This information is used to improve the performance of the SMTP
\fBETRN\fR request, and of its command-line equivalent,
"\fBsendmail -qR\fR" or "\fBpostqueue -f\fR".
This server implements the following requests:
.IP "\fBadd\fI sitename queueid\fR"
-Inform the fast flush server that the message with the specified
+Inform the \fBflush\fR(8) server that the message with the specified
queue ID is queued for the specified destination.
.IP "\fBsend\fI sitename\fR"
Request delivery of mail that is queued for the specified
.nf
.ad
.fi
-The fast flush server is not security-sensitive. It does not
+The \fBflush\fR(8) server is not security-sensitive. It does not
talk to the network, and it does not talk to local users.
The fast flush server can run chrooted at fixed low privilege.
.SH DIAGNOSTICS
\fBmaster.cf\fR configuration file.
Upon receipt of a request to deliver mail for an eligible
-destination, the \fBflush\fR server requests delivery of all messages
+destination, the \fBflush\fR(8) server requests delivery of all messages
that are listed in that destination's logfile, regardless of the
recipients of those messages. This is not an issue for mail
that is sent to a \fBrelay_domains\fR destination because
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically as flush(8)
+Changes to \fBmain.cf\fR are picked up automatically as \fBflush\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically, as lmtp(8)
+Changes to \fBmain.cf\fR are picked up automatically, as \fBlmtp\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "COMPATIBILITY CONTROLS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The \fBlocal\fR daemon processes delivery requests from the
+The \fBlocal\fR(8) daemon processes delivery requests from the
Postfix queue manager to deliver mail to local recipients.
Each delivery request specifies a queue file, a sender address,
a domain or host to deliver to, and one or more recipients.
This program expects to be run from the \fBmaster\fR(8) process
manager.
-The \fBlocal\fR daemon updates queue files and marks recipients
+The \fBlocal\fR(8) daemon updates queue files and marks recipients
as finished, or it informs the queue manager that delivery should
be tried again at a later time. Delivery status reports are sent
to the \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemon as
for recipients that are not found in the UNIX passwd database.
In the case of UNIX-style mailbox delivery,
-the \fBlocal\fR daemon prepends a "\fBFrom \fIsender time_stamp\fR"
+the \fBlocal\fR(8) daemon prepends a "\fBFrom \fIsender time_stamp\fR"
envelope header to each message, prepends an
\fBX-Original-To:\fR header with the recipient address as given to
Postfix, prepends an
The current working directory is the mail queue directory.
-The \fBlocal\fR daemon prepends a "\fBFrom \fIsender time_stamp\fR"
+The \fBlocal\fR(8) daemon prepends a "\fBFrom \fIsender time_stamp\fR"
envelope header to each message, prepends an
\fBX-Original-To:\fR header with the recipient address as given to
Postfix, prepends an
forward\fR) forbids file destinations in \fB:include:\fR files.
In the case of UNIX-style mailbox delivery,
-the \fBlocal\fR daemon prepends a "\fBFrom \fIsender time_stamp\fR"
+the \fBlocal\fR(8) daemon prepends a "\fBFrom \fIsender time_stamp\fR"
envelope header to each message, prepends an
\fBX-Original-To:\fR header with the recipient address as given to
Postfix, prepends an
to the mailbox owned by the user \fIname\fR, or it is sent back as
undeliverable.
-In all cases the \fBlocal\fR daemon prepends an optional
+In all cases the \fBlocal\fR(8) daemon prepends an optional
`\fBDelivered-To:\fR header line with the final recipient
address.
.SH "DELIVERY RIGHTS"
.fi
Deliveries to external files and external commands are made with
the rights of the receiving user on whose behalf the delivery is made.
-In the absence of a user context, the \fBlocal\fR daemon uses the
+In the absence of a user context, the \fBlocal\fR(8) daemon uses the
owner rights of the \fB:include:\fR file or alias database.
When those files are owned by the superuser, delivery is made with
the rights specified with the \fBdefault_privs\fR configuration
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "COMPATIBILITY CONTROLS"
.na
.nf
mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
and luser_relay.
.IP "\fBalias_maps (see 'postconf -d' output)\fR"
-The alias databases that are used for local(8) delivery.
+The alias databases that are used for \fBlocal\fR(8) delivery.
.IP "\fBforward_path (see 'postconf -d' output)\fR"
-The local(8) delivery agent search list for finding a .forward
+The \fBlocal\fR(8) delivery agent search list for finding a .forward
file with user-specified delivery methods.
.IP "\fBmailbox_transport (empty)\fR"
-Optional message delivery transport that the local(8) delivery
+Optional message delivery transport that the \fBlocal\fR(8) delivery
agent should use for mailbox delivery to all local recipients,
whether or not they are found in the UNIX passwd database.
.IP "\fBmailbox_command_maps (empty)\fR"
Optional lookup tables with per-recipient external commands to use
-for local(8) mailbox delivery.
+for \fBlocal\fR(8) mailbox delivery.
.IP "\fBmailbox_command (empty)\fR"
-Optional external command that the local(8) delivery agent should
+Optional external command that the \fBlocal\fR(8) delivery agent should
use for mailbox delivery.
.IP "\fBhome_mailbox (empty)\fR"
-Optional pathname of a mailbox file relative to a local(8) user's
+Optional pathname of a mailbox file relative to a \fBlocal\fR(8) user's
home directory.
.IP "\fBmail_spool_directory (see 'postconf -d' output)\fR"
-The directory where local(8) UNIX-style mailboxes are kept.
+The directory where \fBlocal\fR(8) UNIX-style mailboxes are kept.
.IP "\fBfallback_transport (empty)\fR"
-Optional message delivery transport that the local(8) delivery
-agent should use for names that are not found in the aliases(5)
+Optional message delivery transport that the \fBlocal\fR(8) delivery
+agent should use for names that are not found in the \fBaliases\fR(5)
database or in the UNIX passwd database.
.IP "\fBluser_relay (empty)\fR"
-Optional catch-all destination for unknown local(8) recipients.
+Optional catch-all destination for unknown \fBlocal\fR(8) recipients.
.PP
Available in Postfix version 2.2 and later:
.IP "\fBcommand_execution_directory (empty)\fR"
-The local(8) delivery agent working directory for delivery to
+The \fBlocal\fR(8) delivery agent working directory for delivery to
external command.
.SH "MAILBOX LOCKING CONTROLS"
.na
.fi
.IP "\fBdeliver_lock_attempts (20)\fR"
The maximal number of attempts to acquire an exclusive lock on a
-mailbox file or bounce(8) logfile.
+mailbox file or \fBbounce\fR(8) logfile.
.IP "\fBdeliver_lock_delay (1s)\fR"
The time between attempts to acquire an exclusive lock on a mailbox
-file or bounce(8) logfile.
+file or \fBbounce\fR(8) logfile.
.IP "\fBstale_lock_time (500s)\fR"
The time after which a stale exclusive mailbox lockfile is removed.
.IP "\fBmailbox_delivery_lock (see 'postconf -d' output)\fR"
-How to lock a UNIX-style local(8) mailbox before attempting delivery.
+How to lock a UNIX-style \fBlocal\fR(8) mailbox before attempting delivery.
.SH "RESOURCE AND RATE CONTROLS"
.na
.nf
Time limit for delivery to external commands.
.IP "\fBduplicate_filter_limit (1000)\fR"
The maximal number of addresses remembered by the address
-duplicate filter for aliases(5) or virtual(5) alias expansion, or
-for showq(8) queue displays.
+duplicate filter for \fBaliases\fR(5) or \fBvirtual\fR(5) alias expansion, or
+for \fBshowq\fR(8) queue displays.
.IP "\fBlocal_destination_concurrency_limit (2)\fR"
The maximal number of parallel deliveries via the local mail
delivery transport to the same recipient (when
The maximal number of recipients per message delivery via the
local mail delivery transport.
.IP "\fBmailbox_size_limit (51200000)\fR"
-The maximal size of any local(8) individual mailbox or maildir
+The maximal size of any \fBlocal\fR(8) individual mailbox or maildir
file, or zero (no limit).
.SH "SECURITY CONTROLS"
.na
.ad
.fi
.IP "\fBallow_mail_to_commands (alias, forward)\fR"
-Restrict local(8) mail delivery to external commands.
+Restrict \fBlocal\fR(8) mail delivery to external commands.
.IP "\fBallow_mail_to_files (alias, forward)\fR"
-Restrict local(8) mail delivery to external files.
+Restrict \fBlocal\fR(8) mail delivery to external files.
.IP "\fBcommand_expansion_filter (see 'postconf -d' output)\fR"
-Restrict the characters that the local(8) delivery agent allows in
+Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
$name expansions of $mailbox_command.
.IP "\fBdefault_privs (nobody)\fR"
-The default rights used by the local(8) delivery agent for delivery
+The default rights used by the \fBlocal\fR(8) delivery agent for delivery
to external file or command.
.IP "\fBforward_expansion_filter (see 'postconf -d' output)\fR"
-Restrict the characters that the local(8) delivery agent allows in
+Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
$name expansions of $forward_path.
.PP
Available in Postfix version 2.2 and later:
.IP "\fBexecution_directory_expansion_filter (see 'postconf -d' output)\fR"
-Restrict the characters that the local(8) delivery agent allows
+Restrict the characters that the \fBlocal\fR(8) delivery agent allows
in $name expansions of $command_execution_directory.
.SH "MISCELLANEOUS CONTROLS"
.na
The time limit for sending or receiving information over an internal
communication channel.
.IP "\fBlocal_command_shell (empty)\fR"
-Optional shell program for local(8) delivery to non-Postfix command.
+Optional shell program for \fBlocal\fR(8) delivery to non-Postfix command.
.IP "\fBmax_idle (100s)\fR"
The maximum amount of time that an idle Postfix daemon process
waits for the next service request before exiting.
The maximal number of connection requests before a Postfix daemon
process terminates.
.IP "\fBprepend_delivered_header (command, file, forward)\fR"
-The message delivery contexts where the Postfix local(8) delivery
+The message delivery contexts where the Postfix \fBlocal\fR(8) delivery
agent prepends a Delivered-To: message header.
.IP "\fBprocess_id (read-only)\fR"
The process ID of a Postfix command or daemon process.
.IP "\fBrecipient_delimiter (empty)\fR"
The separator between user names and address extensions (user+foo).
.IP "\fBrequire_home_directory (no)\fR"
-Whether or not a local(8) recipient's home directory must exist
+Whether or not a \fBlocal\fR(8) recipient's home directory must exist
before mail delivery is attempted.
.IP "\fBsyslog_facility (mail)\fR"
The syslog facility of Postfix logging.
.SH DESCRIPTION
.ad
.fi
-The \fBmaster\fR daemon is the resident process that runs Postfix
+The \fBmaster\fR(8) daemon is the resident process that runs Postfix
daemons on demand: daemons to send or receive messages via the
network, daemons to deliver mail locally, etc. These daemons are
created on demand up to a configurable maximum number per service.
Postfix daemons terminate voluntarily, either after being idle for
a configurable amount of time, or after having serviced a
configurable number of requests. Exceptions to this rule are the
-resident queue manager and the resident address verification server.
+resident queue manager, address verification server, and the TLS
+session cache and pseudo-random number server.
-The behavior of the \fBmaster\fR daemon is controlled by the
-\fBmaster.cf\fR configuration file, as described in master(5).
+The behavior of the \fBmaster\fR(8) daemon is controlled by the
+\fBmaster.cf\fR configuration file, as described in \fBmaster\fR(5).
Options:
.IP "\fB-c \fIconfig_dir\fR"
.IP \fB-t\fR
Test mode. Return a zero exit status when the \fBmaster.pid\fR lock
file does not exist or when that file is not locked. This is evidence
-that the \fBmaster\fR daemon is not running.
+that the \fBmaster\fR(8) daemon is not running.
.IP \fB-v\fR
Enable verbose logging for debugging purposes. This option
is passed on to child processes. Multiple \fB-v\fR options
.PP
Signals:
.IP \fBSIGHUP\fR
-Upon receipt of a \fBHUP\fR signal (e.g., after \fBpostfix reload\fR),
+Upon receipt of a \fBHUP\fR signal (e.g., after "\fBpostfix reload\fR"),
the master process re-reads its configuration files. If a service has
been removed from the \fBmaster.cf\fR file, its running processes
are terminated immediately.
as is convenient, so that changes in configuration settings
affect only new service requests.
.IP \fBSIGTERM\fR
-Upon receipt of a \fBTERM\fR signal (e.g., after \fBpostfix abort\fR),
+Upon receipt of a \fBTERM\fR signal (e.g., after "\fBpostfix abort\fR"),
the master process passes the signal on to its child processes and
terminates.
This is useful for an emergency shutdown. Normally one would
-terminate only the master (\fBpostfix stop\fR) and allow running
+terminate only the master ("\fBpostfix stop\fR") and allow running
processes to finish what they are doing.
.SH DIAGNOSTICS
.ad
.nf
.ad
.fi
-Unlike most Postfix daemon processes, the master(8) server does
+Unlike most Postfix daemon processes, the \fBmaster\fR(8) server does
not automatically pick up changes to \fBmain.cf\fR. Changes
to \fBmaster.cf\fR are never picked up automatically.
-Use the \fBpostfix reload\fR command after a configuration change.
+Use the "\fBpostfix reload\fR" command after a configuration change.
.SH "RESOURCE AND RATE CONTROLS"
.na
.nf
The maximal number of connection requests before a Postfix daemon
process terminates.
.IP "\fBservice_throttle_time (60s)\fR"
-How long the Postfix master(8) waits before forking a server that
+How long the Postfix \fBmaster\fR(8) waits before forking a server that
appears to be malfunctioning.
.SH "MISCELLANEOUS CONTROLS"
.na
.SH DESCRIPTION
.ad
.fi
-The \fBoqmgr\fR daemon awaits the arrival of incoming mail
+The \fBoqmgr\fR(8) daemon awaits the arrival of incoming mail
and arranges for its delivery via Postfix delivery processes.
The actual mail routing strategy is delegated to the
\fBtrivial-rewrite\fR(8) daemon.
.nf
.ad
.fi
-The \fBoqmgr\fR daemon maintains the following queues:
+The \fBoqmgr\fR(8) daemon maintains the following queues:
.IP \fBincoming\fR
Inbound mail from the network, or mail picked up by the
-local \fBpickup\fR agent from the \fBmaildrop\fR directory.
+local \fBpickup\fR(8) agent from the \fBmaildrop\fR directory.
.IP \fBactive\fR
Messages that the queue manager has opened for delivery. Only
a limited number of messages is allowed to enter the \fBactive\fR
.nf
.ad
.fi
-The \fBoqmgr\fR daemon keeps an eye on per-message delivery status
+The \fBoqmgr\fR(8) daemon keeps an eye on per-message delivery status
reports in the following directories. Each status report file has
the same name as the corresponding message file:
.IP \fBbounce\fR
Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv\fR" command.
These files are maintained by the \fBtrace\fR(8) daemon.
.PP
-The \fBoqmgr\fR daemon is responsible for asking the
+The \fBoqmgr\fR(8) daemon is responsible for asking the
\fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemons to
send delivery reports.
.SH "STRATEGIES"
servers that should not go away forever. The action is to start
an incoming queue scan.
.PP
-The \fBoqmgr\fR daemon reads an entire buffer worth of triggers.
+The \fBoqmgr\fR(8) daemon reads an entire buffer worth of triggers.
Multiple identical trigger requests are collapsed into one, and
trigger requests are sorted so that \fBA\fR and \fBF\fR precede
\fBD\fR and \fBI\fR. Thus, in order to force a deferred queue run,
.nf
.ad
.fi
-None. The \fBoqmgr\fR daemon does not interact with the outside world.
+None. The \fBoqmgr\fR(8) daemon does not interact with the outside world.
.SH "SECURITY"
.na
.nf
.ad
.fi
-The \fBoqmgr\fR daemon is not security sensitive. It reads
+The \fBoqmgr\fR(8) daemon is not security sensitive. It reads
single-character messages from untrusted local users, and thus may
-be susceptible to denial of service attacks. The \fBoqmgr\fR daemon
+be susceptible to denial of service attacks. The \fBoqmgr\fR(8) daemon
does not talk to the outside world, and it can be run at fixed low
privilege in a chrooted environment.
.SH DIAGNOSTICS
.ad
.fi
-Problems and transactions are logged to the syslog daemon.
+Problems and transactions are logged to the \fBsyslog\fR(8) daemon.
Corrupted message files are saved to the \fBcorrupt\fR queue
for further inspection.
.ad
.fi
A single queue manager process has to compete for disk access with
-multiple front-end processes such as \fBsmtpd\fR. A sudden burst of
+multiple front-end processes such as \fBcleanup\fR(8). A sudden burst of
inbound mail can negatively impact outbound delivery rates.
.SH "CONFIGURATION PARAMETERS"
.na
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are not picked up automatically, as oqmgr(8)
+Changes to \fBmain.cf\fR are not picked up automatically,
+as \fBoqmgr\fR(8)
is a persistent process. Use the command "\fBpostfix reload\fR" after
a configuration change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
In the text below, \fItransport\fR is the first field in a
\fBmaster.cf\fR entry.
postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager
-syslogd(8) system logging
+syslogd(8), system logging
.SH "README FILES"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The \fBpickup\fR daemon waits for hints that new mail has been
+The \fBpickup\fR(8) daemon waits for hints that new mail has been
dropped into the \fBmaildrop\fR directory, and feeds it into the
\fBcleanup\fR(8) daemon.
Ill-formatted files are deleted without notifying the originator.
.nf
.ad
.fi
-None. The \fBpickup\fR daemon does not interact with the outside world.
+None. The \fBpickup\fR(8) daemon does not interact with
+the outside world.
.SH "SECURITY"
.na
.nf
.ad
.fi
-The \fBpickup\fR daemon is moderately security sensitive. It runs
+The \fBpickup\fR(8) daemon is moderately security sensitive. It runs
with fixed low privilege and can run in a chrooted environment.
However, the program reads files from potentially hostile users.
-The \fBpickup\fR daemon opens no files for writing, is careful about
+The \fBpickup\fR(8) daemon opens no files for writing, is careful about
what files it opens for reading, and does not actually touch any data
that is sent to its public service endpoint.
.SH DIAGNOSTICS
.SH BUGS
.ad
.fi
-The \fBpickup\fR daemon copies mail from file to the \fBcleanup\fR(8)
+The \fBpickup\fR(8) daemon copies mail from file to the \fBcleanup\fR(8)
daemon. It could avoid message copying overhead by sending a file
descriptor instead of file data, but then the already complex
\fBcleanup\fR(8) daemon would have to deal with unfiltered user data.
.nf
.ad
.fi
-As the pickup(8) daemon is a relatively long-running process, up
+As the \fBpickup\fR(8) daemon is a relatively long-running process, up
to an hour may pass before a \fBmain.cf\fR change takes effect.
Use the command "\fBpostfix reload\fR" command to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "CONTENT INSPECTION CONTROLS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The \fBpipe\fR daemon processes requests from the Postfix queue
+The \fBpipe\fR(8) daemon processes requests from the Postfix queue
manager to deliver messages to external commands.
This program expects to be run from the \fBmaster\fR(8) process
manager.
next-hop host name can be specified as command-line macros that are
expanded before the external command is executed.
-The \fBpipe\fR daemon updates queue files and marks recipients
+The \fBpipe\fR(8) daemon updates queue files and marks recipients
as finished, or it informs the queue manager that delivery should
be tried again at a later time. Delivery status reports are sent
to the \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemon as
This is recommended for delivery via \fBUUCP\fR or \fBBSMTP\fR.
.sp
The result is compatible with the address parsing of command-line
-recipients by the Postfix \fBsendmail\fR mail submission command.
+recipients by the Postfix \fBsendmail\fR(1) mail submission command.
.sp
The \fBq\fR flag affects only entire addresses, not the partial
address information from the \fB$user\fR, \fB$extension\fR or
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically as pipe(8)
+Changes to \fBmain.cf\fR are picked up automatically as \fBpipe\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "RESOURCE AND RATE CONTROLS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The \fBproxymap\fR server provides read-only table
+The \fBproxymap\fR(8) server provides read-only table
lookup service to Postfix processes. The purpose
of the service is:
.IP \(bu
The total number of connections is limited by the number of
proxymap server processes.
.PP
-The proxymap server implements the following requests:
+The \fBproxymap\fR(8) server implements the following requests:
.IP "\fBopen\fR \fImaptype:mapname flags\fR"
Open the table with type \fImaptype\fR and name \fImapname\fR,
as controlled by \fIflags\fR. The reply includes the \fImaptype\fR
.nf
.ad
.fi
-\fBproxymap\fR servers run under control by the Postfix \fBmaster\fR
+\fBproxymap\fR(8) servers run under control by the Postfix
+\fBmaster\fR(8)
server. Each server can handle multiple simultaneous connections.
-When all servers are busy while a client connects, the \fBmaster\fR
-creates a new \fBproxymap\fR server process, provided that the
+When all servers are busy while a client connects, the \fBmaster\fR(8)
+creates a new \fBproxymap\fR(8) server process, provided that the
process limit is not exceeded.
Each server terminates after serving at least \fB$max_use\fR clients
or after \fB$max_idle\fR seconds of idle time.
.nf
.ad
.fi
-The proxymap server opens only tables that are approved via the
+The \fBproxymap\fR(8) server opens only tables that are approved via the
\fBproxy_read_maps\fR configuration parameter, does not talk to
users, and can run at fixed low privilege, chrooted or not.
However, running the proxymap server chrooted severely limits
usability, because it can open only chrooted tables.
-The proxymap server is not a trusted daemon process, and must
+The \fBproxymap\fR(8) server is not a trusted daemon process, and must
not be used to look up sensitive information such as user or
group IDs, mailbox file/directory names or external commands.
.SH BUGS
.ad
.fi
-The proxymap server provides service to multiple clients,
+The \fBproxymap\fR(8) server provides service to multiple clients,
and must therefore not be used for tables that have high-latency
lookups.
.SH "CONFIGURATION PARAMETERS"
.nf
.ad
.fi
-On busy mail systems a long time may pass before proxymap(8) relevant
+On busy mail systems a long time may pass before
+\fBproxymap\fR(8) relevant
changes to \fBmain.cf\fR are picked up. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
.IP "\fBprocess_name (read-only)\fR"
The process name of a Postfix command or daemon process.
.IP "\fBproxy_read_maps (see 'postconf -d' output)\fR"
-The lookup tables that the proxymap(8) server is allowed to access.
+The lookup tables that the \fBproxymap\fR(8) server is allowed to access.
.SH "SEE ALSO"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The \fBqmgr\fR daemon awaits the arrival of incoming mail
+The \fBqmgr\fR(8) daemon awaits the arrival of incoming mail
and arranges for its delivery via Postfix delivery processes.
The actual mail routing strategy is delegated to the
\fBtrivial-rewrite\fR(8) daemon.
.nf
.ad
.fi
-The \fBqmgr\fR daemon maintains the following queues:
+The \fBqmgr\fR(8) daemon maintains the following queues:
.IP \fBincoming\fR
Inbound mail from the network, or mail picked up by the
-local \fBpickup\fR agent from the \fBmaildrop\fR directory.
+local \fBpickup\fR(8) daemon from the \fBmaildrop\fR directory.
.IP \fBactive\fR
Messages that the queue manager has opened for delivery. Only
a limited number of messages is allowed to enter the \fBactive\fR
.nf
.ad
.fi
-The \fBqmgr\fR daemon keeps an eye on per-message delivery status
+The \fBqmgr\fR(8) daemon keeps an eye on per-message delivery status
reports in the following directories. Each status report file has
the same name as the corresponding message file:
.IP \fBbounce\fR
Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv\fR" command.
These files are maintained by the \fBtrace\fR(8) daemon.
.PP
-The \fBqmgr\fR daemon is responsible for asking the
+The \fBqmgr\fR(8) daemon is responsible for asking the
\fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemons to
send delivery reports.
.SH "STRATEGIES"
servers that should not go away forever. The action is to start
an incoming queue scan.
.PP
-The \fBqmgr\fR daemon reads an entire buffer worth of triggers.
+The \fBqmgr\fR(8) daemon reads an entire buffer worth of triggers.
Multiple identical trigger requests are collapsed into one, and
trigger requests are sorted so that \fBA\fR and \fBF\fR precede
\fBD\fR and \fBI\fR. Thus, in order to force a deferred queue run,
.nf
.ad
.fi
-None. The \fBqmgr\fR daemon does not interact with the outside world.
+None. The \fBqmgr\fR(8) daemon does not interact with the outside world.
.SH "SECURITY"
.na
.nf
.ad
.fi
-The \fBqmgr\fR daemon is not security sensitive. It reads
+The \fBqmgr\fR(8) daemon is not security sensitive. It reads
single-character messages from untrusted local users, and thus may
-be susceptible to denial of service attacks. The \fBqmgr\fR daemon
+be susceptible to denial of service attacks. The \fBqmgr\fR(8) daemon
does not talk to the outside world, and it can be run at fixed low
privilege in a chrooted environment.
.SH DIAGNOSTICS
.ad
.fi
A single queue manager process has to compete for disk access with
-multiple front-end processes such as \fBsmtpd\fR. A sudden burst of
+multiple front-end processes such as \fBcleanup\fR(8). A sudden burst of
inbound mail can negatively impact outbound delivery rates.
.SH "CONFIGURATION PARAMETERS"
.na
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are not picked up automatically as qmgr(8)
-is a persistent process. Use the \fBpostfix reload\fR command after
+Changes to \fBmain.cf\fR are not picked up automatically
+as \fBqmgr\fR(8)
+is a persistent process. Use the "\fBpostfix reload\fR" command after
a configuration change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
In the text below, \fItransport\fR is the first field in a
\fBmaster.cf\fR entry.
postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager
-syslogd(8) system logging
+syslogd(8), system logging
.SH "README FILES"
.na
.nf
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically, as qmqpd(8)
+Changes to \fBmain.cf\fR are picked up automatically, as \fBqmqpd\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "CONTENT INSPECTION CONTROLS"
.na
.nf
records, so that "smtpd" becomes, for example, "postfix/smtpd".
.IP "\fBverp_delimiter_filter (-=+)\fR"
The characters Postfix accepts as VERP delimiter characters on the
-Postfix sendmail(1) command line and in SMTP commands.
+Postfix \fBsendmail\fR(1) command line and in SMTP commands.
.SH "SEE ALSO"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The \fBscache\fR server maintains a shared multi-connection
+The \fBscache\fR(8) server maintains a shared multi-connection
cache. This information can be used by, for example, Postfix
SMTP clients or other Postfix delivery agents.
one endpoint may refer to zero or more connections.
The exact syntax of a logical destination or endpoint name
-is application dependent; the \fBscache\fR service does
+is application dependent; the \fBscache\fR(8) server does
not care. A connection is stored as a file descriptor together
with application-dependent information that is needed to
-re-activate a connection object. Again, the \fBscache\fR
-service is completely unaware about the details of that
+re-activate a connection object. Again, the \fBscache\fR(8)
+server is completely unaware of the details of that
information.
All information is stored with a finite time to live (ttl).
.nf
.ad
.fi
-The connection cache server is not security-sensitive. It does not
+The \fBscache\fR(8) server is not security-sensitive. It does not
talk to the network, and it does not talk to local users.
-The scache server can run chrooted at fixed low privilege.
+The \fBscache\fR(8) server can run chrooted at fixed low privilege.
-The connection cache server is not a trusted process. It must
+The \fBscache\fR(8) server is not a trusted process. It must
not be used to store information that is security sensitive.
.SH DIAGNOSTICS
.ad
.SH BUGS
.ad
.fi
-Sessions cannot be cached across multiple machines.
+The session cache cannot be shared among multiple machines.
-When a connection expires from the cache it is closed without
-protocol specific handshake.
+When a connection expires from the cache, it is closed without
+the appropriate protocol specific handshake.
.SH "CONFIGURATION PARAMETERS"
.na
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically as scache(8)
+Changes to \fBmain.cf\fR are picked up automatically as \fBscache\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "RESOURCE CONTROLS"
.na
.nf
The maximal time-to-live value that the connection cache server
allows.
.IP "\fBconnection_cache_status_update_time (600s)\fR"
-How frequently the scache(8) server logs usage statistics with
+How frequently the \fBscache\fR(8) server logs usage statistics with
connection cache hit and miss rates for logical destinations and for
physical endpoints.
.SH "MISCELLANEOUS CONTROLS"
.SH DESCRIPTION
.ad
.fi
-The \fBshowq\fR daemon reports the Postfix mail queue status.
+The \fBshowq\fR(8) daemon reports the Postfix mail queue status.
It is the program that emulates the sendmail `mailq' command.
-The \fBshowq\fR daemon can also be run in stand-alone mode
+The \fBshowq\fR(8) daemon can also be run in stand-alone mode
by the superuser. This mode of operation is used to emulate
the `mailq' command while the Postfix mail system is down.
.SH "SECURITY"
.nf
.ad
.fi
-The \fBshowq\fR daemon can run in a chroot jail at fixed low
+The \fBshowq\fR(8) daemon can run in a chroot jail at fixed low
privilege, and takes no input from the client. Its service port
is accessible to local untrusted users, so the service can be
susceptible to denial of service attacks.
.nf
.ad
.fi
-None. The showq daemon does not interact with the outside world.
+None. The \fBshowq\fR(8) daemon does not interact with the
+outside world.
.SH DIAGNOSTICS
.ad
.fi
.SH BUGS
.ad
.fi
-The \fBshowq\fR daemon runs at a fixed low privilege; consequently,
+The \fBshowq\fR(8) daemon runs at a fixed low privilege; consequently,
it cannot extract information from queue files in the
\fBmaildrop\fR directory.
.SH "CONFIGURATION PARAMETERS"
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically as showq(8)
+Changes to \fBmain.cf\fR are picked up automatically as \fBshowq\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
request before it is terminated by a built-in watchdog timer.
.IP "\fBduplicate_filter_limit (1000)\fR"
The maximal number of addresses remembered by the address
-duplicate filter for aliases(5) or virtual(5) alias expansion, or
-for showq(8) queue displays.
+duplicate filter for \fBaliases\fR(5) or \fBvirtual\fR(5) alias expansion, or
+for \fBshowq\fR(8) queue displays.
.IP "\fBempty_address_recipient (MAILER-DAEMON)\fR"
The recipient of mail addressed to the null address.
.IP "\fBipc_timeout (3600s)\fR"
.SH NAME
smtp
\-
-Postfix remote delivery via SMTP
+Postfix SMTP client
.SH "SYNOPSIS"
.na
.nf
.SH DESCRIPTION
.ad
.fi
-The SMTP client processes message delivery requests from
+The Postfix SMTP client processes message delivery requests from
the queue manager. Each request specifies a queue file, a sender
address, a domain or host to deliver to, and recipient information.
This program expects to be run from the \fBmaster\fR(8) process
deliver the mail to an alternate host.
After a successful mail transaction, a connection may be saved
-to the \fBscache(8)\fR connection cache server, so that it
+to the \fBscache\fR(8) connection cache server, so that it
may be used by any SMTP client for a subsequent transaction.
By default, connection caching is enabled temporarily for
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically, as smtp(8)
+Changes to \fBmain.cf\fR are picked up automatically, as \fBsmtp\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "COMPATIBILITY CONTROLS"
.na
.nf
The expiration time of Postfix SMTP client TLS session cache
information.
.IP "\fBtls_daemon_random_bytes (32)\fR"
-The number of pseudo-random bytes that an smtp(8) or smtpd(8)
-process requests from the tlsmgr(8) server in order to seed its
+The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
+process requests from the \fBtlsmgr\fR(8) server in order to seed its
internal pseudo random number generator (PRNG).
.SH "RESOURCE AND RATE CONTROLS"
.na
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically, as smtpd(8)
+Changes to \fBmain.cf\fR are picked up automatically, as \fBsmtpd\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "COMPATIBILITY CONTROLS"
.na
.nf
Run the Postfix SMTP server in the non-standard "wrapper" mode,
instead of using the STARTTLS command.
.IP "\fBtls_daemon_random_bytes (32)\fR"
-The number of pseudo-random bytes that an smtp(8) or smtpd(8)
-process requests from the tlsmgr(8) server in order to seed its
+The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
+process requests from the \fBtlsmgr\fR(8) server in order to seed its
internal pseudo random number generator (PRNG).
.SH "VERP SUPPORT CONTROLS"
.na
The two default VERP delimiter characters.
.IP "\fBverp_delimiter_filter (-=+)\fR"
The characters Postfix accepts as VERP delimiter characters on the
-Postfix sendmail(1) command line and in SMTP commands.
+Postfix \fBsendmail\fR(1) command line and in SMTP commands.
.PP
Available in Postfix version 1.1 and 2.0:
.IP "\fBauthorized_verp_clients ($mynetworks)\fR"
before it is flushed upon receipt of EHLO, RSET, or end of DATA.
.PP
The per SMTP client connection count and request rate limits are
-implemented in co-operation with the anvil(8) service, and
+implemented in co-operation with the \fBanvil\fR(8) service, and
are available in Postfix version 2.2 and later.
.IP "\fBsmtpd_client_connection_count_limit (50)\fR"
How many simultaneous connections any client is allowed to
.IP "\fBsmtpd_restriction_classes (empty)\fR"
User-defined aliases for groups of access restrictions.
.IP "\fBsmtpd_null_access_lookup_key (<>)\fR"
-The lookup key to be used in SMTP access(5) tables instead of the
+The lookup key to be used in SMTP \fBaccess\fR(5) tables instead of the
null sender address.
.IP "\fBpermit_mx_backup_networks (empty)\fR"
Restrict the use of the permit_mx_backup SMTP access feature to
are not actually delivered.
This feature is requested via the reject_unverified_sender and
reject_unverified_recipient access restrictions. The status of
-verification probes is maintained by the verify(8) server.
+verification probes is maintained by the \fBverify\fR(8) server.
See the file ADDRESS_VERIFICATION_README for information
about how to configure and operate the Postfix sender/recipient
address verification service.
.IP "\fBaddress_verify_poll_count (3)\fR"
-How many times to query the verify(8) service for the completion
+How many times to query the \fBverify\fR(8) service for the completion
of an address verification request in progress.
.IP "\fBaddress_verify_poll_delay (3s)\fR"
The delay between queries for the completion of an address
and/or text responses.
.IP "\fBaccess_map_reject_code (554)\fR"
The numerical Postfix SMTP server response code when a client
-is rejected by an access(5) map restriction.
+is rejected by an \fBaccess\fR(5) map restriction.
.IP "\fBdefer_code (450)\fR"
The numerical Postfix SMTP server response code when a remote SMTP
client request is rejected by the "defer" restriction.
or reject_non_fqdn_recipient restriction.
.IP "\fBreject_code (554)\fR"
The numerical Postfix SMTP server response code when a remote SMTP
-client request is rejected by the "\fBreject\fR" restriction.
+client request is rejected by the "reject" restriction.
.IP "\fBrelay_domains_reject_code (554)\fR"
The numerical Postfix SMTP server response code when a client
request is rejected by the reject_unauth_destination recipient
.SH DESCRIPTION
.ad
.fi
-The \fBspawn\fR daemon provides the Postfix equivalent of \fBinetd\fR.
+The \fBspawn\fR(8) daemon provides the Postfix equivalent
+of \fBinetd\fR.
It listens on a port as specified in the Postfix \fBmaster.cf\fR file
and spawns an external command whenever a connection is established.
The connection can be made over local IPC (such as UNIX-domain
specified \fIusername\fR. The software refuses to execute
commands with root privileges, or with the privileges of the
mail system owner. If \fIgroupname\fR is specified, the
-corresponding group ID is used instead of the group ID of
+corresponding group ID is used instead of the group ID
of \fIusername\fR.
.IP "\fBargv\fR=\fIcommand\fR... (required)"
The command to be executed. This must be specified as the
.ad
.fi
In order to enforce standard Postfix process resource controls,
-the \fBspawn\fR daemon runs only one external command at a time.
+the \fBspawn\fR(8) daemon runs only one external command at a time.
As such, it presents a noticeable overhead by wasting precious
-process resources. The \fBspawn\fR daemon is expected to be
+process resources. The \fBspawn\fR(8) daemon is expected to be
replaced by a more structural solution.
.SH DIAGNOSTICS
.ad
.fi
-The \fBspawn\fR daemon reports abnormal child exits.
+The \fBspawn\fR(8) daemon reports abnormal child exits.
Problems are logged to \fBsyslogd\fR(8).
.SH "SECURITY"
.na
.ad
This program needs root privilege in order to execute external
commands as the specified user. It is therefore security sensitive.
-However the \fBspawn\fR daemon does not talk to the external command
+However the \fBspawn\fR(8) daemon does not talk to the external command
and thus is not vulnerable to data-driven attacks.
.SH "CONFIGURATION PARAMETERS"
.na
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically as spawn(8)
+Changes to \fBmain.cf\fR are picked up automatically as \fBspawn\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
In the text below, \fItransport\fR is the first field of the entry
in the \fBmaster.cf\fR file.
.SH DESCRIPTION
.ad
.fi
-The tlsmgr(8) manages the TLS session caches for Postfix
-SMTP client and server processes. It stores and retrieves
-cache entries on request by smtpd(8) and smtp(8) processes,
-and periodically removes entries that have expired.
+The \fBtlsmgr\fR(8) manages the Postfix TLS session caches.
+It stores and retrieves cache entries on request by
+\fBsmtpd\fR(8) and \fBsmtp\fR(8) processes, and periodically
+removes entries that have expired.
-The tlsmgr(8) also manages the PRNG (pseudo random number
-generator) pool. It answers queries by the smtpd(8) and smtp(8)
+The \fBtlsmgr\fR(8) also manages the PRNG (pseudo random number
+generator) pool. It answers queries by the \fBsmtpd\fR(8)
+and \fBsmtp\fR(8)
processes to seed their internal PRNG pools.
-The tlsmgr(8)'s PRNG pool is initially seeded from
+The \fBtlsmgr\fR(8)'s PRNG pool is initially seeded from
an external source (EGD, /dev/urandom, or regular file).
It is updated at configurable pseudo-random intervals with
data from the external source. It is updated periodically
with data from TLS session cache entries and with the time
of day, and is updated with the time of day whenever a
-process requests tlsmgr(8) service.
+process requests \fBtlsmgr\fR(8) service.
-The tlsmgr(8) saves the PRNG state to an exchange file
+The \fBtlsmgr\fR(8) saves the PRNG state to an exchange file
periodically and when the process terminates, and reads
the exchange file when initializing its PRNG.
.SH "SECURITY"
.nf
.ad
.fi
-tlsmgr(8) is not security-sensitive. The code that maintains
+The \fBtlsmgr\fR(8) is not security-sensitive. The code that maintains
the external and internal PRNG pools does not "trust" the
data that it manipulates, and the code that maintains the
TLS session cache does not touch the contents of the cached
entries, except for seeding its internal PRNG pool.
-The tlsmgr(8) can be run chrooted and with reduced privileges.
+The \fBtlsmgr\fR(8) can be run chrooted and with reduced privileges.
At process startup it connects to the entropy source and
exchange file, and creates or truncates the optional TLS
session cache files.
.ad
.fi
Changes to \fBmain.cf\fR are not picked up automatically,
-because tlsmgr(8) is a persistent processes. Use the
+because \fBtlsmgr\fR(8) is a persistent processes. Use the
command "\fBpostfix reload\fR" after a configuration change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "TLS SESSION CACHE"
.na
.nf
.ad
.fi
.IP "\fBtls_random_source (see 'postconf -d' output)\fR"
-The external entropy source for the in-memory tlsmgr(8) pseudo
+The external entropy source for the in-memory \fBtlsmgr\fR(8) pseudo
random number generator (PRNG) pool.
.IP "\fBtls_random_bytes (32)\fR"
-The number of bytes that tlsmgr(8) reads from $tls_random_source
+The number of bytes that \fBtlsmgr\fR(8) reads from $tls_random_source
when (re)seeding the in-memory pseudo random number generator (PRNG)
pool.
.IP "\fBtls_random_exchange_name (${config_directory}/prng_exch)\fR"
Name of the pseudo random number generator (PRNG) state file
-that is maintained by tlsmgr(8).
+that is maintained by \fBtlsmgr\fR(8).
.IP "\fBtls_random_prng_update_period (3600s)\fR"
-The time between attempts by tlsmgr(8) to save the state of
+The time between attempts by \fBtlsmgr\fR(8) to save the state of
the pseudo random number generator (PRNG) to the file specified
with $tls_random_exchange_name.
.IP "\fBtls_random_reseed_period (3600s)\fR"
-The maximal time between attempts by tlsmgr(8) to re-seed the
+The maximal time between attempts by \fBtlsmgr\fR(8) to re-seed the
in-memory pseudo random number generator (PRNG) pool from external
sources.
.SH "MISCELLANEOUS CONTROLS"
.SH "SEE ALSO"
.na
.nf
-smtp(8) Postfix SMTP client
-smtpd(8) Postfix SMTP server
+smtp(8), Postfix SMTP client
+smtpd(8), Postfix SMTP server
postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager
.SH DESCRIPTION
.ad
.fi
-The \fBtrivial-rewrite\fR daemon processes three types of client
+The \fBtrivial-rewrite\fR(8) daemon processes three types of client
service requests:
.IP "\fBrewrite \fIcontext address\fR"
Rewrite an address to standard form, according to the
.nf
.ad
.fi
-The trivial-rewrite servers run under control by the Postfix master
+The \fBtrivial-rewrite\fR(8) servers run under control by
+the Postfix master
server. Each server can handle multiple simultaneous connections.
When all servers are busy while a client connects, the master
creates a new server process, provided that the trivial-rewrite
.nf
.ad
.fi
-The \fBtrivial-rewrite\fR daemon is not security sensitive.
+The \fBtrivial-rewrite\fR(8) daemon is not security sensitive.
By default, this daemon does not talk to remote or local users.
It can run at a fixed low privilege in a chrooted environment.
.SH DIAGNOSTICS
.ad
.fi
On busy mail systems a long time may pass before a \fBmain.cf\fR
-change affecting trivial_rewrite(8) is picked up. Use the command
+change affecting \fBtrivial-rewrite\fR(8) is picked up. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "COMPATIBILITY CONTROLS"
.na
.nf
instead of requiring an explicit ".domain.tld" pattern.
.IP "\fBrelayhost (empty)\fR"
The default host to send non-local mail to when no entry is matched
-in the optional transport(5) table.
+in the optional \fBtransport\fR(5) table.
.IP "\fBtransport_maps (empty)\fR"
Optional lookup tables with mappings from recipient address to
(message delivery transport, next-hop destination).
.SH DESCRIPTION
.ad
.fi
-The Postfix address verification server maintains a record
+The \fBverify\fR(8) address verification server maintains a record
of what recipient addresses are known to be deliverable or
undeliverable.
MTA for the specified address, and will therefore not detect
all undeliverable addresses.
-This server is designed to run under control by the Postfix
+The \fBverify\fR(8) server is designed to run under control
+by the Postfix
master server. It maintains an optional persistent database.
To avoid being interrupted by "postfix stop" in the middle
of a database update, the process runs in a separate process
group.
-This server implements the following requests:
+The \fBverify\fR(8) server implements the following requests:
.IP "\fBupdate\fI address status text\fR"
Update the status and text of the specified address.
.IP "\fBquery\fI address\fR"
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are not picked up automatically, as verify(8)
+Changes to \fBmain.cf\fR are not picked up automatically,
+as \fBverify\fR(8)
processes are persistent. Use the command "\fBpostfix reload\fR" after
a configuration change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "CACHE CONTROLS"
.na
.nf
.ad
.fi
The \fBvirtual\fR(8) delivery agent is designed for virtual mail
-hosting services. Originally based on the Postfix local(8) delivery
+hosting services. Originally based on the Postfix \fBlocal\fR(8)
+delivery
agent, this agent looks up recipients with map lookups of their
full recipient address, instead of using hard-coded unix password
file lookups of the address local part only.
is delivered in UNIX mailbox format. This format stores multiple
messages in one textfile.
-The \fBvirtual\fR delivery agent prepends a "\fBFrom \fIsender
+The \fBvirtual\fR(8) delivery agent prepends a "\fBFrom \fIsender
time_stamp\fR" envelope header to each message, prepends a
\fBDelivered-To:\fR message header with the envelope recipient
address,
When the mailbox location ends in \fB/\fR, the message is delivered
in qmail \fBmaildir\fR format. This format stores one message per file.
-The \fBvirtual\fR delivery agent daemon prepends a \fBDelivered-To:\fR
+The \fBvirtual\fR(8) delivery agent prepends a \fBDelivered-To:\fR
message header with the final envelope recipient address,
prepends an \fBX-Original-To:\fR header with the recipient address as
given to Postfix, and prepends a
.nf
.ad
.fi
-The virtual delivery agent is not security sensitive, provided
+The \fBvirtual\fR(8) delivery agent is not security sensitive, provided
that the lookup tables with recipient user/group ID information are
adequately protected. This program is not designed to run chrooted.
-The virtual delivery agent disallows regular expression
+The \fBvirtual\fR(8) delivery agent disallows regular expression
substitution of $1 etc. in regular expression lookup tables,
because that would open a security hole.
-The virtual delivery agent will silently ignore requests
-to use the proxymap(8) server. Instead it will open the
+The \fBvirtual\fR(8) delivery agent will silently ignore requests
+to use the \fBproxymap\fR(8) server. Instead it will open the
table directly. Before Postfix version 2.2, the virtual
delivery agent will terminate with a fatal error.
.SH "STANDARDS"
.nf
.ad
.fi
-Changes to \fBmain.cf\fR are picked up automatically, as virtual(8)
+Changes to \fBmain.cf\fR are picked up automatically, as
+\fBvirtual\fR(8)
processes run for only a limited amount of time. Use the command
"\fBpostfix reload\fR" to speed up a change.
The text below provides only a parameter summary. See
-postconf(5) for more details including examples.
+\fBpostconf\fR(5) for more details including examples.
.SH "MAILBOX DELIVERY CONTROLS"
.na
.nf
.ad
.fi
.IP "\fBvirtual_mailbox_base (empty)\fR"
-A prefix that the virtual(8) delivery agent prepends to all pathname
+A prefix that the \fBvirtual\fR(8) delivery agent prepends to all pathname
results from $virtual_mailbox_maps table lookups.
.IP "\fBvirtual_mailbox_maps (empty)\fR"
Optional lookup tables with all valid addresses in the domains that
match $virtual_mailbox_domains.
.IP "\fBvirtual_minimum_uid (100)\fR"
-The minimum user ID value that the virtual(8) delivery agent accepts
-as a result from \fB$virtual_uid_maps\fR table lookup.
+The minimum user ID value that the \fBvirtual\fR(8) delivery agent accepts
+as a result from $virtual_uid_maps table lookup.
.IP "\fBvirtual_uid_maps (empty)\fR"
-Lookup tables with the per-recipient user ID that the virtual(8)
+Lookup tables with the per-recipient user ID that the \fBvirtual\fR(8)
delivery agent uses while writing to the recipient's mailbox.
.IP "\fBvirtual_gid_maps (empty)\fR"
-Lookup tables with the per-recipient group ID for virtual(8) mailbox
+Lookup tables with the per-recipient group ID for \fBvirtual\fR(8) mailbox
delivery.
.PP
Available in Postfix version 2.0 and later:
.ad
.fi
.IP "\fBvirtual_mailbox_lock (see 'postconf -d' output)\fR"
-How to lock a UNIX-style virtual(8) mailbox before attempting
+How to lock a UNIX-style \fBvirtual\fR(8) mailbox before attempting
delivery.
.IP "\fBdeliver_lock_attempts (20)\fR"
The maximal number of attempts to acquire an exclusive lock on a
-mailbox file or bounce(8) logfile.
+mailbox file or \fBbounce\fR(8) logfile.
.IP "\fBdeliver_lock_delay (1s)\fR"
The time between attempts to acquire an exclusive lock on a mailbox
-file or bounce(8) logfile.
+file or \fBbounce\fR(8) logfile.
.IP "\fBstale_lock_time (500s)\fR"
The time after which a stale exclusive mailbox lockfile is removed.
.SH "RESOURCE AND RATE CONTROLS"
$block =~ s/^(\.(PP|sp)\n)+//;
#$wantpp = !($block =~ /^\.(SH|IP)/);
+ # Boldify man page references.
+ $block =~ s/([_a-zA-Z0-9-]+)(\([0-9]\))/\\fB\1\\fR\2/g;
+
# Encapsulate as C code comment.
$block =~ s/^([^.])/\/\*\t\1/;
$block =~ s/^\./\/\* ./;
--- /dev/null
+#!/bin/sh
+
+for file
+do
+ echo ==== $file ====
+ deroff $file | double
+done
--- /dev/null
+#!/bin/sh
+
+# manlint - lint manual page 'roff source, stop list in mantools/manlint.stop
+
+# example: mantools/manlint man/man?/*
+
+grep -n . "$@" | sed -n '
+ s/$/ /
+ # Non-bold manual page references
+ /[a-z][_a-z0-9_]*([0-9])/{
+ p
+ d
+ }
+ # Command examples not enclosed in quotes
+ /[^"]\\fB[a-z][_a-z0-9-]* /{
+ p
+ d
+ }
+ # Missing manual page sections
+ /\\fBanvil\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBbounce\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBcleanup\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBdiscard\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBerror\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBflush\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBlmtp\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBlocal\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBmaster\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBoqmgr\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpickup\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpipe\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostalias\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostcat\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostconf\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostdrop\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostfix\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostkick\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostlock\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostlog\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostmap\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostqueue\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBpostsuper\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBproxymap\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBqmgr\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBqmqpd\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBscache\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBsendmail\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBshowq\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBsmtp\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBsmtpd\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBspawn\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBtlsmgr\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBtrivial-rewrite\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBverify\\fR[^-(]/{
+ p
+ d
+ }
+ /\\fBvirtual\\fR[^-(]/{
+ p
+ d
+ }
+' | egrep -v ':[a-z][_a-z0-9-]*\([0-9]\),' |
+ fgrep -vf mantools/manlint.stop
--- /dev/null
+man/man1/postmap.1:23:\fBmakemap \fIfile_type\fR \fIfile_name\fR < \fIfile_name\fR
+man/man1/sendmail.1:14:\fBsendmail -bp\fR
+man/man1/sendmail.1:17:\fBsendmail -I\fR
+man/man5/access.5:11:\fBpostmap /etc/postfix/access\fR
+man/man5/access.5:13:\fBpostmap -q "\fIstring\fB" /etc/postfix/access\fR
+man/man5/access.5:15:\fBpostmap -q - /etc/postfix/access <\fIinputfile\fR
+man/man5/canonical.5:11:\fBpostmap /etc/postfix/canonical\fR
+man/man5/canonical.5:13:\fBpostmap -q "\fIstring\fB" /etc/postfix/canonical\fR
+man/man5/canonical.5:15:\fBpostmap -q - /etc/postfix/canonical <\fIinputfile\fR
+man/man5/cidr_table.5:11:\fBpostmap -q "\fIstring\fB" cidr:/etc/postfix/\fIfilename\fR
+man/man5/cidr_table.5:13:\fBpostmap -q - cidr:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+man/man5/header_checks.5:11:\fBheader_checks = pcre:/etc/postfix/header_checks\fR
+man/man5/header_checks.5:13:\fBmime_header_checks = pcre:/etc/postfix/mime_header_checks\fR
+man/man5/header_checks.5:15:\fBnested_header_checks = pcre:/etc/postfix/nested_header_checks\fR
+man/man5/header_checks.5:17:\fBbody_checks = pcre:/etc/postfix/body_checks\fR
+man/man5/header_checks.5:19:\fBpostmap -fq "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
+man/man5/header_checks.5:21:\fBpostmap -fq - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+man/man5/ldap_table.5:11:\fBpostmap -q "\fIstring\fB" ldap:/etc/postfix/filename\fR
+man/man5/ldap_table.5:13:\fBpostmap -q - ldap:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+man/man5/mysql_table.5:11:\fBpostmap -q "\fIstring\fB" mysql:/etc/postfix/filename\fR
+man/man5/mysql_table.5:13:\fBpostmap -q - mysql:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+man/man5/nisplus_table.5:11:\fBpostmap -q "\fIstring\fB" "nisplus:[\fIname\fB=%s];\fIname.name.\fB"\fR
+man/man5/nisplus_table.5:13:\fBpostmap -q - "nisplus:[\fIname\fB=%s];\fIname.name.\fB"\fR <\fIinputfile\fR
+man/man5/pcre_table.5:11:\fBpostmap -fq "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
+man/man5/pcre_table.5:13:\fBpostmap -fq - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+man/man5/pgsql_table.5:11:\fBpostmap -q "\fIstring\fB" pgsql:/etc/postfix/filename\fR
+man/man5/pgsql_table.5:13:\fBpostmap -q - pgsql:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+man/man5/postconf.5:11:\fBpostconf -e\fR "\fIparameter=value\fR" ...
+man/man5/regexp_table.5:11:\fBpostmap -fq "\fIstring\fB" regexp:/etc/postfix/\fIfilename\fR
+man/man5/regexp_table.5:13:\fBpostmap -fq - regexp:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
+man/man5/relocated.5:11:\fBpostmap /etc/postfix/relocated\fR
+man/man5/tcp_table.5:11:\fBpostmap -q "\fIstring\fB" tcp:\fIhost:port\fR
+man/man5/tcp_table.5:13:\fBpostmap -q - tcp:\fIhost:port\fR <\fIinputfile\fR
+man/man5/transport.5:11:\fBpostmap /etc/postfix/transport\fR
+man/man5/transport.5:13:\fBpostmap -q "\fIstring\fB" /etc/postfix/transport\fR
+man/man5/transport.5:15:\fBpostmap -q - /etc/postfix/transport <\fIinputfile\fR
+man/man5/virtual.5:11:\fBpostmap /etc/postfix/virtual\fR
+man/man5/virtual.5:13:\fBpostmap -q "\fIstring\fB" /etc/postfix/virtual\fR
+man/man5/virtual.5:15:\fBpostmap -q - /etc/postfix/virtual <\fIinputfile\fR
+man/man8/cleanup.8:64:Table-driven rewriting rules make it hard to express \fBif then
+man/man8/lmtp.8:144:.IP "\fItransport_\fBdestination_concurrency_limit ($default_destination_concurrency_limit)\fR"
+man/man8/lmtp.8:147:.IP "\fItransport_\fBdestination_recipient_limit ($default_destination_recipient_limit)\fR"
+man/man1/postalias.1:12:\fBpostalias\fR [\fB-Nfinoprsvw\fR] [\fB-c \fIconfig_dir\fR]
+man/man1/postcat.1:11:\fBpostcat\fR [\fB-oqv\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...]
+man/man1/postconf.1:12:\fBpostconf\fR [\fB-dhmlnv\fR] [\fB-c \fIconfig_dir\fR]
+man/man1/postconf.1:15:\fBpostconf\fR [\fB-ev\fR] [\fB-c \fIconfig_dir\fR]
+man/man1/postdrop.1:11:\fBpostdrop\fR [\fB-rv\fR] [\fB-c \fIconfig_dir\fR]
+man/man1/postfix.1:12:\fBpostfix\fR [\fB-Dv\fR] [\fB-c \fIconfig_dir\fR] \fIcommand\fR
+man/man1/postkick.1:12:\fBpostkick\fR [\fB-c \fIconfig_dir\fR] [\fB-v\fR]
+man/man1/postlock.1:12:\fBpostlock\fR [\fB-c \fIconfig_dir\fB] [\fB-l \fIlock_style\fB]
+man/man1/postlog.1:12:\fBpostlog\fR [\fB-iv\fR] [\fB-c \fIconfig_dir\fR]
+man/man1/postlog.1:36:\fBerror\fR, \fBfatal\fR, or \fBpanic\fR.
+man/man1/postmap.1:12:\fBpostmap\fR [\fB-Nfinoprsvw\fR] [\fB-c \fIconfig_dir\fR]
+man/man1/postqueue.1:11:\fBpostqueue\fR [\fB-c \fIconfig_dir\fR] \fB-f\fR
+man/man1/postqueue.1:13:\fBpostqueue\fR [\fB-c \fIconfig_dir\fR] \fB-p\fR
+man/man1/postqueue.1:15:\fBpostqueue\fR [\fB-c \fIconfig_dir\fR] \fB-s \fIsite\fR
+man/man1/postsuper.1:12:\fBpostsuper\fR [\fB-psv\fR]
+man/man1/postsuper.1:28:\fBdeferred\fR directories with mail files and the \fBbounce\fR,
+man/man1/postsuper.1:29:\fBdefer\fR, \fBtrace\fR and \fBflush\fR directories with log files.
+man/man1/qshape.1:24:\fBpostfix\fR).
+man/man1/sendmail.1:11:\fBsendmail\fR [\fIoption ...\fR] [\fIrecipient ...\fR]
+man/man1/smtp-source.1:79:port is \fBsmtp\fR.
+man/man5/postconf.5:9:\fBpostconf\fR \fIparameter\fR ...
+man/man5/postconf.5:2438:Specify zero or more of \fBcanonical\fR, \fBvirtual\fR, \fBalias\fR,
+man/man5/postconf.5:2444:and \fBvirtual\fR is likely to cause problems when mail is forwarded
+man/man5/postconf.5:4562:is \fBsmtpd\fR, corresponding to a SASL configuration file named
+man/man5/transport.5:117:such as \fBsmtp\fR or \fBlocal\fR. The \fInexthop\fR field
+man/man5/virtual.5:223:Specify zero or more of \fBcanonical\fR, \fBvirtual\fR, \fBalias\fR,
+man/man8/anvil.8:11:\fBanvil\fR [generic Postfix daemon options]
+man/man8/bounce.8:11:\fBbounce\fR [generic Postfix daemon options]
+man/man8/cleanup.8:11:\fBcleanup\fR [generic Postfix daemon options]
+man/man8/discard.8:11:\fBdiscard\fR [generic Postfix daemon options]
+man/man8/error.8:11:\fBerror\fR [generic Postfix daemon options]
+man/man8/flush.8:11:\fBflush\fR [generic Postfix daemon options]
+man/man8/lmtp.8:11:\fBlmtp\fR [generic Postfix daemon options]
+man/man8/lmtp.8:38:\fBlmtp\fR in \fBservices\fR(4).
+man/man8/local.8:11:\fBlocal\fR [generic Postfix daemon options]
+man/man8/local.8:33:\fBsendmail\fR-style alias databases.
+man/man8/local.8:34:Users can have \fBsendmail\fR-style ~/.\fBforward\fR files.
+man/man8/master.8:11:\fBmaster\fR [\fB-Dtv\fR] [\fB-c \fIconfig_dir\fR] [\fB-e \fIexit_time\fR]
+man/man8/oqmgr.8:11:\fBoqmgr\fR [generic Postfix daemon options]
+man/man8/pickup.8:11:\fBpickup\fR [generic Postfix daemon options]
+man/man8/pipe.8:11:\fBpipe\fR [generic Postfix daemon options] command_attributes...
+man/man8/proxymap.8:11:\fBproxymap\fR [generic Postfix daemon options]
+man/man8/qmgr.8:11:\fBqmgr\fR [generic Postfix daemon options]
+man/man8/qmqpd.8:11:\fBqmqpd\fR [generic Postfix daemon options]
+man/man8/scache.8:11:\fBscache\fR [generic Postfix daemon options]
+man/man8/showq.8:11:\fBshowq\fR [generic Postfix daemon options]
+man/man8/smtp.8:11:\fBsmtp\fR [generic Postfix daemon options]
+man/man8/smtpd.8:11:\fBsmtpd\fR [generic Postfix daemon options]
+man/man8/spawn.8:11:\fBspawn\fR [generic Postfix daemon options] command_attributes...
+man/man8/tlsmgr.8:11:\fBtlsmgr\fR [generic Postfix daemon options]
+man/man8/trivial-rewrite.8:11:\fBtrivial-rewrite\fR [generic Postfix daemon options]
+man/man8/trivial-rewrite.8:31:the \fBlocal\fR address rewriting context. This prevents
+man/man8/verify.8:11:\fBverify\fR [generic Postfix daemon options]
+man/man8/virtual.8:11:\fBvirtual\fR [generic Postfix daemon options]
+man/man5/aliases.5:140:\fBvirtual\fR, \fBalias\fR, \fBforward\fR, or \fBinclude\fR.
+man/man5/canonical.5:170:Specify zero or more of \fBcanonical\fR, \fBvirtual\fR, \fBalias\fR,
+man/man8/bounce.8:19:\fBbounce\fR, \fBdefer\fR or \fBtrace\fR).
+man/man1/postfix.1:80:.IP "\fB-D\fR (with \fBpostfix start\fR only)"
+man/man5/postconf.5:2340:.IP "\fBbounce\fR (also implies \fB2bounce\fR)"
+man/man1/postfix.1:44:.IP \fBflush\fR
+man/man8/oqmgr.8:55:.IP \fBbounce\fR
+man/man8/qmgr.8:55:.IP \fBbounce\fR
+man/man8/trivial-rewrite.8:21:.IP \fBlocal\fR
--- /dev/null
+#!/bin/sh
+
+for file
+do
+ echo ==== $file ====
+ deroff $file | spell
+done | fgrep -vf proto/stop
$block =~ s/&/\&/g;
$block =~ s/\s+\n/\n/g;
$block =~ s/^\n//g;
+ $block =~ s/([a-z][_a-zA-Z0-9-]*)(\([0-9]\))/\\fB\1\\fR\2/g;
print $block;
$wantpp = !($block =~ /^\.(SH|IP)/);
}
s;\bdupli[-</bB>]*\n* *[<bB>]*cate_filter_limit\b;<a href="postconf.5.html#duplicate_filter_limit">$&</a>;g;
s;\bempty_address_recip[-</bB>]*\n* *[<bB>]*ient\b;<a href="postconf.5.html#empty_address_recipient">$&</a>;g;
s;\benable_original_recip[-</bB>]*\n* *[<bB>]*ient\b;<a href="postconf.5.html#enable_original_recipient">$&</a>;g;
+ s;\benable_errors_to\b;<a href="postconf.5.html#enable_errors_to">$&</a>;g;
s;\berror_notice_recip[-</bB>]*\n* *[<bB>]*ient\b;<a href="postconf.5.html#error_notice_recipient">$&</a>;g;
s;\berror_service_name\b;<a href="postconf.5.html#error_service_name">$&</a>;g;
s;\bexpand_owner_alias\b;<a href="postconf.5.html#expand_owner_alias">$&</a>;g;
s/[<bB>]*bounce[<\/bB>]*\(8\)/<a href="bounce.8.html">$&<\/a>/g;
s/[<bB>]*cleanup[<\/bB>]*\(8\)/<a href="cleanup.8.html">$&<\/a>/g;
s/[<bB>]*defer[<\/bB>]*\(8\)/<a href="defer.8.html">$&<\/a>/g;
- s/[<bB>]*discard[<\/bB>]*\(8\)/<a href="discard.8.html">$&<\/a>/g;
+ s/[<bB>]*dis
[-<\/bB>]*\n* *[<bB>]*card[<\/bB>]*\(8\)/<a href="discard.8.html">$&<\/a>/g;
s/[<bB>]*error[<\/bB>]*\(8\)/<a href="error.8.html">$&<\/a>/g;
s/[<bB>]*flush[<\/bB>]*\(8\)/<a href="flush.8.html">$&<\/a>/g;
s/[<bB>]*lmtp[<\/bB>]*\(8\)/<a href="lmtp.8.html">$&<\/a>/g;
s/[<bB>]*scache[<\/bB>]*\(8\)/<a href="scache.8.html">$&<\/a>/g;
s/[<bB>]*trans[-<\/bB>]*\n*[ <bB>]*port[<\/bB>]*\(5\)/<a href="transport.5.html">$&<\/a>/g;
s/[<bB>]*verify[<\/bB>]*\(8\)/<a href="verify.8.html">$&<\/a>/g;
- s/[<bB>]*virtual[<\/bB>]*\(5\)/<a href="virtual.5.html">$&<\/a>/g;
- s/[<bB>]*virtual[<\/bB>]*\(8\)/<a href="virtual.8.html">$&<\/a>/g;
+ s/[<bB>]*vir
[-<\/bB>]*\n*[ <bB>]*tual[<\/bB>]*\(5\)/<a href="virtual.5.html">$&<\/a>/g;
+ s/[<bB>]*vir
[-<\/bB>]*\n*[ <bB>]*tual[<\/bB>]*\(8\)/<a href="virtual.8.html">$&<\/a>/g;
s/[<bB>]*cidr_table[<\/bB>]*\(5\)/<a href="cidr_table.5.html">$&<\/a>/g;
s/[<bB>]*tcp_table[<\/bB>]*\(5\)/<a href="tcp_table.5.html">$&<\/a>/g;
s/[<bB>]*body_checks[<\/bB>]*\(5\)/<a href="header_checks.5.html">$&<\/a>/g;
described in tcp_table(5). The lookup table name is "tcp:host:port"
where "host" specifies a symbolic hostname or a numeric IP address,
and "port" specifies a symbolic service name or a numeric port
-number. This protocol is not available in Postfix version 2.1.
-</dd>
+number. This protocol is not available up to and including Postfix
+version 2.2. </dd>
<dt> <b>unix</b> (read-only) </dt>
OSF1.V3 - OSF1.V5 (Digital UNIX) <br>
Reliant UNIX 5.x <br>
Rhapsody 5.x <br>
-SunOS 4.1.4 (April 2004) <br>
+SunOS 4.1.4 (February 2005) <br>
SunOS 5.4 - 5.9 (Solaris 2.4..9) <br>
Ultrix 4.x (well, that was long ago) <br>
</p>
<h2>Introduction</h2>
<p> Postfix 2.2 introduces support for the IPv6 (IP version 6)
-protocol, whose main feature of interest is that it uses 128-bit
-IP addresses instead of the 32-bit addresses used by IPv4. </p>
-
-<p> With this, Postfix can use the same SMTP protocol over IPv6 as
-it already uses over the older IPv4 network, and Postfix can do
-AAAA record lookups in the DNS in addition to the older A records.
-Information about IPv6 can be found at http://www.ipv6.org/. </p>
+protocol. IPv6 support older Postfix versions was available as an
+add-on patch. The section "<a href="#compat">Compatibility with
+Postfix <2.2 IPv6 support</a>" below discusses the differences
+between these implementations. </p>
+
+<p> The main feature of interest is that IPv6 uses 128-bit IP
+addresses instead of the 32-bit addresses used by IPv4. It can
+therefore accomodate a much larger number of hosts and networks
+without ugly kluges such as NAT. A side benefit of the much larger
+address space is that it makes network scanning unpractical. </p>
+
+<p> Postfix uses the same SMTP protocol over IPv6 as it already
+uses over the older IPv4 network, and does AAAA record lookups in
+the DNS in addition to the older A records. Information about IPv6
+can be found at http://www.ipv6.org/. </p>
<p> This document provides information on the following topics:
</p>
<p> Postfix IPv6 support introduces two new main.cf configuration
parameters, and introduces an important change in address syntax
-notation in match lists such as <tt>mynetworks</tt> or
-<tt>debug_peer_list</tt>. </p>
+notation in match lists such as mynetworks or
+debug_peer_list. </p>
<p> Postfix IPv6 address syntax is a little tricky, because there
-are a few places where you must enclose IPv6 address inside
-<tt>[]</tt> characters, and a few places where you must not. It is
-a good idea to use <tt>[]</tt> only in the few places where you
+are a few places where you must enclose an IPv6 address inside
+"<tt>[]</tt>" characters, and a few places where you must not. It is
+a good idea to use "<tt>[]</tt>" only in the few places where you
have to. Check out the postconf(5) manual whenever you do IPv6
related configuration work with Postfix. </p>
<ul>
-<li> <p> The new <tt>inet_protocols</tt> parameter specifies what
-IP protocols Postfix will use. This parameter also controls what
-DNS lookups Postfix will do. </p>
+<li> <p> The first new parameter is called inet_protocols. This
+specifies what protocols Postfix will use when it makes or accepts
+network connections, and also controls what DNS lookups Postfix
+will use when it makes network connections. </p>
<blockquote>
<pre>
</ul>
<p> Note 1: you must stop and start Postfix after changing the
-<tt>inet_protocols</tt> configuration parameter. </p>
+inet_protocols configuration parameter. </p>
<p> Note 2: if you see error messages like the following, then
you're running Linux and need to turn on IPv6 in the kernel: see
</blockquote>
<p> Note 3: on older Linux and Solaris systems, the setting
-"<tt>inet_protocols = ipv6</tt>" will not prevent Postfix from
+"inet_protocols = ipv6" will not prevent Postfix from
accepting IPv4 connections. Postfix will present the client IP
addresses in IPv6 format, though. In all other cases, Postfix always
presents IPv4 client IP addresses in the traditional dotted quad
IPv4 format. </p>
-<li> <p> The other new parameter is <tt>smtp_bind_address6</tt>.
+<li> <p> The other new parameter is smtp_bind_address6.
This sets the local interface address for outgoing IPv6 SMTP
-connections, just like the <tt>smtp_bind_address</tt> parameter
+connections, just like the smtp_bind_address parameter
does for IPv4: </p>
<blockquote>
</pre>
</blockquote>
-<li> <p> If you left the value of the <tt>mynetworks</tt> parameter at its
-default (i.e. no <tt>mynetworks</tt> setting in main.cf) Postfix will figure
+<li> <p> If you left the value of the mynetworks parameter at its
+default (i.e. no mynetworks setting in main.cf) Postfix will figure
out by itself what its network addresses are. This is what a typical
setting looks like: </p>
</pre>
</blockquote>
-<p> If you did specify the <tt>mynetworks</tt> parameter value in
-main.cf, you need update the <tt>mynetworks</tt> value to include
+<p> If you did specify the mynetworks parameter value in
+main.cf, you need update the mynetworks value to include
the IPv6 networks the system is in. Be sure to specify IPv6 address
-information inside <tt>[]</tt>, like this: </p>
+information inside "<tt>[]</tt>", like this: </p>
<blockquote>
<pre>
</ul>
<p> <b> NOTE: when configuring Postfix match lists such as
-<tt>mynetworks</tt> or <tt>debug_peer_list</tt>, you must specify
-IPv6 address information inside <tt>[]</tt> in the main.cf parameter
+mynetworks or debug_peer_list, you must specify
+IPv6 address information inside "<tt>[]</tt>" in the main.cf parameter
value and in files specified with a "<i>/file/name</i>" pattern.
IPv6 addresses contain the ":" character, and would otherwise be
confused with a "<i>type:table</i>" pattern. </b> </p>
there are no blacklists that cover the IPv6 address space. </p>
<li> <p> IPv6 does not have class A, B, C, etc. networks. With IPv6
-networks, the setting "<tt>mynetworks_style = class</tt>" has the
-same effect as the setting "<tt>mynetworks_style = subnet</tt>".
+networks, the setting "mynetworks_style = class" has the
+same effect as the setting "mynetworks_style = subnet".
</p>
-<li> <p> On Tru64Unix, Postfix can't figure out the local subnet mask
+<li> <p> On Tru64Unix and AIX, Postfix can't figure out the local
+subnet mask
and always assumes a /128 network. This is a problem only with
-"<tt>mynetworks_style = subnet</tt>" and no explicit <tt>mynetworks</tt>
+"mynetworks_style = subnet" and no explicit mynetworks
setting in main.cf. </p>
</ul>
<ul>
-<li> <p> main.cf: The <tt>inet_interfaces</tt> parameter does not support
-the notation "<tt>ipv6:all</tt>" or "<tt>ipv4:all</tt>". Use the
-<tt>inet_protocols</tt> parameter instead. </p>
+<li> <p> main.cf: The inet_interfaces parameter does not support
+the notation "ipv6:all" or "ipv4:all". Use the
+inet_protocols parameter instead. </p>
-<li> <p> main.cf: Specify "<tt>inet_protocols = all</tt>" or
-"<tt>inet_protocols = ipv4, ipv6</tt>" in order to enable both IPv4
+<li> <p> main.cf: Specify "inet_protocols = all" or
+"inet_protocols = ipv4, ipv6" in order to enable both IPv4
and IPv6 support. </p>
-<li> <p> main.cf: The <tt>inet_protocols</tt> parameter also controls
+<li> <p> main.cf: The inet_protocols parameter also controls
what DNS lookups Postfix will attempt to make when delivering or
receiving mail. </p>
-<li> <p> main.cf: Specify "<tt>inet_interfaces = loopback-only</tt>"
+<li> <p> main.cf: Specify "inet_interfaces = loopback-only"
to listen on loopback network interfaces only. </p>
-<li> <p> The <tt>lmtp_bind_address</tt> and <tt>lmtp_bind_address6</tt>
+<li> <p> The lmtp_bind_address and lmtp_bind_address6
features were omitted. The Postfix LMTP client will be absorbed
into the SMTP client, so there is no reason to keep adding features
to the LMTP client. </p>
<li> <p> The SMTP server now requires that IPv6 addresses in SMTP
-commands are specified as <tt>[ipv6:<i>ipv6address</i>]</tt>, as
+commands are specified as [ipv6:<i>ipv6address</i>], as
described in RFC 2821. </p>
<li> <p> The IPv6 network address matching code was rewritten from
Postfix needs this information to avoid mailer loops and to find out
if mail for <i>user@[ipaddress]</i> is a local or remote destination. </p>
-<p> If your system has the <tt>getifaddrs()</tt> routine then add
+<p> If your system has the getifaddrs() routine then add
the following to your platform-specific section in
-<tt>src/util/sys_defs.h</tt>: </p>
+src/util/sys_defs.h: </p>
<blockquote>
<pre>
</pre>
</blockquote>
-<p> Otherwise, if your system has the SIOCGLIF <tt>ioctl()</tt>
-command in <tt>/usr/include/*/*.h</tt>, add the following to your
-platform-specific section in <tt>src/util/sys_defs.h</tt>: </p>
+<p> Otherwise, if your system has the SIOCGLIF ioctl()
+command in /usr/include/*/*.h, add the following to your
+platform-specific section in src/util/sys_defs.h: </p>
<blockquote>
<pre>
<p> Otherwise, Postfix will have to use the old SIOCGIF commands
and get along with reduced IPv6 functionality (it won't be able to
-figure out your IPv6 netmasks, which are needed for "<tt>mynetworks_style
-= subnet</tt>". Add this to your platform-specific section in
-<tt>src/util/sys_defs.h</tt>: </p>
+figure out your IPv6 netmasks, which are needed for "mynetworks_style
+= subnet". Add this to your platform-specific section in
+src/util/sys_defs.h: </p>
<blockquote>
<pre>
<li> <p> Test if Postfix can figure out its interface information. </p>
<p> After compiling Postfix in the usual manner, step into the
-<tt>src/util</tt> directory and type "<tt>make inet_addr_local</tt>".
+src/util directory and type "<b>make inet_addr_local</b>".
Running this file by hand should produce all the interface addresses
and network masks, for example: </p>
request rate
limiting for all smtpd(8) servers. The TUNING_README document
provides guidance for dealing with mis-behaving SMTP clients. The
-anvil(8) service is not included with Postfix version 2.1 or earlier.
+anvil(8) service is available in Postfix version 2.2 and later.
</p>
<table>
<li> <p> Maintain the pseudo-random number generator (PRNG) that
is used to seed the TLS engines in Postfix smtp(8) client or smtpd(8)
-server processes. The state of this PRNG is saved periodically to
+server processes. The state of this PRNG is periodically saved to
a file, and is read when tlsmgr(8) starts up. </p>
<li> <p> Maintain the optional Postfix smtp(8) client or smtpd(8)
own code, every 1000 lines introduce one additional bug into
Postfix. </p>
-<h2> Introduction </h2>
+<h2> What Postfix TLS support does for you </h2>
-<p> This document requires Postfix version 2.2 or later. </p>
-
-<p> Postfix may be built with Transport Layer Security (TLS, formerly
-called SSL) protocol support as described in RFC 3207. This provides
-certificate-based authentication, and encrypted sessions. An
+<p> Transport Layer Security (TLS, formerly called SSL) provides
+certificate-based authentication and encrypted sessions. An
encrypted session protects the information that is transmitted with
-SMTP mail or with SASL authentication. The main elements of the
-Postfix TLS architecture are: </p>
+SMTP mail or with SASL authentication.
+
+<p> Postfix version 2.2 introduces support for TLS as described in
+RFC 3207. TLS Support for older Postfix versions was available as
+an add-on patch. The section "<a href="#compat">Compatibility with
+Postfix < 2.2 TLS support</a>" below discusses the differences
+between these implementations. </p>
+
+<p> Topics covered in this document: </p>
+
+<ul>
+
+<li><a href="#how">How Postfix TLS support works</a>
+
+<li><a href="#build_tls">Building Postfix with TLS support</a>
+
+<li><a href="#server_tls">SMTP Server specific settings</a>
+
+<li> <a href="#client_tls">SMTP Client specific settings</a>
+
+<li><a href="#tlsmgr_controls"> TLS manager specific settings </a>
+
+<li><a href="#problems"> Reporting problems </a>
+
+<li><a href="#compat">Compatibility with Postfix < 2.2 TLS support</a>
+
+<li><a href="#credits"> Credits </a>
+
+</ul>
+
+<p> And last but not least, for the impatient: </p>
+
+<ul>
+
+<li><a href="#quick-start">Getting started, quick and dirty</a>
+
+</ul>
+
+<h2><a name="how">How Postfix TLS support works</a></h2>
+
+<p> The diagram below shows the main elements of the Postfix TLS
+architecture and their relationships. Colored boxes with numbered
+names represent Postfix daemon programs. Other colored boxes
+represent storage elements. </p>
<ul>
<li> <p> The tlsmgr(8) server maintains the pseudo-random number
generator (PRNG) that seeds the TLS engines in the smtpd(8) server
-and smtp(8) client processes, and maintains the TLS session cache
-files with TLS session keys. </p>
+and smtp(8) client processes, and maintains the TLS session key
+cache files. </p>
</ul>
-<p> The following diagram shows the relationship between these
-architecture elements. </p>
-
<table>
<tr> <td>Network<tt>-> </tt> </td> <td align="center"
</tr> </table> </td> <td colspan="3"> </td> </tr>
<tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff">
-smtpd<br> session<br> cache </td> <td> </td> <td align="center"
+smtpd<br> session<br> key cache </td> <td> </td> <td align="center"
bgcolor="#f0f0ff"> PRNG<br> state <br>file </td> <td> </td> <td
-align="center" bgcolor="#f0f0ff"> smtp<br> session<br> cache </td>
+align="center" bgcolor="#f0f0ff"> smtp<br> session<br> key cache
+</td>
<td colspan="2"> </td> </tr>
</table>
-<p> Topics covered in this document: </p>
-
-<ul>
-
-<li><a href="#build_tls">Building Postfix with TLS support</a>
-
-<li><a href="#server_tls">SMTP Server specific settings</a>
-
-<li> <a href="#client_tls">SMTP Client specific settings</a>
-
-<li><a href="#tlsmgr_controls"> TLS manager specific settings </a>
-
-<li><a href="#problems"> Reporting problems </a>
-
-<li><a href="#compat">Compatibility with Postfix < 2.2 TLS support</a>
-
-<li><a href="#credits"> Credits </a>
-
-</ul>
-
-<p> And last but not least, for the impatient: </p>
-
-<ul>
-
-<li><a href="#quick-start">Getting started, quick and dirty</a>
-
-</ul>
-
<h2><a name="build_tls">Building Postfix with TLS support</a></h2>
<p> To build Postfix with TLS support, first we need to generate
<ul>
-<li> <p> main.cf: Use <b>btree</b> instead of <b>sdbm</b> for TLS
+<li> <p> main.cf: Specify "btree" instead of "sdbm" for TLS
session cache databases. </p>
<p> TLS session cache databases are now accessed only by the
tlsmgr(8) process, so there are no more concurrency issues. Although
-Postfix has an <b>sdbm</b> client, the <b>sdbm</b> library (1000
+Postfix has an sdbm client, the sdbm library (1000
lines of code) is not included with Postfix. </p>
<p> TLS session caches can use any database that can store objects
of several kbytes or more, and that implements the sequence operation.
-In most cases, <b>btree</b> databases should be adequate. </p>
+In most cases, btree databases should be adequate. </p>
-<p> NOTE: You cannot use <b>dbm</b> databases. TLS session objects
+<p> NOTE: You cannot use dbm databases. TLS session objects
are too large. </p>
-<li> <p> master.cf: Specify <b>unix</b> instead of <b>fifo</b> as
+<li> <p> master.cf: Specify "unix" instead of "fifo" as
the tlsmgr service type. </p>
<p> The smtp(8) and smtpd(8) processes now use a client-server
# NAME
# access 5
# SUMMARY
-# format of Postfix access table
+# Postfix access table format
# SYNOPSIS
# \fBpostmap /etc/postfix/access\fR
#
#
# \fBpostmap -q - /etc/postfix/access <\fIinputfile\fR
# DESCRIPTION
-# The optional \fBaccess\fR table directs the Postfix SMTP server
+# The optional \fBaccess\fR(5) table directs the Postfix SMTP server
# to selectively reject or accept mail. Access can be allowed or
# denied for specific host names, domain names, networks, host
# addresses or mail addresses.
# For an example, see the EXAMPLE section at the end of this
# manual page.
#
-# Normally, the \fBaccess\fR table is specified as a text file
+# Normally, the \fBaccess\fR(5) table is specified as a text file
# that serves as input to the \fBpostmap\fR(1) command.
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
# is used for fast searching by the mail system. Execute the command
# Address information must not be enclosed with "[]" characters.
#
# NOTE 2: use the \fBcidr\fR lookup table type to specify
-# network/netmask patterns. See cidr_table(5) for details.
+# network/netmask patterns. See \fBcidr_table\fR(5) for details.
# .IP \fInet:work:addr:ess\fR
# .IP \fInet:work:addr\fR
# .IP \fInet:work\fR
# Address information must not be enclosed with "[]" characters.
#
# NOTE 3: use the \fBcidr\fR lookup table type to specify
-# network/netmask patterns. See cidr_table(5) for details.
+# network/netmask patterns. See \fBcidr_table\fR(5) for details.
#
# IPv6 support is available in Postfix 2.2 and later.
# ACCEPT ACTIONS
# .IP "\fBFILTER \fItransport:destination\fR"
# After the message is queued, send the entire message through
# the specified external content filter. The \fItransport:destination\fR
-# syntax is described in the transport(5) manual page. More information
+# syntax is described in the \fBtransport\fR(5) manual page.
+# More information
# about external content filters is in the Postfix FILTER_README file.
# .sp
# Note: this action overrides the \fBmain.cf content_filter\fR setting,
# This section describes how the table lookups change when lookups
# are directed to a TCP-based server. For a description of the TCP
# client/server lookup protocol, see \fBtcp_table\fR(5).
-# This feature is not available in Postfix version 2.1.
+# This feature is not available up to and including Postfix version 2.2.
#
# Each lookup operation uses the entire query string once.
# Depending on the application, that string is an entire client
# NAME
# aliases 5
# SUMMARY
-# format of the Postfix alias database
+# Postfix local alias database format
# SYNOPSIS
# .fi
# \fBnewaliases\fR
# DESCRIPTION
-# The \fBaliases\fR table provides a system-wide mechanism to
+# The \fBaliases\fR(5) table provides a system-wide mechanism to
# redirect mail for local recipients. The redirections are
# processed by the Postfix \fBlocal\fR(8) delivery agent.
#
-# Normally, the \fBaliases\fR table is specified as a text file
+# Normally, the \fBaliases\fR(5) table is specified as a text file
# that serves as input to the \fBpostalias\fR(1) command. The
# result, an indexed file in \fBdbm\fR or \fBdb\fR format, is
# used for fast lookup by the mail system. Execute the command
# Users can control delivery of their own mail by setting
# up \fB.forward\fR files in their home directory.
# Lines in per-user \fB.forward\fR files have the same syntax
-# as the right-hand side of \fBaliases\fR entries.
+# as the right-hand side of \fBaliases\fR(5) entries.
#
# The format of the alias database input file is as follows:
# .IP \(bu
# .fi
# The following \fBmain.cf\fR parameters are especially relevant.
# The text below provides only a parameter summary. See
-# postconf(5) for more details including examples.
+# \fBpostconf\fR(5) for more details including examples.
# .IP \fBalias_database\fR
# List of alias databases that are updated by the
# \fBnewaliases\fR(1) command.
# NAME
# canonical 5
# SUMMARY
-# format of Postfix canonical table
+# Postfix canonical table format
# SYNOPSIS
# \fBpostmap /etc/postfix/canonical\fR
#
#
# \fBpostmap -q - /etc/postfix/canonical <\fIinputfile\fR
# DESCRIPTION
-# The optional \fBcanonical\fR table specifies an address mapping for
+# The optional \fBcanonical\fR(5) table specifies an address mapping for
# local and non-local addresses. The mapping is used by the
# \fBcleanup\fR(8) daemon. The address mapping is recursive.
#
-# Normally, the \fBcanonical\fR table is specified as a text file
+# Normally, the \fBcanonical\fR(5) table is specified as a text file
# that serves as input to the \fBpostmap\fR(1) command.
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
# is used for fast searching by the mail system. Execute the command
-# \fBpostmap /etc/postfix/canonical\fR in order to rebuild the indexed
+# "\fBpostmap /etc/postfix/canonical\fR" in order to rebuild the indexed
# file after changing the text file.
#
# When the table is provided via other means such as NIS, LDAP
# done in a slightly different way as described below under
# "REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
#
-# By default the \fBcanonical\fR mapping affects both message
+# By default the \fBcanonical\fR(5) mapping affects both message
# header addresses (i.e. addresses that appear inside messages)
# and message envelope addresses (for example, the addresses
# that are used in SMTP protocol commands). Think Sendmail
# rule set \fBS3\fR, if you like. This is controlled with
# the \fBcanonical_classes\fR parameter.
#
-# Typically, one would use the \fBcanonical\fR table to replace login
+# Typically, one would use the \fBcanonical\fR(5) table to replace login
# names by \fIFirstname.Lastname\fR, or to clean up addresses produced
# by legacy mail systems.
#
-# The \fBcanonical\fR mapping is not to be confused with \fIvirtual
+# The \fBcanonical\fR(5) mapping is not to be confused with \fIvirtual
# domain\fR support. Use the \fBvirtual\fR(5) map for that purpose.
#
-# The \fBcanonical\fR mapping is not to be confused with local aliasing.
+# The \fBcanonical\fR(5) mapping is not to be confused with local aliasing.
# Use the \fBaliases\fR(5) map for that purpose.
# TABLE FORMAT
# .ad
# .fi
-# The input format for the \fBpostmap\fR(1) command is as follows:
+make# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP "\fIpattern result\fR"
# When \fIpattern\fR matches a mail address, replace it by the
# corresponding \fIresult\fR.
# This section describes how the table lookups change when lookups
# are directed to a TCP-based server. For a description of the TCP
# client/server lookup protocol, see \fBtcp_table\fR(5).
-# This feature is not available in Postfix version 2.1.
+# This feature is not available up to and including Postfix version 2.2.
#
# Each lookup operation uses the entire address once. Thus,
# \fIuser@domain\fR mail addresses are not broken up into their
# .fi
# The following \fBmain.cf\fR parameters are especially relevant.
# The text below provides only a parameter summary. See
-# postconf(5) for more details including examples.
+# \fBpostconf\fR(5) for more details including examples.
# .IP \fBcanonical_classes\fR
# What addresses are subject to canonical address mapping.
# .IP \fBcanonical_maps\fR
# (Classless Inter-Domain Routing) form.
#
# To find out what types of lookup tables your Postfix system
-# supports use the \fBpostconf -m\fR command.
+# supports use the "\fBpostconf -m\fR" command.
#
-# To test lookup tables, use the \fBpostmap\fR command as
+# To test lookup tables, use the "\fBpostmap -q\fR" command as
# described in the SYNOPSIS above.
# TABLE FORMAT
# .ad
# .in -4
# SEE ALSO
# postmap(1), Postfix lookup table manager
-# regexp_table(5) format of regular expression tables
-# pcre_table(5) format of PCRE tables
+# regexp_table(5), format of regular expression tables
+# pcre_table(5), format of PCRE tables
# README FILES
# .ad
# .fi
# best performance is obtained with \fBpcre\fR (Perl Compatible Regular
# Expression) tables, but the slower \fBregexp\fR (POSIX regular
# expressions) support is more widely available.
-# Use the command \fBpostconf -m\fR to find out what lookup table
+# Use the command "\fBpostconf -m\fR" to find out what lookup table
# types your Postfix system supports.
#
# The general format of Postfix regular expression tables is
# .fi
# Substitution of substrings from the matched expression into the
# \fIaction\fR
-# string is possible using the conventional Perl syntax ($1, $2, etc.).
-# The macros in the result string may need to be written as ${n}
-# or $(n) if they aren't followed by whitespace.
+# string is possible using the conventional Perl syntax
+# (\fB$1\fR, \fB$2\fR, etc.).
+# The macros in the result string may need to be written as \fB${n}\fR
+# or \fB$(n)\fR if they aren't followed by whitespace.
#
# Note: since negated patterns (those preceded by \fB!\fR) return a
# result when the expression does not match, substitutions are not
# Prepend one line with the specified text and inspect the next
# input line.
# .sp
-# Note: the prepended text is output immediately before the
-# input that triggered the \fBPREPEND\fR action. A body action
-# cannot prepend a message header.
-# .sp
-# Note: this action cannot be used to prepend multi-line text.
-# .sp
+# Notes:
+# .RS
+# .IP \(bu
+# The prepended text is output on a separate line, immediately
+# before the input that triggered the \fBPREPEND\fR action.
+# .IP \(bu
+# When prepending text before a message header line, the prepended
+# text must begin with a valid message header label.
+# .IP \(bu
+# This action cannot be used to prepend multi-line text.
+# .RE
+# .IP
# This feature is available in Postfix 2.1 and later.
# .IP "\fBREDIRECT \fIuser@domain\fR"
# Write a message redirection request to the queue file and
# fire, only the last one is executed.
# .sp
# This feature is available in Postfix 2.1 and later.
+# .IP "\fBREPLACE \fItext...\fR"
+# Replace the current line with the specified text and inspect the next
+# input line.
+# .sp
+# Note: when replacing a message header line, the replacement text
+# must begin with a valid header label.
+# .sp
+# This feature is available in Postfix 2.2 and later.
# .IP "\fBREJECT \fIoptional text...\fR
# Reject the entire message. Reply with \fIoptional text...\fR when
# the optional text is specified, otherwise reply with a generic error
# configuration variable in the main.cf file).
# .sp
# Chroot should not be used with the \fBlocal\fR(8),
-# \fBpipe\fR(8), \fBspawn\fR(8), and virtual(8) daemons.
+# \fBpipe\fR(8), \fBspawn\fR(8), and \fBvirtual\fR(8) daemons.
# Although the
# \fBproxymap\fR(8) server can run chrooted, doing so defeats
# most of the purpose of having that service in the first
# To find out what types of lookup tables your Postfix system
# supports use the "\fBpostconf -m\fR" command.
#
-# To test Postfix NIS+ lookup tables, use the \fBpostmap\fR
+# To test Postfix NIS+ lookup tables, use the "\fBpostmap -q\fR"
# command as described in the SYNOPSIS above.
# QUERY SYNTAX
# .ad
# corresponding result is returned.
#
# To find out what types of lookup tables your Postfix system
-# supports use the \fBpostconf -m\fR command.
+# supports use the "\fBpostconf -m\fR" command.
#
-# To test lookup tables, use the \fBpostmap -fq\fR command as
+# To test lookup tables, use the "\fBpostmap -fq\fR" command as
# described in the SYNOPSIS above.
# TABLE FORMAT
# .ad
<p> The remainder of this document is a description of all Postfix
configuration parameters. Default values are shown after the
parameter name in parentheses, and can be looked up with the
-<b>postconf -d</b> command. </p>
+"<b>postconf -d</b>" command. </p>
<p> Note: this is not an invitation to make changes to Postfix
configuration parameters. Unnecessary changes are likely to impair
.SH SEE ALSO
.na
.nf
-postconf(1) Postfix configuration parameter maintenance
-master(5) Postfix daemon configuration maintenance
+postconf(1), Postfix configuration parameter maintenance
+master(5), Postfix daemon configuration maintenance
.SH LICENSE
.ad
.fi
The remainder of this document is a description of all Postfix
configuration parameters. Default values are shown after the
parameter name in parentheses, and can be looked up with the
-\fBpostconf -d\fR command.
+"\fBpostconf -d\fR" command.
.PP
Note: this is not an invitation to make changes to Postfix
configuration parameters. Unnecessary changes can impair the
<p>
For compatibility reasons this feature is on by default. On systems
with lots of interactive users, the biff service can be a performance
-drain. Specify "biff = no" to disable.
+drain. Specify "biff = no" in main.cf to disable.
</p>
%PARAM body_checks
<dt><b>$client_name</b></dt>
-<dd>The client hostname or "<b>unknown</b>". </dd>
+<dd>The client hostname or "unknown". </dd>
<dt><b>$helo_name</b></dt>
<ul>
-<li> In main.cf specify "<tt>relay_transport = relay</tt>",
+<li> In main.cf specify "relay_transport = relay",
-<li> In master.cf specify "<tt>-o fallback_relay =</tt>" at the
-end of the <tt>relay</tt> entry.
+<li> In master.cf specify "-o fallback_relay =" (i.e., empty) at
+the end of the <tt>relay</tt> entry.
-<li> In transport maps, specify "<tt>relay:<i>nexthop...</i></tt>"
+<li> In transport maps, specify "relay:<i>nexthop...</i>"
as the right-hand side for backup or primary MX domain entries.
</ul>
as lookup key. </p>
<p>
-Specify "fast_flush_domains =" to disable the feature altogether.
+Specify "fast_flush_domains =" (i.e., empty) to disable the feature
+altogether.
</p>
%PARAM fast_flush_purge_time 7d
delay. This behavior is required by the SMTP standard. </p>
<p>
-Specify "<b>ignore_mx_lookup_error = yes</b>" to force a DNS A record
+Specify "ignore_mx_lookup_error = yes" to force a DNS A record
lookup instead. This violates the SMTP standard and can result in
mis-delivery of mail.
</p>
</p>
<p>
-With the default 100 SMTP server process limit, "<b>in_flow_delay
-= 1s</b>" limits the mail inflow to 100 messages per second above the
+With the default 100 SMTP server process limit, "in_flow_delay
+= 1s" limits the mail inflow to 100 messages per second above the
number of messages delivered per second.
</p>
%PARAM inet_interfaces all
<p> The network interface addresses that this mail system receives
-mail on. By default, the software claims all active interfaces on
-the machine; with Postfix 2.2 and later, specify "<b>loopback-only</b>"
-to select only local interfaces. The parameter also controls
-delivery of mail to user@[ip.address]. </p>
+mail on. Specify "all" to receive mail on all network
+interfaces (default), and "loopback-only" to receive mail
+on loopback network interfaces only (Postfix 2.2 and later). The
+parameter also controls delivery of mail to <tt>user@[ip.address]</tt>.
+</p>
<p>
Note: you need to stop and start Postfix when this parameter changes.
<p>
A better solution for multi-homed firewalls is to leave inet_interfaces
-at the default value
-and instead use explicit IP addresses in master.cf. This preserves SMTP
+at the default value and instead use explicit IP addresses in
+the master.cf SMTP server definitions. This preserves the SMTP client's
loop detection, by ensuring that each side of the firewall knows that the
other IP address is still the same host. Setting $inet_interfaces to a
single IPv4 and/or IPV6 address is primarily useful with virtual
<pre>
inet_interfaces = all (DEFAULT)
-inet_interfaces = loopback-only
+inet_interfaces = loopback-only (Postfix 2.2 and later)
inet_interfaces = 127.0.0.1
+inet_interfaces = 127.0.0.1, [::1] (Postfix 2.2 and later)
inet_interfaces = 192.168.1.2, 127.0.0.1
</pre>
%PARAM inet_protocols ipv4
<p> The Internet protocols Postfix will attempt to use when making
-or accepting connections. Specify one or more of "ipv4" or "ipv6",
-separated by whitespace or commas. The form "all" is equivalent to
-"ipv4, ipv6". </p>
+or accepting connections. Specify one or more of "ipv4"
+or "ipv6", separated by whitespace or commas. The form
+"all" is equivalent to "ipv4, ipv6". </p>
<p> This feature is available in Postfix version 2.2 and later. </p>
<li>You redefine the local delivery agent in master.cf.
-<li> You redefine the "local_transport" setting in main.cf.
+<li>You redefine the "local_transport" setting in main.cf.
<li>You use the "luser_relay", "mailbox_transport", or "fallback_transport"
feature of the Postfix local(8) delivery agent.
<p>
NOTE: if you use this feature for accounts not in the UNIX password
-file, then you must specify "<b>local_recipient_maps =</b>" (i.e. empty)
+file, then you must specify "local_recipient_maps =" (i.e. empty)
in the main.cf file, otherwise the Postfix SMTP server will reject mail
for non-UNIX accounts with "User unknown in local recipient table".
</p>
<p>
The numerical Postfix SMTP server response code when a remote SMTP
-client request is rejected by the "<b>reject</b>" restriction.
+client request is rejected by the "reject" restriction.
</p>
<p>
operators remain visible. This behavior is safe but it is also
technically incorrect. </p>
-<p> If you specify "resolve_dequoted_address = no", then the Postfix
+<p> If you specify "resolve_dequoted_address = no", then
+the Postfix
resolver will not know about additional @ etc. operators in the
address localpart. This opens opportunities for obscure mail relay
attacks with user@domain@domain addresses when Postfix provides
<dd>Pause for the specified number of seconds and proceed with
the next restriction in the list, if any. This may stop zombie
-mail when used as: </dd>
+mail when used as:
-<blockquote>
<pre>
/etc/postfix/main.cf:
smtpd_client_restrictions =
sleep 1, reject_unauth_pipelining
smtpd_delay_reject = no
</pre>
-</blockquote>
+This feature is available in Postfix 2.3. </dd>
<dt><b><a name="warn_if_reject">warn_if_reject</a></b></dt>
<p>
Produce additional bounce(8) logfile records that can be read by
-older Postfix versions. The current and more extensible "name =
+Postfix versions before 2.0. The current and more extensible "name =
value" format is needed in order to implement more sophisticated
functionality.
</p>
</p>
<p>
-Specify "<b>broken_sasl_auth_clients = yes</b>" to have Postfix advertise
+Specify "broken_sasl_auth_clients = yes" to have Postfix advertise
AUTH support in a non-standard way.
</p>
</p>
<p>
-This feature is implemented by the anvil(8) service which is not
-part of the stable Postfix 2.1 release.
+This feature is available in Postfix 2.2 and later.
</p>
<p>
<p> Report mail delivery errors to the address specified with the
non-standard Errors-To: message header, instead of the envelope
-sender address. This support is disabled by default with Postfix
-2.1 and later, and is always turned on with older Postfix versions.
-</p>
+sender address (this feature is removed with Postfix 2.2, is
+turned off by default with Postfix 2.1, and is always turned on
+with older Postfix versions). </p>
%PARAM extract_recipient_limit 10240
<p>
The maximal number of recipient addresses that Postfix will extract
-from message headers when mail is submitted with "sendmail -t".
+from message headers when mail is submitted with "<b>sendmail -t</b>".
</p>
<p>
<p>
The group ownership of set-gid Postfix commands and of group-writable
Postfix directories. When this parameter value is changed you need
-to re-run "<b>post-install set-permissions</b>".
+to re-run "<b>postfix set-permissions</b>" (with Postfix 2.0 and
+earlier: "<b>/etc/postfix/post-install set-permissions</b>".
</p>
%PARAM show_user_unknown_table_name yes
<p>
Obsolete SUN mailtool compatibility feature. Instead, use
-"<b>mailbox_delivery_lock = dotlock</b>".
+"mailbox_delivery_lock = dotlock".
</p>
%PARAM trace_service_name trace
<p>
The minimum user ID value that the virtual(8) delivery agent accepts
-as a result from <b>$virtual_uid_maps</b> table lookup. Returned
+as a result from $virtual_uid_maps table lookup. Returned
values less than this will be rejected, and the message will be
deferred.
</p>
auth, etc.) that the SMTP server will not send in the EHLO response
to a remote SMTP client. </p>
-%PARAM session_cache_service scache
+%PARAM connection_cache_service scache
<p> The name of the scache(8) connection cache service. This service
maintains a limited pool of cached sessions. </p>
-%PARAM session_cache_ttl_limit 2s
+%PARAM connection_cache_ttl_limit 2s
<p> The maximal time-to-live value that the connection cache server
allows. Requests that specify a larger TTL will be stored with the
protect the infrastructure against careless people. The cache TTL
is already bounded by $max_idle. </p>
-%PARAM session_cache_status_update_time 600s
+%PARAM connection_cache_status_update_time 600s
<p> How frequently the scache(8) server logs usage statistics with
connection cache hit and miss rates for logical destinations and for
client IP address matches any network or network address listed in
$mynetworks. This setting will not prevent remote mail header
address rewriting when mail from a remote client is forwarded by
-a neighboring system. </p>
+a neighboring system. </dd>
<dt><b> permit_sasl_authenticated </b></dt>
<p> Opportunistic mode: announce STARTTLS support to SMTP clients,
but do not require that clients use TLS encryption. </p>
-<p> Note: when invoked via "sendmail -bs", Postfix will never offer
+<p> Note: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
STARTTLS due to insufficient privileges to access the server private
key. This is intended behavior. </p>
<p> Note 1: this mode implies "smtpd_tls_auth_only = yes". </p>
-<p> Note 2: when invoked via "sendmail -bs", Postfix will never offer
+<p> Note 2: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
STARTTLS due to insufficient privileges to access the server private
key. This is intended behavior. </p>
# result is returned.
#
# To find out what types of lookup tables your Postfix system
-# supports use the \fBpostconf -m\fR command.
+# supports use the "\fBpostconf -m\fR" command.
#
-# To test lookup tables, use the \fBpostmap -fq\fR command as
+# To test lookup tables, use the "\fBpostmap -fq\fR" command as
# described in the SYNOPSIS above.
# TABLE FORMAT
# .ad
# .PP
# Each pattern is a POSIX regular expression enclosed by a pair of
# delimiters. The regular expression syntax is documented in
-# re_format(7) with 4.4BSD, in regex(5) with Solaris, and in
-# regex(7) with Linux. Other systems may use other document names.
+# \fBre_format\fR(7) with 4.4BSD, in \fBregex\fR(5) with Solaris, and in
+# \fBregex\fR(7) with Linux. Other systems may use other document names.
#
# The expression delimiter can be any character, except whitespace
# or characters that have special meaning (traditionally the forward
# NAME
# relocated 5
# SUMMARY
-# format of Postfix relocated table
+# Postfix relocated table format
# SYNOPSIS
# \fBpostmap /etc/postfix/relocated\fR
# DESCRIPTION
-# The optional \fBrelocated\fR table provides the information that is
+# The optional \fBrelocated\fR(5) table provides the information that is
# used in "user has moved to \fInew_location\fR" bounce messages.
#
-# Normally, the \fBrelocated\fR table is specified as a text file
+# Normally, the \fBrelocated\fR(5) table is specified as a text file
# that serves as input to the \fBpostmap\fR(1) command.
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
# is used for fast searching by the mail system. Execute the command
-# \fBpostmap /etc/postfix/relocated\fR in order to rebuild the indexed
+# "\fBpostmap /etc/postfix/relocated\fR" in order to rebuild the indexed
# file after changing the relocated table.
#
# When the table is provided via other means such as NIS, LDAP
# This section describes how the table lookups change when lookups
# are directed to a TCP-based server. For a description of the TCP
# client/server lookup protocol, see \fBtcp_table\fR(5).
-# This feature is not available in Postfix version 2.1.
+# This feature is not available up to and including Postfix version 2.2.
#
# Each lookup operation uses the entire address once. Thus,
# \fIuser@domain\fR mail addresses are not broken up into their
# .fi
# The following \fBmain.cf\fR parameters are especially relevant.
# The text below provides only a parameter summary. See
-# postconf(5) for more details including examples.
+# \fBpostconf\fR(5) for more details including examples.
# .IP \fBrelocated_maps\fR
# List of lookup tables for relocated users or sites.
# .PP
# can be directed to a TCP server.
#
# To find out what types of lookup tables your Postfix system
-# supports use the \fBpostconf -m\fR command.
+# supports use the "\fBpostconf -m\fR" command.
#
-# To test lookup tables, use the \fBpostmap\fR command as
+# To test lookup tables, use the "\fBpostmap -q\fR" command as
# described in the SYNOPSIS above.
# PROTOCOL DESCRIPTION
# .ad
# a long time.
# SEE ALSO
# postmap(1), Postfix lookup table manager
-# regexp_table(5) format of regular expression tables
-# pcre_table(5) format of PCRE tables
-# cidr_table(5) format of CIDR tables
+# regexp_table(5), format of regular expression tables
+# pcre_table(5), format of PCRE tables
+# cidr_table(5), format of CIDR tables
# README FILES
# .ad
# .fi
# NAME
# transport 5
# SUMMARY
-# format of Postfix transport table
+# Postfix transport table format
# SYNOPSIS
# \fBpostmap /etc/postfix/transport\fR
#
#
# \fBpostmap -q - /etc/postfix/transport <\fIinputfile\fR
# DESCRIPTION
-# The optional \fBtransport\fR table specifies a mapping from email
+# The optional \fBtransport\fR(5) table specifies a mapping from email
# addresses to message delivery transports and/or relay hosts. The
# mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
#
# Mail for any other destination is by default delivered via
# \fB$default_transport\fR.
# .PP
-# Normally, the \fBtransport\fR table is specified as a text file
+# Normally, the \fBtransport\fR(5) table is specified as a text file
# that serves as input to the \fBpostmap\fR(1) command.
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
# for fast searching by the mail system. Execute the command
-# \fBpostmap /etc/postfix/transport\fR in order to rebuild the indexed
+# "\fBpostmap /etc/postfix/transport\fR" in order to rebuild the indexed
# file after changing the transport table.
#
# When the table is provided via other means such as NIS, LDAP
# This section describes how the table lookups change when lookups
# are directed to a TCP-based server. For a description of the TCP
# client/server lookup protocol, see \fBtcp_table\fR(5).
-# This feature is not available in Postfix version 2.1.
+# This feature is not available up to and including Postfix version 2.2.
#
# Each lookup operation uses the entire recipient address once. Thus,
# \fIsome.domain.hierarchy\fR is not looked up via its parent domains,
# .fi
# The following \fBmain.cf\fR parameters are especially relevant.
# The text below provides only a parameter summary. See
-# postconf(5) for more details including examples.
+# \fBpostconf\fR(5) for more details including examples.
# .IP \fBempty_address_recipient\fR
# The address that is looked up instead of the null sender address.
# .IP \fBparent_domain_matches_subdomains\fR
# NAME
# virtual 5
# SUMMARY
-# format of Postfix virtual alias table
+# Postfix virtual alias table format
# SYNOPSIS
# \fBpostmap /etc/postfix/virtual\fR
#
#
# \fBpostmap -q - /etc/postfix/virtual <\fIinputfile\fR
# DESCRIPTION
-# The optional \fBvirtual\fR alias table specifies address aliasing
+# The optional \fBvirtual\fR(5) alias table specifies address aliasing
# for arbitrary local or non-local recipient addresses. Virtual aliasing
# is recursive, and is done by the Postfix \fBcleanup\fR(8) daemon.
#
# Think Sendmail rule set \fBS0\fR, if you like. Use \fBcanonical\fR(5)
# mapping to rewrite header and envelope addresses in general.
#
-# Normally, the \fBvirtual\fR alias table is specified as a text file
+# Normally, the \fBvirtual\fR(5) alias table is specified as a text file
# that serves as input to the \fBpostmap\fR(1) command.
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
# is used for fast searching by the mail system. Execute the command
-# \fBpostmap /etc/postfix/virtual\fR in order to rebuild the indexed
+# "\fBpostmap /etc/postfix/virtual\fR" in order to rebuild the indexed
# file after changing the text file.
#
# When the table is provided via other means such as NIS, LDAP
# or $\fBproxy_interfaces\fR.
# .sp
# This functionality overlaps with functionality of the local
-# \fIaliases\fR(5) database. The difference is that \fBvirtual\fR
+# \fIaliases\fR(5) database. The difference is that \fBvirtual\fR(5)
# mapping can be applied to non-local addresses.
# .IP "@\fIdomain address, address, ...\fR"
# Mail for any user in \fIdomain\fR is redirected to \fIaddress\fR.
# virtual_alias_maps = hash:/etc/postfix/virtual
#
# Note: some systems use \fBdbm\fR databases instead of \fBhash\fR.
-# See the output from \fBpostconf -m\fR for available database types.
+# See the output from "\fBpostconf -m\fR" for available database types.
#
# .ti -4
# /etc/postfix/virtual:
# This section describes how the table lookups change when lookups
# are directed to a TCP-based server. For a description of the TCP
# client/server lookup protocol, see \fBtcp_table\fR(5).
-# This feature is not available in Postfix version 2.1.
+# This feature is not available up to and including Postfix version 2.2.
#
# Each lookup operation uses the entire address once. Thus,
# \fIuser@domain\fR mail addresses are not broken up into their
# .fi
# The following \fBmain.cf\fR parameters are especially relevant to
# this topic. See the Postfix \fBmain.cf\fR file for syntax details
-# and for default values. Use the \fBpostfix reload\fR command after
+# and for default values. Use the "\fBpostfix reload\fR" command after
# a configuration change.
# .IP \fBvirtual_alias_maps\fR
# List of virtual aliasing tables.
/* SYNOPSIS
/* \fBanvil\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The Postfix \fBanvil\fR server maintains short-term statistics
+/* The Postfix \fBanvil\fR(8) server maintains short-term statistics
/* to defend against clients that hammer a server with either too
/* many simultaneous sessions, or with too many successive requests
/* within a configurable time interval.
/* This server is designed to run under control by the Postfix
-/* master server.
+/* \fBmaster\fR(8) server.
/*
-/* The \fBanvil\fR server maintains no persistent database. Standard
+/* The \fBanvil\fR(8) server maintains no persistent database. Standard
/* library utilities do not meet Postfix performance and robustness
/* requirements.
/* CONNECTION COUNT/RATE LIMITING
/* .ad
/* .fi
/* When a remote client connects, a connection count (or rate) limited
-/* server should send the following request to the \fBanvil\fR server:
+/* server should send the following request to the \fBanvil\fR(8) server:
/* .PP
/* .in +4
/* \fBrequest=connect\fR
/* .in
/* .PP
/* This registers a new connection for the (service, client)
-/* combination specified with \fBident\fR. The \fBanvil\fR server
+/* combination specified with \fBident\fR. The \fBanvil\fR(8) server
/* answers with the number of simultaneous connections and the
/* number of connections per unit time for that (service, client)
/* combination:
/* exceeds the connection count (or rate) limit.
/* .PP
/* When a remote client disconnects, a connection count (or rate) limited
-/* server should send the following request to the \fBanvil\fR server:
+/* server should send the following request to the \fBanvil\fR(8) server:
/* .PP
/* .in +4
/* \fBrequest=disconnect\fR
/* .in
/* .PP
/* This registers a disconnect event for the (service, client)
-/* combination specified with \fBident\fR. The \fBanvil\fR
+/* combination specified with \fBident\fR. The \fBanvil\fR(8)
/* server replies with:
/* .PP
/* .ti +4
/* .fi
/* When a remote client sends a message delivery request, a
/* message rate limited server should send the following
-/* request to the \fBanvil\fR server:
+/* request to the \fBanvil\fR(8) server:
/* .PP
/* .in +4
/* \fBrequest=message\fR
/* .in
/* .PP
/* This registers a message delivery request for the (service, client)
-/* combination specified with \fBident\fR. The \fBanvil\fR server
+/* combination specified with \fBident\fR. The \fBanvil\fR(8) server
/* answers with the number of message delivery requests per unit time
/* for that (service, client) combination:
/* .PP
/* \fBrate=\fInumber\fR
/* .in
/* .PP
-/* In order prevent the anvil server from discarding client
+/* In order to prevent the \fBanvil\fR(8) server from discarding client
/* request rates too early or too late, a message rate limited
/* service should also register connect/disconnect events.
-/* .PP
-/* This feature is available in Postfix 2.2 and later.
/* RECIPIENT RATE LIMITING
/* .ad
/* .fi
/* When a remote client sends a recipient address, a recipient
/* rate limited server should send the following request to
-/* the \fBanvil\fR server:
+/* the \fBanvil\fR(8) server:
/* .PP
/* .in +4
/* \fBrequest=recipient\fR
/* \fBident=\fIstring\fR
/* .in
/* .PP
-/* This registers a recipient address for the (service, client)
-/* combination specified with \fBident\fR. The \fBanvil\fR server
+/* This registers a recipient request for the (service, client)
+/* combination specified with \fBident\fR. The \fBanvil\fR(8) server
/* answers with the number of recipient addresses per unit time
/* for that (service, client) combination:
/* .PP
/* \fBrate=\fInumber\fR
/* .in
/* .PP
-/* In order prevent the anvil server from discarding client
+/* In order to prevent the \fBanvil\fR(8) server from discarding client
/* request rates too early or too late, a recipient rate limited
/* service should also register connect/disconnect events.
-/* .PP
-/* This feature is available in Postfix 2.2 and later.
/* SECURITY
/* .ad
/* .fi
-/* The \fBanvil\fR server does not talk to the network or to local
+/* The \fBanvil\fR(8) server does not talk to the network or to local
/* users, and can run chrooted at fixed low privilege.
/*
-/* The \fBanvil\fR server maintains an in-memory table with information
+/* The \fBanvil\fR(8) server maintains an in-memory table with information
/* about recent clients of a connection count (or rate) limited service.
/* Although state is kept only temporarily, this may require a lot of
/* memory on systems that handle connections from many remote clients.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically as anvil(8)
+/* Changes to \fBmain.cf\fR are picked up automatically as \fBanvil\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBanvil_rate_time_unit (60s)\fR"
/* The time unit over which client connection rates and other rates
/* are calculated.
/* .IP "\fBanvil_status_update_time (600s)\fR"
-/* How frequently the anvil(8) connection and rate limiting server
+/* How frequently the \fBanvil\fR(8) connection and rate limiting server
/* logs peak usage information.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* HISTORY
/* .ad
/* .fi
-/* The anvil service was introduced with Postfix 2.1.
+/* The anvil service is available in Postfix 2.2 and later.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* SYNOPSIS
/* \fBbounce\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBbounce\fR daemon maintains per-message log files with
+/* The \fBbounce\fR(8) daemon maintains per-message log files with
/* non-delivery status information. Each log file is named after the
/* queue file that it corresponds to, and is kept in a queue subdirectory
/* named after the service name in the \fBmaster.cf\fR file (either
/* This program expects to be run from the \fBmaster\fR(8) process
/* manager.
/*
-/* The \fBbounce\fR daemon processes two types of service requests:
+/* The \fBbounce\fR(8) daemon processes two types of service requests:
/* .IP \(bu
/* Append a recipient (non-)delivery status record to a per-message
/* log file.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically, as bounce(8)
+/* Changes to \fBmain.cf\fR are picked up automatically, as \fBbounce\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fB2bounce_notice_recipient (postmaster)\fR"
/* The recipient of undeliverable mail that cannot be returned to
/* the sender.
/* .IP "\fBbackwards_bounce_logfile_compatibility (yes)\fR"
-/* Produce additional bounce(8) logfile records that can be read by
-/* older Postfix versions.
+/* Produce additional \fBbounce\fR(8) logfile records that can be read by
+/* Postfix versions before 2.0.
/* .IP "\fBbounce_notice_recipient (postmaster)\fR"
/* The recipient of postmaster notifications with the message headers
/* of mail that Postfix did not deliver and of SMTP conversation
/* units.
/* .IP "\fBdeliver_lock_attempts (20)\fR"
/* The maximal number of attempts to acquire an exclusive lock on a
-/* mailbox file or bounce(8) logfile.
+/* mailbox file or \fBbounce\fR(8) logfile.
/* .IP "\fBdeliver_lock_delay (1s)\fR"
/* The time between attempts to acquire an exclusive lock on a mailbox
-/* file or bounce(8) logfile.
+/* file or \fBbounce\fR(8) logfile.
/* .IP "\fBipc_timeout (3600s)\fR"
/* The time limit for sending or receiving information over an internal
/* communication channel.
/* SYNOPSIS
/* \fBcleanup\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBcleanup\fR daemon processes inbound mail, inserts it
+/* The \fBcleanup\fR(8) daemon processes inbound mail, inserts it
/* into the \fBincoming\fR mail queue, and informs the queue
/* manager of its arrival.
/*
-/* The \fBcleanup\fR daemon always performs the following transformations:
+/* The \fBcleanup\fR(8) daemon always performs the following transformations:
/* .IP \(bu
/* Insert missing message headers: (\fBResent-\fR) \fBFrom:\fR,
/* \fBTo:\fR, \fBMessage-Id:\fR, and \fBDate:\fR.
/* Optionally, expand envelope recipients according to information
/* found in the \fBvirtual\fR(5) lookup tables.
/* .PP
-/* The \fBcleanup\fR daemon performs sanity checks on the content of
+/* The \fBcleanup\fR(8) daemon performs sanity checks on the content of
/* each message. When it finds a problem, by default it returns a
/* diagnostic status to the client, and leaves it up to the client
/* to deal with the problem. Alternatively, the client can request
-/* the \fBcleanup\fR daemon to bounce the message back to the sender
+/* the \fBcleanup\fR(8) daemon to bounce the message back to the sender
/* in case of trouble.
/* STANDARDS
/* RFC 822 (ARPA Internet Text Messages)
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically, as cleanup(8)
+/* Changes to \fBmain.cf\fR are picked up automatically, as
+/* \fBcleanup\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* COMPATIBILITY CONTROLS
/* .ad
/* .fi
/* .IP "\fBundisclosed_recipients_header (To: undisclosed-recipients:;)\fR"
-/* Message header that the Postfix cleanup(8) server inserts when a
+/* Message header that the Postfix \fBcleanup\fR(8) server inserts when a
/* message contains no To: or Cc: message header.
/* .PP
/* Available in Postfix version 2.1 and later:
/* worms or viruses. It is not a general content filter.
/* .IP "\fBbody_checks (empty)\fR"
/* Optional lookup tables for content inspection as specified in
-/* the body_checks(5) manual page.
+/* the \fBbody_checks\fR(5) manual page.
/* .IP "\fBheader_checks (empty)\fR"
/* Optional lookup tables for content inspection of primary non-MIME
-/* message headers, as specified in the header_checks(5) manual page.
+/* message headers, as specified in the \fBheader_checks\fR(5) manual page.
/* .PP
/* Available in Postfix version 2.0 and later:
/* .IP "\fBbody_checks_size_limit (51200)\fR"
/* prefer to use that term) is subjected to body_checks inspection.
/* .IP "\fBmime_header_checks ($header_checks)\fR"
/* Optional lookup tables for content inspection of MIME related
-/* message headers, as described in the header_checks(5) manual page.
+/* message headers, as described in the \fBheader_checks\fR(5) manual page.
/* .IP "\fBnested_header_checks ($header_checks)\fR"
/* Optional lookup tables for content inspection of non-MIME message
-/* headers in attached messages, as described in the header_checks(5)
+/* headers in attached messages, as described in the \fBheader_checks\fR(5)
/* manual page.
/* MIME PROCESSING CONTROLS
/* .ad
/* ADDRESS TRANSFORMATION CONTROLS
/* .ad
/* .fi
-/* Address rewriting is delegated to the trivial-rewrite(8) daemon.
-/* The cleanup(8) server implements table driven address mapping.
+/* Address rewriting is delegated to the \fBtrivial-rewrite\fR(8) daemon.
+/* The \fBcleanup\fR(8) server implements table driven address mapping.
/* .IP "\fBempty_address_recipient (MAILER-DAEMON)\fR"
/* The recipient of mail addressed to the null address.
/* .IP "\fBcanonical_maps (empty)\fR"
/* .fi
/* .IP "\fBduplicate_filter_limit (1000)\fR"
/* The maximal number of addresses remembered by the address
-/* duplicate filter for aliases(5) or virtual(5) alias expansion, or
-/* for showq(8) queue displays.
+/* duplicate filter for \fBaliases\fR(5) or \fBvirtual\fR(5) alias expansion, or
+/* for \fBshowq\fR(8) queue displays.
/* .IP "\fBheader_size_limit (102400)\fR"
/* The maximal amount of memory in bytes for storing a message header.
/* .IP "\fBhopcount_limit (50)\fR"
}
return (CLEANUP_ACT_KEEP);
}
+ if (STREQUAL(value, "REPLACE", command_len)) {
+ if (*optional_text == 0) {
+ msg_warn("REPLACE action without text in %s map", map_class);
+ } else if (strcmp(context, CLEANUP_ACT_CTXT_HEADER) == 0
+ && !is_header(optional_text)) {
+ msg_warn("bad REPLACE header text \"%s\" in %s map, "
+ "need \"headername: headervalue\"",
+ optional_text, map_class);
+ } else {
+ cleanup_act_log(state, "replace", context, buf, optional_text);
+ cleanup_out_string(state, REC_TYPE_NORM, optional_text);
+ }
+ return (CLEANUP_ACT_DROP);
+ }
if (STREQUAL(value, "REDIRECT", command_len)) {
if (strchr(optional_text, '@') == 0) {
msg_warn("bad REDIRECT target \"%s\" in %s map, need user@domain",
/* SYNOPSIS
/* \fBdiscard\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The Postfix discard delivery agent processes delivery requests from
+/* The Postfix \fBdiscard\fR(8) delivery agent processes
+/* delivery requests from
/* the queue manager. Each request specifies a queue file, a sender
/* address, a domain or host name that is treated as the reason for
/* discarding the mail, and recipient information.
/* This program expects to be run from the \fBmaster\fR(8) process
/* manager.
/*
-/* The discard delivery agent pretends to deliver all recipients
+/* The \fBdiscard\fR(8) delivery agent pretends to deliver all recipients
/* in the delivery request, logs the "next-hop" domain or host
/* information as the reason for discarding the mail, updates the
/* queue file and marks recipients as finished or informs the
/* SECURITY
/* .ad
/* .fi
-/* The discard mailer is not security-sensitive. It does not talk
+/* The \fBdiscard\fR(8) mailer is not security-sensitive. It does not talk
/* to the network, and can be run chrooted at fixed low privilege.
/* STANDARDS
/* None.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically as discard(8)
+/* Changes to \fBmain.cf\fR are picked up automatically as \fBdiscard\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
/* SYNOPSIS
/* \fBerror\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The Postfix error delivery agent processes delivery requests from
+/* The Postfix \fBerror\fR(8) delivery agent processes delivery
+/* requests from
/* the queue manager. Each request specifies a queue file, a sender
/* address, a domain or host name that is treated as the reason for
/* non-delivery, and recipient information.
/* This program expects to be run from the \fBmaster\fR(8) process
/* manager.
/*
-/* The error delivery agent bounces all recipients in the delivery
+/* The \fBerror\fR(8) delivery agent bounces all recipients in the delivery
/* request using the "next-hop"
/* domain or host information as the reason for non-delivery, updates
/* the queue file and marks recipients as finished or informs the
/* SECURITY
/* .ad
/* .fi
-/* The error mailer is not security-sensitive. It does not talk
+/* The \fBerror\fR(8) mailer is not security-sensitive. It does not talk
/* to the network, and can be run chrooted at fixed low privilege.
/* STANDARDS
/* None.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically as error(8)
+/* Changes to \fBmain.cf\fR are picked up automatically as \fBerror\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fB2bounce_notice_recipient (postmaster)\fR"
/* The recipient of undeliverable mail that cannot be returned to
/* the sender.
/* SYNOPSIS
/* \fBflush\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The flush server maintains a record of deferred mail by destination.
+/* The \fBflush\fR(8) server maintains a record of deferred
+/* mail by destination.
/* This information is used to improve the performance of the SMTP
/* \fBETRN\fR request, and of its command-line equivalent,
/* "\fBsendmail -qR\fR" or "\fBpostqueue -f\fR".
/*
/* This server implements the following requests:
/* .IP "\fBadd\fI sitename queueid\fR"
-/* Inform the fast flush server that the message with the specified
+/* Inform the \fBflush\fR(8) server that the message with the specified
/* queue ID is queued for the specified destination.
/* .IP "\fBsend\fI sitename\fR"
/* Request delivery of mail that is queued for the specified
/* SECURITY
/* .ad
/* .fi
-/* The fast flush server is not security-sensitive. It does not
+/* The \fBflush\fR(8) server is not security-sensitive. It does not
/* talk to the network, and it does not talk to local users.
/* The fast flush server can run chrooted at fixed low privilege.
/* DIAGNOSTICS
/* \fBmaster.cf\fR configuration file.
/*
/* Upon receipt of a request to deliver mail for an eligible
-/* destination, the \fBflush\fR server requests delivery of all messages
+/* destination, the \fBflush\fR(8) server requests delivery of all messages
/* that are listed in that destination's logfile, regardless of the
/* recipients of those messages. This is not an issue for mail
/* that is sent to a \fBrelay_domains\fR destination because
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically as flush(8)
+/* Changes to \fBmain.cf\fR are picked up automatically as \fBflush\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
-#define MAIL_RELEASE_DATE "20050203"
+#define MAIL_RELEASE_DATE "20050205"
#define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version"
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically, as lmtp(8)
+/* Changes to \fBmain.cf\fR are picked up automatically, as \fBlmtp\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* COMPATIBILITY CONTROLS
/* .ad
/* .fi
/* SYNOPSIS
/* \fBlocal\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBlocal\fR daemon processes delivery requests from the
+/* The \fBlocal\fR(8) daemon processes delivery requests from the
/* Postfix queue manager to deliver mail to local recipients.
/* Each delivery request specifies a queue file, a sender address,
/* a domain or host to deliver to, and one or more recipients.
/* This program expects to be run from the \fBmaster\fR(8) process
/* manager.
/*
-/* The \fBlocal\fR daemon updates queue files and marks recipients
+/* The \fBlocal\fR(8) daemon updates queue files and marks recipients
/* as finished, or it informs the queue manager that delivery should
/* be tried again at a later time. Delivery status reports are sent
/* to the \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemon as
/* for recipients that are not found in the UNIX passwd database.
/*
/* In the case of UNIX-style mailbox delivery,
-/* the \fBlocal\fR daemon prepends a "\fBFrom \fIsender time_stamp\fR"
+/* the \fBlocal\fR(8) daemon prepends a "\fBFrom \fIsender time_stamp\fR"
/* envelope header to each message, prepends an
/* \fBX-Original-To:\fR header with the recipient address as given to
/* Postfix, prepends an
/*
/* The current working directory is the mail queue directory.
/*
-/* The \fBlocal\fR daemon prepends a "\fBFrom \fIsender time_stamp\fR"
+/* The \fBlocal\fR(8) daemon prepends a "\fBFrom \fIsender time_stamp\fR"
/* envelope header to each message, prepends an
/* \fBX-Original-To:\fR header with the recipient address as given to
/* Postfix, prepends an
/* forward\fR) forbids file destinations in \fB:include:\fR files.
/*
/* In the case of UNIX-style mailbox delivery,
-/* the \fBlocal\fR daemon prepends a "\fBFrom \fIsender time_stamp\fR"
+/* the \fBlocal\fR(8) daemon prepends a "\fBFrom \fIsender time_stamp\fR"
/* envelope header to each message, prepends an
/* \fBX-Original-To:\fR header with the recipient address as given to
/* Postfix, prepends an
/* to the mailbox owned by the user \fIname\fR, or it is sent back as
/* undeliverable.
/*
-/* In all cases the \fBlocal\fR daemon prepends an optional
+/* In all cases the \fBlocal\fR(8) daemon prepends an optional
/* `\fBDelivered-To:\fR header line with the final recipient
/* address.
/* DELIVERY RIGHTS
/* .fi
/* Deliveries to external files and external commands are made with
/* the rights of the receiving user on whose behalf the delivery is made.
-/* In the absence of a user context, the \fBlocal\fR daemon uses the
+/* In the absence of a user context, the \fBlocal\fR(8) daemon uses the
/* owner rights of the \fB:include:\fR file or alias database.
/* When those files are owned by the superuser, delivery is made with
/* the rights specified with the \fBdefault_privs\fR configuration
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* COMPATIBILITY CONTROLS
/* .ad
/* .fi
/* mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
/* and luser_relay.
/* .IP "\fBalias_maps (see 'postconf -d' output)\fR"
-/* The alias databases that are used for local(8) delivery.
+/* The alias databases that are used for \fBlocal\fR(8) delivery.
/* .IP "\fBforward_path (see 'postconf -d' output)\fR"
-/* The local(8) delivery agent search list for finding a .forward
+/* The \fBlocal\fR(8) delivery agent search list for finding a .forward
/* file with user-specified delivery methods.
/* .IP "\fBmailbox_transport (empty)\fR"
-/* Optional message delivery transport that the local(8) delivery
+/* Optional message delivery transport that the \fBlocal\fR(8) delivery
/* agent should use for mailbox delivery to all local recipients,
/* whether or not they are found in the UNIX passwd database.
/* .IP "\fBmailbox_command_maps (empty)\fR"
/* Optional lookup tables with per-recipient external commands to use
-/* for local(8) mailbox delivery.
+/* for \fBlocal\fR(8) mailbox delivery.
/* .IP "\fBmailbox_command (empty)\fR"
-/* Optional external command that the local(8) delivery agent should
+/* Optional external command that the \fBlocal\fR(8) delivery agent should
/* use for mailbox delivery.
/* .IP "\fBhome_mailbox (empty)\fR"
-/* Optional pathname of a mailbox file relative to a local(8) user's
+/* Optional pathname of a mailbox file relative to a \fBlocal\fR(8) user's
/* home directory.
/* .IP "\fBmail_spool_directory (see 'postconf -d' output)\fR"
-/* The directory where local(8) UNIX-style mailboxes are kept.
+/* The directory where \fBlocal\fR(8) UNIX-style mailboxes are kept.
/* .IP "\fBfallback_transport (empty)\fR"
-/* Optional message delivery transport that the local(8) delivery
-/* agent should use for names that are not found in the aliases(5)
+/* Optional message delivery transport that the \fBlocal\fR(8) delivery
+/* agent should use for names that are not found in the \fBaliases\fR(5)
/* database or in the UNIX passwd database.
/* .IP "\fBluser_relay (empty)\fR"
-/* Optional catch-all destination for unknown local(8) recipients.
+/* Optional catch-all destination for unknown \fBlocal\fR(8) recipients.
/* .PP
/* Available in Postfix version 2.2 and later:
/* .IP "\fBcommand_execution_directory (empty)\fR"
-/* The local(8) delivery agent working directory for delivery to
+/* The \fBlocal\fR(8) delivery agent working directory for delivery to
/* external command.
/* MAILBOX LOCKING CONTROLS
/* .ad
/* .fi
/* .IP "\fBdeliver_lock_attempts (20)\fR"
/* The maximal number of attempts to acquire an exclusive lock on a
-/* mailbox file or bounce(8) logfile.
+/* mailbox file or \fBbounce\fR(8) logfile.
/* .IP "\fBdeliver_lock_delay (1s)\fR"
/* The time between attempts to acquire an exclusive lock on a mailbox
-/* file or bounce(8) logfile.
+/* file or \fBbounce\fR(8) logfile.
/* .IP "\fBstale_lock_time (500s)\fR"
/* The time after which a stale exclusive mailbox lockfile is removed.
/* .IP "\fBmailbox_delivery_lock (see 'postconf -d' output)\fR"
-/* How to lock a UNIX-style local(8) mailbox before attempting delivery.
+/* How to lock a UNIX-style \fBlocal\fR(8) mailbox before attempting delivery.
/* RESOURCE AND RATE CONTROLS
/* .ad
/* .fi
/* Time limit for delivery to external commands.
/* .IP "\fBduplicate_filter_limit (1000)\fR"
/* The maximal number of addresses remembered by the address
-/* duplicate filter for aliases(5) or virtual(5) alias expansion, or
-/* for showq(8) queue displays.
+/* duplicate filter for \fBaliases\fR(5) or \fBvirtual\fR(5) alias expansion, or
+/* for \fBshowq\fR(8) queue displays.
/* .IP "\fBlocal_destination_concurrency_limit (2)\fR"
/* The maximal number of parallel deliveries via the local mail
/* delivery transport to the same recipient (when
/* The maximal number of recipients per message delivery via the
/* local mail delivery transport.
/* .IP "\fBmailbox_size_limit (51200000)\fR"
-/* The maximal size of any local(8) individual mailbox or maildir
+/* The maximal size of any \fBlocal\fR(8) individual mailbox or maildir
/* file, or zero (no limit).
/* SECURITY CONTROLS
/* .ad
/* .fi
/* .IP "\fBallow_mail_to_commands (alias, forward)\fR"
-/* Restrict local(8) mail delivery to external commands.
+/* Restrict \fBlocal\fR(8) mail delivery to external commands.
/* .IP "\fBallow_mail_to_files (alias, forward)\fR"
-/* Restrict local(8) mail delivery to external files.
+/* Restrict \fBlocal\fR(8) mail delivery to external files.
/* .IP "\fBcommand_expansion_filter (see 'postconf -d' output)\fR"
-/* Restrict the characters that the local(8) delivery agent allows in
+/* Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
/* $name expansions of $mailbox_command.
/* .IP "\fBdefault_privs (nobody)\fR"
-/* The default rights used by the local(8) delivery agent for delivery
+/* The default rights used by the \fBlocal\fR(8) delivery agent for delivery
/* to external file or command.
/* .IP "\fBforward_expansion_filter (see 'postconf -d' output)\fR"
-/* Restrict the characters that the local(8) delivery agent allows in
+/* Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
/* $name expansions of $forward_path.
/* .PP
/* Available in Postfix version 2.2 and later:
/* .IP "\fBexecution_directory_expansion_filter (see 'postconf -d' output)\fR"
-/* Restrict the characters that the local(8) delivery agent allows
+/* Restrict the characters that the \fBlocal\fR(8) delivery agent allows
/* in $name expansions of $command_execution_directory.
/* MISCELLANEOUS CONTROLS
/* .ad
/* The time limit for sending or receiving information over an internal
/* communication channel.
/* .IP "\fBlocal_command_shell (empty)\fR"
-/* Optional shell program for local(8) delivery to non-Postfix command.
+/* Optional shell program for \fBlocal\fR(8) delivery to non-Postfix command.
/* .IP "\fBmax_idle (100s)\fR"
/* The maximum amount of time that an idle Postfix daemon process
/* waits for the next service request before exiting.
/* The maximal number of connection requests before a Postfix daemon
/* process terminates.
/* .IP "\fBprepend_delivered_header (command, file, forward)\fR"
-/* The message delivery contexts where the Postfix local(8) delivery
+/* The message delivery contexts where the Postfix \fBlocal\fR(8) delivery
/* agent prepends a Delivered-To: message header.
/* .IP "\fBprocess_id (read-only)\fR"
/* The process ID of a Postfix command or daemon process.
/* .IP "\fBrecipient_delimiter (empty)\fR"
/* The separator between user names and address extensions (user+foo).
/* .IP "\fBrequire_home_directory (no)\fR"
-/* Whether or not a local(8) recipient's home directory must exist
+/* Whether or not a \fBlocal\fR(8) recipient's home directory must exist
/* before mail delivery is attempted.
/* .IP "\fBsyslog_facility (mail)\fR"
/* The syslog facility of Postfix logging.
/* SYNOPSIS
/* \fBmaster\fR [\fB-Dtv\fR] [\fB-c \fIconfig_dir\fR] [\fB-e \fIexit_time\fR]
/* DESCRIPTION
-/* The \fBmaster\fR daemon is the resident process that runs Postfix
+/* The \fBmaster\fR(8) daemon is the resident process that runs Postfix
/* daemons on demand: daemons to send or receive messages via the
/* network, daemons to deliver mail locally, etc. These daemons are
/* created on demand up to a configurable maximum number per service.
/* Postfix daemons terminate voluntarily, either after being idle for
/* a configurable amount of time, or after having serviced a
/* configurable number of requests. Exceptions to this rule are the
-/* resident queue manager and the resident address verification server.
+/* resident queue manager, address verification server, and the TLS
+/* session cache and pseudo-random number server.
/*
-/* The behavior of the \fBmaster\fR daemon is controlled by the
-/* \fBmaster.cf\fR configuration file, as described in master(5).
+/* The behavior of the \fBmaster\fR(8) daemon is controlled by the
+/* \fBmaster.cf\fR configuration file, as described in \fBmaster\fR(5).
/*
/* Options:
/* .IP "\fB-c \fIconfig_dir\fR"
/* .IP \fB-t\fR
/* Test mode. Return a zero exit status when the \fBmaster.pid\fR lock
/* file does not exist or when that file is not locked. This is evidence
-/* that the \fBmaster\fR daemon is not running.
+/* that the \fBmaster\fR(8) daemon is not running.
/* .IP \fB-v\fR
/* Enable verbose logging for debugging purposes. This option
/* is passed on to child processes. Multiple \fB-v\fR options
/* .PP
/* Signals:
/* .IP \fBSIGHUP\fR
-/* Upon receipt of a \fBHUP\fR signal (e.g., after \fBpostfix reload\fR),
+/* Upon receipt of a \fBHUP\fR signal (e.g., after "\fBpostfix reload\fR"),
/* the master process re-reads its configuration files. If a service has
/* been removed from the \fBmaster.cf\fR file, its running processes
/* are terminated immediately.
/* as is convenient, so that changes in configuration settings
/* affect only new service requests.
/* .IP \fBSIGTERM\fR
-/* Upon receipt of a \fBTERM\fR signal (e.g., after \fBpostfix abort\fR),
+/* Upon receipt of a \fBTERM\fR signal (e.g., after "\fBpostfix abort\fR"),
/* the master process passes the signal on to its child processes and
/* terminates.
/* This is useful for an emergency shutdown. Normally one would
-/* terminate only the master (\fBpostfix stop\fR) and allow running
+/* terminate only the master ("\fBpostfix stop\fR") and allow running
/* processes to finish what they are doing.
/* DIAGNOSTICS
/* Problems are reported to \fBsyslogd\fR(8).
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Unlike most Postfix daemon processes, the master(8) server does
+/* Unlike most Postfix daemon processes, the \fBmaster\fR(8) server does
/* not automatically pick up changes to \fBmain.cf\fR. Changes
/* to \fBmaster.cf\fR are never picked up automatically.
-/* Use the \fBpostfix reload\fR command after a configuration change.
+/* Use the "\fBpostfix reload\fR" command after a configuration change.
/* RESOURCE AND RATE CONTROLS
/* .ad
/* .fi
/* The maximal number of connection requests before a Postfix daemon
/* process terminates.
/* .IP "\fBservice_throttle_time (60s)\fR"
-/* How long the Postfix master(8) waits before forking a server that
+/* How long the Postfix \fBmaster\fR(8) waits before forking a server that
/* appears to be malfunctioning.
/* MISCELLANEOUS CONTROLS
/* .ad
/* SYNOPSIS
/* \fBqmgr\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBqmgr\fR daemon awaits the arrival of incoming mail
+/* The \fBqmgr\fR(8) daemon awaits the arrival of incoming mail
/* and arranges for its delivery via Postfix delivery processes.
/* The actual mail routing strategy is delegated to the
/* \fBtrivial-rewrite\fR(8) daemon.
/* MAIL QUEUES
/* .ad
/* .fi
-/* The \fBqmgr\fR daemon maintains the following queues:
+/* The \fBqmgr\fR(8) daemon maintains the following queues:
/* .IP \fBincoming\fR
/* Inbound mail from the network, or mail picked up by the
-/* local \fBpickup\fR agent from the \fBmaildrop\fR directory.
+/* local \fBpickup\fR(8) agent from the \fBmaildrop\fR directory.
/* .IP \fBactive\fR
/* Messages that the queue manager has opened for delivery. Only
/* a limited number of messages is allowed to enter the \fBactive\fR
/* DELIVERY STATUS REPORTS
/* .ad
/* .fi
-/* The \fBqmgr\fR daemon keeps an eye on per-message delivery status
+/* The \fBqmgr\fR(8) daemon keeps an eye on per-message delivery status
/* reports in the following directories. Each status report file has
/* the same name as the corresponding message file:
/* .IP \fBbounce\fR
/* Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv\fR" command.
/* These files are maintained by the \fBtrace\fR(8) daemon.
/* .PP
-/* The \fBqmgr\fR daemon is responsible for asking the
+/* The \fBqmgr\fR(8) daemon is responsible for asking the
/* \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemons to
/* send delivery reports.
/* STRATEGIES
/* servers that should not go away forever. The action is to start
/* an incoming queue scan.
/* .PP
-/* The \fBqmgr\fR daemon reads an entire buffer worth of triggers.
+/* The \fBqmgr\fR(8) daemon reads an entire buffer worth of triggers.
/* Multiple identical trigger requests are collapsed into one, and
/* trigger requests are sorted so that \fBA\fR and \fBF\fR precede
/* \fBD\fR and \fBI\fR. Thus, in order to force a deferred queue run,
/* STANDARDS
/* .ad
/* .fi
-/* None. The \fBqmgr\fR daemon does not interact with the outside world.
+/* None. The \fBqmgr\fR(8) daemon does not interact with the outside world.
/* SECURITY
/* .ad
/* .fi
-/* The \fBqmgr\fR daemon is not security sensitive. It reads
+/* The \fBqmgr\fR(8) daemon is not security sensitive. It reads
/* single-character messages from untrusted local users, and thus may
-/* be susceptible to denial of service attacks. The \fBqmgr\fR daemon
+/* be susceptible to denial of service attacks. The \fBqmgr\fR(8) daemon
/* does not talk to the outside world, and it can be run at fixed low
/* privilege in a chrooted environment.
/* DIAGNOSTICS
-/* Problems and transactions are logged to the syslog daemon.
+/* Problems and transactions are logged to the \fBsyslog\fR(8) daemon.
/* Corrupted message files are saved to the \fBcorrupt\fR queue
/* for further inspection.
/*
/* the postmaster is notified of bounces and of other trouble.
/* BUGS
/* A single queue manager process has to compete for disk access with
-/* multiple front-end processes such as \fBsmtpd\fR. A sudden burst of
+/* multiple front-end processes such as \fBcleanup\fR(8). A sudden burst of
/* inbound mail can negatively impact outbound delivery rates.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are not picked up automatically, as qmgr(8)
+/* Changes to \fBmain.cf\fR are not picked up automatically,
+/* as \fBqmgr\fR(8)
/* is a persistent process. Use the command "\fBpostfix reload\fR" after
/* a configuration change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/*
/* In the text below, \fItransport\fR is the first field in a
/* \fBmaster.cf\fR entry.
/* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager
-/* syslogd(8) system logging
+/* syslogd(8), system logging
/* README FILES
/* .ad
/* .fi
/* SYNOPSIS
/* \fBpickup\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBpickup\fR daemon waits for hints that new mail has been
+/* The \fBpickup\fR(8) daemon waits for hints that new mail has been
/* dropped into the \fBmaildrop\fR directory, and feeds it into the
/* \fBcleanup\fR(8) daemon.
/* Ill-formatted files are deleted without notifying the originator.
/* STANDARDS
/* .ad
/* .fi
-/* None. The \fBpickup\fR daemon does not interact with the outside world.
+/* None. The \fBpickup\fR(8) daemon does not interact with
+/* the outside world.
/* SECURITY
/* .ad
/* .fi
-/* The \fBpickup\fR daemon is moderately security sensitive. It runs
+/* The \fBpickup\fR(8) daemon is moderately security sensitive. It runs
/* with fixed low privilege and can run in a chrooted environment.
/* However, the program reads files from potentially hostile users.
-/* The \fBpickup\fR daemon opens no files for writing, is careful about
+/* The \fBpickup\fR(8) daemon opens no files for writing, is careful about
/* what files it opens for reading, and does not actually touch any data
/* that is sent to its public service endpoint.
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
/* BUGS
-/* The \fBpickup\fR daemon copies mail from file to the \fBcleanup\fR(8)
+/* The \fBpickup\fR(8) daemon copies mail from file to the \fBcleanup\fR(8)
/* daemon. It could avoid message copying overhead by sending a file
/* descriptor instead of file data, but then the already complex
/* \fBcleanup\fR(8) daemon would have to deal with unfiltered user data.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* As the pickup(8) daemon is a relatively long-running process, up
+/* As the \fBpickup\fR(8) daemon is a relatively long-running process, up
/* to an hour may pass before a \fBmain.cf\fR change takes effect.
/* Use the command "\fBpostfix reload\fR" command to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* CONTENT INSPECTION CONTROLS
/* .ad
/* .fi
/* SYNOPSIS
/* \fBpipe\fR [generic Postfix daemon options] command_attributes...
/* DESCRIPTION
-/* The \fBpipe\fR daemon processes requests from the Postfix queue
+/* The \fBpipe\fR(8) daemon processes requests from the Postfix queue
/* manager to deliver messages to external commands.
/* This program expects to be run from the \fBmaster\fR(8) process
/* manager.
/* next-hop host name can be specified as command-line macros that are
/* expanded before the external command is executed.
/*
-/* The \fBpipe\fR daemon updates queue files and marks recipients
+/* The \fBpipe\fR(8) daemon updates queue files and marks recipients
/* as finished, or it informs the queue manager that delivery should
/* be tried again at a later time. Delivery status reports are sent
/* to the \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemon as
/* This is recommended for delivery via \fBUUCP\fR or \fBBSMTP\fR.
/* .sp
/* The result is compatible with the address parsing of command-line
-/* recipients by the Postfix \fBsendmail\fR mail submission command.
+/* recipients by the Postfix \fBsendmail\fR(1) mail submission command.
/* .sp
/* The \fBq\fR flag affects only entire addresses, not the partial
/* address information from the \fB$user\fR, \fB$extension\fR or
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically as pipe(8)
+/* Changes to \fBmain.cf\fR are picked up automatically as \fBpipe\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* RESOURCE AND RATE CONTROLS
/* .ad
/* .fi
/* [\fB-d \fIkey\fR] [\fB-q \fIkey\fR]
/* [\fIfile_type\fR:]\fIfile_name\fR ...
/* DESCRIPTION
-/* The \fBpostalias\fR command creates or queries one or more Postfix
+/* The \fBpostalias\fR(1) command creates or queries one or more Postfix
/* alias databases, or updates an existing one. The input and output
/* file formats are expected to be compatible with Sendmail version 8,
/* and are expected to be suitable for the use as NIS alias maps.
/* a map.
/* .IP \fB-i\fR
/* Incremental mode. Read entries from standard input and do not
-/* truncate an existing database. By default, \fBpostalias\fR creates
+/* truncate an existing database. By default, \fBpostalias\fR(1) creates
/* a new database from the entries in \fIfile_name\fR.
/* .IP \fB-N\fR
/* Include the terminating null character that terminates lookup keys
-/* and values. By default, Postfix does whatever is the default for
+/* and values. By default, \fBpostalias\fR(1) does whatever
+/* is the default for
/* the host operating system.
/* .IP \fB-n\fR
/* Don't include the terminating null character that terminates lookup
-/* keys and values. By default, Postfix does whatever is the default for
+/* keys and values. By default, \fBpostalias\fR(1) does whatever
+/* is the default for
/* the host operating system.
/* .IP \fB-o\fR
/* Do not release root privileges when processing a non-root
-/* input file. By default, \fBpostalias\fR drops root privileges
+/* input file. By default, \fBpostalias\fR(1) drops root privileges
/* and runs as the source file owner instead.
/* .IP \fB-p\fR
/* Do not inherit the file access permissions from the input file
/* The database type. To find out what types are supported, use
/* the "\fBpostconf -m\fR" command.
/*
-/* The \fBpostalias\fR command can query any supported file type,
+/* The \fBpostalias\fR(1) command can query any supported file type,
/* but it can create only the following file types:
/* .RS
/* .IP \fBbtree\fR
/* no problems were detected. Duplicate entries are skipped and are
/* flagged with a warning.
/*
-/* \fBpostalias\fR terminates with zero exit status in case of success
-/* (including successful \fBpostalias -q\fR lookup) and terminates
+/* \fBpostalias\fR(1) terminates with zero exit status in case of success
+/* (including successful "\fBpostalias -q\fR" lookup) and terminates
/* with non-zero exit status in case of failure.
/* ENVIRONMENT
/* .ad
/* this program.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBalias_database (see 'postconf -d' output)\fR"
-/* The alias databases for local(8) delivery that are updated with
+/* The alias databases for \fBlocal\fR(8) delivery that are updated with
/* "\fBnewaliases\fR" or with "\fBsendmail -bi\fR".
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* The per-table I/O buffer size for programs that read Berkeley DB
/* hash or btree tables.
/* .IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
-/* The default database type for use in newaliases(1), postalias(1)
-/* and postmap(1) commands.
+/* The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+/* and \fBpostmap\fR(1) commands.
/* .IP "\fBsyslog_facility (mail)\fR"
/* The syslog facility of Postfix logging.
/* .IP "\fBsyslog_name (postfix)\fR"
/* SYNOPSIS
/* \fBpostcat\fR [\fB-oqv\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...]
/* DESCRIPTION
-/* The \fBpostcat\fR command prints the contents of the named
+/* The \fBpostcat\fR(1) command prints the contents of the named
/* \fIfiles\fR in human-readable form. The files are expected
/* to be in Postfix queue file format. If no
/* \fIfiles\fR are specified on the command line, the program
/* this program.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
/* \fBpostconf\fR [\fB-ev\fR] [\fB-c \fIconfig_dir\fR]
/* [\fIparameter=value ...\fR]
/* DESCRIPTION
-/* The \fBpostconf\fR command prints the actual value of
+/* The \fBpostconf\fR(1) command prints the actual value of
/* \fIparameter\fR (all known parameters by default) one
/* parameter per line, changes its value, or prints other
/* information about the Postfix mail system.
/* result.
/* .IP "\fBtcp\fR (read-only)"
/* Perform lookups using a simple request-reply protocol that is
-/* described in tcp_table(5).
+/* described in \fBtcp_table\fR(5).
/* This feature is not included with Postfix 2.1.
/* .IP "\fBunix\fR (read-only)"
/* A limited way to query the UNIX authentication database. The
/* .RS
/*. IP \fBunix:passwd.byname\fR
/* The table is the UNIX password database. The key is a login name.
-/* The result is a password file entry in passwd(5) format.
+/* The result is a password file entry in \fBpasswd\fR(5) format.
/* .IP \fBunix:group.byname\fR
/* The table is the UNIX group database. The key is a group name.
-/* The result is a group file entry in group(5) format.
+/* The result is a group file entry in \fBgroup\fR(5) format.
/* .RE
/* .RE
/* .sp
/* this program.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
/* SYNOPSIS
/* \fBpostdrop\fR [\fB-rv\fR] [\fB-c \fIconfig_dir\fR]
/* DESCRIPTION
-/* The \fBpostdrop\fR command creates a file in the \fBmaildrop\fR
+/* The \fBpostdrop\fR(1) command creates a file in the \fBmaildrop\fR
/* directory and copies its standard input to the file.
/*
/* Options:
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program.
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBalternate_config_directories (empty)\fR"
/* A list of non-default Postfix configuration directories that may
/* be specified with "-c config_directory" on the command line, or
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* .IP "\fBtrigger_timeout (10s)\fR"
/* The time limit for sending a trigger to a Postfix daemon (for
-/* example, the pickup(8) or qmgr(8) daemon).
+/* example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
/* .PP
/* Available in Postfix version 2.2 and later:
/* .IP "\fBauthorized_submit_users (static:anyone)\fR"
-/* List of users who are authorized to submit mail with the sendmail(1)
-/* command (and with the privileged postdrop(1) helper command).
+/* List of users who are authorized to submit mail with the \fBsendmail\fR(1)
+/* command (and with the privileged \fBpostdrop\fR(1) helper command).
/* FILES
/* /var/spool/postfix/maildrop, maildrop queue
/* SEE ALSO
/* \fBpostfix\fR [\fB-Dv\fR] [\fB-c \fIconfig_dir\fR] \fIcommand\fR
/* DESCRIPTION
/* This command is reserved for the superuser. To submit mail,
-/* use the Postfix \fBsendmail\fR command.
+/* use the Postfix \fBsendmail\fR(1) command.
/*
-/* The \fBpostfix\fR command controls the operation of the Postfix
-/* mail system: start or stop the \fBmaster\fR daemon, do a health
+/* The \fBpostfix\fR(1) command controls the operation of the Postfix
+/* mail system: start or stop the \fBmaster\fR(8) daemon, do a health
/* check, and other maintenance.
/*
-/* The \fBpostfix\fR command sets up a standardized environment and
+/* The \fBpostfix\fR(1) command sets up a standardized environment and
/* runs the \fBpostfix-script\fR shell script to do the actual work.
/*
/* The following commands are implemented:
/* ENVIRONMENT
/* .ad
/* .fi
-/* The \fBpostfix\fR command exports the following environment
+/* The \fBpostfix\fR(1) command exports the following environment
/* variables before executing the \fBpostfix-script\fR file:
/* .IP \fBMAIL_CONFIG\fR
/* This is set when the -c command-line option is present.
/* Postfix directories.
/* .IP "\fBsendmail_path (see 'postconf -d' output)\fR"
/* A Sendmail compatibility feature that specifies the location of
-/* the Postfix sendmail(1) command.
+/* the Postfix \fBsendmail\fR(1) command.
/* .IP "\fBnewaliases_path (see 'postconf -d' output)\fR"
/* Sendmail compatibility feature that specifies the location of the
-/* newaliases(1) command.
+/* \fBnewaliases\fR(1) command.
/* .IP "\fBmailq_path (see 'postconf -d' output)\fR"
/* Sendmail compatibility feature that specifies where the Postfix
-/* mailq(1) command is installed.
+/* \fBmailq\fR(1) command is installed.
/* .IP "\fBhtml_directory (see 'postconf -d' output)\fR"
/* The location of Postfix HTML files that describe how to build,
/* configure or operate a specific Postfix subsystem or feature.
/* Commands:
/* postalias(1), create/update/query alias database
/* postcat(1), examine Postfix queue file
+/* postconf(1), Postfix configuration utility
/* postkick(1), trigger Postfix daemon
/* postlock(1), Postfix-compatible locking
/* postlog(1), Postfix-compatible logging
/* \fBpostkick\fR [\fB-c \fIconfig_dir\fR] [\fB-v\fR]
/* \fIclass service request\fR
/* DESCRIPTION
-/* The \fBpostkick\fR command sends \fIrequest\fR to the
+/* The \fBpostkick\fR(1) command sends \fIrequest\fR to the
/* specified \fIservice\fR over a local transport channel.
/* This command makes Postfix private IPC accessible
/* for use in, for example, shell scripts.
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program.
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
/* .IP "\fBapplication_event_drain_time (100s)\fR"
-/* How long the postkick(1) command waits for a request to enter the
+/* How long the \fBpostkick\fR(1) command waits for a request to enter the
/* server's input buffer before giving up.
/* .IP "\fBqueue_directory (see 'postconf -d' output)\fR"
/* The location of the Postfix top-level queue directory.
/* \fBpostlock\fR [\fB-c \fIconfig_dir\fB] [\fB-l \fIlock_style\fB]
/* [\fB-v\fR] \fIfile command...\fR
/* DESCRIPTION
-/* The \fBpostlock\fR command locks \fIfile\fR for exclusive
+/* The \fBpostlock\fR(1) command locks \fIfile\fR for exclusive
/* access, and executes \fIcommand\fR. The locking method is
/* compatible with the Postfix UNIX-style local delivery agent.
/*
/* access. The command is executed directly, i.e. without
/* interpretation by a shell command interpreter.
/* DIAGNOSTICS
-/* The result status is 75 (EX_TEMPFAIL) when \fBpostlock\fR
+/* The result status is 75 (EX_TEMPFAIL) when \fBpostlock\fR(1)
/* could not perform the requested operation. Otherwise, the
/* exit status is the exit status from the command.
/* BUGS
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program.
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* LOCKING CONTROLS
/* .ad
/* .fi
/* .IP "\fBdeliver_lock_attempts (20)\fR"
/* The maximal number of attempts to acquire an exclusive lock on a
-/* mailbox file or bounce(8) logfile.
+/* mailbox file or \fBbounce\fR(8) logfile.
/* .IP "\fBdeliver_lock_delay (1s)\fR"
/* The time between attempts to acquire an exclusive lock on a mailbox
-/* file or bounce(8) logfile.
+/* file or \fBbounce\fR(8) logfile.
/* .IP "\fBstale_lock_time (500s)\fR"
/* The time after which a stale exclusive mailbox lockfile is removed.
/* .IP "\fBmailbox_delivery_lock (see 'postconf -d' output)\fR"
-/* How to lock a UNIX-style local(8) mailbox before attempting delivery.
+/* How to lock a UNIX-style \fBlocal\fR(8) mailbox before attempting delivery.
/* RESOURCE AND RATE CONTROLS
/* .ad
/* .fi
/* \fBpostlog\fR [\fB-iv\fR] [\fB-c \fIconfig_dir\fR]
/* [\fB-p \fIpriority\fB] [\fB-t \fItag\fR] [\fItext...\fR]
/* DESCRIPTION
-/* The \fBpostlog\fR command implements a Postfix-compatible logging
+/* The \fBpostlog\fR(1) command implements a Postfix-compatible logging
/* interface for use in, for example, shell scripts.
/*
-/* By default, \fBpostlog\fR logs the \fItext\fR given on the command
+/* By default, \fBpostlog\fR(1) logs the \fItext\fR given on the command
/* line as one record. If no \fItext\fR is specified on the command
-/* line, \fBpostlog\fR reads from standard input and logs each input
+/* line, \fBpostlog\fR(1) reads from standard input and logs each input
/* line as one record.
/*
/* Logging is sent to \fBsyslogd\fR(8); when the standard error stream
/* this program.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
/* [\fB-d \fIkey\fR] [\fB-q \fIkey\fR]
/* [\fIfile_type\fR:]\fIfile_name\fR ...
/* DESCRIPTION
-/* The \fBpostmap\fR command creates or queries one or more Postfix
+/* The \fBpostmap\fR(1) command creates or queries one or more Postfix
/* lookup tables, or updates an existing one. The input and output
/* file formats are expected to be compatible with:
/*
/* a map.
/* .IP \fB-i\fR
/* Incremental mode. Read entries from standard input and do not
-/* truncate an existing database. By default, \fBpostmap\fR creates
+/* truncate an existing database. By default, \fBpostmap\fR(1) creates
/* a new database from the entries in \fBfile_name\fR.
/* .IP \fB-N\fR
/* Include the terminating null character that terminates lookup keys
-/* and values. By default, Postfix does whatever is the default for
+/* and values. By default, \fBpostmap\fR(1) does whatever is
+/* the default for
/* the host operating system.
/* .IP \fB-n\fR
/* Don't include the terminating null character that terminates lookup
-/* keys and values. By default, Postfix does whatever is the default for
+/* keys and values. By default, \fBpostmap\fR(1) does whatever
+/* is the default for
/* the host operating system.
/* .IP \fB-o\fR
/* Do not release root privileges when processing a non-root
-/* input file. By default, \fBpostmap\fR drops root privileges
+/* input file. By default, \fBpostmap\fR(1) drops root privileges
/* and runs as the source file owner instead.
/* .IP \fB-p\fR
/* Do not inherit the file access permissions from the input file
/* The database type. To find out what types are supported, use
/* the "\fBpostconf -m\fR" command.
/*
-/* The \fBpostmap\fR command can query any supported file type,
+/* The \fBpostmap\fR(1) command can query any supported file type,
/* but it can create only the following file types:
/* .RS
/* .IP \fBbtree\fR
/* No output means that no problems were detected. Duplicate entries are
/* skipped and are flagged with a warning.
/*
-/* \fBpostmap\fR terminates with zero exit status in case of success
-/* (including successful \fBpostmap -q\fR lookup) and terminates
+/* \fBpostmap\fR(1) terminates with zero exit status in case of success
+/* (including successful "\fBpostmap -q\fR" lookup) and terminates
/* with non-zero exit status in case of failure.
/* ENVIRONMENT
/* .ad
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program.
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBberkeley_db_create_buffer_size (16777216)\fR"
/* The per-table I/O buffer size for programs that create Berkeley DB
/* hash or btree tables.
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
/* .IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
-/* The default database type for use in newaliases(1), postalias(1)
-/* and postmap(1) commands.
+/* The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+/* and \fBpostmap\fR(1) commands.
/* .IP "\fBsyslog_facility (mail)\fR"
/* The syslog facility of Postfix logging.
/* .IP "\fBsyslog_name (postfix)\fR"
/* .br
/* \fBpostqueue\fR [\fB-c \fIconfig_dir\fR] \fB-s \fIsite\fR
/* DESCRIPTION
-/* The \fBpostqueue\fR program implements the Postfix user interface
+/* The \fBpostqueue\fR(1) command implements the Postfix user interface
/* for queue management. It implements operations that are
/* traditionally available via the \fBsendmail\fR(1) command.
/* See the \fBpostsuper\fR(1) command for queue operations
/* .IP \fB-f\fR
/* Flush the queue: attempt to deliver all queued mail.
/*
-/* This option implements the traditional \fBsendmail -q\fR command,
+/* This option implements the traditional "\fBsendmail -q\fR" command,
/* by contacting the Postfix \fBqmgr\fR(8) daemon.
/*
/* Warning: flushing undeliverable mail frequently will result in
/* See \fBflush\fR(8) for more information about the "fast flush"
/* service.
/*
-/* This option implements the traditional \fBsendmail -qR\fIsite\fR
+/* This option implements the traditional "\fBsendmail -qR\fIsite\fR"
/* command, by contacting the Postfix \fBflush\fR(8) daemon.
/* .IP \fB-v\fR
/* Enable verbose logging for debugging purposes. Multiple \fB-v\fR
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program.
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBalternate_config_directories (empty)\fR"
/* A list of non-default Postfix configuration directories that may
/* be specified with "-c config_directory" on the command line, or
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* .IP "\fBtrigger_timeout (10s)\fR"
/* The time limit for sending a trigger to a Postfix daemon (for
-/* example, the pickup(8) or qmgr(8) daemon).
+/* example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
/* .PP
/* Available in Postfix version 2.2 and later:
/* .IP "\fBauthorized_flush_users (static:anyone)\fR"
/* [\fB-h \fIqueue_id\fR] [\fB-H \fIqueue_id\fR]
/* [\fB-r \fIqueue_id\fR] [\fIdirectory ...\fR]
/* DESCRIPTION
-/* The \fBpostsuper\fR command does maintenance jobs on the Postfix
+/* The \fBpostsuper\fR(1) command does maintenance jobs on the Postfix
/* queue. Use of the command is restricted to the superuser.
-/* See the \fBpostqueue\fR command for unprivileged queue operations
+/* See the \fBpostqueue\fR(1) command for unprivileged queue operations
/* such as listing or flushing the mail queue.
/*
-/* By default, \fBpostsuper\fR performs the operations requested with the
+/* By default, \fBpostsuper\fR(1) performs the operations
+/* requested with the
/* \fB-s\fR and \fB-p\fR command-line options on all Postfix queue
/* directories - this includes the \fBincoming\fR, \fBactive\fR and
/* \fBdeferred\fR directories with mail files and the \fBbounce\fR,
/* \fBdeferred\fR).
/* If a \fIqueue_id\fR of \fB-\fR is specified, the program reads
/* queue IDs from standard input. For example, to delete all mail
-/* from or to \fBuser@example.com\fR:
+/* with exactly one recipient \fBuser@example.com\fR:
/* .sp
-/* mailq | tail +2 | awk \'BEGIN { RS = "" } \e
+/* mailq | tail +2 | awk \'BEGIN { RS = "" }
/* .ti +4
-/* / user@example\e.com$/ { print $1 } \e
+/* # $7=sender, $8=recipient1, $9=recipient2
+/* .ti +4
+/* { if ($8 == "user@example.com" && $9 == "")
+/* .ti +6
+/* print $1 }
/* .br
/* \' | tr -d '*!' | postsuper -d -
/* .sp
/* The scenario is as follows:
/* .RS
/* .IP 1)
-/* The Postfix queue manager deletes the message that \fBpostsuper\fR
+/* The Postfix queue manager deletes the message that \fBpostsuper\fR(1)
/* is asked to delete, because Postfix is finished with the
/* message (it is delivered, or it is returned to the sender).
/* .IP 2)
/* New mail arrives, and the new message is given the same queue ID
-/* as the message that \fBpostsuper\fR is supposed to delete.
+/* as the message that \fBpostsuper\fR(1) is supposed to delete.
/* The probability for reusing a deleted queue ID is about 1 in 2**15
/* (the number of different microsecond values that the system clock
/* can distinguish within a second).
/* .IP 3)
-/* \fBpostsuper\fR deletes the new message, instead of the old
+/* \fBpostsuper\fR(1) deletes the new message, instead of the old
/* message that it should have deleted.
/* .RE
/* .IP "\fB-h \fIqueue_id\fR"
/* mappings have changed.
/* .sp
/* Warning: Postfix queue IDs are reused.
-/* There is a very small possibility that \fBpostsuper\fR requeues
+/* There is a very small possibility that \fBpostsuper\fR(1) requeues
/* the wrong message file when it is executed while the Postfix mail
/* system is running, but no harm should be done.
/* .IP \fB-s\fR
/* Problems are reported to the standard error stream and to
/* \fBsyslogd\fR(8).
/*
-/* \fBpostsuper\fR reports the number of messages deleted with \fB-d\fR,
+/* \fBpostsuper\fR(1) reports the number of messages deleted with \fB-d\fR,
/* the number of messages requeued with \fB-r\fR, and the number of
/* messages whose queue file name was fixed with \fB-s\fR. The report
/* is written to the standard error stream and to \fBsyslogd\fR(8).
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program.
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
/* .IP "\fBhash_queue_depth (1)\fR"
/* The number of subdirectory levels for queue directories listed with
/* the hash_queue_names parameter.
-/* .IP "\fBhash_queue_names (see 'postconf -d' output)\fR"
+/* .IP "\fBhash_queue_names (deferred, defer)\fR"
/* The names of queue directories that are split across multiple
/* subdirectory levels.
/* .IP "\fBqueue_directory (see 'postconf -d' output)\fR"
/* SYNOPSIS
/* \fBproxymap\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBproxymap\fR server provides read-only table
+/* The \fBproxymap\fR(8) server provides read-only table
/* lookup service to Postfix processes. The purpose
/* of the service is:
/* .IP \(bu
/* The total number of connections is limited by the number of
/* proxymap server processes.
/* .PP
-/* The proxymap server implements the following requests:
+/* The \fBproxymap\fR(8) server implements the following requests:
/* .IP "\fBopen\fR \fImaptype:mapname flags\fR"
/* Open the table with type \fImaptype\fR and name \fImapname\fR,
/* as controlled by \fIflags\fR. The reply includes the \fImaptype\fR
/* SERVER PROCESS MANAGEMENT
/* .ad
/* .fi
-/* \fBproxymap\fR servers run under control by the Postfix \fBmaster\fR
+/* \fBproxymap\fR(8) servers run under control by the Postfix
+/* \fBmaster\fR(8)
/* server. Each server can handle multiple simultaneous connections.
-/* When all servers are busy while a client connects, the \fBmaster\fR
-/* creates a new \fBproxymap\fR server process, provided that the
+/* When all servers are busy while a client connects, the \fBmaster\fR(8)
+/* creates a new \fBproxymap\fR(8) server process, provided that the
/* process limit is not exceeded.
/* Each server terminates after serving at least \fB$max_use\fR clients
/* or after \fB$max_idle\fR seconds of idle time.
/* SECURITY
/* .ad
/* .fi
-/* The proxymap server opens only tables that are approved via the
+/* The \fBproxymap\fR(8) server opens only tables that are approved via the
/* \fBproxy_read_maps\fR configuration parameter, does not talk to
/* users, and can run at fixed low privilege, chrooted or not.
/* However, running the proxymap server chrooted severely limits
/* usability, because it can open only chrooted tables.
/*
-/* The proxymap server is not a trusted daemon process, and must
+/* The \fBproxymap\fR(8) server is not a trusted daemon process, and must
/* not be used to look up sensitive information such as user or
/* group IDs, mailbox file/directory names or external commands.
/*
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
/* BUGS
-/* The proxymap server provides service to multiple clients,
+/* The \fBproxymap\fR(8) server provides service to multiple clients,
/* and must therefore not be used for tables that have high-latency
/* lookups.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* On busy mail systems a long time may pass before proxymap(8) relevant
+/* On busy mail systems a long time may pass before
+/* \fBproxymap\fR(8) relevant
/* changes to \fBmain.cf\fR are picked up. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
/* .IP "\fBprocess_name (read-only)\fR"
/* The process name of a Postfix command or daemon process.
/* .IP "\fBproxy_read_maps (see 'postconf -d' output)\fR"
-/* The lookup tables that the proxymap(8) server is allowed to access.
+/* The lookup tables that the \fBproxymap\fR(8) server is allowed to access.
/* SEE ALSO
/* postconf(5), configuration parameters
/* master(5), generic daemon options
/* SYNOPSIS
/* \fBqmgr\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBqmgr\fR daemon awaits the arrival of incoming mail
+/* The \fBqmgr\fR(8) daemon awaits the arrival of incoming mail
/* and arranges for its delivery via Postfix delivery processes.
/* The actual mail routing strategy is delegated to the
/* \fBtrivial-rewrite\fR(8) daemon.
/* MAIL QUEUES
/* .ad
/* .fi
-/* The \fBqmgr\fR daemon maintains the following queues:
+/* The \fBqmgr\fR(8) daemon maintains the following queues:
/* .IP \fBincoming\fR
/* Inbound mail from the network, or mail picked up by the
-/* local \fBpickup\fR agent from the \fBmaildrop\fR directory.
+/* local \fBpickup\fR(8) daemon from the \fBmaildrop\fR directory.
/* .IP \fBactive\fR
/* Messages that the queue manager has opened for delivery. Only
/* a limited number of messages is allowed to enter the \fBactive\fR
/* DELIVERY STATUS REPORTS
/* .ad
/* .fi
-/* The \fBqmgr\fR daemon keeps an eye on per-message delivery status
+/* The \fBqmgr\fR(8) daemon keeps an eye on per-message delivery status
/* reports in the following directories. Each status report file has
/* the same name as the corresponding message file:
/* .IP \fBbounce\fR
/* Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv\fR" command.
/* These files are maintained by the \fBtrace\fR(8) daemon.
/* .PP
-/* The \fBqmgr\fR daemon is responsible for asking the
+/* The \fBqmgr\fR(8) daemon is responsible for asking the
/* \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemons to
/* send delivery reports.
/* STRATEGIES
/* servers that should not go away forever. The action is to start
/* an incoming queue scan.
/* .PP
-/* The \fBqmgr\fR daemon reads an entire buffer worth of triggers.
+/* The \fBqmgr\fR(8) daemon reads an entire buffer worth of triggers.
/* Multiple identical trigger requests are collapsed into one, and
/* trigger requests are sorted so that \fBA\fR and \fBF\fR precede
/* \fBD\fR and \fBI\fR. Thus, in order to force a deferred queue run,
/* STANDARDS
/* .ad
/* .fi
-/* None. The \fBqmgr\fR daemon does not interact with the outside world.
+/* None. The \fBqmgr\fR(8) daemon does not interact with the outside world.
/* SECURITY
/* .ad
/* .fi
-/* The \fBqmgr\fR daemon is not security sensitive. It reads
+/* The \fBqmgr\fR(8) daemon is not security sensitive. It reads
/* single-character messages from untrusted local users, and thus may
-/* be susceptible to denial of service attacks. The \fBqmgr\fR daemon
+/* be susceptible to denial of service attacks. The \fBqmgr\fR(8) daemon
/* does not talk to the outside world, and it can be run at fixed low
/* privilege in a chrooted environment.
/* DIAGNOSTICS
/* the postmaster is notified of bounces and of other trouble.
/* BUGS
/* A single queue manager process has to compete for disk access with
-/* multiple front-end processes such as \fBsmtpd\fR. A sudden burst of
+/* multiple front-end processes such as \fBcleanup\fR(8). A sudden burst of
/* inbound mail can negatively impact outbound delivery rates.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are not picked up automatically as qmgr(8)
-/* is a persistent process. Use the \fBpostfix reload\fR command after
+/* Changes to \fBmain.cf\fR are not picked up automatically
+/* as \fBqmgr\fR(8)
+/* is a persistent process. Use the "\fBpostfix reload\fR" command after
/* a configuration change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/*
/* In the text below, \fItransport\fR is the first field in a
/* \fBmaster.cf\fR entry.
/* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager
-/* syslogd(8) system logging
+/* syslogd(8), system logging
/* README FILES
/* .ad
/* .fi
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically, as qmqpd(8)
+/* Changes to \fBmain.cf\fR are picked up automatically, as \fBqmqpd\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* CONTENT INSPECTION CONTROLS
/* .ad
/* .fi
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* .IP "\fBverp_delimiter_filter (-=+)\fR"
/* The characters Postfix accepts as VERP delimiter characters on the
-/* Postfix sendmail(1) command line and in SMTP commands.
+/* Postfix \fBsendmail\fR(1) command line and in SMTP commands.
/* SEE ALSO
/* http://cr.yp.to/proto/qmqp.html, QMQP protocol
/* cleanup(8), message canonicalization
/* SYNOPSIS
/* \fBscache\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBscache\fR server maintains a shared multi-connection
+/* The \fBscache\fR(8) server maintains a shared multi-connection
/* cache. This information can be used by, for example, Postfix
/* SMTP clients or other Postfix delivery agents.
/*
/* one endpoint may refer to zero or more connections.
/*
/* The exact syntax of a logical destination or endpoint name
-/* is application dependent; the \fBscache\fR service does
+/* is application dependent; the \fBscache\fR(8) server does
/* not care. A connection is stored as a file descriptor together
/* with application-dependent information that is needed to
-/* re-activate a connection object. Again, the \fBscache\fR
-/* service is completely unaware about the details of that
+/* re-activate a connection object. Again, the \fBscache\fR(8)
+/* server is completely unaware of the details of that
/* information.
/*
/* All information is stored with a finite time to live (ttl).
/* SECURITY
/* .ad
/* .fi
-/* The connection cache server is not security-sensitive. It does not
+/* The \fBscache\fR(8) server is not security-sensitive. It does not
/* talk to the network, and it does not talk to local users.
-/* The scache server can run chrooted at fixed low privilege.
+/* The \fBscache\fR(8) server can run chrooted at fixed low privilege.
/*
-/* The connection cache server is not a trusted process. It must
+/* The \fBscache\fR(8) server is not a trusted process. It must
/* not be used to store information that is security sensitive.
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
/* BUGS
-/* Sessions cannot be cached across multiple machines.
+/* The session cache cannot be shared among multiple machines.
/*
-/* When a connection expires from the cache it is closed without
-/* protocol specific handshake.
+/* When a connection expires from the cache, it is closed without
+/* the appropriate protocol specific handshake.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically as scache(8)
+/* Changes to \fBmain.cf\fR are picked up automatically as \fBscache\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* RESOURCE CONTROLS
/* .ad
/* .fi
/* The maximal time-to-live value that the connection cache server
/* allows.
/* .IP "\fBconnection_cache_status_update_time (600s)\fR"
-/* How frequently the scache(8) server logs usage statistics with
+/* How frequently the \fBscache\fR(8) server logs usage statistics with
/* connection cache hit and miss rates for logical destinations and for
/* physical endpoints.
/* MISCELLANEOUS CONTROLS
/* \fBnewaliases\fR
/* \fBsendmail -I\fR
/* DESCRIPTION
-/* The Postfix \fBsendmail\fR command implements the Postfix to Sendmail
-/* compatibility interface.
+/* The Postfix \fBsendmail\fR(1) command implements the Postfix
+/* to Sendmail compatibility interface.
/* For the sake of compatibility with existing applications, some
/* Sendmail command-line options are recognized but silently ignored.
/*
-/* By default, Postfix \fBsendmail\fR reads a message from standard input
+/* By default, Postfix \fBsendmail\fR(1) reads a message from
+/* standard input
/* until EOF or until it reads a line with only a \fB.\fR character,
-/* and arranges for delivery. Postfix \fBsendmail\fR relies on the
+/* and arranges for delivery. Postfix \fBsendmail\fR(1) relies on the
/* \fBpostdrop\fR(1) command to create a queue file in the \fBmaildrop\fR
/* directory.
/*
/* command.
/* .sp
/* Note: it may take a minute or so before an alias database update
-/* becomes visible. Use the \fBpostfix reload\fR command to eliminate
+/* becomes visible. Use the "\fBpostfix reload\fR" command to eliminate
/* this delay.
/* .PP
/* These and other features can be selected by specifying the
/* The message body MIME type: \fB7BIT\fR or \fB8BITMIME\fR.
/* .IP \fB-bd\fR
/* Go into daemon mode. This mode of operation is implemented by
-/* executing the \fBpostfix start\fR command.
+/* executing the "\fBpostfix start\fR" command.
/* .IP "\fB-bh\fR (ignored)"
/* .IP "\fB-bH\fR (ignored)"
/* Postfix has no persistent host status database.
/* have no \fBFrom:\fR message header.
/* .IP "\fB-f \fIsender\fR"
/* Set the envelope sender address. This is the address where
-/* delivery problems are sent to, unless the message contains an
-/* \fBErrors-To:\fR message header.
+/* delivery problems are sent to. With Postfix versions before 2.1, the
+/* \fBErrors-To:\fR message header overrides the error return address.
/* .IP "\fB-G\fR (ignored)"
/* Gateway (relay) submission, as opposed to initial user submission.
/* .IP "\fB-h \fIhop_count\fR (ignored)"
/* configuration parameter in \fBmain.cf\fR instead.
/* .IP "\fB-r \fIsender\fR"
/* Set the envelope sender address. This is the address where
-/* delivery problems are sent to, unless the message contains an
-/* \fBErrors-To:\fR message header.
+/* delivery problems are sent to. With Postfix versions before 2.1, the
+/* \fBErrors-To:\fR message header overrides the error return address.
/* .IP "\fB-R \fIreturn_limit\fR (ignored)"
/* Limit the size of bounced mail. Use the \fBbounce_size_limit\fR
/* configuration parameter instead.
/* See \fBflush\fR(8) for more information about the "fast flush"
/* service.
/* .IP \fB-qS\fIsite\fR
-/* This command is not implemented. Use the slower \fBsendmail -q\fR
+/* This command is not implemented. Use the slower "\fBsendmail -q\fR"
/* command instead.
/* .IP \fB-t\fR
/* Extract recipients from message headers. These are added to any
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program.
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* TROUBLE SHOOTING CONTROLS
/* .ad
/* .fi
/* .IP "\fBauthorized_mailq_users (static:anyone)\fR"
/* List of users who are authorized to view the queue.
/* .IP "\fBauthorized_submit_users (static:anyone)\fR"
-/* List of users who are authorized to submit mail with the sendmail(1)
-/* command (and with the privileged postdrop(1) helper command).
+/* List of users who are authorized to submit mail with the \fBsendmail\fR(1)
+/* command (and with the privileged \fBpostdrop\fR(1) helper command).
/* RESOURCE AND RATE CONTROLS
/* .ad
/* .fi
/* The two default VERP delimiter characters.
/* .IP "\fBverp_delimiter_filter (-=+)\fR"
/* The characters Postfix accepts as VERP delimiter characters on the
-/* Postfix sendmail(1) command line and in SMTP commands.
+/* Postfix \fBsendmail\fR(1) command line and in SMTP commands.
/* MISCELLANEOUS CONTROLS
/* .ad
/* .fi
/* .IP "\fBalias_database (see 'postconf -d' output)\fR"
-/* The alias databases for local(8) delivery that are updated with
+/* The alias databases for \fBlocal\fR(8) delivery that are updated with
/* "\fBnewaliases\fR" or with "\fBsendmail -bi\fR".
/* .IP "\fBcommand_directory (see 'postconf -d' output)\fR"
/* The location of all postfix administrative commands.
/* .IP "\fBdaemon_directory (see 'postconf -d' output)\fR"
/* The directory with Postfix support programs and daemon programs.
/* .IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
-/* The default database type for use in newaliases(1), postalias(1)
-/* and postmap(1) commands.
+/* The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+/* and \fBpostmap\fR(1) commands.
/* .IP "\fBdelay_warning_time (0h)\fR"
/* The time after which the sender receives the message headers of
/* mail that is still queued.
+/* .IP "\fBenable_errors_to (no)\fR"
+/* Report mail delivery errors to the address specified with the
+/* non-standard Errors-To: message header, instead of the envelope
+/* sender address (this feature is removed with Postfix 2.2, is
+/* turned off by default with Postfix 2.1, and is always turned on
+/* with older Postfix versions).
/* .IP "\fBmail_owner (postfix)\fR"
/* The UNIX system account that owns the Postfix queue and most Postfix
/* daemon processes.
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* .IP "\fBtrigger_timeout (10s)\fR"
/* The time limit for sending a trigger to a Postfix daemon (for
-/* example, the pickup(8) or qmgr(8) daemon).
+/* example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
/* FILES
/* /var/spool/postfix, mail queue
/* /etc/postfix, configuration files
offset += var_line_limit;
} else {
output_text(context, REC_TYPE_NORM, line, len, offset);
+ offset += len;
break;
}
} while (len > 0);
/* SYNOPSIS
/* \fBshowq\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBshowq\fR daemon reports the Postfix mail queue status.
+/* The \fBshowq\fR(8) daemon reports the Postfix mail queue status.
/* It is the program that emulates the sendmail `mailq' command.
/*
-/* The \fBshowq\fR daemon can also be run in stand-alone mode
+/* The \fBshowq\fR(8) daemon can also be run in stand-alone mode
/* by the superuser. This mode of operation is used to emulate
/* the `mailq' command while the Postfix mail system is down.
/* SECURITY
/* .ad
/* .fi
-/* The \fBshowq\fR daemon can run in a chroot jail at fixed low
+/* The \fBshowq\fR(8) daemon can run in a chroot jail at fixed low
/* privilege, and takes no input from the client. Its service port
/* is accessible to local untrusted users, so the service can be
/* susceptible to denial of service attacks.
/* STANDARDS
/* .ad
/* .fi
-/* None. The showq daemon does not interact with the outside world.
+/* None. The \fBshowq\fR(8) daemon does not interact with the
+/* outside world.
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
/* BUGS
-/* The \fBshowq\fR daemon runs at a fixed low privilege; consequently,
+/* The \fBshowq\fR(8) daemon runs at a fixed low privilege; consequently,
/* it cannot extract information from queue files in the
/* \fBmaildrop\fR directory.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically as showq(8)
+/* Changes to \fBmain.cf\fR are picked up automatically as \fBshowq\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
/* The default location of the Postfix main.cf and master.cf
/* configuration files.
/* request before it is terminated by a built-in watchdog timer.
/* .IP "\fBduplicate_filter_limit (1000)\fR"
/* The maximal number of addresses remembered by the address
-/* duplicate filter for aliases(5) or virtual(5) alias expansion, or
-/* for showq(8) queue displays.
+/* duplicate filter for \fBaliases\fR(5) or \fBvirtual\fR(5) alias expansion, or
+/* for \fBshowq\fR(8) queue displays.
/* .IP "\fBempty_address_recipient (MAILER-DAEMON)\fR"
/* The recipient of mail addressed to the null address.
/* .IP "\fBipc_timeout (3600s)\fR"
/* NAME
/* smtp 8
/* SUMMARY
-/* Postfix remote delivery via SMTP
+/* Postfix SMTP client
/* SYNOPSIS
/* \fBsmtp\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The SMTP client processes message delivery requests from
+/* The Postfix SMTP client processes message delivery requests from
/* the queue manager. Each request specifies a queue file, a sender
/* address, a domain or host to deliver to, and recipient information.
/* This program expects to be run from the \fBmaster\fR(8) process
/* deliver the mail to an alternate host.
/*
/* After a successful mail transaction, a connection may be saved
-/* to the \fBscache(8)\fR connection cache server, so that it
+/* to the \fBscache\fR(8) connection cache server, so that it
/* may be used by any SMTP client for a subsequent transaction.
/*
/* By default, connection caching is enabled temporarily for
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically, as smtp(8)
+/* Changes to \fBmain.cf\fR are picked up automatically, as \fBsmtp\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* COMPATIBILITY CONTROLS
/* .ad
/* .fi
/* The expiration time of Postfix SMTP client TLS session cache
/* information.
/* .IP "\fBtls_daemon_random_bytes (32)\fR"
-/* The number of pseudo-random bytes that an smtp(8) or smtpd(8)
-/* process requests from the tlsmgr(8) server in order to seed its
+/* The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
+/* process requests from the \fBtlsmgr\fR(8) server in order to seed its
/* internal pseudo random number generator (PRNG).
/* RESOURCE AND RATE CONTROLS
/* .ad
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically, as smtpd(8)
+/* Changes to \fBmain.cf\fR are picked up automatically, as \fBsmtpd\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* COMPATIBILITY CONTROLS
/* .ad
/* .fi
/* Run the Postfix SMTP server in the non-standard "wrapper" mode,
/* instead of using the STARTTLS command.
/* .IP "\fBtls_daemon_random_bytes (32)\fR"
-/* The number of pseudo-random bytes that an smtp(8) or smtpd(8)
-/* process requests from the tlsmgr(8) server in order to seed its
+/* The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
+/* process requests from the \fBtlsmgr\fR(8) server in order to seed its
/* internal pseudo random number generator (PRNG).
/* VERP SUPPORT CONTROLS
/* .ad
/* The two default VERP delimiter characters.
/* .IP "\fBverp_delimiter_filter (-=+)\fR"
/* The characters Postfix accepts as VERP delimiter characters on the
-/* Postfix sendmail(1) command line and in SMTP commands.
+/* Postfix \fBsendmail\fR(1) command line and in SMTP commands.
/* .PP
/* Available in Postfix version 1.1 and 2.0:
/* .IP "\fBauthorized_verp_clients ($mynetworks)\fR"
/* before it is flushed upon receipt of EHLO, RSET, or end of DATA.
/* .PP
/* The per SMTP client connection count and request rate limits are
-/* implemented in co-operation with the anvil(8) service, and
+/* implemented in co-operation with the \fBanvil\fR(8) service, and
/* are available in Postfix version 2.2 and later.
/* .IP "\fBsmtpd_client_connection_count_limit (50)\fR"
/* How many simultaneous connections any client is allowed to
/* .IP "\fBsmtpd_restriction_classes (empty)\fR"
/* User-defined aliases for groups of access restrictions.
/* .IP "\fBsmtpd_null_access_lookup_key (<>)\fR"
-/* The lookup key to be used in SMTP access(5) tables instead of the
+/* The lookup key to be used in SMTP \fBaccess\fR(5) tables instead of the
/* null sender address.
/* .IP "\fBpermit_mx_backup_networks (empty)\fR"
/* Restrict the use of the permit_mx_backup SMTP access feature to
/* are not actually delivered.
/* This feature is requested via the reject_unverified_sender and
/* reject_unverified_recipient access restrictions. The status of
-/* verification probes is maintained by the verify(8) server.
+/* verification probes is maintained by the \fBverify\fR(8) server.
/* See the file ADDRESS_VERIFICATION_README for information
/* about how to configure and operate the Postfix sender/recipient
/* address verification service.
/* .IP "\fBaddress_verify_poll_count (3)\fR"
-/* How many times to query the verify(8) service for the completion
+/* How many times to query the \fBverify\fR(8) service for the completion
/* of an address verification request in progress.
/* .IP "\fBaddress_verify_poll_delay (3s)\fR"
/* The delay between queries for the completion of an address
/* and/or text responses.
/* .IP "\fBaccess_map_reject_code (554)\fR"
/* The numerical Postfix SMTP server response code when a client
-/* is rejected by an access(5) map restriction.
+/* is rejected by an \fBaccess\fR(5) map restriction.
/* .IP "\fBdefer_code (450)\fR"
/* The numerical Postfix SMTP server response code when a remote SMTP
/* client request is rejected by the "defer" restriction.
/* or reject_non_fqdn_recipient restriction.
/* .IP "\fBreject_code (554)\fR"
/* The numerical Postfix SMTP server response code when a remote SMTP
-/* client request is rejected by the "\fBreject\fR" restriction.
+/* client request is rejected by the "reject" restriction.
/* .IP "\fBrelay_domains_reject_code (554)\fR"
/* The numerical Postfix SMTP server response code when a client
/* request is rejected by the reject_unauth_destination recipient
#include <namadr_list.h>
#include <input_transp.h>
#include <is_header.h>
-#ifdef SNAPSHOT
#include <anvil_clnt.h>
-#endif
#include <flush_clnt.h>
#include <ehlo_mask.h> /* ehlo filter */
#include <maps.h> /* ehlo filter */
bool var_smtpd_rej_unl_from;
bool var_smtpd_rej_unl_rcpt;
char *var_smtpd_forbid_cmds;
-
-#ifdef SNAPSHOT
int var_smtpd_crate_limit;
int var_smtpd_cconn_limit;
int var_smtpd_cmail_limit;
int var_smtpd_crcpt_limit;
char *var_smtpd_hoggers;
-
-#endif
-
char *var_local_rwr_clients;
char *var_smtpd_ehlo_dis_words;
char *var_smtpd_ehlo_dis_maps;
/*
* Client connection and rate limiting.
*/
-#ifdef SNAPSHOT
ANVIL_CLNT *anvil_clnt;
static NAMADR_LIST *hogger_list;
-#endif
-
/*
* Other application-specific globals.
*/
* of client address information in connect and disconnect events. For
* now we exclude xclient authorized hosts from event count/rate control.
*/
-#ifdef SNAPSHOT
if (SMTPD_STAND_ALONE(state) == 0
&& !xclient_allowed
&& anvil_clnt
rate, state->namaddr, state->service);
return (-1);
}
-#endif
if (argv[2].tokval == SMTPD_TOK_ERROR) {
state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "501 Bad sender address syntax");
* of client address information in connect and disconnect events. For
* now we exclude xclient authorized hosts from event count/rate control.
*/
-#ifdef SNAPSHOT
if (SMTPD_STAND_ALONE(state) == 0
&& !xclient_allowed
&& anvil_clnt
rate, state->namaddr, state->service);
return (-1);
}
-#endif
if (argv[2].tokval == SMTPD_TOK_ERROR) {
state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "501 Bad recipient address syntax");
* will discard client message or recipient rate information too
* early or too late.
*/
-#ifdef SNAPSHOT
if (SMTPD_STAND_ALONE(state) == 0
&& !xclient_allowed
&& anvil_clnt
break;
}
}
-#endif
/* XXX We use the real client for connect access control. */
if (SMTPD_STAND_ALONE(state) == 0
&& var_smtpd_delay_reject == 0
* will discard client message or recipient rate information too early or
* too late.
*/
-#ifdef SNAPSHOT
if (SMTPD_STAND_ALONE(state) == 0
&& !xclient_allowed
&& anvil_clnt
&& !namadr_list_match(hogger_list, state->name, state->addr))
anvil_clnt_disconnect(anvil_clnt, service, state->addr);
-#endif
/*
* Log abnormal session termination, in case postmaster notification has
verp_clients = namadr_list_init(MATCH_FLAG_NONE, var_verp_clients);
xclient_hosts = namadr_list_init(MATCH_FLAG_NONE, var_xclient_hosts);
xforward_hosts = namadr_list_init(MATCH_FLAG_NONE, var_xforward_hosts);
-#ifdef SNAPSHOT
hogger_list = namadr_list_init(MATCH_FLAG_NONE, var_smtpd_hoggers);
-#endif
if (getuid() == 0 || getuid() == var_owner_uid)
smtpd_check_init();
debug_peer_init();
/*
* Connection rate management.
*/
-#ifdef SNAPSHOT
if (var_smtpd_crate_limit || var_smtpd_cconn_limit
|| var_smtpd_cmail_limit || var_smtpd_crcpt_limit)
anvil_clnt = anvil_clnt_create();
-#endif
}
/* main - the main program */
VAR_VIRT_MAILBOX_CODE, DEF_VIRT_MAILBOX_CODE, &var_virt_mailbox_code, 0, 0,
VAR_RELAY_RCPT_CODE, DEF_RELAY_RCPT_CODE, &var_relay_rcpt_code, 0, 0,
VAR_VERIFY_POLL_COUNT, DEF_VERIFY_POLL_COUNT, &var_verify_poll_count, 1, 0,
-#ifdef SNAPSHOT
VAR_SMTPD_CRATE_LIMIT, DEF_SMTPD_CRATE_LIMIT, &var_smtpd_crate_limit, 0, 0,
VAR_SMTPD_CCONN_LIMIT, DEF_SMTPD_CCONN_LIMIT, &var_smtpd_cconn_limit, 0, 0,
VAR_SMTPD_CMAIL_LIMIT, DEF_SMTPD_CMAIL_LIMIT, &var_smtpd_cmail_limit, 0, 0,
VAR_SMTPD_CRCPT_LIMIT, DEF_SMTPD_CRCPT_LIMIT, &var_smtpd_crcpt_limit, 0, 0,
-#endif
#ifdef USE_TLS
VAR_SMTPD_TLS_CCERT_VD, DEF_SMTPD_TLS_CCERT_VD, &var_smtpd_tls_ccert_vd, 0, 0,
#endif
VAR_INPUT_TRANSP, DEF_INPUT_TRANSP, &var_input_transp, 0, 0,
VAR_XCLIENT_HOSTS, DEF_XCLIENT_HOSTS, &var_xclient_hosts, 0, 0,
VAR_XFORWARD_HOSTS, DEF_XFORWARD_HOSTS, &var_xforward_hosts, 0, 0,
-#ifdef SNAPSHOT
VAR_SMTPD_HOGGERS, DEF_SMTPD_HOGGERS, &var_smtpd_hoggers, 0, 0,
-#endif
VAR_LOC_RWR_CLIENTS, DEF_LOC_RWR_CLIENTS, &var_local_rwr_clients, 0, 0,
VAR_SMTPD_EHLO_DIS_WORDS, DEF_SMTPD_EHLO_DIS_WORDS, &var_smtpd_ehlo_dis_words, 0, 0,
VAR_SMTPD_EHLO_DIS_MAPS, DEF_SMTPD_EHLO_DIS_MAPS, &var_smtpd_ehlo_dis_maps, 0, 0,
/* Listen on the UNIX-domain socket at \fIpathname\fR.
/* .IP \fIbacklog\fR
/* The maximum length the queue of pending connections,
-/* as defined by the listen(2) call.
+/* as defined by the \fBlisten\fR(2) system call.
/* SEE ALSO
/* smtp-source(1), SMTP/LMTP message generator
/* LICENSE
/* SYNOPSIS
/* \fBspawn\fR [generic Postfix daemon options] command_attributes...
/* DESCRIPTION
-/* The \fBspawn\fR daemon provides the Postfix equivalent of \fBinetd\fR.
+/* The \fBspawn\fR(8) daemon provides the Postfix equivalent
+/* of \fBinetd\fR.
/* It listens on a port as specified in the Postfix \fBmaster.cf\fR file
/* and spawns an external command whenever a connection is established.
/* The connection can be made over local IPC (such as UNIX-domain
/* specified \fIusername\fR. The software refuses to execute
/* commands with root privileges, or with the privileges of the
/* mail system owner. If \fIgroupname\fR is specified, the
-/* corresponding group ID is used instead of the group ID of
+/* corresponding group ID is used instead of the group ID
/* of \fIusername\fR.
/* .IP "\fBargv\fR=\fIcommand\fR... (required)"
/* The command to be executed. This must be specified as the
/* shell meta characters by a shell command interpreter.
/* BUGS
/* In order to enforce standard Postfix process resource controls,
-/* the \fBspawn\fR daemon runs only one external command at a time.
+/* the \fBspawn\fR(8) daemon runs only one external command at a time.
/* As such, it presents a noticeable overhead by wasting precious
-/* process resources. The \fBspawn\fR daemon is expected to be
+/* process resources. The \fBspawn\fR(8) daemon is expected to be
/* replaced by a more structural solution.
/* DIAGNOSTICS
-/* The \fBspawn\fR daemon reports abnormal child exits.
+/* The \fBspawn\fR(8) daemon reports abnormal child exits.
/* Problems are logged to \fBsyslogd\fR(8).
/* SECURITY
/* .fi
/* .ad
/* This program needs root privilege in order to execute external
/* commands as the specified user. It is therefore security sensitive.
-/* However the \fBspawn\fR daemon does not talk to the external command
+/* However the \fBspawn\fR(8) daemon does not talk to the external command
/* and thus is not vulnerable to data-driven attacks.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically as spawn(8)
+/* Changes to \fBmain.cf\fR are picked up automatically as \fBspawn\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/*
/* In the text below, \fItransport\fR is the first field of the entry
/* in the \fBmaster.cf\fR file.
/* SYNOPSIS
/* \fBtlsmgr\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The tlsmgr(8) manages the TLS session caches for Postfix
-/* SMTP client and server processes. It stores and retrieves
-/* cache entries on request by smtpd(8) and smtp(8) processes,
-/* and periodically removes entries that have expired.
+/* The \fBtlsmgr\fR(8) manages the Postfix TLS session caches.
+/* It stores and retrieves cache entries on request by
+/* \fBsmtpd\fR(8) and \fBsmtp\fR(8) processes, and periodically
+/* removes entries that have expired.
/*
-/* The tlsmgr(8) also manages the PRNG (pseudo random number
-/* generator) pool. It answers queries by the smtpd(8) and smtp(8)
+/* The \fBtlsmgr\fR(8) also manages the PRNG (pseudo random number
+/* generator) pool. It answers queries by the \fBsmtpd\fR(8)
+/* and \fBsmtp\fR(8)
/* processes to seed their internal PRNG pools.
/*
-/* The tlsmgr(8)'s PRNG pool is initially seeded from
+/* The \fBtlsmgr\fR(8)'s PRNG pool is initially seeded from
/* an external source (EGD, /dev/urandom, or regular file).
/* It is updated at configurable pseudo-random intervals with
/* data from the external source. It is updated periodically
/* with data from TLS session cache entries and with the time
/* of day, and is updated with the time of day whenever a
-/* process requests tlsmgr(8) service.
+/* process requests \fBtlsmgr\fR(8) service.
/*
-/* The tlsmgr(8) saves the PRNG state to an exchange file
+/* The \fBtlsmgr\fR(8) saves the PRNG state to an exchange file
/* periodically and when the process terminates, and reads
/* the exchange file when initializing its PRNG.
/* SECURITY
/* .ad
/* .fi
-/* tlsmgr(8) is not security-sensitive. The code that maintains
+/* The \fBtlsmgr\fR(8) is not security-sensitive. The code that maintains
/* the external and internal PRNG pools does not "trust" the
/* data that it manipulates, and the code that maintains the
/* TLS session cache does not touch the contents of the cached
/* entries, except for seeding its internal PRNG pool.
/*
-/* The tlsmgr(8) can be run chrooted and with reduced privileges.
+/* The \fBtlsmgr\fR(8) can be run chrooted and with reduced privileges.
/* At process startup it connects to the entropy source and
/* exchange file, and creates or truncates the optional TLS
/* session cache files.
/* .ad
/* .fi
/* Changes to \fBmain.cf\fR are not picked up automatically,
-/* because tlsmgr(8) is a persistent processes. Use the
+/* because \fBtlsmgr\fR(8) is a persistent processes. Use the
/* command "\fBpostfix reload\fR" after a configuration change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* TLS SESSION CACHE
/* .ad
/* .fi
/* .ad
/* .fi
/* .IP "\fBtls_random_source (see 'postconf -d' output)\fR"
-/* The external entropy source for the in-memory tlsmgr(8) pseudo
+/* The external entropy source for the in-memory \fBtlsmgr\fR(8) pseudo
/* random number generator (PRNG) pool.
/* .IP "\fBtls_random_bytes (32)\fR"
-/* The number of bytes that tlsmgr(8) reads from $tls_random_source
+/* The number of bytes that \fBtlsmgr\fR(8) reads from $tls_random_source
/* when (re)seeding the in-memory pseudo random number generator (PRNG)
/* pool.
/* .IP "\fBtls_random_exchange_name (${config_directory}/prng_exch)\fR"
/* Name of the pseudo random number generator (PRNG) state file
-/* that is maintained by tlsmgr(8).
+/* that is maintained by \fBtlsmgr\fR(8).
/* .IP "\fBtls_random_prng_update_period (3600s)\fR"
-/* The time between attempts by tlsmgr(8) to save the state of
+/* The time between attempts by \fBtlsmgr\fR(8) to save the state of
/* the pseudo random number generator (PRNG) to the file specified
/* with $tls_random_exchange_name.
/* .IP "\fBtls_random_reseed_period (3600s)\fR"
-/* The maximal time between attempts by tlsmgr(8) to re-seed the
+/* The maximal time between attempts by \fBtlsmgr\fR(8) to re-seed the
/* in-memory pseudo random number generator (PRNG) pool from external
/* sources.
/* MISCELLANEOUS CONTROLS
/* The mail system name that is prepended to the process name in syslog
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* SEE ALSO
-/* smtp(8) Postfix SMTP client
-/* smtpd(8) Postfix SMTP server
+/* smtp(8), Postfix SMTP client
+/* smtpd(8), Postfix SMTP server
/* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager
/* SYNOPSIS
/* \fBtrivial-rewrite\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBtrivial-rewrite\fR daemon processes three types of client
+/* The \fBtrivial-rewrite\fR(8) daemon processes three types of client
/* service requests:
/* .IP "\fBrewrite \fIcontext address\fR"
/* Rewrite an address to standard form, according to the
/* SERVER PROCESS MANAGEMENT
/* .ad
/* .fi
-/* The trivial-rewrite servers run under control by the Postfix master
+/* The \fBtrivial-rewrite\fR(8) servers run under control by
+/* the Postfix master
/* server. Each server can handle multiple simultaneous connections.
/* When all servers are busy while a client connects, the master
/* creates a new server process, provided that the trivial-rewrite
/* SECURITY
/* .ad
/* .fi
-/* The \fBtrivial-rewrite\fR daemon is not security sensitive.
+/* The \fBtrivial-rewrite\fR(8) daemon is not security sensitive.
/* By default, this daemon does not talk to remote or local users.
/* It can run at a fixed low privilege in a chrooted environment.
/* DIAGNOSTICS
/* .ad
/* .fi
/* On busy mail systems a long time may pass before a \fBmain.cf\fR
-/* change affecting trivial_rewrite(8) is picked up. Use the command
+/* change affecting \fBtrivial-rewrite\fR(8) is picked up. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* COMPATIBILITY CONTROLS
/* .ad
/* .fi
/* instead of requiring an explicit ".domain.tld" pattern.
/* .IP "\fBrelayhost (empty)\fR"
/* The default host to send non-local mail to when no entry is matched
-/* in the optional transport(5) table.
+/* in the optional \fBtransport\fR(5) table.
/* .IP "\fBtransport_maps (empty)\fR"
/* Optional lookup tables with mappings from recipient address to
/* (message delivery transport, next-hop destination).
/* SYNOPSIS
/* \fBverify\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The Postfix address verification server maintains a record
+/* The \fBverify\fR(8) address verification server maintains a record
/* of what recipient addresses are known to be deliverable or
/* undeliverable.
/*
/* MTA for the specified address, and will therefore not detect
/* all undeliverable addresses.
/*
-/* This server is designed to run under control by the Postfix
+/* The \fBverify\fR(8) server is designed to run under control
+/* by the Postfix
/* master server. It maintains an optional persistent database.
/* To avoid being interrupted by "postfix stop" in the middle
/* of a database update, the process runs in a separate process
/* group.
/*
-/* This server implements the following requests:
+/* The \fBverify\fR(8) server implements the following requests:
/* .IP "\fBupdate\fI address status text\fR"
/* Update the status and text of the specified address.
/* .IP "\fBquery\fI address\fR"
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are not picked up automatically, as verify(8)
+/* Changes to \fBmain.cf\fR are not picked up automatically,
+/* as \fBverify\fR(8)
/* processes are persistent. Use the command "\fBpostfix reload\fR" after
/* a configuration change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* CACHE CONTROLS
/* .ad
/* .fi
/* \fBvirtual\fR [generic Postfix daemon options]
/* DESCRIPTION
/* The \fBvirtual\fR(8) delivery agent is designed for virtual mail
-/* hosting services. Originally based on the Postfix local(8) delivery
+/* hosting services. Originally based on the Postfix \fBlocal\fR(8)
+/* delivery
/* agent, this agent looks up recipients with map lookups of their
/* full recipient address, instead of using hard-coded unix password
/* file lookups of the address local part only.
/* is delivered in UNIX mailbox format. This format stores multiple
/* messages in one textfile.
/*
-/* The \fBvirtual\fR delivery agent prepends a "\fBFrom \fIsender
+/* The \fBvirtual\fR(8) delivery agent prepends a "\fBFrom \fIsender
/* time_stamp\fR" envelope header to each message, prepends a
/* \fBDelivered-To:\fR message header with the envelope recipient
/* address,
/* When the mailbox location ends in \fB/\fR, the message is delivered
/* in qmail \fBmaildir\fR format. This format stores one message per file.
/*
-/* The \fBvirtual\fR delivery agent daemon prepends a \fBDelivered-To:\fR
+/* The \fBvirtual\fR(8) delivery agent prepends a \fBDelivered-To:\fR
/* message header with the final envelope recipient address,
/* prepends an \fBX-Original-To:\fR header with the recipient address as
/* given to Postfix, and prepends a
/* SECURITY
/* .ad
/* .fi
-/* The virtual delivery agent is not security sensitive, provided
+/* The \fBvirtual\fR(8) delivery agent is not security sensitive, provided
/* that the lookup tables with recipient user/group ID information are
/* adequately protected. This program is not designed to run chrooted.
/*
-/* The virtual delivery agent disallows regular expression
+/* The \fBvirtual\fR(8) delivery agent disallows regular expression
/* substitution of $1 etc. in regular expression lookup tables,
/* because that would open a security hole.
/*
-/* The virtual delivery agent will silently ignore requests
-/* to use the proxymap(8) server. Instead it will open the
+/* The \fBvirtual\fR(8) delivery agent will silently ignore requests
+/* to use the \fBproxymap\fR(8) server. Instead it will open the
/* table directly. Before Postfix version 2.2, the virtual
/* delivery agent will terminate with a fatal error.
/* STANDARDS
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
-/* Changes to \fBmain.cf\fR are picked up automatically, as virtual(8)
+/* Changes to \fBmain.cf\fR are picked up automatically, as
+/* \fBvirtual\fR(8)
/* processes run for only a limited amount of time. Use the command
/* "\fBpostfix reload\fR" to speed up a change.
/*
/* The text below provides only a parameter summary. See
-/* postconf(5) for more details including examples.
+/* \fBpostconf\fR(5) for more details including examples.
/* MAILBOX DELIVERY CONTROLS
/* .ad
/* .fi
/* .IP "\fBvirtual_mailbox_base (empty)\fR"
-/* A prefix that the virtual(8) delivery agent prepends to all pathname
+/* A prefix that the \fBvirtual\fR(8) delivery agent prepends to all pathname
/* results from $virtual_mailbox_maps table lookups.
/* .IP "\fBvirtual_mailbox_maps (empty)\fR"
/* Optional lookup tables with all valid addresses in the domains that
/* match $virtual_mailbox_domains.
/* .IP "\fBvirtual_minimum_uid (100)\fR"
-/* The minimum user ID value that the virtual(8) delivery agent accepts
-/* as a result from \fB$virtual_uid_maps\fR table lookup.
+/* The minimum user ID value that the \fBvirtual\fR(8) delivery agent accepts
+/* as a result from $virtual_uid_maps table lookup.
/* .IP "\fBvirtual_uid_maps (empty)\fR"
-/* Lookup tables with the per-recipient user ID that the virtual(8)
+/* Lookup tables with the per-recipient user ID that the \fBvirtual\fR(8)
/* delivery agent uses while writing to the recipient's mailbox.
/* .IP "\fBvirtual_gid_maps (empty)\fR"
-/* Lookup tables with the per-recipient group ID for virtual(8) mailbox
+/* Lookup tables with the per-recipient group ID for \fBvirtual\fR(8) mailbox
/* delivery.
/* .PP
/* Available in Postfix version 2.0 and later:
/* .ad
/* .fi
/* .IP "\fBvirtual_mailbox_lock (see 'postconf -d' output)\fR"
-/* How to lock a UNIX-style virtual(8) mailbox before attempting
+/* How to lock a UNIX-style \fBvirtual\fR(8) mailbox before attempting
/* delivery.
/* .IP "\fBdeliver_lock_attempts (20)\fR"
/* The maximal number of attempts to acquire an exclusive lock on a
-/* mailbox file or bounce(8) logfile.
+/* mailbox file or \fBbounce\fR(8) logfile.
/* .IP "\fBdeliver_lock_delay (1s)\fR"
/* The time between attempts to acquire an exclusive lock on a mailbox
-/* file or bounce(8) logfile.
+/* file or \fBbounce\fR(8) logfile.
/* .IP "\fBstale_lock_time (500s)\fR"
/* The time after which a stale exclusive mailbox lockfile is removed.
/* RESOURCE AND RATE CONTROLS
projects / thirdparty / postfix.git / commitdiff
