smtp_dot_quit_workaround_threshold_time parameter. Files:
smtp/smtp_proto.c, smtp/smtp.c.
+ Feature: mailbox_transport_maps and fallback_transport_maps
+ to search delivery transports by recipient name. Files:
+ local/mailbox.c, local/unknown.c.
+
+ Feature: the master daemon now logs a warning when all
+ servers are busy that may accept remote connections, and
+ suggests to either increase the process count or to reduce
+ the service time per client. Files: master/master_ent.c,
+ master/master_avail.c.
+
+20051231
+
+ Bugfix: the anvil server would terminate after "max_idle"
+ seconds, even when this was less than the anvil_rate_time_unit
+ interval. File: anvil/anvil.c.
+
+20060102
+
+ Deleted the 20051229 dot-quit bug workaround. Automatically
+ deferring delivery created "no delivery" and "repeated
+ delivery" problems; and automatically turning off pipelining
+ for delayed mail was a bad workaround for a bad workaround.
+ The administrator still has the option to turn off pipelining
+ by hand if loss of mail is a concern.
+
Open problems:
"postsuper -r" no longer resets the message arrival time,
5
6 # Localize these. The -G option does nothing before Postfix 2.3.
7 INSPECT_DIR=/var/spool/filter
- 8 SENDMAIL="/usr/sbin/sendmail -G -i"
+ 8 SENDMAIL="/usr/sbin/sendmail -G -i" # NEVER NEVER NEVER use "-t" here.
9
10 # Exit codes from <sysexits.h>
11 EX_TEMPFAIL=75
* Line 8: The -i option says don't stop reading input when a line contains
"." only.
+ * Line 8: NEVER NEVER NEVER use the "-t" command-line option here. It will
+ mis-deliver mail, like sending mailing list mail back to the mailing list.
+
* Line 21: The idea is to first capture the message to file and then run the
content through a third-party content filter program.
time.
* With "-o smtp_send_xforward_command=yes", the scan transport will try to
- forward the original client name and IP address to the after-filter smtpd
- process, so that filtered mail is logged with the real client name IP
- address. See smtp(8) and XFORWARD_README for more information.
+ forward the original client name and IP address through the content filter
+ to the after-filter smtpd process, so that filtered mail is logged with the
+ real client name IP address. See smtp(8) and XFORWARD_README for more
+ information.
A\bAd\bdv\bva\ban\bnc\bce\bed\bd c\bco\bon\bnt\bte\ben\bnt\bt f\bfi\bil\blt\bte\ber\br:\b: r\bru\bun\bnn\bni\bin\bng\bg t\bth\bhe\be c\bco\bon\bnt\bte\ben\bnt\bt f\bfi\bil\blt\bte\ber\br
If you upgrade from Postfix 2.1 or earlier, read RELEASE_NOTES-2.2
before proceeding.
-Incompatibility with snapshot 20051228
+Incompatibility with snapshot 20060103
======================================
-New workaround to limit the number of repeated deliveries with
-servers or firewalls that mis-implement DOT+QUIT command pipelining.
-After one documented case of lost mail, as of 20050929 Postfix is
-more paranoid about malformed SMTP server replies. Unfortuately
-this results in repeated deliveries with other broken systems. To
-limit the number of repeated deliveries, the SMTP client no longer
-pipelines the DOT+QUIT commands when mail is queued longer than the
-time specified with the smtp_dot_quit_workaround_threshold_time
-parameter (default: 3000s). More details are in the postconf(5)
-manual.
+The Postfix SMTP/LMTP client no longer defers mail when it receives
+a malformed SMTP server reply in a session with command pipelining.
+When helpful warnings are enabled, it will suggest that command
+pipelining be disabled for the affected destination.
Major changes with snapshot 20051222
====================================
# Revision 1.4 2001/01/15 09:36:35 emma
# add note it was successfully tested on Debian sid
#
+# 20060101 /lib64 support by Keith Owens.
+#
CP="cp -p"
cd ${POSTFIX_DIR}
mkdir -p etc lib usr/lib/zoneinfo
+test -d /lib64 && mkdir -p lib64
# find localtime (SuSE 5.3 does not have /etc/localtime)
lt=/etc/localtime
cond_copy '/lib/libnss_*.so*' lib
cond_copy '/lib/libresolv.so*' lib
cond_copy '/lib/libdb.so*' lib
+if test -d /lib64; then
+ cond_copy '/lib64/libnss_*.so*' lib64
+ cond_copy '/lib64/libresolv.so*' lib64
+ cond_copy '/lib64/libdb.so*' lib64
+fi
postfix reload
5
6 # Localize these. The -G option does nothing before Postfix 2.3.
7 INSPECT_DIR=/var/spool/filter
- 8 SENDMAIL="/usr/sbin/sendmail -G -i"
+ 8 SENDMAIL="/usr/sbin/sendmail -G -i" # NEVER NEVER NEVER use "-t" here.
9
10 # Exit codes from <sysexits.h>
11 EX_TEMPFAIL=75
<li> <p> Line 8: The -i option says don't stop reading input when
a line contains "." only. </p>
+<li> <p> Line 8: NEVER NEVER NEVER use the "-t" command-line option
+here. It will mis-deliver mail, like sending mailing list mail back
+to the mailing list. </p>
+
<li> <p> Line 21: The idea is to first capture the message to
file and then run the content through a third-party content filter
program. </p>
with the <a href="pipe.8.html">pipe(8)</a> delivery agent. </p>
<pre>
-/etc/postfix/master.cf:
+/etc/postfix/<a href="master.5.html">master.cf</a>:
# =============================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
of it running at the same time. </p>
<li> <p> To turn on content filtering for mail arriving via SMTP
-only, append "-o <a href="postconf.5.html#content_filter">content_filter</a>=filter:dummy" to the master.cf
+only, append "-o <a href="postconf.5.html#content_filter">content_filter</a>=filter:dummy" to the <a href="master.5.html">master.cf</a>
entry that defines the Postfix SMTP server: </p>
<pre>
-/etc/postfix/master.cf:
+/etc/postfix/<a href="master.5.html">master.cf</a>:
# =============================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
<p> To turn off "simple" content filtering: </p>
-<ul> <li> <p> Edit the master.cf file, remove the "-o
+<ul> <li> <p> Edit the <a href="master.5.html">master.cf</a> file, remove the "-o
<a href="postconf.5.html#content_filter">content_filter</a>=filter:dummy" text from the entry that defines the
Postfix SMTP server. </p>
<h3>Advanced content filter: requesting that all mail is filtered</h3>
<p> To enable the advanced content filter method for all mail,
-specify in main.cf: </p>
+specify in <a href="postconf.5.html">main.cf</a>: </p>
<blockquote>
<pre>
-/etc/postfix/main.cf:
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#content_filter">content_filter</a> = scan:localhost:10025
<a href="postconf.5.html#receive_override_options">receive_override_options</a> = <a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
</pre>
<p> In this example, "scan" is an instance of the Postfix SMTP
client with slightly different configuration parameters. This is
-how one would set up the service in the Postfix master.cf file:
+how one would set up the service in the Postfix <a href="master.5.html">master.cf</a> file:
</p>
<blockquote>
<pre>
-/etc/postfix/master.cf:
+/etc/postfix/<a href="master.5.html">master.cf</a>:
# =============================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
much of it running at the same time. </p>
<li> <p> With "-o <a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a>=yes", the scan transport
-will try to forward the original client name and IP address to the
+will try to forward the original client name and IP address
+through the content filter to the
after-filter smtpd process, so that filtered mail is logged with
the real client name IP address. See <a href="smtp.8.html">smtp(8)</a> and <a href="XFORWARD_README.html">XFORWARD_README</a>
for more information. </p>
<blockquote>
<pre>
-/etc/postfix/master.cf:
+/etc/postfix/<a href="master.5.html">master.cf</a>:
# ===================================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
<blockquote>
<pre>
-/etc/postfix/master.cf:
+/etc/postfix/<a href="master.5.html">master.cf</a>:
# ===================================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
<li> <p> Note: do not use spaces around the "=" or "," characters. </p>
<li> <p> Note: the SMTP server must not have a smaller process
-limit than the "filter" master.cf entry. </p>
+limit than the "filter" <a href="master.5.html">master.cf</a> entry. </p>
-<li> <p> The "-o <a href="postconf.5.html#content_filter">content_filter</a>=" overrides main.cf settings, and
+<li> <p> The "-o <a href="postconf.5.html#content_filter">content_filter</a>=" overrides <a href="postconf.5.html">main.cf</a> settings, and
requests no content filtering for mail from the content filter.
This is required or else mail will stay in the content filtering
loop. </p>
-<li> <p> The "-o <a href="postconf.5.html#receive_override_options">receive_override_options</a>" overrides main.cf
+<li> <p> The "-o <a href="postconf.5.html#receive_override_options">receive_override_options</a>" overrides <a href="postconf.5.html">main.cf</a>
settings. It is complementary to the options that are specified in
-main.cf: </p>
+<a href="postconf.5.html">main.cf</a>: </p>
<ul>
</p>
<li> <p> The "-o smtpd_xxx_restrictions" and "-o <a href="postconf.5.html#mynetworks">mynetworks</a>=127.0.0.0/8"
-override main.cf settings. They turn off junk mail controls that
+override <a href="postconf.5.html">main.cf</a> settings. They turn off junk mail controls that
would only waste time here.
<li> <p> With "-o <a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a>=127.0.0.0/8",
<p> To turn off "advanced" content filtering: </p>
-<ul> <li> <p> Delete or comment out the two following main.cf lines.
+<ul> <li> <p> Delete or comment out the two following <a href="postconf.5.html">main.cf</a> lines.
The other changes made for advanced content filtering have no effect
when content filtering is turned off. </p>
<blockquote>
<pre>
-/etc/postfix/main.cf:
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#content_filter">content_filter</a> = scan:localhost:10025
<a href="postconf.5.html#receive_override_options">receive_override_options</a> = <a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
</pre>
<h2><a name="remote_only">Filtering mail from outside users only</a></h2>
<p> The easiest approach is to configure ONE Postfix instance with
-multiple SMTP server IP addresses in master.cf: </p>
+multiple SMTP server IP addresses in <a href="master.5.html">master.cf</a>: </p>
<ul>
with content filtering turned off. </p>
<pre>
-/etc/postfix.master.cf:
+/etc/postfix.<a href="master.5.html">master.cf</a>:
# ==================================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
content filtering turned on. </p>
<pre>
-/etc/postfix.master.cf:
+/etc/postfix.<a href="master.5.html">master.cf</a>:
# =================================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
<p> After this, you can follow the same procedure as outlined in
the "advanced" or "simple" content filtering examples above, except
that you must not specify "<a href="postconf.5.html#content_filter">content_filter</a>" or "<a href="postconf.5.html#receive_override_options">receive_override_options</a>"
-in the main.cf file. </p>
+in the <a href="postconf.5.html">main.cf</a> file. </p>
<h2><a name="domain_dependent">Different filters for different
domains</a></h2>
<p> If you are an MX service provider and want to apply different
content filters for different domains, you can configure ONE Postfix
-instance with multiple SMTP server IP addresses in master.cf. Each
+instance with multiple SMTP server IP addresses in <a href="master.5.html">master.cf</a>. Each
address provides a different content filter service. </p>
<blockquote>
<pre>
-/etc/postfix.master.cf:
+/etc/postfix.<a href="master.5.html">master.cf</a>:
# =================================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
<p> After this, you can follow the same procedure as outlined in
the "advanced" or "simple" content filtering examples above, except
that you must not specify "<a href="postconf.5.html#content_filter">content_filter</a>" or "<a href="postconf.5.html#receive_override_options">receive_override_options</a>"
-in the main.cf file. </p>
+in the <a href="postconf.5.html">main.cf</a> file. </p>
<p> Set up MX records in the DNS that route each domain to the
proper SMTP server instance. </p>
<ul>
<li> <p> FILTER actions from smtpd access maps and header/body_checks
-take precedence over filters specified with the
main.cf <a href="postconf.5.html#content_filter">content_filter</a>
+take precedence over filters specified with the
<a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#content_filter">content_filter</a>
parameter. </p>
<li> <p> If a message triggers more than one filter action, only
explicitly limit them.
<b>CONFIGURATION PARAMETERS</b>
- On low-traffic mail systems, changes to <b>main.cf</b> are picked
+ On low-traffic mail systems, changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked
up automatically as <a href="anvil.8.html"><b>anvil</b>(8)</a> processes run for only a lim-
ited amount of time. On other mail systems, use the com-
mand "<b>postfix reload</b>" to speed up a change.
limiting server logs peak usage information.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
- master.cf configuration files.
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to
<b>maildir</b> delivery.
Mailbox delivery can be delegated to an external command
- specified with the <b><a href="postconf.5.html#mailbox_command">mailbox_command</a></b> configuration parame-
- ter. The command executes with the privileges of the
- recipient user (exceptions: secondary groups are not
- enabled; in case of delivery as root, the command executes
- with the privileges of <b><a href="postconf.5.html#default_privs">default_privs</a></b>).
-
- Mailbox delivery can be delegated to alternative message
- transports specified in the <b>master.cf</b> file. The <b><a href="postconf.5.html#mailbox_transport">mail</a>-</b>
- <b><a href="postconf.5.html#mailbox_transport">box_transport</a></b> configuration parameter specifies a message
- transport that is to be used for all local recipients,
- regardless of whether they are found in the UNIX passwd
- database. The <b><a href="postconf.5.html#fallback_transport">fallback_transport</a></b> parameter specifies a
- message transport for recipients that are not found in the
- UNIX passwd database.
+ specified with the <b><a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a></b> and <b><a href="postconf.5.html#mailbox_command">mailbox_com</a>-</b>
+ <b><a href="postconf.5.html#mailbox_command">mand</a></b> configuration parameters. The command executes with
+ the privileges of the recipient user (exceptions: sec-
+ ondary groups are not enabled; in case of delivery as
+ root, the command executes with the privileges of
+ <b><a href="postconf.5.html#default_privs">default_privs</a></b>).
+
+ Mailbox delivery can be delegated to alternative message
+ transports specified in the <a href="master.5.html"><b>master.cf</b></a> file. The <b><a href="postconf.5.html#mailbox_transport_maps">mail</a>-</b>
+ <b><a href="postconf.5.html#mailbox_transport_maps">box_transport_maps</a></b> and <b><a href="postconf.5.html#mailbox_transport">mailbox_transport</a></b> configuration
+ parameters specify an optional message transport that is
+ to be used for all local recipients, regardless of whether
+ they are found in the UNIX passwd database. The <b><a href="postconf.5.html#fallback_transport_maps">fall</a>-</b>
+ <b><a href="postconf.5.html#fallback_transport_maps">back_transport_maps</a></b> and <b><a href="postconf.5.html#fallback_transport">fallback_transport</a></b> parameters
+ specify an optional message transport for recipients that
+ are not found in the <a href="aliases.5.html">aliases(5)</a> or UNIX passwd database.
In the case of UNIX-style mailbox delivery, the <a href="local.8.html"><b>local</b>(8)</a>
daemon prepends a "<b>From</b> <i>sender time</i><b>_</b><i>stamp</i>" envelope header
broken by the use of the <b>Delivered-To:</b> message header.
<b>CONFIGURATION PARAMETERS</b>
- Changes to <b>main.cf</b> are picked up automatically, as
+ Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as
<a href="local.8.html"><b>local</b>(8)</a> processes run for only a limited amount of time.
Use the command "<b>postfix reload</b>" to speed up a change.
<b>DELIVERY METHOD CONTROLS</b>
The precedence of <a href="local.8.html"><b>local</b>(8)</a> delivery methods from high to
- low is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>, <a href="postconf.5.html#mailbox_command_maps">mail</a>-
- <a href="postconf.5.html#mailbox_command_maps">box_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>,
- <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.
+ low is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>,
+ <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>, <a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>,
+ <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>, fallback_trans-
+ port_maps, <a href="postconf.5.html#fallback_transport">fallback_transport</a>, and <a href="postconf.5.html#luser_relay">luser_relay</a>.
<b><a href="postconf.5.html#alias_maps">alias_maps</a> (see 'postconf -d' output)</b>
The alias databases that are used for <a href="local.8.html"><b>local</b>(8)</a>
a .forward file with user-specified delivery meth-
ods.
+ <b><a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a> (empty)</b>
+ Optional lookup tables with per-recipient message
+ delivery transports to use for <a href="local.8.html"><b>local</b>(8)</a> mailbox
+ delivery, whether or not the recipients are found
+ in the UNIX passwd database.
+
<b><a href="postconf.5.html#mailbox_transport">mailbox_transport</a> (empty)</b>
- Optional message delivery transport that the
- <a href="local.8.html"><b>local</b>(8)</a> delivery agent should use for mailbox
- delivery to all local recipients, whether or not
+ Optional message delivery transport that the
+ <a href="local.8.html"><b>local</b>(8)</a> delivery agent should use for mailbox
+ delivery to all local recipients, whether or not
they are found in the UNIX passwd database.
<b><a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a> (empty)</b>
- Optional lookup tables with per-recipient external
+ Optional lookup tables with per-recipient external
commands to use for <a href="local.8.html"><b>local</b>(8)</a> mailbox delivery.
<b><a href="postconf.5.html#mailbox_command">mailbox_command</a> (empty)</b>
- Optional external command that the <a href="local.8.html"><b>local</b>(8)</a> deliv-
+ Optional external command that the <a href="local.8.html"><b>local</b>(8)</a> deliv-
ery agent should use for mailbox delivery.
<b><a href="postconf.5.html#home_mailbox">home_mailbox</a> (empty)</b>
- Optional pathname of a mailbox file relative to a
+ Optional pathname of a mailbox file relative to a
<a href="local.8.html"><b>local</b>(8)</a> user's home directory.
<b><a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a> (see 'postconf -d' output)</b>
- The directory where <a href="local.8.html"><b>local</b>(8)</a> UNIX-style mailboxes
+ The directory where <a href="local.8.html"><b>local</b>(8)</a> UNIX-style mailboxes
are kept.
+ <b><a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a> (empty)</b>
+ Optional lookup tables with per-recipient message
+ delivery transports for recipients that the
+ <a href="local.8.html"><b>local</b>(8)</a> delivery agent could not find in the
+ <a href="aliases.5.html"><b>aliases</b>(5)</a> or UNIX password database.
+
<b><a href="postconf.5.html#fallback_transport">fallback_transport</a> (empty)</b>
Optional message delivery transport that the
<a href="local.8.html"><b>local</b>(8)</a> delivery agent should use for names that
- are not found in the <a href="aliases.5.html"><b>aliases</b>(5)</a> database or in the
- UNIX passwd database.
+ are not found in the <a href="aliases.5.html"><b>aliases</b>(5)</a> or UNIX password
+ database.
<b><a href="postconf.5.html#luser_relay">luser_relay</a> (empty)</b>
Optional catch-all destination for unknown <a href="local.8.html"><b>local</b>(8)</a>
<b><a href="postconf.5.html#command_expansion_filter">command_expansion_filter</a> (see 'postconf -d' output)</b>
Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery
- agent allows in $name expansions of $mailbox_com-
- mand.
+ agent allows in $name expansions of $<a href="postconf.5.html#mailbox_command">mailbox_com</a>-
+ <a href="postconf.5.html#mailbox_command">mand</a>.
<b><a href="postconf.5.html#default_privs">default_privs</a> (nobody)</b>
The default rights used by the <a href="local.8.html"><b>local</b>(8)</a> delivery
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
- master.cf configuration files.
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to
Specify, for example, "<a href="postconf.5.html#best_mx_transport">best_mx_transport</a> = local" to pass the mail
from the SMTP client to the <a href="local.8.html">local(8)</a> delivery agent. You can specify
any message delivery "transport" or "transport:nexthop" that is
-defined in the
master.cf file. See the <a href="transport.5.html">transport(5)</a> manual page
+defined in the
<a href="master.5.html">master.cf</a> file. See the <a href="transport.5.html">transport(5)</a> manual page
for the syntax and meaning of "transport" or "transport:nexthop".
</p>
<p>
For compatibility reasons this feature is on by default. On systems
with lots of interactive users, the <a href="postconf.5.html#biff">biff</a> service can be a performance
-drain. Specify "<a href="postconf.5.html#biff">biff</a> = no" in main.cf to disable.
+drain. Specify "<a href="postconf.5.html#biff">biff</a> = no" in <a href="postconf.5.html">main.cf</a> to disable.
</p>
<DT><b><a name="config_directory">config_directory</a>
(default: see "postconf -d" output)</b></DT><DD>
-<p> The default location of the Postfix main.cf and master.cf
+<p> The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a>
configuration files. This can be overruled via the following
mechanisms: </p>
<p> With Postfix command that run with set-gid privileges, a
<a href="postconf.5.html#config_directory">config_directory</a> override requires either root privileges, or it
requires that the directory is listed with the <a href="postconf.5.html#alternate_config_directories">alternate_config_directories</a>
-parameter in the default main.cf file. </p>
+parameter in the default <a href="postconf.5.html">main.cf</a> file. </p>
</DD>
<p>
The default maximal number of Postfix child processes that provide
a given service. This limit can be overruled for specific services
-in the master.cf file.
+in the <a href="master.5.html">master.cf</a> file.
</p>
<p>
Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
-is the name of a mail delivery transport defined in master.cf.
+is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
The <i>:nexthop</i> part is optional. For more details see the
<a href="transport.5.html">transport(5)</a> manual page.
</p>
The names of message delivery transports that should not deliver mail
unless someone issues "<b>sendmail -q</b>" or equivalent. Specify zero
or more names of mail delivery transports names that appear in the
-first field of master.cf.
+first field of <a href="master.5.html">master.cf</a>.
</p>
<p>
<ul>
-<li> In
main.cf specify "<a href="postconf.5.html#relay_transport">relay_transport</a> = relay",
+<li> In
<a href="postconf.5.html">main.cf</a> specify "<a href="postconf.5.html#relay_transport">relay_transport</a> = relay",
-<li> In
master.cf specify "-o <a href="postconf.5.html#fallback_relay">fallback_relay</a> =" (i.e., empty) at
+<li> In
<a href="master.5.html">master.cf</a> specify "-o <a href="postconf.5.html#fallback_relay">fallback_relay</a> =" (i.e., empty) at
the end of the <tt>relay</tt> entry.
<li> In transport maps, specify "relay:<i>nexthop...</i>"
<p>
Optional message delivery transport that the <a href="local.8.html">local(8)</a> delivery
agent should use for names that are not found in the <a href="aliases.5.html">aliases(5)</a>
-database or in the UNIX passwd database.
+or UNIX password database.
</p>
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>. </p>
+
+
+</DD>
+
+<DT><b><a name="fallback_transport_maps">fallback_transport_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables with per-recipient message delivery
+transports for recipients that the <a href="local.8.html">local(8)</a> delivery agent could
+not find in the <a href="aliases.5.html">aliases(5)</a> or UNIX password database. </p>
+
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
</DD>
Specify a pathname ending in "/" for qmail-style delivery.
</p>
-<p>
-The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low is:
-aliases, .forward files, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>, <a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>,
-<a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a>
-and <a href="postconf.5.html#luser_relay">luser_relay</a>.
-</p>
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>. </p>
<p>
Examples:
<p>
A better solution for multi-homed firewalls is to leave <a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
at the default value and instead use explicit IP addresses in
-the master.cf SMTP server definitions. This preserves the SMTP client's
+the <a href="master.5.html">master.cf</a> SMTP server definitions. This preserves the SMTP client's
loop detection, by ensuring that each side of the firewall knows that the
other IP address is still the same host. Setting $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> to a
single IPv4 and/or IPV6 address is primarily useful with virtual
<p> The maximal number of parallel deliveries to the same destination
via the lmtp message delivery transport. This limit is enforced by
the queue manager. The message delivery transport name is the first
-field in the entry in the master.cf file. </p>
+field in the entry in the <a href="master.5.html">master.cf</a> file. </p>
</DD>
<p> The maximal number of recipients per delivery via the lmtp
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
-the entry in the master.cf file. </p>
+the entry in the <a href="master.5.html">master.cf</a> file. </p>
<p> Setting this parameter to a value of 1 changes the meaning of
<a href="postconf.5.html#lmtp_destination_concurrency_limit">lmtp_destination_concurrency_limit</a> from concurrency per domain into
</ul>
-</DD>
-
-<DT><b><a name="lmtp_dot_quit_workaround_threshold_time">lmtp_dot_quit_workaround_threshold_time</a>
-(default: 3000s)</b></DT><DD>
-
-<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_dot_quit_workaround_threshold_time">smtp_dot_quit_workaround_threshold_time</a>
-configuration parameter. See there for details. </p>
-
-
</DD>
<DT><b><a name="lmtp_enforce_tls">lmtp_enforce_tls</a>
</p>
<p>
-This information can be specified in the main.cf file for all LMTP
-clients, or it can be specified in the master.cf file for a specific
+This information can be specified in the <a href="postconf.5.html">main.cf</a> file for all LMTP
+clients, or it can be specified in the <a href="master.5.html">master.cf</a> file for a specific
client, for example:
</p>
<pre>
- /etc/postfix/master.cf:
+ /etc/postfix/<a href="master.5.html">master.cf</a>:
mylmtp ... lmtp -o <a href="postconf.5.html#lmtp_lhloname">lmtp_lhlo_name</a>=foo.bar.com
</pre>
parallel deliveries to the same <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> (when
"<a href="postconf.5.html#local_destination_recipient_limit">local_destination_recipient_limit</a> > 1"). This limit is enforced by
the queue manager. The message delivery transport name is the first
-field in the entry in the master.cf file. </p>
+field in the entry in the <a href="master.5.html">master.cf</a> file. </p>
<p> A low limit of 2 is recommended, just in case someone has an
expensive shell command in a .forward file or in an alias (e.g.,
<p> The maximal number of recipients per message delivery via the
local mail delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
-the entry in the master.cf file. </p>
+the entry in the <a href="master.5.html">master.cf</a> file. </p>
<p> Setting this parameter to a value > 1 changes the meaning of
<a href="postconf.5.html#local_destination_concurrency_limit">local_destination_concurrency_limit</a> from concurrency per recipient
<ul>
-<li>You redefine the local delivery agent in master.cf.
+<li>You redefine the local delivery agent in <a href="master.5.html">master.cf</a>.
-<li>You redefine the "<a href="postconf.5.html#local_transport">local_transport</a>" setting in main.cf.
+<li>You redefine the "<a href="postconf.5.html#local_transport">local_transport</a>" setting in <a href="postconf.5.html">main.cf</a>.
<li>You use the "<a href="postconf.5.html#luser_relay">luser_relay</a>", "<a href="postconf.5.html#mailbox_transport">mailbox_transport</a>", or "<a href="postconf.5.html#fallback_transport">fallback_transport</a>"
feature of the Postfix <a href="local.8.html">local(8)</a> delivery agent.
<p>
By default, local mail is delivered to the transport called "local",
-which is just the name of a service that is defined the master.cf file.
+which is just the name of a service that is defined the <a href="master.5.html">master.cf</a> file.
</p>
<p>
Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
-is the name of a mail delivery transport defined in master.cf.
+is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
The <i>:nexthop</i> part is optional. For more details see the
<a href="transport.5.html">transport(5)</a> manual page.
</p>
<p>
Note: if you use this feature for accounts not in the UNIX password
file, then you must specify "<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =" (i.e. empty)
-in the main.cf file, otherwise the Postfix SMTP server will reject mail
+in the <a href="postconf.5.html">main.cf</a> file, otherwise the Postfix SMTP server will reject mail
for non-UNIX accounts with "User unknown in local recipient table".
</p>
to a real user.
</p>
-<p>
-The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low is:
-aliases, .forward files, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>, <a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>,
-<a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a>
-and <a href="postconf.5.html#luser_relay">luser_relay</a>.
-</p>
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>. </p>
<p>
Examples:
for <a href="local.8.html">local(8)</a> mailbox delivery. Behavior is as with <a href="postconf.5.html#mailbox_command">mailbox_command</a>.
</p>
-<p>
-The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low is:
-aliases, .forward files, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>, <a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>,
-<a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a>
-and <a href="postconf.5.html#luser_relay">luser_relay</a>.
-</p>
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>. </p>
</DD>
whether or not they are found in the UNIX passwd database.
</p>
-<p>
-The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low is:
-aliases, .forward files, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>, <a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>,
-<a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a>
-and <a href="postconf.5.html#luser_relay">luser_relay</a>.
-</p>
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>. </p>
+
+
+</DD>
+
+<DT><b><a name="mailbox_transport_maps">mailbox_transport_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables with per-recipient message delivery
+transports to use for <a href="local.8.html">local(8)</a> mailbox delivery, whether or not the
+recipients are found in the UNIX passwd database. </p>
+
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
</DD>
<p> Enable or disable recipient validation, built-in content
filtering, or address mapping. Typically, these are specified in
-
master.cf as command-line arguments for the <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a> or
+
<a href="master.5.html">master.cf</a> as command-line arguments for the <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a> or
<a href="pickup.8.html">pickup(8)</a> daemons. </p>
<p> Specify zero or more of the following options. The options
-override
main.cf settings and are either implemented by <a href="smtpd.8.html">smtpd(8)</a>,
+override
<a href="postconf.5.html">main.cf</a> settings and are either implemented by <a href="smtpd.8.html">smtpd(8)</a>,
<a href="qmqpd.8.html">qmqpd(8)</a>, or <a href="pickup.8.html">pickup(8)</a> themselves, or they are forwarded to the
cleanup server. </p>
<p>
Note: when the "BEFORE content filter" <a href="postconf.5.html#receive_override_options">receive_override_options</a>
-setting is specified in the main.cf file, specify the "AFTER content
-filter" <a href="postconf.5.html#receive_override_options">receive_override_options</a> setting in master.cf (and vice
+setting is specified in the <a href="postconf.5.html">main.cf</a> file, specify the "AFTER content
+filter" <a href="postconf.5.html#receive_override_options">receive_override_options</a> setting in <a href="master.5.html">master.cf</a> (and vice
versa).
</p>
<p> The maximal number of parallel deliveries to the same destination
via the relay message delivery transport. This limit is enforced
by the queue manager. The message delivery transport name is the
-first field in the entry in the master.cf file. </p>
+first field in the entry in the <a href="master.5.html">master.cf</a> file. </p>
<p> This feature is available in Postfix 2.0 and later. </p>
<p> The maximal number of recipients per delivery via the relay
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
-the entry in the master.cf file. </p>
+the entry in the <a href="master.5.html">master.cf</a> file. </p>
<p> Setting this parameter to a value of 1 changes the meaning of
<a href="postconf.5.html#relay_destination_concurrency_limit">relay_destination_concurrency_limit</a> from concurrency per domain
<p>
Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
-is the name of a mail delivery transport defined in master.cf.
+is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
The <i>:nexthop</i> part is optional. For more details see the
<a href="transport.5.html">transport(5)</a> manual page.
</p>
</p>
<p>
-This can be specified in the main.cf file for all SMTP clients, or
-it can be specified in the master.cf file for a specific client,
+This can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP clients, or
+it can be specified in the <a href="master.5.html">master.cf</a> file for a specific client,
for example:
</p>
<pre>
- /etc/postfix/master.cf:
+ /etc/postfix/<a href="master.5.html">master.cf</a>:
smtp ... smtp -o <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a>=11.22.33.44
</pre>
<p> This feature is available in Postfix 2.2 and later. </p>
<p>
-This can be specified in the main.cf file for all SMTP clients, or
-it can be specified in the master.cf file for a specific client,
+This can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP clients, or
+it can be specified in the <a href="master.5.html">master.cf</a> file for a specific client,
for example:
</p>
<pre>
- /etc/postfix/master.cf:
+ /etc/postfix/<a href="master.5.html">master.cf</a>:
smtp ... smtp -o <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a>=1:2:3:4:5:6:7:8
</pre>
IP address),
<li> if mail is sent via a <a href="postconf.5.html#relayhost">relay host</a>: a <a href="postconf.5.html#relayhost">relay host</a> name (without
-[] or non-default TCP port), as specified in main.cf or in the
+[] or non-default TCP port), as specified in <a href="postconf.5.html">main.cf</a> or in the
transport map,
<li> if mail is sent via a UNIX-domain socket: a pathname (without
<p> The maximal number of parallel deliveries to the same destination
via the smtp message delivery transport. This limit is enforced by
the queue manager. The message delivery transport name is the first
-field in the entry in the master.cf file. </p>
+field in the entry in the <a href="master.5.html">master.cf</a> file. </p>
</DD>
<p> The maximal number of recipients per delivery via the smtp
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
-the entry in the master.cf file. </p>
+the entry in the <a href="master.5.html">master.cf</a> file. </p>
<p> Setting this parameter to a value of 1 changes the meaning of
<a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> from concurrency per domain
</ul>
-</DD>
-
-<DT><b><a name="smtp_dot_quit_workaround_threshold_time">smtp_dot_quit_workaround_threshold_time</a>
-(default: 3000s)</b></DT><DD>
-
-<p> How long a message must be queued before the "." + QUIT bug
-workaround is turned on for all deliveries; this limits the
-number of repeated deliveries with servers or firewalls that
-mis-implement END-OF-DATA + QUIT pipelining. </p>
-
-<p> When the workaround is turned on, the Postfix SMTP client will
-not send the QUIT command until it has received the server's
-END-OF-DATA reply. This workaround incurs a small performance loss
-with delivery to sites that correctly implement SMTP command
-pipelining. </p>
-
-<p> By default, the workaround is turned off for mail that is queued
-for less than 3000 seconds. In other words, the workaround is
-normally turned off for the first few delivery attempts of personal
-mail and of small mailing lists. </p>
-
-<p> Specify 0 to enable this workaround upon the first delivery
-attempt, and specify a large value such as $<a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a>
-to disable the workaround for practically all delivery attempts.
-</p>
-
-<p> Note: when the <a href="postconf.5.html#smtp_fallback_relay">smtp_fallback_relay</a> feature is used, there will
-be no second delivery attempt, and the workaround may have no effect.
-</p>
-
-<p> This feature is available in Postfix 2.3 and later. </p>
-
-
</DD>
<DT><b><a name="smtp_enforce_tls">smtp_enforce_tls</a>
</p>
<p>
-This information can be specified in the main.cf file for all SMTP
-clients, or it can be specified in the master.cf file for a specific
+This information can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP
+clients, or it can be specified in the <a href="master.5.html">master.cf</a> file for a specific
client, for example:
</p>
<pre>
- /etc/postfix/master.cf:
+ /etc/postfix/<a href="master.5.html">master.cf</a>:
mysmtp ... smtp -o <a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a>=foo.bar.com
</pre>
<p>
The default is to comply with <a href="http://www.faqs.org/rfcs/rfc821.html">RFC 821</a>. If you have to send mail to
-a broken SMTP server, configure a special SMTP client in master.cf:
+a broken SMTP server, configure a special SMTP client in <a href="master.5.html">master.cf</a>:
</p>
<pre>
- /etc/postfix/master.cf:
+ /etc/postfix/<a href="master.5.html">master.cf</a>:
broken-smtp . . . smtp -o <a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a>=no
</pre>
mail when used as:
<pre>
-/etc/postfix/main.cf:
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> =
sleep 1, <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a>
<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = no
instead of using the STARTTLS command. </p>
<p> If you want to support this service, enable a special port in
-
master.cf, and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" on the SMTP
+
<a href="master.5.html">master.cf</a>, and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" on the SMTP
server's command line. Port 465 (smtps) was once chosen for this
purpose. </p>
after a Postfix process has completed initialization. Errors during
process initialization will be logged with the default facility.
Examples are errors while parsing the command line arguments, and
-errors while accessing the Postfix main.cf configuration file.
+errors while accessing the Postfix <a href="postconf.5.html">main.cf</a> configuration file.
</p>
a Postfix process has completed initialization. Errors during
process initialization will be logged with the default name. Examples
are errors while parsing the command line arguments, and errors
-while accessing the Postfix main.cf configuration file.
+while accessing the Postfix <a href="postconf.5.html">main.cf</a> configuration file.
</p>
<p> The maximal number of parallel deliveries to the same destination
via the virtual message delivery transport. This limit is enforced
by the queue manager. The message delivery transport name is the
-first field in the entry in the master.cf file. </p>
+first field in the entry in the <a href="master.5.html">master.cf</a> file. </p>
</DD>
<p> The maximal number of recipients per delivery via the virtual
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
-the entry in the master.cf file. </p>
+the entry in the <a href="master.5.html">master.cf</a> file. </p>
<p> Setting this parameter to a value of 1 changes the meaning of
<a href="postconf.5.html#virtual_destination_concurrency_limit">virtual_destination_concurrency_limit</a> from concurrency per domain
<p>
Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
-is the name of a mail delivery transport defined in master.cf.
+is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
The <i>:nexthop</i> part is optional. For more details see the
<a href="transport.5.html">transport(5)</a> manual page.
</p>
document describes only those LMTP-related parameters that
aren't simply "ghost" parameters.
- Changes to <
b>main.cf</b> are picked up automatically, as <a href="smtp.8.html"><b>smtp</b>(8)</a>
+ Changes to <
a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as <a href="smtp.8.html"><b>smtp</b>(8)</a>
processes run for only a limited amount of time. Use the
command "<b>postfix reload</b>" to speed up a change.
Defer mail delivery when no MX record resolves to
an IP address.
- <b><a href="postconf.5.html#smtp_dot_quit_workaround_threshold_time">smtp_dot_quit_workaround_threshold_time</a> (3000s)</b>
- How long a message must be queued before the "." +
- QUIT bug workaround is turned on for all deliver-
- ies; this limits the number of repeated deliveries
- with servers or firewalls that mis-implement END-
- OF-DATA + QUIT pipelining.
-
<b><a href="postconf.5.html#smtp_line_length_limit">smtp_line_length_limit</a> (990)</b>
The maximal length of message header and body lines
that Postfix will send via SMTP.
condition.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
- master.cf configuration files.
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to
.SH fallback_transport (default: empty)
Optional message delivery transport that the \fBlocal\fR(8) delivery
agent should use for names that are not found in the \fBaliases\fR(5)
-database or in the UNIX passwd database.
+or UNIX password database.
+.PP
+The precedence of \fBlocal\fR(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay.
+.SH fallback_transport_maps (default: empty)
+Optional lookup tables with per-recipient message delivery
+transports for recipients that the \fBlocal\fR(8) delivery agent could
+not find in the \fBaliases\fR(5) or UNIX password database.
+.PP
+The precedence of \fBlocal\fR(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay.
+.PP
+This feature is available in Postfix 2.3 and later.
.SH fast_flush_domains (default: $relay_domains)
Optional list of destinations that are eligible for per-destination
logfiles with mail that is queued to those destinations.
.PP
Specify a pathname ending in "/" for qmail-style delivery.
.PP
-The precedence of \fBlocal\fR(8) delivery features from high to low is:
-aliases, .forward files, mailbox_transport, mailbox_command_maps,
-mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-and luser_relay.
+The precedence of \fBlocal\fR(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay.
.PP
Examples:
.PP
.IP \(bu
Use the lmtp_discard_lhlo_keyword_address_maps feature to
discard LHLO keywords selectively.
-.SH lmtp_dot_quit_workaround_threshold_time (default: 3000s)
-The LMTP-specific version of the smtp_dot_quit_workaround_threshold_time
-configuration parameter. See there for details.
.SH lmtp_enforce_tls (default: no)
The LMTP-specific version of the smtp_enforce_tls configuration
parameter. See there for details.
system-wide, you must set up an alias that forwards mail for root
to a real user.
.PP
-The precedence of \fBlocal\fR(8) delivery features from high to low is:
-aliases, .forward files, mailbox_transport, mailbox_command_maps,
-mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-and luser_relay.
+The precedence of \fBlocal\fR(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay.
.PP
Examples:
.PP
Optional lookup tables with per-recipient external commands to use
for \fBlocal\fR(8) mailbox delivery. Behavior is as with mailbox_command.
.PP
-The precedence of \fBlocal\fR(8) delivery features from high to low is:
-aliases, .forward files, mailbox_transport, mailbox_command_maps,
-mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-and luser_relay.
+The precedence of \fBlocal\fR(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay.
.SH mailbox_delivery_lock (default: see "postconf -d" output)
How to lock a UNIX-style \fBlocal\fR(8) mailbox before attempting delivery.
For a list of available file locking methods, use the "\fBpostconf
agent should use for mailbox delivery to all local recipients,
whether or not they are found in the UNIX passwd database.
.PP
-The precedence of \fBlocal\fR(8) delivery features from high to low is:
-aliases, .forward files, mailbox_transport, mailbox_command_maps,
-mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-and luser_relay.
+The precedence of \fBlocal\fR(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay.
+.SH mailbox_transport_maps (default: empty)
+Optional lookup tables with per-recipient message delivery
+transports to use for \fBlocal\fR(8) mailbox delivery, whether or not the
+recipients are found in the UNIX passwd database.
+.PP
+The precedence of \fBlocal\fR(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay.
+.PP
+This feature is available in Postfix 2.3 and later.
.SH mailq_path (default: see "postconf -d" output)
Sendmail compatibility feature that specifies where the Postfix
\fBmailq\fR(1) command is installed. This command can be used to
.IP \(bu
Use the smtp_discard_ehlo_keyword_address_maps feature to
discard EHLO keywords selectively.
-.SH smtp_dot_quit_workaround_threshold_time (default: 3000s)
-How long a message must be queued before the "." + QUIT bug
-workaround is turned on for all deliveries; this limits the
-number of repeated deliveries with servers or firewalls that
-mis-implement END-OF-DATA + QUIT pipelining.
-.PP
-When the workaround is turned on, the Postfix SMTP client will
-not send the QUIT command until it has received the server's
-END-OF-DATA reply. This workaround incurs a small performance loss
-with delivery to sites that correctly implement SMTP command
-pipelining.
-.PP
-By default, the workaround is turned off for mail that is queued
-for less than 3000 seconds. In other words, the workaround is
-normally turned off for the first few delivery attempts of personal
-mail and of small mailing lists.
-.PP
-Specify 0 to enable this workaround upon the first delivery
-attempt, and specify a large value such as $maximal_queue_lifetime
-to disable the workaround for practically all delivery attempts.
-.PP
-Note: when the smtp_fallback_relay feature is used, there will
-be no second delivery attempt, and the workaround may have no effect.
-.PP
-This feature is available in Postfix 2.3 and later.
.SH smtp_enforce_tls (default: no)
Enforcement mode: require that remote SMTP servers use TLS
encryption, and never send mail in the clear. This also requires
ending in \fB/\fR for \fBqmail\fR-compatible \fBmaildir\fR delivery.
Mailbox delivery can be delegated to an external command specified
-with the \fBmailbox_command\fR configuration parameter. The command
+with the \fBmailbox_command_maps\fR and \fBmailbox_command\fR
+configuration parameters. The command
executes with the privileges of the recipient user (exceptions:
secondary groups are not enabled; in case of delivery as root,
the command executes with the privileges of \fBdefault_privs\fR).
Mailbox delivery can be delegated to alternative message transports
specified in the \fBmaster.cf\fR file.
-The \fBmailbox_transport\fR configuration parameter specifies a
+The \fBmailbox_transport_maps\fR and \fBmailbox_transport\fR
+configuration parameters specify an optional
message transport that is to be used for all local recipients,
regardless of whether they are found in the UNIX passwd database.
-The \fBfallback_transport\fR parameter specifies a message transport
-for recipients that are not found in the UNIX passwd database.
+The \fBfallback_transport_maps\fR and
+\fBfallback_transport\fR parameters specify an optional
+message transport
+for recipients that are not found in the aliases(5) or UNIX
+passwd database.
In the case of UNIX-style mailbox delivery,
the \fBlocal\fR(8) daemon prepends a "\fBFrom \fIsender time_stamp\fR"
.ad
.fi
The precedence of \fBlocal\fR(8) delivery methods from high to low is:
-aliases, .forward files, mailbox_transport, mailbox_command_maps,
-mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-and luser_relay.
+aliases, .forward files, mailbox_transport_maps,
+mailbox_transport, mailbox_command_maps, mailbox_command,
+home_mailbox, mail_spool_directory, fallback_transport_maps,
+fallback_transport, and luser_relay.
.IP "\fBalias_maps (see 'postconf -d' output)\fR"
The alias databases that are used for \fBlocal\fR(8) delivery.
.IP "\fBforward_path (see 'postconf -d' output)\fR"
The \fBlocal\fR(8) delivery agent search list for finding a .forward
file with user-specified delivery methods.
+.IP "\fBmailbox_transport_maps (empty)\fR"
+Optional lookup tables with per-recipient message delivery
+transports to use for \fBlocal\fR(8) mailbox delivery, whether or not the
+recipients are found in the UNIX passwd database.
.IP "\fBmailbox_transport (empty)\fR"
Optional message delivery transport that the \fBlocal\fR(8) delivery
agent should use for mailbox delivery to all local recipients,
home directory.
.IP "\fBmail_spool_directory (see 'postconf -d' output)\fR"
The directory where \fBlocal\fR(8) UNIX-style mailboxes are kept.
+.IP "\fBfallback_transport_maps (empty)\fR"
+Optional lookup tables with per-recipient message delivery
+transports for recipients that the \fBlocal\fR(8) delivery agent could
+not find in the \fBaliases\fR(5) or UNIX password database.
.IP "\fBfallback_transport (empty)\fR"
Optional message delivery transport that the \fBlocal\fR(8) delivery
agent should use for names that are not found in the \fBaliases\fR(5)
-database or in the UNIX passwd database.
+or UNIX password database.
.IP "\fBluser_relay (empty)\fR"
Optional catch-all destination for unknown \fBlocal\fR(8) recipients.
.PP
Never send EHLO at the start of an SMTP session.
.IP "\fBsmtp_defer_if_no_mx_address_found (no)\fR"
Defer mail delivery when no MX record resolves to an IP address.
-.IP "\fBsmtp_dot_quit_workaround_threshold_time (3000s)\fR"
-How long a message must be queued before the "." + QUIT bug
-workaround is turned on for all deliveries; this limits the
-number of repeated deliveries with servers or firewalls that
-mis-implement END-OF-DATA + QUIT pipelining.
.IP "\fBsmtp_line_length_limit (990)\fR"
The maximal length of message header and body lines that Postfix
will send via SMTP.
s;\berror_service_name\b;<a href="postconf.5.html#error_service_name">$&</a>;g;
s;\bexpand_owner_alias\b;<a href="postconf.5.html#expand_owner_alias">$&</a>;g;
s;\bexport_environment\b;<a href="postconf.5.html#export_environment">$&</a>;g;
- s;\bfallback_relay\b;<a href="postconf.5.html#fallback_relay">$&</a>;g;
- s;\bfallback_transport\b;<a href="postconf.5.html#fallback_transport">$&</a>;g;
+ s;\bfall[-</bB>]*\n* *[<bB>]*back_relay\b;<a href="postconf.5.html#fallback_relay">$&</a>;g;
+ s;\bfall[-</bB>]*\n* *[<bB>]*back_transport\b;<a href="postconf.5.html#fallback_transport">$&</a>;g;
+ s;\bfall[-</bB>]*\n* *[<bB>]*back_transport_maps\b;<a href="postconf.5.html#fallback_transport_maps">$&</a>;g;
s;\bfast_flush_domains\b;<a href="postconf.5.html#fast_flush_domains">$&</a>;g;
s;\bfast_flush_purge_time\b;<a href="postconf.5.html#fast_flush_purge_time">$&</a>;g;
s;\bfast_flush_refresh_time\b;<a href="postconf.5.html#fast_flush_refresh_time">$&</a>;g;
s;\bmail_release_date\b;<a href="postconf.5.html#mail_release_date">$&</a>;g;
s;\bmail_spool_direc[-</bB>]*\n* *[<bB>]*tory\b;<a href="postconf.5.html#mail_spool_directory">$&</a>;g;
s;\bmail_version\b;<a href="postconf.5.html#mail_version">$&</a>;g;
- s;\bmail[-</bB>]*\n* *[<bB>]*box_command\b;<a href="postconf.5.html#mailbox_command">$&</a>;g;
- s;\bmail[-</bB>]*\n* *[<bB>]*box_command_maps\b;<a href="postconf.5.html#mailbox_command_maps">$&</a>;g;
+ s;\bmail[-</bB>]*\n* *[<bB>]*box_com
[-</bB>]*\n* *[<bB>]*mand\b;<a href="postconf.5.html#mailbox_command">$&</a>;g;
+ s;\bmail[-</bB>]*\n* *[<bB>]*box_com
[-</bB>]*\n* *[<bB>]*mand_maps\b;<a href="postconf.5.html#mailbox_command_maps">$&</a>;g;
s;\bmail[-</bB>]*\n* *[<bB>]*box_deliv[-</Bb>]*\n* *[<Bb>]*ery_lock\b;<a href="postconf.5.html#mailbox_delivery_lock">$&</a>;g;
s;\bmail[-</bB>]*\n* *[<bB>]*box_size_limit\b;<a href="postconf.5.html#mailbox_size_limit">$&</a>;g;
s;\bmail[-</bB>]*\n* *[<bB>]*box_transport\b;<a href="postconf.5.html#mailbox_transport">$&</a>;g;
+ s;\bmail[-</bB>]*\n* *[<bB>]*box_transport_maps\b;<a href="postconf.5.html#mailbox_transport_maps">$&</a>;g;
s;\bmailq_path\b;<a href="postconf.5.html#mailq_path">$&</a>;g;
s;\bmanpage_directory\b;<a href="postconf.5.html#manpage_directory">$&</a>;g;
s;\bmaps_rbl_domains\b;<a href="postconf.5.html#maps_rbl_domains">$&</a>;g;
s;\bsmtp_mx_session_limit\b;<a href="postconf.5.html#smtp_mx_session_limit">$&</a>;g;
s;\bsmtp_never_send_ehlo\b;<a href="postconf.5.html#smtp_never_send_ehlo">$&</a>;g;
s;\bsmtp_sender_depen[-</bB>]*\n*[ <bB>]*dent_authentication\b;<a href="postconf.5.html#smtp_sender_dependent_authentication">$&</a>;g;
- s;\bsmtp_dot_quit_workaround_threshold_time\b;<a href="postconf.5.html#smtp_dot_quit_workaround_threshold_time">$&</a>;g;
s;\bsmtp_pix_workaround_delay_time\b;<a href="postconf.5.html#smtp_pix_workaround_delay_time">$&</a>;g;
s;\bsmtp_pix_workaround_threshold_time\b;<a href="postconf.5.html#smtp_pix_workaround_threshold_time">$&</a>;g;
s;\bsmtp_quit_timeout\b;<a href="postconf.5.html#smtp_quit_timeout">$&</a>;g;
s/[<bB>]*body_checks[<\/bB>]*\(5\)/<a href="header_checks.5.html">$&<\/a>/g;
s/[<bB>]*header_checks[<\/bB>]*\(5\)/<a href="header_checks.5.html">$&<\/a>/g;
+ s/[<bB>]*main\.cf[<\/bB>]*/<a href="postconf.5.html">$&<\/a>/g;
+ s/[<bB>]*master\.cf[<\/bB>]*/<a href="master.5.html">$&<\/a>/g;
+
# Hyperlink README document names
s/\b([A-Z][A-Z0-9_]*)[-]*\n*[ ]*([A-Z0-9_]*_README)\b/<a href="$1$2.html">$&<\/a>/g;
5
6 # Localize these. The -G option does nothing before Postfix 2.3.
7 INSPECT_DIR=/var/spool/filter
- 8 SENDMAIL="/usr/sbin/sendmail -G -i"
+ 8 SENDMAIL="/usr/sbin/sendmail -G -i" # NEVER NEVER NEVER use "-t" here.
9
10 # Exit codes from <sysexits.h>
11 EX_TEMPFAIL=75
<li> <p> Line 8: The -i option says don't stop reading input when
a line contains "." only. </p>
+<li> <p> Line 8: NEVER NEVER NEVER use the "-t" command-line option
+here. It will mis-deliver mail, like sending mailing list mail back
+to the mailing list. </p>
+
<li> <p> Line 21: The idea is to first capture the message to
file and then run the content through a third-party content filter
program. </p>
much of it running at the same time. </p>
<li> <p> With "-o smtp_send_xforward_command=yes", the scan transport
-will try to forward the original client name and IP address to the
+will try to forward the original client name and IP address
+through the content filter to the
after-filter smtpd process, so that filtered mail is logged with
the real client name IP address. See smtp(8) and XFORWARD_README
for more information. </p>
Specify a pathname ending in "/" for qmail-style delivery.
</p>
-<p>
-The precedence of local(8) delivery features from high to low is:
-aliases, .forward files, mailbox_transport, mailbox_command_maps,
-mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-and luser_relay.
-</p>
+<p> The precedence of local(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay. </p>
<p>
Examples:
to a real user.
</p>
-<p>
-The precedence of local(8) delivery features from high to low is:
-aliases, .forward files, mailbox_transport, mailbox_command_maps,
-mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-and luser_relay.
-</p>
+<p> The precedence of local(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay. </p>
<p>
Examples:
<p>
Optional message delivery transport that the local(8) delivery
agent should use for names that are not found in the aliases(5)
-database or in the UNIX passwd database.
+or UNIX password database.
</p>
+
+<p> The precedence of local(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay. </p>
%PARAM fault_injection_code 0
for local(8) mailbox delivery. Behavior is as with mailbox_command.
</p>
-<p>
-The precedence of local(8) delivery features from high to low is:
-aliases, .forward files, mailbox_transport, mailbox_command_maps,
-mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-and luser_relay.
-</p>
+<p> The precedence of local(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay. </p>
%PARAM mailbox_delivery_lock see "postconf -d" output
whether or not they are found in the UNIX passwd database.
</p>
-<p>
-The precedence of local(8) delivery features from high to low is:
-aliases, .forward files, mailbox_transport, mailbox_command_maps,
-mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-and luser_relay.
-</p>
+<p> The precedence of local(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay. </p>
%PARAM mailq_path see "postconf -d" output
<p> This feature is available in Postfix 2.3 and later.
-%PARAM smtp_dot_quit_workaround_threshold_time 3000s
-
-<p> How long a message must be queued before the "." + QUIT bug
-workaround is turned on for all deliveries; this limits the
-number of repeated deliveries with servers or firewalls that
-mis-implement END-OF-DATA + QUIT pipelining. </p>
-
-<p> When the workaround is turned on, the Postfix SMTP client will
-not send the QUIT command until it has received the server's
-END-OF-DATA reply. This workaround incurs a small performance loss
-with delivery to sites that correctly implement SMTP command
-pipelining. </p>
-
-<p> By default, the workaround is turned off for mail that is queued
-for less than 3000 seconds. In other words, the workaround is
-normally turned off for the first few delivery attempts of personal
-mail and of small mailing lists. </p>
-
-<p> Specify 0 to enable this workaround upon the first delivery
-attempt, and specify a large value such as $maximal_queue_lifetime
-to disable the workaround for practically all delivery attempts.
-</p>
-
-<p> Note: when the smtp_fallback_relay feature is used, there will
-be no second delivery attempt, and the workaround may have no effect.
-</p>
+%PARAM mailbox_transport_maps
+<p> Optional lookup tables with per-recipient message delivery
+transports to use for local(8) mailbox delivery, whether or not the
+recipients are found in the UNIX passwd database. </p>
+
+<p> The precedence of local(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay. </p>
+
<p> This feature is available in Postfix 2.3 and later. </p>
-%PARAM lmtp_dot_quit_workaround_threshold_time 3000s
+%PARAM fallback_transport_maps
-<p> The LMTP-specific version of the smtp_dot_quit_workaround_threshold_time
-configuration parameter. See there for details. </p>
+<p> Optional lookup tables with per-recipient message delivery
+transports for recipients that the local(8) delivery agent could
+not find in the aliases(5) or UNIX password database. </p>
+
+<p> The precedence of local(8) delivery features from high to low
+is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
+mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
+fallback_transport_maps, fallback_transport and luser_relay. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
* Do not limit the number of client requests.
*/
var_use_limit = 0;
+
+ /*
+ * Don't exit before the sampling interval ends.
+ */
+ if (var_idle_limit < var_anvil_time_unit)
+ var_idle_limit = var_anvil_time_unit;
}
/* main - pass control to the multi-threaded skeleton */
#define DEF_MAILBOX_TRANSP ""
extern char *var_mailbox_transport;
+#define VAR_MBOX_TRANSP_MAPS "mailbox_transport_maps"
+#define DEF_MBOX_TRANSP_MAPS ""
+extern char *var_mbox_transp_maps;
+
#define VAR_FALLBACK_TRANSP "fallback_transport"
#define DEF_FALLBACK_TRANSP ""
extern char *var_fallback_transport;
+#define VAR_FBCK_TRANSP_MAPS "fallback_transport_maps"
+#define DEF_FBCK_TRANSP_MAPS ""
+extern char *var_fbck_transp_maps;
+
/*
* Local delivery: path to per-user forwarding file.
*/
#define DEF_LMTP_PIX_DELAY "10s"
extern int var_smtp_pix_delay;
-#define VAR_SMTP_DOTQ_THRESH "smtp_dot_quit_workaround_threshold"
-#define DEF_SMTP_DOTQ_THRESH "3000s"
-#define VAR_LMTP_DOTQ_THRESH "lmtp_dot_quit_workaround_threshold"
-#define DEF_LMTP_DOTQ_THRESH "3000s"
-extern int var_smtp_dotq_thresh;
-
#define VAR_SMTP_DEFER_MXADDR "smtp_defer_if_no_mx_address_found"
#define DEF_SMTP_DEFER_MXADDR 0
#define VAR_LMTP_DEFER_MXADDR "lmtp_defer_if_no_mx_address_found"
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20051229"
+#define MAIL_RELEASE_DATE "20060103"
#define MAIL_VERSION_NUMBER "2.3"
#ifdef SNAPSHOT
/* ending in \fB/\fR for \fBqmail\fR-compatible \fBmaildir\fR delivery.
/*
/* Mailbox delivery can be delegated to an external command specified
-/* with the \fBmailbox_command\fR configuration parameter. The command
+/* with the \fBmailbox_command_maps\fR and \fBmailbox_command\fR
+/* configuration parameters. The command
/* executes with the privileges of the recipient user (exceptions:
/* secondary groups are not enabled; in case of delivery as root,
/* the command executes with the privileges of \fBdefault_privs\fR).
/*
/* Mailbox delivery can be delegated to alternative message transports
/* specified in the \fBmaster.cf\fR file.
-/* The \fBmailbox_transport\fR configuration parameter specifies a
+/* The \fBmailbox_transport_maps\fR and \fBmailbox_transport\fR
+/* configuration parameters specify an optional
/* message transport that is to be used for all local recipients,
/* regardless of whether they are found in the UNIX passwd database.
-/* The \fBfallback_transport\fR parameter specifies a message transport
-/* for recipients that are not found in the UNIX passwd database.
+/* The \fBfallback_transport_maps\fR and
+/* \fBfallback_transport\fR parameters specify an optional
+/* message transport
+/* for recipients that are not found in the aliases(5) or UNIX
+/* passwd database.
/*
/* In the case of UNIX-style mailbox delivery,
/* the \fBlocal\fR(8) daemon prepends a "\fBFrom \fIsender time_stamp\fR"
/* .ad
/* .fi
/* The precedence of \fBlocal\fR(8) delivery methods from high to low is:
-/* aliases, .forward files, mailbox_transport, mailbox_command_maps,
-/* mailbox_command, home_mailbox, mail_spool_directory, fallback_transport
-/* and luser_relay.
+/* aliases, .forward files, mailbox_transport_maps,
+/* mailbox_transport, mailbox_command_maps, mailbox_command,
+/* home_mailbox, mail_spool_directory, fallback_transport_maps,
+/* fallback_transport, and luser_relay.
/* .IP "\fBalias_maps (see 'postconf -d' output)\fR"
/* The alias databases that are used for \fBlocal\fR(8) delivery.
/* .IP "\fBforward_path (see 'postconf -d' output)\fR"
/* The \fBlocal\fR(8) delivery agent search list for finding a .forward
/* file with user-specified delivery methods.
+/* .IP "\fBmailbox_transport_maps (empty)\fR"
+/* Optional lookup tables with per-recipient message delivery
+/* transports to use for \fBlocal\fR(8) mailbox delivery, whether or not the
+/* recipients are found in the UNIX passwd database.
/* .IP "\fBmailbox_transport (empty)\fR"
/* Optional message delivery transport that the \fBlocal\fR(8) delivery
/* agent should use for mailbox delivery to all local recipients,
/* home directory.
/* .IP "\fBmail_spool_directory (see 'postconf -d' output)\fR"
/* The directory where \fBlocal\fR(8) UNIX-style mailboxes are kept.
+/* .IP "\fBfallback_transport_maps (empty)\fR"
+/* Optional lookup tables with per-recipient message delivery
+/* transports for recipients that the \fBlocal\fR(8) delivery agent could
+/* not find in the \fBaliases\fR(5) or UNIX password database.
/* .IP "\fBfallback_transport (empty)\fR"
/* Optional message delivery transport that the \fBlocal\fR(8) delivery
/* agent should use for names that are not found in the \fBaliases\fR(5)
-/* database or in the UNIX passwd database.
+/* or UNIX password database.
/* .IP "\fBluser_relay (empty)\fR"
/* Optional catch-all destination for unknown \fBlocal\fR(8) recipients.
/* .PP
int var_biff;
char *var_mail_spool_dir;
char *var_mailbox_transport;
+char *var_mbox_transp_maps;
char *var_fallback_transport;
+char *var_fbck_transp_maps;
char *var_exec_directory;
char *var_exec_exp_filter;
char *var_forward_path;
VAR_LOCAL_CMD_SHELL, DEF_LOCAL_CMD_SHELL, &var_local_cmd_shell, 0, 0,
VAR_MAIL_SPOOL_DIR, DEF_MAIL_SPOOL_DIR, &var_mail_spool_dir, 0, 0,
VAR_MAILBOX_TRANSP, DEF_MAILBOX_TRANSP, &var_mailbox_transport, 0, 0,
+ VAR_MBOX_TRANSP_MAPS, DEF_MBOX_TRANSP_MAPS, &var_mbox_transp_maps, 0, 0,
VAR_FALLBACK_TRANSP, DEF_FALLBACK_TRANSP, &var_fallback_transport, 0, 0,
+ VAR_FBCK_TRANSP_MAPS, DEF_FBCK_TRANSP_MAPS, &var_fbck_transp_maps, 0, 0,
VAR_CMD_EXP_FILTER, DEF_CMD_EXP_FILTER, &var_cmd_exp_filter, 1, 0,
VAR_FWD_EXP_FILTER, DEF_FWD_EXP_FILTER, &var_fwd_exp_filter, 1, 0,
VAR_EXEC_EXP_FILTER, DEF_EXEC_EXP_FILTER, &var_exec_exp_filter, 1, 0,
VAR_PROP_EXTENSION, DEF_PROP_EXTENSION, &var_prop_extension, 0, 0,
VAR_DELIVER_HDR, DEF_DELIVER_HDR, &var_deliver_hdr, 0, 0,
VAR_MAILBOX_LOCK, DEF_MAILBOX_LOCK, &var_mailbox_lock, 1, 0,
+ VAR_MAILBOX_CMD_MAPS, DEF_MAILBOX_CMD_MAPS, &var_mailbox_cmd_maps, 0, 0,
0,
};
static CONFIG_BOOL_TABLE bool_table[] = {
VAR_EXEC_DIRECTORY, DEF_EXEC_DIRECTORY, &var_exec_directory, 0, 0,
VAR_FORWARD_PATH, DEF_FORWARD_PATH, &var_forward_path, 0, 0,
VAR_MAILBOX_COMMAND, DEF_MAILBOX_COMMAND, &var_mailbox_command, 0, 0,
- VAR_MAILBOX_CMD_MAPS, DEF_MAILBOX_CMD_MAPS, &var_mailbox_cmd_maps, 0, 0,
VAR_LUSER_RELAY, DEF_LUSER_RELAY, &var_luser_relay, 0, 0,
0,
};
int status;
struct mypasswd *mbox_pwd;
char *path;
+ static MAPS *transp_maps;
+ const char *map_transport;
static MAPS *cmd_maps;
const char *map_command;
/*
* Delegate mailbox delivery to another message transport.
*/
+ if (*var_mbox_transp_maps && transp_maps == 0)
+ transp_maps = maps_create(VAR_MBOX_TRANSP_MAPS, var_mbox_transp_maps,
+ DICT_FLAG_LOCK);
+ if (*var_mbox_transp_maps
+ && (map_transport = maps_find(transp_maps, state.msg_attr.user,
+ DICT_FLAG_FIXED)) != 0) {
+ state.msg_attr.rcpt.offset = -1L;
+ *statusp = deliver_pass(MAIL_CLASS_PRIVATE, map_transport,
+ state.request, &state.msg_attr.rcpt);
+ return (YES);
+ }
if (*var_mailbox_transport) {
state.msg_attr.rcpt.offset = -1L;
*statusp = deliver_pass(MAIL_CLASS_PRIVATE, var_mailbox_transport,
char *myname = "deliver_unknown";
int status;
VSTRING *expand_luser;
+ static MAPS *transp_maps;
+ const char *map_transport;
/*
* Make verbose logging easier to understand.
* The fall-back transport specifies a delivery machanism that handles
* users not found in the aliases or UNIX passwd databases.
*/
+ if (*var_fbck_transp_maps && transp_maps == 0)
+ transp_maps = maps_create(VAR_FBCK_TRANSP_MAPS, var_fbck_transp_maps,
+ DICT_FLAG_LOCK);
+ if (*var_fbck_transp_maps
+ && (map_transport = maps_find(transp_maps, state.msg_attr.user,
+ DICT_FLAG_FIXED)) != 0) {
+ return (deliver_pass(MAIL_CLASS_PRIVATE, map_transport,
+ state.request, &state.msg_attr.rcpt));
+ }
if (*var_fallback_transport) {
state.msg_attr.rcpt.offset = -1L;
return (deliver_pass(MAIL_CLASS_PRIVATE, var_fallback_transport,
* when idle for a configurable amount of time, or after servicing a
* configurable number of requests; the master process spawns new processes
* on demand up to a configurable concurrency limit and/or periodically.
+ *
+ * The canonical service name is what we use internally, so that we correctly
+ * handle a request to "reload" after someone changes "smtp" into "25".
+ *
+ * We use the external service name from master.cf when reporting problems, so
+ * that the user can figure out what we are talking about. Of course we also
+ * include the canonical service name so that the UNIX-domain smtp service
+ * can be distinguished from the Internet smtp service.
*/
typedef struct MASTER_SERV {
int flags; /* status, features, etc. */
- char *name; /* service endpoint name */
+ char *ext_name; /* service endpoint name (master.cf) */
+ char *name; /* service endpoint name (canonical) */
int type; /* UNIX-domain, INET, etc. */
+ time_t busy_warn_time; /* limit "all servers busy" warning */
int wakeup_time; /* wakeup interval */
int *listen_fd; /* incoming requests */
int listen_fd_count; /* nr of descriptors */
#define MASTER_FLAG_MARK (1<<1) /* garbage collection support */
#define MASTER_FLAG_CONDWAKE (1<<2) /* wake up if actually used */
#define MASTER_FLAG_INETHOST (1<<3) /* endpoint name specifies host */
+#define MASTER_FLAG_LOCAL_ONLY (1<<4) /* no remote clients */
#define MASTER_THROTTLED(f) ((f)->flags & MASTER_FLAG_THROTTLE)
void master_avail_listen(MASTER_SERV *serv)
{
char *myname = "master_avail_listen";
+ time_t now;
int n;
/*
if (msg_verbose)
msg_info("%s: avail %d total %d max %d", myname,
serv->avail_proc, serv->total_proc, serv->max_proc);
- if (serv->avail_proc < 1
- && MASTER_LIMIT_OK(serv->max_proc, serv->total_proc)
- && !MASTER_THROTTLED(serv)) {
- if (msg_verbose)
- msg_info("%s: enable events %s", myname, serv->name);
- for (n = 0; n < serv->listen_fd_count; n++)
- event_enable_read(serv->listen_fd[n], master_avail_event,
- (char *) serv);
+ if (serv->avail_proc < 1 && !MASTER_THROTTLED(serv)) {
+ if (MASTER_LIMIT_OK(serv->max_proc, serv->total_proc)) {
+ if (msg_verbose)
+ msg_info("%s: enable events %s", myname, serv->name);
+ for (n = 0; n < serv->listen_fd_count; n++)
+ event_enable_read(serv->listen_fd[n], master_avail_event,
+ (char *) serv);
+ } else if ((serv->flags & MASTER_FLAG_LOCAL_ONLY) == 0
+ && (now = event_time()) - serv->busy_warn_time > 1000) {
+ serv->busy_warn_time = now;
+ msg_warn("service \"%s\" (%s) has reached its process limit \"%d\": "
+ "new clients may experience noticeable delays",
+ serv->ext_name, serv->name, serv->max_proc);
+ msg_warn("to avoid this condition, increase the process count "
+ "in master.cf or reduce the service time per client");
+ }
}
}
serv->wakeup_time = entry->wakeup_time;
serv->max_proc = entry->max_proc;
serv->throttle_delay = entry->throttle_delay;
+ SWAP(char *, serv->ext_name, entry->ext_name);
SWAP(char *, serv->path, entry->path);
SWAP(ARGV *, serv->args, entry->args);
master_restart_service(serv);
#include <inet_addr_list.h>
#include <host_port.h>
#include <inet_addr_host.h>
+#include <sock_addr.h>
/* Global library. */
*/
serv->flags = 0;
+ /*
+ * All servers busy warning timer.
+ */
+ serv->busy_warn_time = 0;
+
/*
* Service name. Syntax is transport-specific.
*/
+ serv->ext_name = mystrdup(cp);
name = cp;
/*
if (STR_SAME(transport, MASTER_XPORT_NAME_INET)) {
if (!STR_SAME(saved_interfaces, var_inet_interfaces)) {
msg_warn("service %s: ignoring %s change",
- name, VAR_INET_INTERFACES);
+ serv->ext_name, VAR_INET_INTERFACES);
msg_warn("to change %s, stop and start Postfix",
VAR_INET_INTERFACES);
}
serv->listen_fd_count = MASTER_INET_ADDRLIST(serv)->used;
}
MASTER_INET_PORT(serv) = mystrdup(port);
+ for (n = 0; /* see below */ ; n++) {
+ if (n >= MASTER_INET_ADDRLIST(serv)->used) {
+ serv->flags |= MASTER_FLAG_LOCAL_ONLY;
+ break;
+ }
+ if (!sock_addr_in_loopback(SOCK_ADDR_PTR(MASTER_INET_ADDRLIST(serv)->addrs + n)))
+ break;
+ }
} else if (STR_SAME(transport, MASTER_XPORT_NAME_UNIX)) {
serv->type = MASTER_SERV_TYPE_UNIX;
serv->listen_fd_count = 1;
+ serv->flags |= MASTER_FLAG_LOCAL_ONLY;
} else if (STR_SAME(transport, MASTER_XPORT_NAME_FIFO)) {
serv->type = MASTER_SERV_TYPE_FIFO;
serv->listen_fd_count = 1;
+ serv->flags |= MASTER_FLAG_LOCAL_ONLY;
#ifdef MASTER_SERV_TYPE_PASS
} else if (STR_SAME(transport, MASTER_XPORT_NAME_PASS)) {
serv->type = MASTER_SERV_TYPE_PASS;
serv->listen_fd_count = 1;
+ /* If this is a connection screener, remote clients are likely. */
#endif
} else {
fatal_with_context("bad transport type: %s", transport);
if (private)
fatal_with_context("inet service cannot be private");
-#ifdef SNAPSHOT
+
+ /*
+ * Canonicalize endpoint names so that we correctly handle "reload"
+ * requests after someone changes "25" into "smtp" or vice versa.
+ */
if (*host == 0)
host = 0;
/* Canonicalize numeric host and numeric or symbolic service. */
}
/* Bad service name? */
else
-#endif
serv->name = mystrdup(name);
myfree(atmp);
} else if (serv->type == MASTER_SERV_TYPE_UNIX) {
}
if (serv->type == MASTER_SERV_TYPE_INET)
myfree(MASTER_INET_PORT(serv));
+ myfree(serv->ext_name);
myfree(serv->name);
myfree(serv->path);
argv_free(serv->args);
/* NOTREACHED */
default:
- msg_warn("service %s: child (pid %d) sent partial status update (%d bytes)",
- serv->name, stat.pid, n);
+ msg_warn("service %s(%s): child (pid %d) sent partial status update (%d bytes)",
+ serv->ext_name, serv->name, stat.pid, n);
return;
case sizeof(stat):
msg_panic("%s: unknown service type: %d", myname, serv->type);
}
if (status < 0)
- msg_warn("%s: service %s: %m", myname, serv->name);
+ msg_warn("%s: service %s(%s): %m",
+ myname, serv->ext_name, serv->name);
}
/*
VAR_LMTP_STARTTLS_TMOUT, DEF_LMTP_STARTTLS_TMOUT, &var_smtp_starttls_tmout, 1, 0,
#endif
VAR_SCACHE_PROTO_TMOUT, DEF_SCACHE_PROTO_TMOUT, &var_scache_proto_tmout, 1, 0,
- VAR_MIN_BACKOFF_TIME, DEF_MIN_BACKOFF_TIME, &var_min_backoff_time, 1, 0,
- VAR_MAX_BACKOFF_TIME, DEF_MAX_BACKOFF_TIME, &var_max_backoff_time, 1, 0,
- VAR_MAX_QUEUE_TIME, DEF_MAX_QUEUE_TIME, &var_max_queue_time, 0, 0,
- VAR_LMTP_DOTQ_THRESH, DEF_LMTP_DOTQ_THRESH, &var_smtp_dotq_thresh, 0, 0,
0,
};
static CONFIG_INT_TABLE lmtp_int_table[] = {
/* Never send EHLO at the start of an SMTP session.
/* .IP "\fBsmtp_defer_if_no_mx_address_found (no)\fR"
/* Defer mail delivery when no MX record resolves to an IP address.
-/* .IP "\fBsmtp_dot_quit_workaround_threshold_time (3000s)\fR"
-/* How long a message must be queued before the "." + QUIT bug
-/* workaround is turned on for all deliveries; this limits the
-/* number of repeated deliveries with servers or firewalls that
-/* mis-implement END-OF-DATA + QUIT pipelining.
/* .IP "\fBsmtp_line_length_limit (990)\fR"
/* The maximal length of message header and body lines that Postfix
/* will send via SMTP.
bool var_smtp_sender_auth;
char *var_lmtp_tcp_port;
int var_scache_proto_tmout;
-int var_smtp_dotq_thresh;
-
-/* Workaround for "smtp_dot_quit_workaround_threshold_time = $name". */
-int var_min_backoff_time;
-int var_max_backoff_time;
-int var_max_queue_time;
/*
* Global variables. smtp_errno is set by the address lookup routines and by
void smtp_chat_reset(SMTP_SESSION *session)
{
-
if (session->history) {
argv_free(session->history);
session->history = 0;
}
/*
- * XXX Do not ignore garbage when ESMTP command pipelining is turned
- * on. After sending ".<CR><LF>QUIT<CR><LF>", Postfix might recognize
- * the server's 2XX QUIT reply as a 2XX END-OF-DATA reply after
- * garbage, causing mail to be lost. Instead, make a long jump so
- * that all recipients of multi-recipient mail get consistent
- * treatment.
+ * XXX Do not simply ignore garbage in the server reply when ESMTP
+ * command pipelining is turned on. For example, after sending
+ * ".<CR><LF>QUIT<CR><LF>" and receiving garbage followed by a
+ * legitimate 2XX reply, Postfix recognizes the server's QUIT reply
+ * as the END-OF-DATA reply after garbage, causing mail to be lost.
+ *
+ * Without the ability to store per-domain status information in queue
+ * files, automatic workarounds are problematic:
+ *
+ * - Automatically deferring delivery creates a "repeated delivery"
+ * problem when garbage arrives after the DATA stage. Without the
+ * workaround, Postfix delivers only once.
+ *
+ * - Automatically deferring delivery creates a "no delivery" problem
+ * when the garbage arrives before the DATA stage. Without the
+ * workaround, mail might still get through.
+ *
+ * - Automatically turning off pipelining for delayed mail affects
+ * deliveries to correctly implemented servers, and may also affect
+ * delivery of large mailing lists.
+ *
+ * So we leave the decision with the administrator, but we don't force
+ * them to take action, like we would with automatic deferral. If
+ * loss of mail is not acceptable then they can turn off pipelining
+ * for specific sites, or they can turn off pipelining globally when
+ * they find that there are just too many broken sites.
*/
session->error_mask |= MAIL_ERROR_PROTOCOL;
if (session->features & SMTP_FEATURE_PIPELINING) {
- msg_warn("non-%s response from %s: %s",
- (session->state->misc_flags &
- SMTP_MISC_FLAG_USE_LMTP) ? "LMTP" : "ESMTP",
- session->namaddrport, STR(session->buffer));
- msg_warn("consider turning off pipelining selectively with %s",
+ msg_warn("non-%s response from %s: %.100s",
(session->state->misc_flags & SMTP_MISC_FLAG_USE_LMTP) ?
- VAR_LMTP_EHLO_DIS_WORDS : VAR_SMTP_EHLO_DIS_MAPS);
- vstream_longjmp(session->stream, SMTP_ERR_PROTO);
+ "LMTP" : "ESMTP", session->namaddrport,
+ STR(session->buffer));
+ if (var_helpful_warnings)
+ msg_warn("to prevent loss of mail, turn off command pipelining "
+ "for %s with the %s parameter", session->addr,
+ (session->state->misc_flags & SMTP_MISC_FLAG_USE_LMTP) ?
+ VAR_LMTP_EHLO_DIS_MAPS : VAR_SMTP_EHLO_DIS_MAPS);
}
}
VAR_SMTP_STARTTLS_TMOUT, DEF_SMTP_STARTTLS_TMOUT, &var_smtp_starttls_tmout, 1, 0,
#endif
VAR_SCACHE_PROTO_TMOUT, DEF_SCACHE_PROTO_TMOUT, &var_scache_proto_tmout, 1, 0,
- VAR_MIN_BACKOFF_TIME, DEF_MIN_BACKOFF_TIME, &var_min_backoff_time, 1, 0,
- VAR_MAX_BACKOFF_TIME, DEF_MAX_BACKOFF_TIME, &var_max_backoff_time, 1, 0,
- VAR_MAX_QUEUE_TIME, DEF_MAX_QUEUE_TIME, &var_max_queue_time, 0, 0,
- VAR_SMTP_DOTQ_THRESH, DEF_SMTP_DOTQ_THRESH, &var_smtp_dotq_thresh, 0, 0,
0,
};
static CONFIG_INT_TABLE smtp_int_table[] = {
(recv_state < send_state || recv_rcpt != send_rcpt)
#define SENDER_IN_WAIT_STATE \
- (send_state == SMTP_STATE_DOT || send_state == SMTP_STATE_LAST \
- || (recv_state == SMTP_STATE_DOT && send_state == SMTP_STATE_QUIT \
- && request->msg_stats.incoming_arrival.tv_sec \
- <= vstream_ftime(session->stream) - var_smtp_dotq_thresh))
+ (send_state == SMTP_STATE_DOT || send_state == SMTP_STATE_LAST)
#define SENDING_MAIL \
(recv_state <= SMTP_STATE_DOT)
projects / thirdparty / postfix.git / commitdiff
