-TPICKUP_INFO
-TPIPE_ATTR
-TPIPE_PARAMS
+-TPIPE_STATE
-TPLMYSQL
-TPLPGSQL
-TPOST_MAIL_STATE
and dict_mysql modules. These maps must be opened in
read-only mode.
+20030731
+
+ Bugfix: virtual(8) was changed to use mail_addr_find()
+ instead of virtual8_maps_find(), but the SMTP server's
+ virtual mailbox recipient validation was not updated.
+
20030804
Bugfix: the 20030712 safety against invalid DNS results
was broken. Reported by Ralf Hildebrandt. File:
dns/dns_lookup.c.
+20030805-12
+
+ Safety: the pipe daemon now defers delivery with a warning
+ when it is given a non-existent command-line macro name.
+ File: pipe/pipe.c.
+
+20030811
+
+ Cleanup: produce a warning when host:port specifies a badly
+ formatted numerical port. Files: util/find_inet.c,
+ smtp/smtp_connect.c, lmtp/lmtp_connect.c.
+
Open problems:
+ Doc: mention the proxy_interfaces parameter everywhere the
+ inet_interfaces and mydestination parameters are mentioned.
+
Low: smtp-source may block when sending large test messages.
Med: make qmgr recipient bounce/defer activity asynchronous
# and "TCP-BASED TABLES".
#
# TABLE FORMAT
-# The format of the access table is as follows:
+# The input format for the postmap(1) command is as follows:
#
# pattern action
# When pattern matches a mail address, domain or host
# address, perform the corresponding action.
#
# blank lines and comments
-# Empty lines and whitespace-only lines are ignored,
-# as are lines whose first non-whitespace character
+# Empty lines and whitespace-only lines are ignored,
+# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
-# A logical line starts with non-whitespace text. A
-# line that starts with whitespace continues a logi-
+# A logical line starts with non-whitespace text. A
+# line that starts with whitespace continues a logi-
# cal line.
#
# EMAIL ADDRESS PATTERNS
# With lookups from indexed files such as DB or DBM, or from
-# networked tables such as NIS, LDAP or SQL, the following
-# lookup patterns are examined in the order as listed:
+# networked tables such as NIS, LDAP or SQL, patterns are
+# tried in the order as listed below:
#
# user@domain
# Matches the specified mail address.
#
# domain.tld
-# Matches domain.tld as the domain part of an email
+# Matches domain.tld as the domain part of an email
# address.
#
# The pattern domain.tld also matches subdomains, but
# only when the string smtpd_access_maps is listed in
-# the Postfix parent_domain_matches_subdomains con-
+# the Postfix parent_domain_matches_subdomains con-
# figuration setting. Otherwise, specify .domain.tld
-# (note the initial dot) in order to match subdo-
+# (note the initial dot) in order to match subdo-
# mains.
#
-# user@ Matches all mail addresses with the specified user
+# user@ Matches all mail addresses with the specified user
# part.
#
-# Note: lookup of the null sender address is not possible
-# with some types of lookup table. By default, Postfix uses
-# <> as the lookup key for such addresses. The value is
-# specified with the smtpd_null_access_lookup_key parameter
+# Note: lookup of the null sender address is not possible
+# with some types of lookup table. By default, Postfix uses
+# <> as the lookup key for such addresses. The value is
+# specified with the smtpd_null_access_lookup_key parameter
# in the Postfix main.cf file.
#
# EMAIL ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
-# ient delimiter (e.g., user+foo@domain), the lookup order
-# becomes: user+foo@domain, user@domain, domain, user+foo@,
+# ient delimiter (e.g., user+foo@domain), the lookup order
+# becomes: user+foo@domain, user@domain, domain, user+foo@,
# and user@.
#
# HOST NAME/ADDRESS PATTERNS
# With lookups from indexed files such as DB or DBM, or from
-# networked tables such as NIS, LDAP or SQL, the following
+# networked tables such as NIS, LDAP or SQL, the following
# lookup patterns are examined in the order as listed:
#
# domain.tld
#
# The pattern domain.tld also matches subdomains, but
# only when the string smtpd_access_maps is listed in
-# the Postfix parent_domain_matches_subdomains con-
+# the Postfix parent_domain_matches_subdomains con-
# figuration setting. Otherwise, specify .domain.tld
-# (note the initial dot) in order to match subdo-
+# (note the initial dot) in order to match subdo-
# mains.
#
# net.work.addr.ess
#
# net.work
#
-# net Matches any host address in the specified network.
-# A network address is a sequence of one or more
+# net Matches any host address in the specified network.
+# A network address is a sequence of one or more
# octets separated by ".".
#
-# NOTE: use the cidr lookup table type to specify
+# NOTE: use the cidr lookup table type to specify
# network/netmask patterns. See cidr_table(5) for
# details.
#
# ACTIONS
# [45]NN text
-# Reject the address etc. that matches the pattern,
+# Reject the address etc. that matches the pattern,
# and respond with the numerical code and text.
#
-# REJECT
-#
# REJECT optional text...
-# Reject the address etc. that matches the pattern.
-# Reply with $reject_code optional text... when the
-# optional text is specified, otherwise reply with a
+# Reject the address etc. that matches the pattern.
+# Reply with $reject_code optional text... when the
+# optional text is specified, otherwise reply with a
# generic error response message.
#
-# DEFER_IF_REJECT
-#
# DEFER_IF_REJECT optional text...
-# Defer the request if some later restriction would
+# Defer the request if some later restriction would
# result in a REJECT action. Reply with "450 optional
# text... when the optional text is specified, other-
# wise reply with a generic error response message.
#
-# DEFER_IF_PERMIT
-#
# DEFER_IF_PERMIT optional text...
-# Defer the request if some later restriction would
+# Defer the request if some later restriction would
# result in a PERMIT action (there is an implied PER-
-# MIT at the end of each restriction list). Reply
-# with "450 optional text... when the optional text
-# is specified, otherwise reply with a generic error
+# MIT at the end of each restriction list). Reply
+# with "450 optional text... when the optional text
+# is specified, otherwise reply with a generic error
# response message.
#
# OK Accept the address etc. that matches the pattern.
#
# all-numerical
# An all-numerical result is treated as OK. This for-
-# mat is generated by address-based relay authoriza-
+# mat is generated by address-based relay authoriza-
# tion schemes.
#
-# DUNNO Pretend that the lookup key was not found in this
+# DUNNO Pretend that the lookup key was not found in this
# table. This prevents Postfix from trying substrings
-# of the lookup key (such as a subdomain name, or a
+# of the lookup key (such as a subdomain name, or a
# network address subnetwork).
#
-# HOLD
-#
# HOLD optional text...
-# Place the message on the hold queue, where it will
-# sit until someone either deletes it or releases it
-# for delivery. Log the optional text if specified,
+# Place the message on the hold queue, where it will
+# sit until someone either deletes it or releases it
+# for delivery. Log the optional text if specified,
# otherwise log a generic message.
#
-# Mail that is placed on hold can be examined with
-# the postcat(1) command, and can be destroyed or
+# Mail that is placed on hold can be examined with
+# the postcat(1) command, and can be destroyed or
# released with the postsuper(1) command.
#
-# Note: this action currently affects all recipients
+# Note: this action currently affects all recipients
# of the message.
#
-# DISCARD
-#
# DISCARD optional text...
-# Claim successful delivery and silently discard the
-# message. Log the optional text if specified, oth-
+# Claim successful delivery and silently discard the
+# message. Log the optional text if specified, oth-
# erwise log a generic message.
#
-# Note: this action currently affects all recipients
+# Note: this action currently affects all recipients
# of the message.
#
# FILTER transport:destination
-# After the message is queued, send the entire mes-
-# sage through a content filter. More information
+# After the message is queued, send the entire mes-
+# sage through a content filter. More information
# about content filters is in the Postfix FIL-
# TER_README file.
#
-# Note: this action overrides the main.cf con-
+# Note: this action overrides the main.cf con-
# tent_filter setting, and currently affects all
# recipients of the message.
#
# REDIRECT user@domain
-# After the message is queued, send the message to
+# After the message is queued, send the message to
# the specified address instead of the intended
# recipient(s).
#
-# Note: this action overrides the FILTER action, and
+# Note: this action overrides the FILTER action, and
# currently affects all recipients of the message.
#
# restriction...
# reject_unauth_destination, and so on).
#
# REGULAR EXPRESSION TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
-# a description of regular expression lookup table syntax,
+# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
-# Each pattern is a regular expression that is applied to
+# Each pattern is a regular expression that is applied to
# the entire string being looked up. Depending on the appli-
-# cation, that string is an entire client hostname, an
+# cation, that string is an entire client hostname, an
# entire client IP address, or an entire mail address. Thus,
# no parent domain or parent network search is done,
-# user@domain mail addresses are not broken up into their
+# user@domain mail addresses are not broken up into their
# user@ and domain constituent parts, nor is user+foo broken
# up into user and foo.
#
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the
+# table, until a pattern is found that matches the search
# string.
#
-# Actions are the same as with indexed file lookups, with
-# the additional feature that parenthesized substrings from
+# Actions are the same as with indexed file lookups, with
+# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
-# tion of the TCP client/server lookup protocol, see
+# tion of the TCP client/server lookup protocol, see
# tcp_table(5).
#
-# Each lookup operation uses the entire query string once.
-# Depending on the application, that string is an entire
+# Each lookup operation uses the entire query string once.
+# Depending on the application, that string is an entire
# client hostname, an entire client IP address, or an entire
-# mail address. Thus, no parent domain or parent network
-# search is done, user@domain mail addresses are not broken
-# up into their user@ and domain constituent parts, nor is
+# mail address. Thus, no parent domain or parent network
+# search is done, user@domain mail addresses are not broken
+# up into their user@ and domain constituent parts, nor is
# user+foo broken up into user and foo.
#
# Actions are the same as with indexed file lookups.
#
# BUGS
-# The table format does not understand quoting conventions.
+# The table format does not understand quoting conventions.
#
# SEE ALSO
# postmap(1) create lookup table
# tcp_table(5) TCP client/server table lookup protocol
#
# LICENSE
-# The Secure Mailer license must be distributed with this
+# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
# aliasing. Use the aliases(5) map for that purpose.
#
# TABLE FORMAT
-# The format of the canonical table is as follows:
+# The input format for the postmap(1) command is as follows:
#
# pattern result
-# When pattern matches a mail address, replace it by
+# When pattern matches a mail address, replace it by
# the corresponding result.
#
# blank lines and comments
-# Empty lines and whitespace-only lines are ignored,
-# as are lines whose first non-whitespace character
+# Empty lines and whitespace-only lines are ignored,
+# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
-# A logical line starts with non-whitespace text. A
-# line that starts with whitespace continues a logi-
+# A logical line starts with non-whitespace text. A
+# line that starts with whitespace continues a logi-
# cal line.
#
# With lookups from indexed files such as DB or DBM, or from
-# networked tables such as NIS, LDAP or SQL, patterns are
+# networked tables such as NIS, LDAP or SQL, patterns are
# tried in the order as listed below:
#
# user@domain address
-# user@domain is replaced by address. This form has
+# user@domain is replaced by address. This form has
# the highest precedence.
#
-# This is useful to clean up addresses produced by
-# legacy mail systems. It can also be used to pro-
-# duce Firstname.Lastname style addresses, but see
+# This is useful to clean up addresses produced by
+# legacy mail systems. It can also be used to pro-
+# duce Firstname.Lastname style addresses, but see
# below for a simpler solution.
#
# user address
# user@site is replaced by address when site is equal
-# to $myorigin, when site is listed in $mydestina-
+# to $myorigin, when site is listed in $mydestina-
# tion, or when it is listed in $inet_interfaces.
#
-# This form is useful for replacing login names by
+# This form is useful for replacing login names by
# Firstname.Lastname.
#
# @domain address
-# Every address in domain is replaced by address.
+# Every address in domain is replaced by address.
# This form has the lowest precedence.
#
-# In all the above forms, when address has the form @other-
+# In all the above forms, when address has the form @other-
# domain, the result is the same user in otherdomain.
#
# ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
-# ient delimiter (e.g., user+foo@domain), the lookup order
+# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, user+foo, user, and
-# @domain. An unmatched address extension (+foo) is propa-
+# @domain. An unmatched address extension (+foo) is propa-
# gated to the result of table lookup.
#
# REGULAR EXPRESSION TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
-# a description of regular expression lookup table syntax,
+# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
-# Each pattern is a regular expression that is applied to
+# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, user@domain mail
-# addresses are not broken up into their user and @domain
+# addresses are not broken up into their user and @domain
# constituent parts, nor is user+foo broken up into user and
# foo.
#
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the
+# table, until a pattern is found that matches the search
# string.
#
-# Results are the same as with indexed file lookups, with
-# the additional feature that parenthesized substrings from
+# Results are the same as with indexed file lookups, with
+# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
-# tion of the TCP client/server lookup protocol, see
+# tion of the TCP client/server lookup protocol, see
# tcp_table(5).
#
# Each lookup operation uses the entire address once. Thus,
-# user@domain mail addresses are not broken up into their
+# user@domain mail addresses are not broken up into their
# user and @domain constituent parts, nor is user+foo broken
# up into user and foo.
#
# Results are the same as with indexed file lookups.
#
# BUGS
-# The table format does not understand quoting conventions.
+# The table format does not understand quoting conventions.
#
# CONFIGURATION PARAMETERS
-# The following main.cf parameters are especially relevant
-# to this topic. See the Postfix main.cf file for syntax
-# details and for default values. Use the postfix reload
+# The following main.cf parameters are especially relevant
+# to this topic. See the Postfix main.cf file for syntax
+# details and for default values. Use the postfix reload
# command after a configuration change.
#
# canonical_maps
# Other parameters of interest:
#
# inet_interfaces
-# The network interface addresses that this system
+# The network interface addresses that this system
# receives mail on. You need to stop and start Post-
# fix when this parameter changes.
#
# masquerade_classes
-# List of address classes subject to masquerading:
-# zero or more of envelope_sender, envelope_recipi-
+# List of address classes subject to masquerading:
+# zero or more of envelope_sender, envelope_recipi-
# ent, header_sender, header_recipient.
#
# masquerade_domains
-# List of domains that hide their subdomain struc-
+# List of domains that hide their subdomain struc-
# ture.
#
# masquerade_exceptions
-# List of user names that are not subject to address
+# List of user names that are not subject to address
# masquerading.
#
# mydestination
-# List of domains that this mail system considers
+# List of domains that this mail system considers
# local.
#
# myorigin
# tcp_table(5) TCP client/server table lookup protocol
#
# LICENSE
-# The Secure Mailer license must be distributed with this
+# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
# Global Postfix configuration file. This file lists only a subset
-# of all 250+ parameters. See the sample-xxx.cf files for a full list.
+# of all 300+ parameters. See the sample-xxx.cf files for a full list.
#
# The general format is lines with parameter = value pairs. Lines
# that begin with whitespace continue the previous line. A value can
#
# A Postfix process will pause for $in_flow_delay seconds before
# accepting a new message, when the message arrival rate exceeds the
-# message delivery rate. With the default 50 SMTP server process
-# limit, this limits the mail inflow to 50 messages a second more
+# message delivery rate. With the default 100 SMTP server process
+# limit, this limits the mail inflow to 100 messages a second more
# than the number of messages delivered per second.
#
# Specify 0 to disable the feature. Valid delays are 0..10.
#
# if !/pattern/flags
#
-# endif Examine the lines between if..endif only if pattern
-# matches (does not match). The if..endif can nest.
-# Do not prepend whitespace to patterns inside
+# endif Match the search string against the patterns
+# between if and endif, if and only if the search
+# string matches (does not match) pattern. The
+# if..endif can nest.
+#
+# Note: do not prepend whitespace to patterns inside
# if..endif.
#
# Each pattern is a perl-like regular expression. The
-# expression delimiter can be any character, except whites-
-# pace or characters that have special meaning (tradition-
-# ally the forward slash is used). The regular expression
+# expression delimiter can be any character, except whites-
+# pace or characters that have special meaning (tradition-
+# ally the forward slash is used). The regular expression
# can contain whitespace.
#
# By default, matching is case-insensitive, and newlines are
-# not treated as special characters. The behavior is con-
-# trolled by flags, which are toggled by appending one or
+# not treated as special characters. The behavior is con-
+# trolled by flags, which are toggled by appending one or
# more of the following characters after the pattern:
#
# i (default: on)
-# Toggles the case sensitivity flag. By default,
+# Toggles the case sensitivity flag. By default,
# matching is case insensitive.
#
# m (default: off)
-# Toggles the PCRE_MULTILINE flag. When this flag is
-# on, the ^ and $ metacharacters match immediately
-# after and immediately before a newline character,
-# respectively, in addition to matching at the start
+# Toggles the PCRE_MULTILINE flag. When this flag is
+# on, the ^ and $ metacharacters match immediately
+# after and immediately before a newline character,
+# respectively, in addition to matching at the start
# and end of the subject string.
#
# s (default: on)
# Toggles the PCRE_DOTALL flag. When this flag is on,
# the . metacharacter matches the newline character.
-# With Postfix versions prior to 20020528, The flag
+# With Postfix versions prior to 20020528, The flag
# is off by default, which is inconvenient for multi-
# line message header matching.
#
# x (default: off)
-# Toggles the pcre extended flag. When this flag is
-# on, whitespace in the pattern (other than in a
+# Toggles the pcre extended flag. When this flag is
+# on, whitespace in the pattern (other than in a
# character class) and characters between a # outside
-# a character class and the next newline character
-# are ignored. An escaping backslash can be used to
-# include a whitespace or # character as part of the
+# a character class and the next newline character
+# are ignored. An escaping backslash can be used to
+# include a whitespace or # character as part of the
# pattern.
#
# A (default: off)
-# Toggles the PCRE_ANCHORED flag. When this flag is
-# on, the pattern is forced to be "anchored", that
+# Toggles the PCRE_ANCHORED flag. When this flag is
+# on, the pattern is forced to be "anchored", that
# is, it is constrained to match only at the start of
-# the string which is being searched (the "subject
-# string"). This effect can also be achieved by
+# the string which is being searched (the "subject
+# string"). This effect can also be achieved by
# appropriate constructs in the pattern itself.
#
# E (default: off)
-# Toggles the PCRE_DOLLAR_ENDONLY flag. When this
-# flag is on, a $ metacharacter in the pattern
-# matches only at the end of the subject string.
-# Without this flag, a dollar also matches immedi-
+# Toggles the PCRE_DOLLAR_ENDONLY flag. When this
+# flag is on, a $ metacharacter in the pattern
+# matches only at the end of the subject string.
+# Without this flag, a dollar also matches immedi-
# ately before the final character if it is a newline
# character (but not before any other newline charac-
-# ters). This flag is ignored if PCRE_MULTILINE flag
+# ters). This flag is ignored if PCRE_MULTILINE flag
# is set.
#
# U (default: off)
# Toggles the ungreedy matching flag. When this flag
-# is on, the pattern matching engine inverts the
-# "greediness" of the quantifiers so that they are
-# not greedy by default, but become greedy if fol-
-# lowed by "?". This flag can also set by a (?U)
+# is on, the pattern matching engine inverts the
+# "greediness" of the quantifiers so that they are
+# not greedy by default, but become greedy if fol-
+# lowed by "?". This flag can also set by a (?U)
# modifier within the pattern.
#
# X (default: off)
# Toggles the PCRE_EXTRA flag. When this flag is on,
-# any backslash in a pattern that is followed by a
+# any backslash in a pattern that is followed by a
# letter that has no special meaning causes an error,
# thus reserving these combinations for future expan-
# sion.
#
# SEARCH ORDER
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the
+# table, until a pattern is found that matches the search
# string.
#
-# Each pattern is applied to the entire lookup key string.
-# Depending on the application, that string is an entire
+# Each pattern is applied to the entire lookup key string.
+# Depending on the application, that string is an entire
# client hostname, an entire client IP address, or an entire
-# mail address. Thus, no parent domain or parent network
-# search is done, and user@domain mail addresses are not
-# broken up into their user and domain constituent parts,
+# mail address. Thus, no parent domain or parent network
+# search is done, and user@domain mail addresses are not
+# broken up into their user and domain constituent parts,
# nor is user+foo broken up into user and foo.
#
# TEXT SUBSTITUTION
-# Substitution of substrings from the matched expression
-# into the result string is possible using the conventional
-# perl syntax ($1, $2, etc.). The macros in the result
-# string may need to be written as ${n} or $(n) if they
+# Substitution of substrings from the matched expression
+# into the result string is possible using the conventional
+# perl syntax ($1, $2, etc.). The macros in the result
+# string may need to be written as ${n} or $(n) if they
# aren't followed by whitespace.
#
-# Note: since negated patterns (those preceded by !) return
+# Note: since negated patterns (those preceded by !) return
# a result when the expression does not match, substitutions
# are not available for negated patterns.
#
#
# if !/pattern/flags
#
-# endif Examine the lines between if..endif only if pattern
-# matches (does not match). The if..endif can nest.
-# Do not prepend whitespace to patterns inside
+# endif Match the search string against the patterns
+# between if and endif, if and only if the search
+# string matches (does not match) pattern. The
+# if..endif can nest.
+#
+# Note: do not prepend whitespace to patterns inside
# if..endif.
#
# Each pattern is a regular expression enclosed by a pair of
# delimiters. The regular expression syntax is described in
# re_format(7). The expression delimiter can be any charac-
-# ter, except whitespace or characters that have special
-# meaning (traditionally the forward slash is used). The
+# ter, except whitespace or characters that have special
+# meaning (traditionally the forward slash is used). The
# regular expression can contain whitespace.
#
# By default, matching is case-insensitive, although follow-
-# ing the second slash with an `i' flag will reverse this.
-# Other flags are `x' (disable extended expression syntax),
-# and `m' (enable multi-line mode, that is, treat newline
+# ing the second slash with an `i' flag will reverse this.
+# Other flags are `x' (disable extended expression syntax),
+# and `m' (enable multi-line mode, that is, treat newline
# characters as special).
#
# TABLE SEARCH ORDER
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the
+# table, until a pattern is found that matches the search
# string.
#
-# Each pattern is applied to the entire lookup key string.
-# Depending on the application, that string is an entire
+# Each pattern is applied to the entire lookup key string.
+# Depending on the application, that string is an entire
# client hostname, an entire client IP address, or an entire
-# mail address. Thus, no parent domain or parent network
-# search is done, and user@domain mail addresses are not
-# broken up into their user and domain constituent parts,
+# mail address. Thus, no parent domain or parent network
+# search is done, and user@domain mail addresses are not
+# broken up into their user and domain constituent parts,
# nor is user+foo broken up into user and foo.
#
# TEXT SUBSTITUTION
-# Substitution of substrings from the matched expression
+# Substitution of substrings from the matched expression
# into the result string is possible using $1, $2, etc.. The
# macros in the result string may need to be written as ${n}
# or $(n) if they aren't followed by whitespace.
#
-# Note: since negated patterns (those preceded by !) return
+# Note: since negated patterns (those preceded by !) return
# a result when the expression does not match, substitutions
# are not available for negated patterns.
#
# Table lookups are case insensitive.
#
# TABLE FORMAT
-# The format of the table is as follows:
+# The input format for the postmap(1) command is as follows:
#
# o An entry has one of the following form:
-# key new_location
-# Where new_location specifies contact information
-# such as an email address, or perhaps a street
+# pattern new_location
+# Where new_location specifies contact information
+# such as an email address, or perhaps a street
# address or telephone number.
#
-# o Empty lines and whitespace-only lines are ignored,
-# as are lines whose first non-whitespace character
+# o Empty lines and whitespace-only lines are ignored,
+# as are lines whose first non-whitespace character
# is a `#'.
#
-# o A logical line starts with non-whitespace text. A
-# line that starts with whitespace continues a logi-
+# o A logical line starts with non-whitespace text. A
+# line that starts with whitespace continues a logi-
# cal line.
#
# With lookups from indexed files such as DB or DBM, or from
-# networked tables such as NIS, LDAP or SQL, the key field
-# is one of the following:
+# networked tables such as NIS, LDAP or SQL, patterns are
+# tried in the order as listed below:
#
# user@domain
-# Matches user@domain. This form has precedence over
+# Matches user@domain. This form has precedence over
# all other forms.
#
# user Matches user@site when site is $myorigin, when site
# in $inet_interfaces.
#
# @domain
-# Matches every address in domain. This form has the
+# Matches every address in domain. This form has the
# lowest precedence.
#
# ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
-# ient delimiter (e.g., user+foo@domain), the lookup order
+# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, user+foo, user, and
# @domain.
#
# REGULAR EXPRESSION TABLES
-# This section describes how the table lookups change when
-# the table is given in the form of regular expressions or
-# when lookups are directed to a TCP-based server. For a
+# This section describes how the table lookups change when
+# the table is given in the form of regular expressions or
+# when lookups are directed to a TCP-based server. For a
# description of regular expression lookup table syntax, see
# regexp_table(5) or pcre_table(5). For a description of the
# TCP client/server table lookup protocol, see tcp_table(5).
#
-# Each pattern is a regular expression that is applied to
+# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, user@domain mail
-# addresses are not broken up into their user and @domain
+# addresses are not broken up into their user and @domain
# constituent parts, nor is user+foo broken up into user and
# foo.
#
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the
+# table, until a pattern is found that matches the search
# string.
#
-# Results are the same as with indexed file lookups, with
-# the additional feature that parenthesized substrings from
+# Results are the same as with indexed file lookups, with
+# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
-# tion of the TCP client/server lookup protocol, see
+# tion of the TCP client/server lookup protocol, see
# tcp_table(5).
#
# Each lookup operation uses the entire address once. Thus,
-# user@domain mail addresses are not broken up into their
+# user@domain mail addresses are not broken up into their
# user and @domain constituent parts, nor is user+foo broken
# up into user and foo.
#
# Results are the same as with indexed file lookups.
#
# BUGS
-# The table format does not understand quoting conventions.
+# The table format does not understand quoting conventions.
#
# CONFIGURATION PARAMETERS
-# The following main.cf parameters are especially relevant
-# to this topic. See the Postfix main.cf file for syntax
-# details and for default values. Use the postfix reload
+# The following main.cf parameters are especially relevant
+# to this topic. See the Postfix main.cf file for syntax
+# details and for default values. Use the postfix reload
# command after a configuration change.
#
# relocated_maps
# Other parameters of interest:
#
# inet_interfaces
-# The network interface addresses that this system
+# The network interface addresses that this system
# receives mail on. You need to stop and start Post-
# fix when this parameter changes.
#
# mydestination
-# List of domains that this mail system considers
+# List of domains that this mail system considers
# local.
#
# myorigin
# tcp_table(5) TCP client/server table lookup protocol
#
# LICENSE
-# The Secure Mailer license must be distributed with this
+# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
# REJECT [optional text...]
# Reject the entire message. The optional text is sent to the
# originator and is logged to the maillog file.
+# OK Skip all further header patterns for this header line.
# IGNORE Silently discard the header line.
# WARN [optional text...]
# Log the message header and the optional text. This is useful
-# for testing. When the pattern is OK, change the WARN into a
+# for testing. When the pattern is good, change the WARN into a
# REJECT or into a DISCARD.
# HOLD [optional text...]
# Place the message on the hold queue. Mail on hold can be
# REJECT [optional text...]
# Reject the entire message. The optional text is sent to the
# originator and is logged to the maillog file.
+# OK Skip all further header patterns for this header line.
# IGNORE Silently discard the body line
# WARN [optional text...]
# Log the body line and the optional text. This is useful
-# for testing. When the pattern is OK, change the WARN into a
+# for testing. When the pattern is good, change the WARN into a
# REJECT or into a DISCARD.
# HOLD [optional text...]
# Place the message on the hold queue. Mail on hold can be
# When a pattern matches, what happens next depends on the associated
# action that is specified in the right-hand side of the table:
#
-# REJECT the entire message is rejected.
-# REJECT text.... The text is sent to the originator.
-# IGNORE the header line is silently discarded.
-# WARN the header is logged (not rejected) with a warning message.
-# WARN text... as above, and the text is logged, too.
+# REJECT [optional text...]
+# Reject the entire message. The optional text is sent to the
+# originator and is logged to the maillog file.
+# OK Skip all further header patterns for this header line.
+# IGNORE Silently discard the body line
+# WARN [optional text...]
+# Log the body line and the optional text. This is useful
+# for testing. When the pattern is good, change the WARN into a
+# REJECT or into a DISCARD.
+# HOLD [optional text...]
+# Place the message on the hold queue. Mail on hold can be
+# inspected with the postcat command, and can be destroyed or
+# taken off hold (i.e. delivered) with the postsuper command.
+# The matched body line is logged with the optional text.
+# DISCARD [optional text...]
+# Claim successful delivery and silently discard the message.
+# The matched body line is logged with the optional text.
# FILTER transport:nexthop
# after the message is queued, the message is sent through
# a content filter. This requires different cleanup servers
# off in the second cleanup server. More info about content
# filtering is in the Postfix FILTER_README file. This feature
# overrides the main.cf content_filter setting.
+# REDIRECT user@domain
+# Send the message to the specified address instead of the
+# intended recipient(s). This feature overrides the FILTER action.
#
# By default, the same patterns are applied as for header_checks.
#
# the forward slash is used). The regular expression can contain
# whitespace.
#
+# When the regular expression is prefixed by `!', the pattern
+# succeeds when it does not match.
+#
# By default, matching is case-INsensitive, although following
# the second slash with an 'i' will reverse this. Other flags are
# supported, but the only other useful one is 'U', which makes
# A block of table entries may be "enclosed" by a line with
# `if /pattern/flags' and a line with `endif'. This causes
# the block of table entries to be examined only when the
-# pattern produces a successful match. The `if..endif' may
+# search string matches the pattern. The `if..endif' may
# be nested. There currently is no `else' operator.
#
# The second field is the "replacement" string - the text
# the forward slash is used). The regular expression can contain
# whitespace.
#
+# When the regular expression is prefixed by `!', the pattern
+# succeeds when it does not match.
+#
# By default, matching is case-INsensitive, although following
# the second slash with an 'i' will reverse this. Other flags are
# supported, but the only other useful one is 'U', which makes
# A block of table entries may be "enclosed" by a line with
# `if /pattern/flags' and a line with `endif'. This causes
# the block of table entries to be examined only when the
-# pattern produces a successful match. The `if..endif' may
+# search string matches the pattern. The `if..endif' may
# be nested. There currently is no `else' operator.
#
# The second field is the "replacement" string - the text
# REJECT [optional text...]
# Reject the entire message. The optional text is sent to
# the originator and is logged to the maillog file.
+# OK Skip all further body patterns for this body line.
# IGNORE Silently discard the body line.
# WARN [optional text...]
# Log the body line and the optional text. This is
-# useful for testing. When the pattern is OK, change the
+# useful for testing. When the pattern is good, change the
# WARN into a REJECT or into a DISCARD.
# HOLD [optional text...]
# Place the message on the hold queue. Mail on hold can
# the forward slash is used). The regular expression can contain
# whitespace.
#
+# When the regular expression is prefixed by `!', the pattern
+# succeeds when it does not match.
+#
# By default, matching is case-INsensitive, although following
# the second slash with an 'i' will reverse this. Other flags are
# supported, but the only other useful one is 'U', which makes
# A block of table entries may be "enclosed" by a line with
# `if /pattern/flags' and a line with `endif'. This causes
# the block of table entries to be examined only when the
-# pattern produces a successful match. The `if..endif' may
+# search string matches the pattern. The `if..endif' may
# be nested. There currently is no `else' operator.
#
# The second field is the "replacement" string - the text
# REJECT [optional text...]
# Reject the entire message. The optional text is sent to
# the originator and is logged to the maillog file.
+# OK Skip all further header patterns for this header line.
# IGNORE Silently ignore the message header.
# WARN [optional text...]
# Log the message header and the optional text. This is
-# useful for testing. When the pattern is OK, change the
+# useful for testing. When the pattern is good, change the
# WARN into a REJECT or into a DISCARD.
# HOLD [optional text...]
# Place the message on the hold queue. Mail on hold can
#
# A block of table entries may be "enclosed" by a line with `if
# /pattern/flags' or `if !/pattern/flags' and a line with `endif'.
-# This causes the block of table entries to be examined only when
-# the pattern produces a successful (non)match. The `if..endif' may
+# This causes the block of table entries to be examined only when the
+# search string produces a successful (non)match. The `if..endif' may
# be nested. There currently is no `else' operator.
#
# The syntax of access table results is described in the Postfix
#
# A block of table entries may be "enclosed" by a line with `if
# /pattern/flags' or `if !/pattern/flags' and a line with `endif'.
-# This causes the block of table entries to be examined only when
-# the pattern produces a successful (non)match. The `if..endif' may
+# This causes the block of table entries to be examined only when the
+# search string produces a successful (non)match. The `if..endif' may
# be nested. There currently is no `else' operator.
#
# The result is one of the following:
# REJECT [optional text...]
# Reject the entire message. The optional text is sent to the
# originator and is logged to the maillog file.
-# IGNORE Silently ignore the body line.
+# OK Skip all further body patterns for this body line.
+# IGNORE Silently discard the body line.
# WARN [optional text...]
# Log the body line and the optional text. This is useful
# for testing. When the pattern is OK, change the WARN into a
#
# A block of table entries may be "enclosed" by a line with `if
# /pattern/flags' or `if !/pattern/flags' and a line with `endif'.
-# This causes the block of table entries to be examined only when
-# the pattern produces a successful (non)match. The `if..endif' may
+# This causes the block of table entries to be examined only when the
+# search string produces a successful (non)match. The `if..endif' may
# be nested. There currently is no `else' operator.
#
# The result is one of the following:
# REJECT [optional text...]
# Reject the entire message. The optional text is sent to the
# originator and is logged to the maillog file.
+# OK Skip all further header patterns for this header line.
# IGNORE Silently discard the message header.
# WARN [optional text...]
# Log the message header and the optional text. This is useful
-# for testing. When the pattern is OK, change the WARN into a
+# for testing. When the pattern is good, change the WARN into a
# REJECT or into a DISCARD.
# HOLD [optional text...]
# Place the message on the hold queue. Mail on hold can be
# The qmgr_message_active_limit parameter limits the number of
# messages in the active queue.
#
-qmgr_message_active_limit = 10000
+qmgr_message_active_limit = 20000
# The qmgr_message_recipient_limit parameter limits the number of
# in-memory recipients. This limit is used before any of the message
# This parameter also limits the size of the short-term, in-memory
# destination status cache.
#
-qmgr_message_recipient_limit = 10000
+qmgr_message_recipient_limit = 20000
# (nqmgr only)
# The default_recipient_limit parameter is the default value for
# check_client_access maptype:mapname
# look up client name, parent domains, client address,
# or networks obtained by stripping octets.
-# Skip this lookup table if the result is DUNNO.
-# Reject the ETRN command if the result is REJECT text... or "[45]xx text"
-# Permit the ETRN command if the result is OK or all numerical.
+# see access(5) for possible lookup results.
# reject_rbl_client domain.tld: reject if the reverse client network
# address is listed in an A record under domain.tld.
# Append e.g., "=127.0.0.2" to the RBL domain name to select a specific
# and "TCP-BASED TABLES".
#
# TABLE FORMAT
-# The format of the transport table is as follows:
+# The input format for the postmap(1) command is as follows:
#
# pattern result
# When pattern matches the recipient address or
# domain, use the corresponding result.
#
# blank lines and comments
-# Empty lines and whitespace-only lines are ignored,
-# as are lines whose first non-whitespace character
+# Empty lines and whitespace-only lines are ignored,
+# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
-# A logical line starts with non-whitespace text. A
-# line that starts with whitespace continues a logi-
+# A logical line starts with non-whitespace text. A
+# line that starts with whitespace continues a logi-
# cal line.
#
-# The pattern specifies an email address, a domain name, or
-# a domain name hierarchy, as described in section "TABLE
+# The pattern specifies an email address, a domain name, or
+# a domain name hierarchy, as described in section "TABLE
# LOOKUP".
#
-# The result is of the form transport:nexthop. The trans-
-# port field specifies a mail delivery transport such as
-# smtp or local. The nexthop field specifies where and how
+# The result is of the form transport:nexthop. The trans-
+# port field specifies a mail delivery transport such as
+# smtp or local. The nexthop field specifies where and how
# to deliver mail. More details are given in section "RESULT
# FORMAT".
#
# TABLE LOOKUP
# With lookups from indexed files such as DB or DBM, or from
-# networked tables such as NIS, LDAP or SQL, patterns are
+# networked tables such as NIS, LDAP or SQL, patterns are
# tried in the order as listed below:
#
# user+extension@domain transport:nexthop
# to nexthop.
#
# domain transport:nexthop
-# Mail for domain is delivered through transport to
+# Mail for domain is delivered through transport to
# nexthop.
#
# .domain transport:nexthop
-# Mail for any subdomain of domain is delivered
-# through transport to nexthop. This applies only
+# Mail for any subdomain of domain is delivered
+# through transport to nexthop. This applies only
# when the string transport_maps is not listed in the
# parent_domain_matches_subdomains configuration set-
-# ting. Otherwise, a domain name matches itself and
+# ting. Otherwise, a domain name matches itself and
# its subdomains.
#
# Note 1: the special pattern * represents any address (i.e.
# it functions as the wild-card pattern).
#
-# Note 2: the null recipient address is looked up as
+# Note 2: the null recipient address is looked up as
# $empty_address_recipient@$myhostname (default: mailer-dae-
# mon@hostname).
#
# RESULT FORMAT
-# The transport field specifies the name of a mail delivery
+# The transport field specifies the name of a mail delivery
# transport (the first name of a mail delivery service entry
# in the Postfix master.cf file).
#
-# The interpretation of the nexthop field is transport
+# The interpretation of the nexthop field is transport
# dependent. In the case of SMTP, specify host:service for a
-# non-default server port, and use [host] or [host]:port in
-# order to disable MX (mail exchanger) DNS lookups. The []
+# non-default server port, and use [host] or [host]:port in
+# order to disable MX (mail exchanger) DNS lookups. The []
# form is required when you specify an IP address instead of
# a hostname.
#
-# A null transport and null nexthop result means "do not
-# change": use the delivery transport and nexthop informa-
-# tion that would be used when the entire transport table
+# A null transport and null nexthop result means "do not
+# change": use the delivery transport and nexthop informa-
+# tion that would be used when the entire transport table
# did not exist.
#
-# A non-null transport field with a null nexthop field
+# A non-null transport field with a null nexthop field
# resets the nexthop information to the recipient domain.
#
-# A null transport field with non-null nexthop field does
+# A null transport field with non-null nexthop field does
# not modify the transport information.
#
# EXAMPLES
-# In order to deliver internal mail directly, while using a
-# mail relay for all other mail, specify a null entry for
-# internal destinations (do not change the delivery trans-
-# port or the nexthop information) and specify a wildcard
+# In order to deliver internal mail directly, while using a
+# mail relay for all other mail, specify a null entry for
+# internal destinations (do not change the delivery trans-
+# port or the nexthop information) and specify a wildcard
# for all other destinations.
#
# my.domain :
# .my.domain :
# * smtp:outbound-relay.my.domain
#
-# In order to send mail for foo.org and its subdomains via
+# In order to send mail for foo.org and its subdomains via
# the uucp transport to the UUCP host named foo:
#
# foo.org uucp:foo
# .foo.org uucp:foo
#
-# When no nexthop host name is specified, the destination
-# domain name is used instead. For example, the following
-# directs mail for user@foo.org via the slow transport to a
-# mail exchanger for foo.org. The slow transport could be
-# something that runs at most one delivery process at a
+# When no nexthop host name is specified, the destination
+# domain name is used instead. For example, the following
+# directs mail for user@foo.org via the slow transport to a
+# mail exchanger for foo.org. The slow transport could be
+# something that runs at most one delivery process at a
# time:
#
# foo.org slow:
#
# When no transport is specified, Postfix uses the transport
# that matches the address domain class (see TRANSPORT FIELD
-# discussion above). The following sends all mail for
+# discussion above). The following sends all mail for
# foo.org and its subdomains to host gateway.foo.org:
#
# foo.org :[gateway.foo.org]
# .foo.org :[gateway.foo.org]
#
-# In the above example, the [] are used to suppress MX
-# lookups. The result would likely point to your local
+# In the above example, the [] are used to suppress MX
+# lookups. The result would likely point to your local
# machine.
#
-# In the case of delivery via SMTP, one may specify host-
+# In the case of delivery via SMTP, one may specify host-
# name:service instead of just a host:
#
# foo.org smtp:bar.org:2025
#
-# This directs mail for user@foo.org to host bar.org port
-# 2025. Instead of a numerical port a symbolic name may be
-# used. Specify [] around the hostname in order to disable
+# This directs mail for user@foo.org to host bar.org port
+# 2025. Instead of a numerical port a symbolic name may be
+# used. Specify [] around the hostname in order to disable
# MX lookups.
#
# The error mailer can be used to bounce mail:
#
-# .foo.org error:mail for *.foo.org is not deliv-
+# .foo.org error:mail for *.foo.org is not deliv-
# erable
#
-# This causes all mail for user@anything.foo.org to be
+# This causes all mail for user@anything.foo.org to be
# bounced.
#
# REGULAR EXPRESSION TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
-# a description of regular expression lookup table syntax,
+# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
-# Each pattern is a regular expression that is applied to
-# the entire address being looked up. Thus,
-# some.domain.hierarchy is not looked up up via its parent
-# domains, nor is user+foo@domain looked up as user@domain.
+# Each pattern is a regular expression that is applied to
+# the entire address being looked up. Thus,
+# some.domain.hierarchy is not looked up up via its parent
+# domains, nor is user+foo@domain looked up as user@domain.
#
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the
+# table, until a pattern is found that matches the search
# string.
#
-# Results are the same as with indexed file lookups, with
-# the additional feature that parenthesized substrings from
+# Results are the same as with indexed file lookups, with
+# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
-# tion of the TCP client/server lookup protocol, see
+# tion of the TCP client/server lookup protocol, see
# tcp_table(5).
#
-# Each lookup operation uses the entire recipient address
-# once. Thus, some.domain.hierarchy is not looked up via
-# its parent domains, nor is user+foo@domain looked up as
+# Each lookup operation uses the entire recipient address
+# once. Thus, some.domain.hierarchy is not looked up via
+# its parent domains, nor is user+foo@domain looked up as
# user@domain.
#
# Results are the same as with indexed file lookups.
#
# CONFIGURATION PARAMETERS
-# The following main.cf parameters are especially relevant
-# to this topic. See the Postfix main.cf file for syntax
-# details and for default values. Use the postfix reload
+# The following main.cf parameters are especially relevant
+# to this topic. See the Postfix main.cf file for syntax
+# details and for default values. Use the postfix reload
# command after a configuration change.
#
# empty_address_recipient
-# The address that is looked up instead of the null
+# The address that is looked up instead of the null
# sender address.
#
# parent_domain_matches_subdomains
-# List of Postfix features that use domain.tld pat-
-# terns to match sub.domain.tld (as opposed to
+# List of Postfix features that use domain.tld pat-
+# terns to match sub.domain.tld (as opposed to
# requiring .domain.tld patterns).
#
# transport_maps
# tcp_table(5) TCP client/server table lookup protocol
#
# LICENSE
-# The Secure Mailer license must be distributed with this
+# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
# and "TCP-BASED TABLES".
#
# TABLE FORMAT
-# The format of the virtual table is as follows, mappings
-# being tried in the order as listed in this manual page:
+# The input format for the postmap(1) command is as follows:
#
# pattern result
# When pattern matches a mail address, replace it by
and "TCP-BASED TABLES".
<b>TABLE FORMAT</b>
- The format of the access table is as follows:
+ The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<i>pattern action</i>
When <i>pattern</i> matches a mail address, domain or host
address, perform the corresponding <i>action</i>.
blank lines and comments
- Empty lines and whitespace-only lines are ignored,
- as are lines whose first non-whitespace character
+ Empty lines and whitespace-only lines are ignored,
+ as are lines whose first non-whitespace character
is a `#'.
multi-line text
- A logical line starts with non-whitespace text. A
- line that starts with whitespace continues a logi-
+ A logical line starts with non-whitespace text. A
+ line that starts with whitespace continues a logi-
cal line.
<b>EMAIL ADDRESS PATTERNS</b>
With lookups from indexed files such as DB or DBM, or from
- networked tables such as NIS, LDAP or SQL, the following
- lookup patterns are examined in the order as listed:
+ networked tables such as NIS, LDAP or SQL, patterns are
+ tried in the order as listed below:
<i>user</i>@<i>domain</i>
Matches the specified mail address.
<i>domain.tld</i>
- Matches <i>domain.tld</i> as the domain part of an email
+ Matches <i>domain.tld</i> as the domain part of an email
address.
The pattern <i>domain.tld</i> also matches subdomains, but
only when the string <b>smtpd_access_maps</b> is listed in
- the Postfix <b>parent_domain_matches_subdomains</b> con-
+ the Postfix <b>parent_domain_matches_subdomains</b> con-
figuration setting. Otherwise, specify <i>.domain.tld</i>
- (note the initial dot) in order to match subdo-
+ (note the initial dot) in order to match subdo-
mains.
- <i>user</i>@ Matches all mail addresses with the specified user
+ <i>user</i>@ Matches all mail addresses with the specified user
part.
- Note: lookup of the null sender address is not possible
- with some types of lookup table. By default, Postfix uses
- <> as the lookup key for such addresses. The value is
- specified with the <b>smtpd_null_access_lookup_key</b> parameter
+ Note: lookup of the null sender address is not possible
+ with some types of lookup table. By default, Postfix uses
+ <> as the lookup key for such addresses. The value is
+ specified with the <b>smtpd_null_access_lookup_key</b> parameter
in the Postfix <b>main.cf</b> file.
<b>EMAIL ADDRESS EXTENSION</b>
When a mail address localpart contains the optional recip-
- ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
- becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>, <i>user+foo</i>@,
+ ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
+ becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>, <i>user+foo</i>@,
and <i>user</i>@.
<b>HOST NAME/ADDRESS PATTERNS</b>
With lookups from indexed files such as DB or DBM, or from
- networked tables such as NIS, LDAP or SQL, the following
+ networked tables such as NIS, LDAP or SQL, the following
lookup patterns are examined in the order as listed:
<i>domain.tld</i>
The pattern <i>domain.tld</i> also matches subdomains, but
only when the string <b>smtpd_access_maps</b> is listed in
- the Postfix <b>parent_domain_matches_subdomains</b> con-
+ the Postfix <b>parent_domain_matches_subdomains</b> con-
figuration setting. Otherwise, specify <i>.domain.tld</i>
- (note the initial dot) in order to match subdo-
+ (note the initial dot) in order to match subdo-
mains.
<i>net.work.addr.ess</i>
<i>net.work</i>
- <i>net</i> Matches any host address in the specified network.
- A network address is a sequence of one or more
+ <i>net</i> Matches any host address in the specified network.
+ A network address is a sequence of one or more
octets separated by ".".
- NOTE: use the <b>cidr</b> lookup table type to specify
+ NOTE: use the <b>cidr</b> lookup table type to specify
network/netmask patterns. See <a href="cidr_table.5.html">cidr_table(5)</a> for
details.
<b>ACTIONS</b>
[<b>45</b>]<i>NN text</i>
- Reject the address etc. that matches the pattern,
+ Reject the address etc. that matches the pattern,
and respond with the numerical code and text.
- <b>REJECT</b>
-
<b>REJECT</b> <i>optional text...</i>
- Reject the address etc. that matches the pattern.
- Reply with <i>$reject</i><b>_</b><i>code optional text...</i> when the
- optional text is specified, otherwise reply with a
+ Reject the address etc. that matches the pattern.
+ Reply with <i>$reject</i><b>_</b><i>code optional text...</i> when the
+ optional text is specified, otherwise reply with a
generic error response message.
- <b>DEFER_IF_REJECT</b>
-
<b>DEFER_IF_REJECT</b> <i>optional text...</i>
- Defer the request if some later restriction would
+ Defer the request if some later restriction would
result in a REJECT action. Reply with "<b>450</b> <i>optional</i>
<i>text...</i> when the optional text is specified, other-
wise reply with a generic error response message.
- <b>DEFER_IF_PERMIT</b>
-
<b>DEFER_IF_PERMIT</b> <i>optional text...</i>
- Defer the request if some later restriction would
+ Defer the request if some later restriction would
result in a PERMIT action (there is an implied PER-
- MIT at the end of each restriction list). Reply
- with "<b>450</b> <i>optional text...</i> when the optional text
- is specified, otherwise reply with a generic error
+ MIT at the end of each restriction list). Reply
+ with "<b>450</b> <i>optional text...</i> when the optional text
+ is specified, otherwise reply with a generic error
response message.
<b>OK</b> Accept the address etc. that matches the pattern.
<i>all-numerical</i>
An all-numerical result is treated as OK. This for-
- mat is generated by address-based relay authoriza-
+ mat is generated by address-based relay authoriza-
tion schemes.
- <b>DUNNO</b> Pretend that the lookup key was not found in this
+ <b>DUNNO</b> Pretend that the lookup key was not found in this
table. This prevents Postfix from trying substrings
- of the lookup key (such as a subdomain name, or a
+ of the lookup key (such as a subdomain name, or a
network address subnetwork).
- <b>HOLD</b>
-
<b>HOLD</b> <i>optional text...</i>
- Place the message on the <b>hold</b> queue, where it will
- sit until someone either deletes it or releases it
- for delivery. Log the optional text if specified,
+ Place the message on the <b>hold</b> queue, where it will
+ sit until someone either deletes it or releases it
+ for delivery. Log the optional text if specified,
otherwise log a generic message.
- Mail that is placed on hold can be examined with
- the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
+ Mail that is placed on hold can be examined with
+ the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command.
- Note: this action currently affects all recipients
+ Note: this action currently affects all recipients
of the message.
- <b>DISCARD</b>
-
<b>DISCARD</b> <i>optional text...</i>
- Claim successful delivery and silently discard the
- message. Log the optional text if specified, oth-
+ Claim successful delivery and silently discard the
+ message. Log the optional text if specified, oth-
erwise log a generic message.
- Note: this action currently affects all recipients
+ Note: this action currently affects all recipients
of the message.
<b>FILTER</b> <i>transport:destination</i>
- After the message is queued, send the entire mes-
- sage through a content filter. More information
+ After the message is queued, send the entire mes-
+ sage through a content filter. More information
about content filters is in the Postfix FIL-
TER_README file.
- Note: this action overrides the <b>main.cf con-</b>
+ Note: this action overrides the <b>main.cf con-</b>
<b>tent_filter</b> setting, and currently affects all
recipients of the message.
<b>REDIRECT</b> <i>user@domain</i>
- After the message is queued, send the message to
+ After the message is queued, send the message to
the specified address instead of the intended
recipient(s).
- Note: this action overrides the FILTER action, and
+ Note: this action overrides the FILTER action, and
currently affects all recipients of the message.
<i>restriction...</i>
<b>reject_unauth_destination</b>, and so on).
<b>REGULAR EXPRESSION TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
the table is given in the form of regular expressions. For
- a description of regular expression lookup table syntax,
+ a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
- Each pattern is a regular expression that is applied to
+ Each pattern is a regular expression that is applied to
the entire string being looked up. Depending on the appli-
- cation, that string is an entire client hostname, an
+ cation, that string is an entire client hostname, an
entire client IP address, or an entire mail address. Thus,
no parent domain or parent network search is done,
- <i>user@domain</i> mail addresses are not broken up into their
+ <i>user@domain</i> mail addresses are not broken up into their
<i>user@</i> and <i>domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Actions are the same as with indexed file lookups, with
- the additional feature that parenthesized substrings from
+ Actions are the same as with indexed file lookups, with
+ the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
+ tion of the TCP client/server lookup protocol, see
<a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
- Each lookup operation uses the entire query string once.
- Depending on the application, that string is an entire
+ Each lookup operation uses the entire query string once.
+ Depending on the application, that string is an entire
client hostname, an entire client IP address, or an entire
- mail address. Thus, no parent domain or parent network
- search is done, <i>user@domain</i> mail addresses are not broken
- up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
+ mail address. Thus, no parent domain or parent network
+ search is done, <i>user@domain</i> mail addresses are not broken
+ up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
<i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Actions are the same as with indexed file lookups.
<b>BUGS</b>
- The table format does not understand quoting conventions.
+ The table format does not understand quoting conventions.
<b>SEE ALSO</b>
<a href="postmap.1.html">postmap(1)</a> create lookup table
<a href="tcp_table.5.html">tcp_table(5)</a> TCP client/server table lookup protocol
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
aliasing. Use the <a href="aliases.5.html"><b>aliases</b>(5)</a> map for that purpose.
<b>TABLE FORMAT</b>
- The format of the <b>canonical</b> table is as follows:
+ The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<i>pattern result</i>
- When <i>pattern</i> matches a mail address, replace it by
+ When <i>pattern</i> matches a mail address, replace it by
the corresponding <i>result</i>.
blank lines and comments
- Empty lines and whitespace-only lines are ignored,
- as are lines whose first non-whitespace character
+ Empty lines and whitespace-only lines are ignored,
+ as are lines whose first non-whitespace character
is a `#'.
multi-line text
- A logical line starts with non-whitespace text. A
- line that starts with whitespace continues a logi-
+ A logical line starts with non-whitespace text. A
+ line that starts with whitespace continues a logi-
cal line.
With lookups from indexed files such as DB or DBM, or from
- networked tables such as NIS, LDAP or SQL, patterns are
+ networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user</i>@<i>domain address</i>
- <i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
+ <i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
the highest precedence.
- This is useful to clean up addresses produced by
- legacy mail systems. It can also be used to pro-
- duce <i>Firstname.Lastname</i> style addresses, but see
+ This is useful to clean up addresses produced by
+ legacy mail systems. It can also be used to pro-
+ duce <i>Firstname.Lastname</i> style addresses, but see
below for a simpler solution.
<i>user address</i>
<i>user</i>@<i>site</i> is replaced by <i>address</i> when <i>site</i> is equal
- to $<b>myorigin</b>, when <i>site</i> is listed in $<b>mydestina-</b>
- <b>tion</b>, or when it is listed in $<b>inet</b><i>_</i><b>interfaces</b>.
+ to $<b>myorigin</b>, when <i>site</i> is listed in $<b>mydestina-</b>
+ <b>tion</b>, or when it is listed in $<b>inet_interfaces</b>.
- This form is useful for replacing login names by
+ This form is useful for replacing login names by
<i>Firstname.Lastname</i>.
@<i>domain address</i>
- Every address in <i>domain</i> is replaced by <i>address</i>.
+ Every address in <i>domain</i> is replaced by <i>address</i>.
This form has the lowest precedence.
- In all the above forms, when <i>address</i> has the form @<i>other-</i>
+ In all the above forms, when <i>address</i> has the form @<i>other-</i>
<i>domain</i>, the result is the same user in <i>otherdomain</i>.
<b>ADDRESS EXTENSION</b>
When a mail address localpart contains the optional recip-
- ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
+ ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
- @<i>domain</i>. An unmatched address extension (<i>+foo</i>) is propa-
+ @<i>domain</i>. An unmatched address extension (<i>+foo</i>) is propa-
gated to the result of table lookup.
<b>REGULAR EXPRESSION TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
the table is given in the form of regular expressions. For
- a description of regular expression lookup table syntax,
- see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
+ a description of regular expression lookup table syntax,
+ see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
- Each pattern is a regular expression that is applied to
+ Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail
- addresses are not broken up into their <i>user</i> and <i>@domain</i>
+ addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Results are the same as with indexed file lookups, with
- the additional feature that parenthesized substrings from
+ Results are the same as with indexed file lookups, with
+ the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <b>tcp</b><i>_</i><b>table</b>(5).
+ tion of the TCP client/server lookup protocol, see
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
Each lookup operation uses the entire address once. Thus,
- <i>user@domain</i> mail addresses are not broken up into their
+ <i>user@domain</i> mail addresses are not broken up into their
<i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>.
Results are the same as with indexed file lookups.
<b>BUGS</b>
- The table format does not understand quoting conventions.
+ The table format does not understand quoting conventions.
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
- to this topic. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix reload</b>
+ The following <b>main.cf</b> parameters are especially relevant
+ to this topic. See the Postfix <b>main.cf</b> file for syntax
+ details and for default values. Use the <b>postfix reload</b>
command after a configuration change.
- <b>canonical</b><i>_</i><b>maps</b>
+ <b>canonical_maps</b>
List of canonical mapping tables.
- <b>recipient</b><i>_</i><b>canonical</b><i>_</i><b>maps</b>
+ <b>recipient_canonical_maps</b>
Address mapping lookup table for envelope and
header recipient addresses.
- <b>sender</b><i>_</i><b>canonical</b><i>_</i><b>maps</b>
+ <b>sender_canonical_maps</b>
Address mapping lookup table for envelope and
header sender addresses.
Other parameters of interest:
- <b>inet</b><i>_</i><b>interfaces</b>
- The network interface addresses that this system
+ <b>inet_interfaces</b>
+ The network interface addresses that this system
receives mail on. You need to stop and start Post-
fix when this parameter changes.
- <b>masquerade</b><i>_</i><b>classes</b>
- List of address classes subject to masquerading:
- zero or more of <b>envelope</b><i>_</i><b>sender</b>, <b>envelope</b><i>_</i><b>recipi-</b>
- <b>ent</b>, <b>header</b><i>_</i><b>sender</b>, <b>header</b><i>_</i><b>recipient</b>.
+ <b>masquerade_classes</b>
+ List of address classes subject to masquerading:
+ zero or more of <b>envelope_sender</b>, <b>envelope_recipi-</b>
+ <b>ent</b>, <b>header_sender</b>, <b>header_recipient</b>.
- <b>masquerade</b><i>_</i><b>domains</b>
- List of domains that hide their subdomain struc-
+ <b>masquerade_domains</b>
+ List of domains that hide their subdomain struc-
ture.
- <b>masquerade</b><i>_</i><b>exceptions</b>
- List of user names that are not subject to address
+ <b>masquerade_exceptions</b>
+ List of user names that are not subject to address
masquerading.
<b>mydestination</b>
- List of domains that this mail system considers
+ List of domains that this mail system considers
local.
<b>myorigin</b>
The domain that is appended to locally-posted mail.
- <b>owner</b><i>_</i><b>request</b><i>_</i><b>special</b>
+ <b>owner_request_special</b>
Give special treatment to <b>owner-</b><i>xxx</i> and <i>xxx</i><b>-request</b>
addresses.
<a href="tcp_table.5.html">tcp_table(5)</a> TCP client/server table lookup protocol
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
<b>o</b> Optionally, masquerade envelope sender addresses
and message header addresses (i.e. strip host or
domain information below all domains listed in the
- <b>masquerade</b><i>_</i><b>domains</b> parameter, except for user names
- listed in <b>masquerade</b><i>_</i><b>exceptions</b>). By default,
+ <b>masquerade_domains</b> parameter, except for user names
+ listed in <b>masquerade_exceptions</b>). By default,
address masquerading does not affect envelope
recipients.
command after a configuration change.
<b>Content filtering</b>
- <b>body</b><i>_</i><b>checks</b>
+ <b>body_checks</b>
Lookup tables with content filters for message body
lines. These filters see physical lines one at a
time, in chunks of at most line_length_limit bytes.
- <b>body</b><i>_</i><b>checks</b><i>_</i><b>size</b><i>_</i><b>limit</b>
+ <b>body_checks_size_limit</b>
The amount of content per message body segment that
- is subjected to <b>$body</b><i>_</i><b>checks</b> filtering.
+ is subjected to <b>$body_checks</b> filtering.
- <b>header</b><i>_</i><b>checks</b>
+ <b>header_checks</b>
- <b>mime</b><i>_</i><b>header</b><i>_</i><b>checks</b> (default: <b>$header</b><i>_</i><b>checks</b>)
+ <b>mime_header_checks</b> (default: <b>$header_checks</b>)
- <b>nested</b><i>_</i><b>header</b><i>_</i><b>checks</b> (default: <b>$header</b><i>_</i><b>checks</b>)
+ <b>nested_header_checks</b> (default: <b>$header_checks</b>)
Lookup tables with content filters for message
header lines: respectively, these are applied to
the primary message headers (not including MIME
time, including headers that span multiple lines.
<b>MIME Processing</b>
- <b>disable</b><i>_</i><b>mime</b><i>_</i><b>input</b><i>_</i><b>processing</b>
+ <b>disable_mime_input_processing</b>
While receiving, give no special treatment to <b>Con-</b>
<b>tent-Type:</b> message headers; all text after the ini-
tial message headers is considered to be part of
the message body.
- <b>mime</b><i>_</i><b>boundary</b><i>_</i><b>length</b><i>_</i><b>limit</b>
+ <b>mime_boundary_length_limit</b>
The amount of space that will be allocated for MIME
multipart boundary strings. The MIME processor is
unable to distinguish between boundary strings that
- do not differ in the first <b>$mime</b><i>_</i><b>bound-</b>
- <b>ary</b><i>_</i><b>length</b><i>_</i><b>limit</b> characters.
+ do not differ in the first <b>$mime_bound-</b>
+ <b>ary_length_limit</b> characters.
- <b>mime</b><i>_</i><b>nesting</b><i>_</i><b>limit</b>
+ <b>mime_nesting_limit</b>
The maximal nesting level of multipart mail that
the MIME processor can handle. Refuse mail that is
nested deeper.
- <b>strict</b><i>_</i><b>8bitmime</b>
- Turn on both <b>strict</b><i>_</i><b>7bit</b><i>_</i><b>headers</b> and <b>strict</b><i>_</i><b>8bit-</b>
- <b>mime</b><i>_</i><b>body</b>.
+ <b>strict_8bitmime</b>
+ Turn on both <b>strict_7bit_headers</b> and <b>strict_8bit-</b>
+ <b>mime_body</b>.
- <b>strict</b><i>_</i><b>7bit</b><i>_</i><b>headers</b>
+ <b>strict_7bit_headers</b>
Reject mail with 8-bit text in message headers.
This blocks mail from poorly written applications.
- <b>strict</b><i>_</i><b>8bitmime</b><i>_</i><b>body</b>
+ <b>strict_8bitmime_body</b>
Reject mail with 8-bit text in content that claims
to be 7-bit, or in content that has no explicit
content encoding information. This blocks mail
ple, bounces from qmail or from old versions of
Postfix).
- <b>strict</b><i>_</i><b>mime</b><i>_</i><b>domain</b><i>_</i><b>encoding</b>
+ <b>strict_mime_domain_encoding</b>
Reject mail with invalid <b>Content-Transfer-Encoding:</b>
information for message/* or multipart/*. This
blocks mail from poorly written software.
<b>Miscellaneous</b>
- <b>always</b><i>_</i><b>bcc</b>
+ <b>always_bcc</b>
Address to send a copy of each message that enters
the system.
- <b>sender</b><i>_</i><b>bcc</b><i>_</i><b>maps</b>
+ <b>sender_bcc_maps</b>
Automatic BCC recipient lookup table, indexed by
sender address. The BCC address is added when the
message enters the system.
- <b>recipient</b><i>_</i><b>bcc</b><i>_</i><b>maps</b>
+ <b>recipient_bcc_maps</b>
Automatic BCC recipient lookup table, indexed by
recipient address. The BCC address is added when
the message enters the system.
- <b>enable</b><i>_</i><b>original</b><i>_</i><b>recipient</b>
+ <b>enable_original_recipient</b>
Enable support for the <b>X-Original-To:</b> message
header, which is needed for multi-recipient mail-
boxes. When this is enabled, Postfix performs
rewritten recipient) pairs, instead of looking at
the rewritten recipient only.
- <b>hopcount</b><i>_</i><b>limit</b>
+ <b>hopcount_limit</b>
Limit the number of <b>Received:</b> message headers.
- <b>undisclosed</b><i>_</i><b>recipients</b><i>_</i><b>header</b>
+ <b>undisclosed_recipients_header</b>
The header line that is inserted when no recipients
were specified in (Resent-)To: or (Resent-)Cc: mes-
sage headers.
<b>Address transformations</b>
- <b>empty</b><i>_</i><b>address</b><i>_</i><b>recipient</b>
+ <b>empty_address_recipient</b>
The destination for undeliverable mail from <>.
This substitution is done before all other address
rewriting.
- <b>canonical</b><i>_</i><b>maps</b>
+ <b>canonical_maps</b>
Address mapping lookup table for sender and recipi-
ent addresses in envelopes and headers.
- <b>recipient</b><i>_</i><b>canonical</b><i>_</i><b>maps</b>
+ <b>recipient_canonical_maps</b>
Address mapping lookup table for envelope and
header recipient addresses.
- <b>sender</b><i>_</i><b>canonical</b><i>_</i><b>maps</b>
+ <b>sender_canonical_maps</b>
Address mapping lookup table for envelope and
header sender addresses.
- <b>masquerade</b><i>_</i><b>classes</b>
+ <b>masquerade_classes</b>
List of address classes subject to masquerading:
- zero or more of <b>envelope</b><i>_</i><b>sender</b>, <b>envelope</b><i>_</i><b>recipi-</b>
- <b>ent</b>, <b>header</b><i>_</i><b>sender</b>, <b>header</b><i>_</i><b>recipient</b>.
+ zero or more of <b>envelope_sender</b>, <b>envelope_recipi-</b>
+ <b>ent</b>, <b>header_sender</b>, <b>header_recipient</b>.
- <b>masquerade</b><i>_</i><b>domains</b>
+ <b>masquerade_domains</b>
List of domains that hide their subdomain struc-
ture.
- <b>masquerade</b><i>_</i><b>exceptions</b>
+ <b>masquerade_exceptions</b>
List of user names that are not subject to address
masquerading.
- <b>virtual</b><i>_</i><b>alias</b><i>_</i><b>maps</b>
+ <b>virtual_alias_maps</b>
Address mapping lookup table for envelope recipient
addresses.
<b>Resource controls</b>
- <b>duplicate</b><i>_</i><b>filter</b><i>_</i><b>limit</b>
+ <b>duplicate_filter_limit</b>
Limits the number of envelope recipients that are
remembered.
- <b>header</b><i>_</i><b>address</b><i>_</i><b>token</b><i>_</i><b>limit</b>
+ <b>header_address_token_limit</b>
Limits the number of address tokens used to process
a message header.
- <b>header</b><i>_</i><b>size</b><i>_</i><b>limit</b>
- Limits the amount of memory in bytes used to pro-
- cess a message header.
+ <b>header_size_limit</b>
+ Limits the amount of memory in bytes used to store
+ a message header.
- <b>in</b><i>_</i><b>flow</b><i>_</i><b>delay</b>
+ <b>in_flow_delay</b>
Amount of time to pause before accepting a message,
when the message arrival rate exceeds the message
delivery rate.
- <b>virtual</b><i>_</i><b>alias</b><i>_</i><b>expansion</b><i>_</i><b>limit</b>
+ <b>virtual_alias_expansion_limit</b>
Limit the number of actual recipients produced by
virtual alias expansion from each original recipi-
ent.
- <b>virtual</b><i>_</i><b>alias</b><i>_</i><b>recursion</b><i>_</i><b>limit</b>
+ <b>virtual_alias_recursion_limit</b>
Limit the recursion depth of virtual alias expan-
sion.
<li><a href="#relay_restrict">Restricting what users can send mail to off-site destinations</a>
-<li><a href="#backup">Configuring Postfix as backup MX host</a>
+<li><a href="#backup">Configuring Postfix as MX host for a remote site</a>
</ul>
<hr>
-<a name="backup"><h3>Configuring Postfix as backup MX host</h3></a>
+<a name="backup"><h3>Configuring Postfix as MX host for a remote site</h3></a>
When you are <b>secondary mx</b> for a <b>remote site</b> this is
all you need:
<p>
+<blink><b>DO NOT LIST the.backed-up.domain.tld in MYDESTINATION</b></blink>
+
+<p>
+
When you are <b>primary mx</b> for a <b>remote site</b> you also
need:
transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport:
- the.backed-up.domain.tld smtp:[their.mail.host.tld]
+ the.backed-up.domain.tld relay:[their.mail.host.tld]
</pre>
<p>
<b>if !/</b><i>pattern</i><b>/</b><i>flags</i>
- <b>endif</b> Examine the lines between <b>if</b>..<b>endif</b> only if <i>pattern</i>
- matches (does not match). The <b>if</b>..<b>endif</b> can nest.
- Do not prepend whitespace to patterns inside
+ <b>endif</b> Match the search string against the patterns
+ between <b>if</b> and <b>endif</b>, if and only if the search
+ string matches (does not match) <i>pattern</i>. The
+ <b>if</b>..<b>endif</b> can nest.
+
+ Note: do not prepend whitespace to patterns inside
<b>if</b>..<b>endif</b>.
Each pattern is a perl-like regular expression. The
- expression delimiter can be any character, except whites-
- pace or characters that have special meaning (tradition-
- ally the forward slash is used). The regular expression
+ expression delimiter can be any character, except whites-
+ pace or characters that have special meaning (tradition-
+ ally the forward slash is used). The regular expression
can contain whitespace.
By default, matching is case-insensitive, and newlines are
- not treated as special characters. The behavior is con-
- trolled by flags, which are toggled by appending one or
+ not treated as special characters. The behavior is con-
+ trolled by flags, which are toggled by appending one or
more of the following characters after the pattern:
<b>i</b> (default: on)
- Toggles the case sensitivity flag. By default,
+ Toggles the case sensitivity flag. By default,
matching is case insensitive.
<b>m</b> (default: off)
- Toggles the PCRE_MULTILINE flag. When this flag is
- on, the <b>^</b> and <b>$</b> metacharacters match immediately
- after and immediately before a newline character,
- respectively, in addition to matching at the start
+ Toggles the PCRE_MULTILINE flag. When this flag is
+ on, the <b>^</b> and <b>$</b> metacharacters match immediately
+ after and immediately before a newline character,
+ respectively, in addition to matching at the start
and end of the subject string.
<b>s</b> (default: on)
Toggles the PCRE_DOTALL flag. When this flag is on,
the <b>.</b> metacharacter matches the newline character.
- With Postfix versions prior to 20020528, The flag
+ With Postfix versions prior to 20020528, The flag
is off by default, which is inconvenient for multi-
line message header matching.
<b>x</b> (default: off)
- Toggles the pcre extended flag. When this flag is
- on, whitespace in the pattern (other than in a
+ Toggles the pcre extended flag. When this flag is
+ on, whitespace in the pattern (other than in a
character class) and characters between a <b>#</b> outside
- a character class and the next newline character
- are ignored. An escaping backslash can be used to
- include a whitespace or <b>#</b> character as part of the
+ a character class and the next newline character
+ are ignored. An escaping backslash can be used to
+ include a whitespace or <b>#</b> character as part of the
pattern.
<b>A</b> (default: off)
- Toggles the PCRE_ANCHORED flag. When this flag is
- on, the pattern is forced to be "anchored", that
+ Toggles the PCRE_ANCHORED flag. When this flag is
+ on, the pattern is forced to be "anchored", that
is, it is constrained to match only at the start of
- the string which is being searched (the "subject
- string"). This effect can also be achieved by
+ the string which is being searched (the "subject
+ string"). This effect can also be achieved by
appropriate constructs in the pattern itself.
<b>E</b> (default: off)
- Toggles the PCRE_DOLLAR_ENDONLY flag. When this
- flag is on, a <b>$</b> metacharacter in the pattern
- matches only at the end of the subject string.
- Without this flag, a dollar also matches immedi-
+ Toggles the PCRE_DOLLAR_ENDONLY flag. When this
+ flag is on, a <b>$</b> metacharacter in the pattern
+ matches only at the end of the subject string.
+ Without this flag, a dollar also matches immedi-
ately before the final character if it is a newline
character (but not before any other newline charac-
- ters). This flag is ignored if PCRE_MULTILINE flag
+ ters). This flag is ignored if PCRE_MULTILINE flag
is set.
<b>U</b> (default: off)
Toggles the ungreedy matching flag. When this flag
- is on, the pattern matching engine inverts the
- "greediness" of the quantifiers so that they are
- not greedy by default, but become greedy if fol-
- lowed by "?". This flag can also set by a (?U)
+ is on, the pattern matching engine inverts the
+ "greediness" of the quantifiers so that they are
+ not greedy by default, but become greedy if fol-
+ lowed by "?". This flag can also set by a (?U)
modifier within the pattern.
<b>X</b> (default: off)
Toggles the PCRE_EXTRA flag. When this flag is on,
- any backslash in a pattern that is followed by a
+ any backslash in a pattern that is followed by a
letter that has no special meaning causes an error,
thus reserving these combinations for future expan-
sion.
<b>SEARCH ORDER</b>
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Each pattern is applied to the entire lookup key string.
- Depending on the application, that string is an entire
+ Each pattern is applied to the entire lookup key string.
+ Depending on the application, that string is an entire
client hostname, an entire client IP address, or an entire
- mail address. Thus, no parent domain or parent network
- search is done, and <i>user@domain</i> mail addresses are not
- broken up into their <i>user</i> and <i>domain</i> constituent parts,
+ mail address. Thus, no parent domain or parent network
+ search is done, and <i>user@domain</i> mail addresses are not
+ broken up into their <i>user</i> and <i>domain</i> constituent parts,
nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
<b>TEXT SUBSTITUTION</b>
- Substitution of substrings from the matched expression
- into the result string is possible using the conventional
- perl syntax ($1, $2, etc.). The macros in the result
- string may need to be written as ${n} or $(n) if they
+ Substitution of substrings from the matched expression
+ into the result string is possible using the conventional
+ perl syntax ($1, $2, etc.). The macros in the result
+ string may need to be written as ${n} or $(n) if they
aren't followed by whitespace.
- Note: since negated patterns (those preceded by <b>!</b>) return
+ Note: since negated patterns (those preceded by <b>!</b>) return
a result when the expression does not match, substitutions
are not available for negated patterns.
reports are sent to the <a href="bounce.8.html"><b>bounce</b>(8)</a> or <a href="defer.8.html"><b>defer</b>(8)</a> daemon as
appropriate.
-<b>SINGLE-RECIPIENT</b> <b>DELIVERY</b>
+<b>SINGLE-RECIPIENT DELIVERY</b>
Some external commands cannot handle more than one recipi-
ent per delivery request. Examples of such transports are
pagers, fax machines, and so on.
To prevent Postfix from sending multiple recipients per
delivery request, specify
- <i>transport_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> <b>=</b> <b>1</b>
+ <i>transport</i><b>_destination_recipient_limit = 1</b>
in the Postfix <b>main.cf</b> file, where <i>transport</i> is the name
in the first column of the Postfix <b>master.cf</b> entry for the
pipe-based delivery transport.
-<b>COMMAND</b> <b>ATTRIBUTE</b> <b>SYNTAX</b>
+<b>COMMAND ATTRIBUTE SYNTAX</b>
The external command attributes are given in the <b>master.cf</b>
file at the end of a service definition. The syntax is as
follows:
<b>D</b> Prepend a "<b>Delivered-To:</b> <i>recipient</i>" message
header with the envelope recipient address.
- Note: for this to work, the <i>transport_</i><b>desti-</b>
- <b>nation</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> must be 1.
+ Note: for this to work, the <i>transport</i><b>_desti-</b>
+ <b>nation_recipient_limit</b> must be 1.
- <b>F</b> Prepend a "<b>From</b> <i>sender</i> <i>time_stamp</i>" envelope
+ <b>F</b> Prepend a "<b>From</b> <i>sender time</i><b>_</b><i>stamp</i>" envelope
header to the message content. This is
expected by, for example, <b>UUCP</b> software.
<b>O</b> Prepend an "<b>X-Original-To:</b> <i>recipient</i>" mes-
sage header with the recipient address as
given to Postfix. Note: for this to work,
- the <i>transport_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
+ the <i>transport</i><b>_destination_recipient_limit</b>
must be 1.
<b>R</b> Prepend a <b>Return-Path:</b> message header with
<b>eol=string</b> (optional, default: <b>\n</b>)
The output record delimiter. Typically one would
use either <b>\r\n</b> or <b>\n</b>. The usual C-style backslash
- escape sequences are recognized: <b>\a</b> <b>\b</b> <b>\f</b> <b>\n</b> <b>\r</b> <b>\t</b>
- <b>\v</b> <b>\</b><i>octal</i> and <b>\\</b>.
+ escape sequences are recognized: <b>\a \b \f \n \r \t</b>
+ <b>\v \</b><i>octal</i> and <b>\\</b>.
- <b>size</b>=<i>size_limit</i> (optional)
+ <b>size</b>=<i>size</i><b>_</b><i>limit</i> (optional)
Messages greater in size than this limit (in bytes)
will be bounced back to the sender.
cute external commands as the specified user. It is there-
fore security sensitive.
-<b>CONFIGURATION</b> <b>PARAMETERS</b>
+<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix</b> <b>reload</b>
+ details and for default values. Use the <b>postfix reload</b>
command after a configuration change.
<b>Miscellaneous</b>
- <b>export</b><i>_</i><b>environment</b>
+ <b>export_environment</b>
List of names of environment parameters that can be
exported to non-Postfix processes.
- <b>mail</b><i>_</i><b>owner</b>
+ <b>mail_owner</b>
The process privileges used while not running an
external command.
-<b>Resource</b> <b>controls</b>
+<b>Resource controls</b>
In the text below, <i>transport</i> is the first field in a <b>mas-</b>
<b>ter.cf</b> entry.
- <i>transport_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b>
+ <i>transport</i><b>_destination_concurrency_limit</b>
Limit the number of parallel deliveries to the same
destination, for delivery via the named <i>transport</i>.
- The default limit is taken from the <b>default</b><i>_</i><b>desti-</b>
- <b>nation</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b> parameter. The limit is
+ The default limit is taken from the <b>default_desti-</b>
+ <b>nation_concurrency_limit</b> parameter. The limit is
enforced by the Postfix queue manager.
- <i>transport_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
+ <i>transport</i><b>_destination_recipient_limit</b>
Limit the number of recipients per message deliv-
ery, for delivery via the named <i>transport</i>. The
- default limit is taken from the <b>default</b><i>_</i><b>destina-</b>
- <b>tion</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> parameter. The limit is
+ default limit is taken from the <b>default_destina-</b>
+ <b>tion_recipient_limit</b> parameter. The limit is
enforced by the Postfix queue manager.
- <i>transport_</i><b>time</b><i>_</i><b>limit</b>
+ <i>transport</i><b>_time_limit</b>
Limit the time for delivery to external command,
for delivery via the named <b>transport</b>. The default
- limit is taken from the <b>command</b><i>_</i><b>time</b><i>_</i><b>limit</b> parame-
+ limit is taken from the <b>command_time_limit</b> parame-
ter. The limit is enforced by the pipe delivery
agent.
-<b>SEE</b> <b>ALSO</b>
+<b>SEE ALSO</b>
<a href="bounce.8.html">bounce(8)</a> non-delivery status reports
<a href="master.8.html">master(8)</a> process manager
<a href="qmgr.8.html">qmgr(8)</a> queue manager
ate a new file with default access permissions
(mode 0644).
- <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and print the
- first value found on the standard output stream.
+ <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
+ first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of <b>-</b> is specified, the program reads
key values from the standard input stream and
- prints one line of <i>key value</i> output for each key
+ writes one line of <i>key value</i> output for each key
that was found. The exit status is zero when at
least one of the requested keys was found.
<b>if !/</b><i>pattern</i><b>/</b><i>flags</i>
- <b>endif</b> Examine the lines between <b>if</b>..<b>endif</b> only if <i>pattern</i>
- matches (does not match). The <b>if</b>..<b>endif</b> can nest.
- Do not prepend whitespace to patterns inside
+ <b>endif</b> Match the search string against the patterns
+ between <b>if</b> and <b>endif</b>, if and only if the search
+ string matches (does not match) <i>pattern</i>. The
+ <b>if</b>..<b>endif</b> can nest.
+
+ Note: do not prepend whitespace to patterns inside
<b>if</b>..<b>endif</b>.
Each pattern is a regular expression enclosed by a pair of
delimiters. The regular expression syntax is described in
- <i>re_format</i>(7). The expression delimiter can be any charac-
- ter, except whitespace or characters that have special
- meaning (traditionally the forward slash is used). The
+ <i>re</i><b>_</b><i>format</i>(7). The expression delimiter can be any charac-
+ ter, except whitespace or characters that have special
+ meaning (traditionally the forward slash is used). The
regular expression can contain whitespace.
By default, matching is case-insensitive, although follow-
- ing the second slash with an `i' flag will reverse this.
- Other flags are `x' (disable extended expression syntax),
- and `m' (enable multi-line mode, that is, treat newline
+ ing the second slash with an `i' flag will reverse this.
+ Other flags are `x' (disable extended expression syntax),
+ and `m' (enable multi-line mode, that is, treat newline
characters as special).
<b>TABLE SEARCH ORDER</b>
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Each pattern is applied to the entire lookup key string.
- Depending on the application, that string is an entire
+ Each pattern is applied to the entire lookup key string.
+ Depending on the application, that string is an entire
client hostname, an entire client IP address, or an entire
- mail address. Thus, no parent domain or parent network
- search is done, and <i>user@domain</i> mail addresses are not
- broken up into their <i>user</i> and <i>domain</i> constituent parts,
+ mail address. Thus, no parent domain or parent network
+ search is done, and <i>user@domain</i> mail addresses are not
+ broken up into their <i>user</i> and <i>domain</i> constituent parts,
nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
<b>TEXT SUBSTITUTION</b>
- Substitution of substrings from the matched expression
+ Substitution of substrings from the matched expression
into the result string is possible using $1, $2, etc.. The
macros in the result string may need to be written as ${n}
or $(n) if they aren't followed by whitespace.
- Note: since negated patterns (those preceded by <b>!</b>) return
+ Note: since negated patterns (those preceded by <b>!</b>) return
a result when the expression does not match, substitutions
are not available for negated patterns.
<b>DESCRIPTION</b>
The optional <b>relocated</b> table provides the information that
- is used in "user has moved to <i>new_location</i>" bounce mes-
+ is used in "user has moved to <i>new</i><b>_</b><i>location</i>" bounce mes-
sages.
Normally, the <b>relocated</b> table is specified as a text file
Table lookups are case insensitive.
<b>TABLE FORMAT</b>
- The format of the table is as follows:
+ The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<b>o</b> An entry has one of the following form:
- <i>key new_location</i>
- Where <i>new_location</i> specifies contact information
- such as an email address, or perhaps a street
+ <i>pattern new</i><b>_</b><i>location</i>
+ Where <i>new</i><b>_</b><i>location</i> specifies contact information
+ such as an email address, or perhaps a street
address or telephone number.
- <b>o</b> Empty lines and whitespace-only lines are ignored,
- as are lines whose first non-whitespace character
+ <b>o</b> Empty lines and whitespace-only lines are ignored,
+ as are lines whose first non-whitespace character
is a `#'.
- <b>o</b> A logical line starts with non-whitespace text. A
- line that starts with whitespace continues a logi-
+ <b>o</b> A logical line starts with non-whitespace text. A
+ line that starts with whitespace continues a logi-
cal line.
With lookups from indexed files such as DB or DBM, or from
- networked tables such as NIS, LDAP or SQL, the <i>key</i> field
- is one of the following:
+ networked tables such as NIS, LDAP or SQL, patterns are
+ tried in the order as listed below:
<i>user</i>@<i>domain</i>
- Matches <i>user</i>@<i>domain</i>. This form has precedence over
+ Matches <i>user</i>@<i>domain</i>. This form has precedence over
all other forms.
<i>user</i> Matches <i>user</i>@<i>site</i> when <i>site</i> is $<b>myorigin</b>, when <i>site</i>
is listed in $<b>mydestination</b>, or when <i>site</i> is listed
- in $<b>inet</b><i>_</i><b>interfaces</b>.
+ in $<b>inet_interfaces</b>.
@<i>domain</i>
- Matches every address in <i>domain</i>. This form has the
+ Matches every address in <i>domain</i>. This form has the
lowest precedence.
<b>ADDRESS EXTENSION</b>
When a mail address localpart contains the optional recip-
- ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
+ ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
@<i>domain</i>.
<b>REGULAR EXPRESSION TABLES</b>
- This section describes how the table lookups change when
- the table is given in the form of regular expressions or
- when lookups are directed to a TCP-based server. For a
+ This section describes how the table lookups change when
+ the table is given in the form of regular expressions or
+ when lookups are directed to a TCP-based server. For a
description of regular expression lookup table syntax, see
- <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>. For a description of the
- TCP client/server table lookup protocol, see <b>tcp</b><i>_</i><b>table</b>(5).
+ <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>. For a description of the
+ TCP client/server table lookup protocol, see <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
- Each pattern is a regular expression that is applied to
+ Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail
- addresses are not broken up into their <i>user</i> and <i>@domain</i>
+ addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Results are the same as with indexed file lookups, with
- the additional feature that parenthesized substrings from
+ Results are the same as with indexed file lookups, with
+ the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <b>tcp</b><i>_</i><b>table</b>(5).
+ tion of the TCP client/server lookup protocol, see
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
Each lookup operation uses the entire address once. Thus,
- <i>user@domain</i> mail addresses are not broken up into their
+ <i>user@domain</i> mail addresses are not broken up into their
<i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>.
Results are the same as with indexed file lookups.
<b>BUGS</b>
- The table format does not understand quoting conventions.
+ The table format does not understand quoting conventions.
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
- to this topic. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix reload</b>
+ The following <b>main.cf</b> parameters are especially relevant
+ to this topic. See the Postfix <b>main.cf</b> file for syntax
+ details and for default values. Use the <b>postfix reload</b>
command after a configuration change.
- <b>relocated</b><i>_</i><b>maps</b>
+ <b>relocated_maps</b>
List of lookup tables for relocated users or sites.
Other parameters of interest:
- <b>inet</b><i>_</i><b>interfaces</b>
- The network interface addresses that this system
+ <b>inet_interfaces</b>
+ The network interface addresses that this system
receives mail on. You need to stop and start Post-
fix when this parameter changes.
<b>mydestination</b>
- List of domains that this mail system considers
+ List of domains that this mail system considers
local.
<b>myorigin</b>
<a href="tcp_table.5.html">tcp_table(5)</a> TCP client/server table lookup protocol
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
the SMTP proxy server.
<b>Authentication controls</b>
- <b>enable_sasl_authentication</b>
+ <b>smtpd_sasl_auth_enable</b>
Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
(SASL). This functionality is available only when
explicitly selected at program build time and
<b>mydestination</b>
A list of domains that is by default delivered via
- <b>$local</b><i>_</i><b>transport</b>.
+ <b>$local_transport</b>.
- <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
+ <b>virtual_mailbox_domains</b>
A list of domains that is by default delivered via
- <b>$virtual</b><i>_</i><b>transport</b>.
+ <b>$virtual_transport</b>.
- <b>relay</b><i>_</i><b>domains</b>
+ <b>relay_domains</b>
A list of domains that is by default delivered via
- <b>$relay</b><i>_</i><b>transport</b>.
+ <b>$relay_transport</b>.
any other destination
Mail for any other destination is by default deliv-
- ered via <b>$default</b><i>_</i><b>transport</b>.
+ ered via <b>$default_transport</b>.
Normally, the <b>transport</b> table is specified as a text file
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
and "TCP-BASED TABLES".
<b>TABLE FORMAT</b>
- The format of the transport table is as follows:
+ The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<i>pattern result</i>
When <i>pattern</i> matches the recipient address or
domain, use the corresponding <i>result</i>.
blank lines and comments
- Empty lines and whitespace-only lines are ignored,
- as are lines whose first non-whitespace character
+ Empty lines and whitespace-only lines are ignored,
+ as are lines whose first non-whitespace character
is a `#'.
multi-line text
- A logical line starts with non-whitespace text. A
- line that starts with whitespace continues a logi-
+ A logical line starts with non-whitespace text. A
+ line that starts with whitespace continues a logi-
cal line.
- The <i>pattern</i> specifies an email address, a domain name, or
- a domain name hierarchy, as described in section "TABLE
+ The <i>pattern</i> specifies an email address, a domain name, or
+ a domain name hierarchy, as described in section "TABLE
LOOKUP".
- The <i>result</i> is of the form <i>transport</i><b>:</b><i>nexthop</i>. The <i>trans-</i>
- <i>port</i> field specifies a mail delivery transport such as
- <b>smtp</b> or <b>local</b>. The <i>nexthop</i> field specifies where and how
+ The <i>result</i> is of the form <i>transport</i><b>:</b><i>nexthop</i>. The <i>trans-</i>
+ <i>port</i> field specifies a mail delivery transport such as
+ <b>smtp</b> or <b>local</b>. The <i>nexthop</i> field specifies where and how
to deliver mail. More details are given in section "RESULT
FORMAT".
<b>TABLE LOOKUP</b>
With lookups from indexed files such as DB or DBM, or from
- networked tables such as NIS, LDAP or SQL, patterns are
+ networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user+extension@domain transport</i>:<i>nexthop</i>
to <i>nexthop</i>.
<i>domain transport</i>:<i>nexthop</i>
- Mail for <i>domain</i> is delivered through <i>transport</i> to
+ Mail for <i>domain</i> is delivered through <i>transport</i> to
<i>nexthop</i>.
<i>.domain transport</i>:<i>nexthop</i>
- Mail for any subdomain of <i>domain</i> is delivered
- through <i>transport</i> to <i>nexthop</i>. This applies only
- when the string <b>transport</b><i>_</i><b>maps</b> is not listed in the
- <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> configuration set-
- ting. Otherwise, a domain name matches itself and
+ Mail for any subdomain of <i>domain</i> is delivered
+ through <i>transport</i> to <i>nexthop</i>. This applies only
+ when the string <b>transport_maps</b> is not listed in the
+ <b>parent_domain_matches_subdomains</b> configuration set-
+ ting. Otherwise, a domain name matches itself and
its subdomains.
Note 1: the special pattern <b>*</b> represents any address (i.e.
it functions as the wild-card pattern).
- Note 2: the null recipient address is looked up as
- <b>$empty</b><i>_</i><b>address</b><i>_</i><b>recipient</b>@<b>$myhostname</b> (default: mailer-dae-
+ Note 2: the null recipient address is looked up as
+ <b>$empty_address_recipient</b>@<b>$myhostname</b> (default: mailer-dae-
mon@hostname).
<b>RESULT FORMAT</b>
- The transport field specifies the name of a mail delivery
+ The transport field specifies the name of a mail delivery
transport (the first name of a mail delivery service entry
in the Postfix <b>master.cf</b> file).
- The interpretation of the nexthop field is transport
+ The interpretation of the nexthop field is transport
dependent. In the case of SMTP, specify <i>host</i>:<i>service</i> for a
- non-default server port, and use [<i>host</i>] or [<i>host</i>]:<i>port</i> in
- order to disable MX (mail exchanger) DNS lookups. The []
+ non-default server port, and use [<i>host</i>] or [<i>host</i>]:<i>port</i> in
+ order to disable MX (mail exchanger) DNS lookups. The []
form is required when you specify an IP address instead of
a hostname.
- A null <i>transport</i> and null <i>nexthop</i> result means "do not
- change": use the delivery transport and nexthop informa-
- tion that would be used when the entire transport table
+ A null <i>transport</i> and null <i>nexthop</i> result means "do not
+ change": use the delivery transport and nexthop informa-
+ tion that would be used when the entire transport table
did not exist.
- A non-null <i>transport</i> field with a null <i>nexthop</i> field
+ A non-null <i>transport</i> field with a null <i>nexthop</i> field
resets the nexthop information to the recipient domain.
- A null <i>transport</i> field with non-null <i>nexthop</i> field does
+ A null <i>transport</i> field with non-null <i>nexthop</i> field does
not modify the transport information.
<b>EXAMPLES</b>
- In order to deliver internal mail directly, while using a
- mail relay for all other mail, specify a null entry for
- internal destinations (do not change the delivery trans-
- port or the nexthop information) and specify a wildcard
+ In order to deliver internal mail directly, while using a
+ mail relay for all other mail, specify a null entry for
+ internal destinations (do not change the delivery trans-
+ port or the nexthop information) and specify a wildcard
for all other destinations.
<b>my.domain :</b>
<b>.my.domain :</b>
<b>* smtp:outbound-relay.my.domain</b>
- In order to send mail for <b>foo.org</b> and its subdomains via
+ In order to send mail for <b>foo.org</b> and its subdomains via
the <b>uucp</b> transport to the UUCP host named <b>foo</b>:
<b>foo.org uucp:foo</b>
<b>.foo.org uucp:foo</b>
- When no nexthop host name is specified, the destination
- domain name is used instead. For example, the following
- directs mail for <i>user</i>@<b>foo.org</b> via the <b>slow</b> transport to a
- mail exchanger for <b>foo.org</b>. The <b>slow</b> transport could be
- something that runs at most one delivery process at a
+ When no nexthop host name is specified, the destination
+ domain name is used instead. For example, the following
+ directs mail for <i>user</i>@<b>foo.org</b> via the <b>slow</b> transport to a
+ mail exchanger for <b>foo.org</b>. The <b>slow</b> transport could be
+ something that runs at most one delivery process at a
time:
<b>foo.org slow:</b>
When no transport is specified, Postfix uses the transport
that matches the address domain class (see TRANSPORT FIELD
- discussion above). The following sends all mail for
+ discussion above). The following sends all mail for
<b>foo.org</b> and its subdomains to host <b>gateway.foo.org</b>:
<b>foo.org :[gateway.foo.org]</b>
<b>.foo.org :[gateway.foo.org]</b>
- In the above example, the [] are used to suppress MX
- lookups. The result would likely point to your local
+ In the above example, the [] are used to suppress MX
+ lookups. The result would likely point to your local
machine.
- In the case of delivery via SMTP, one may specify <i>host-</i>
+ In the case of delivery via SMTP, one may specify <i>host-</i>
<i>name</i>:<i>service</i> instead of just a host:
<b>foo.org smtp:bar.org:2025</b>
- This directs mail for <i>user</i>@<b>foo.org</b> to host <b>bar.org</b> port
- <b>2025</b>. Instead of a numerical port a symbolic name may be
- used. Specify [] around the hostname in order to disable
+ This directs mail for <i>user</i>@<b>foo.org</b> to host <b>bar.org</b> port
+ <b>2025</b>. Instead of a numerical port a symbolic name may be
+ used. Specify [] around the hostname in order to disable
MX lookups.
The error mailer can be used to bounce mail:
- <b>.foo.org error:mail for *.foo.org is not deliv-</b>
+ <b>.foo.org error:mail for *.foo.org is not deliv-</b>
<b>erable</b>
- This causes all mail for <i>user</i>@<i>anything</i><b>.foo.org</b> to be
+ This causes all mail for <i>user</i>@<i>anything</i><b>.foo.org</b> to be
bounced.
<b>REGULAR EXPRESSION TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
the table is given in the form of regular expressions. For
- a description of regular expression lookup table syntax,
- see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
+ a description of regular expression lookup table syntax,
+ see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
- Each pattern is a regular expression that is applied to
- the entire address being looked up. Thus,
- <i>some.domain.hierarchy</i> is not looked up up via its parent
- domains, nor is <i>user+foo@domain</i> looked up as <i>user@domain</i>.
+ Each pattern is a regular expression that is applied to
+ the entire address being looked up. Thus,
+ <i>some.domain.hierarchy</i> is not looked up up via its parent
+ domains, nor is <i>user+foo@domain</i> looked up as <i>user@domain</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Results are the same as with indexed file lookups, with
- the additional feature that parenthesized substrings from
+ Results are the same as with indexed file lookups, with
+ the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <b>tcp</b><i>_</i><b>table</b>(5).
+ tion of the TCP client/server lookup protocol, see
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
- Each lookup operation uses the entire recipient address
- once. Thus, <i>some.domain.hierarchy</i> is not looked up via
- its parent domains, nor is <i>user+foo@domain</i> looked up as
+ Each lookup operation uses the entire recipient address
+ once. Thus, <i>some.domain.hierarchy</i> is not looked up via
+ its parent domains, nor is <i>user+foo@domain</i> looked up as
<i>user@domain</i>.
Results are the same as with indexed file lookups.
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
- to this topic. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix reload</b>
+ The following <b>main.cf</b> parameters are especially relevant
+ to this topic. See the Postfix <b>main.cf</b> file for syntax
+ details and for default values. Use the <b>postfix reload</b>
command after a configuration change.
- <b>empty</b><i>_</i><b>address</b><i>_</i><b>recipient</b>
- The address that is looked up instead of the null
+ <b>empty_address_recipient</b>
+ The address that is looked up instead of the null
sender address.
- <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b>
- List of Postfix features that use <i>domain.tld</i> pat-
- terns to match <i>sub.domain.tld</i> (as opposed to
+ <b>parent_domain_matches_subdomains</b>
+ List of Postfix features that use <i>domain.tld</i> pat-
+ terns to match <i>sub.domain.tld</i> (as opposed to
requiring <i>.domain.tld</i> patterns).
- <b>transport</b><i>_</i><b>maps</b>
+ <b>transport_maps</b>
List of transport lookup tables.
<b>SEE ALSO</b>
<a href="tcp_table.5.html">tcp_table(5)</a> TCP client/server table lookup protocol
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
Reject the message, log the header and the optional text,
and send the optional text to the originator.
-<dt>IGNORE <dd> Delete the header from the message.
+<dt>OK <dd>Skip all further header patterns for this header line.
+
+<dt>IGNORE <dd> Delete the header line from the message.
<dt>WARN <dd>
Log (but do not reject) the body line with a warning, and log the
optional text.
-<dt>IGNORE <dd> Delete the matched line from the message.
+<dt>OK <dd>Skip all further body patterns for this body line.
+
+<dt>IGNORE <dd> Delete the body line from the message.
<dt>HOLD <dd>
and "TCP-BASED TABLES".
<b>TABLE FORMAT</b>
- The format of the virtual table is as follows, mappings
- being tried in the order as listed in this manual page:
+ The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<i>pattern result</i>
When <i>pattern</i> matches a mail address, replace it by
Mail for <i>user</i>@<i>site</i> is redirected to <i>address</i> when
<i>site</i> is equal to $<b>myorigin</b>, when <i>site</i> is listed in
$mydestination, or when it is listed in
- $<i>inet_interfaces</i>.
+ $<i>inet</i><b>_</b><i>interfaces</i>.
This functionality overlaps with functionality of
the local <i>aliases</i>(5) database. The difference is
<b>back to myself".</b>
Do not specify virtual alias domain names in the <b>main.cf</b>
- <b>mydestination</b> or <b>relay</b><i>_</i><b>domains</b> configuration parameters.
+ <b>mydestination</b> or <b>relay_domains</b> configuration parameters.
With a virtual alias domain, the Postfix SMTP server
accepts mail for <i>known-user@virtual-alias.domain</i>, and
undeliverable.
Instead of specifying the virtual alias domain name via
- the <b>virtual</b><i>_</i><b>alias</b><i>_</i><b>maps</b> table, you may also specify it via
- the <b>main.cf virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b> configuration parameter.
+ the <b>virtual_alias_maps</b> table, you may also specify it via
+ the <b>main.cf virtual_alias_domains</b> configuration parameter.
This latter parameter uses the same syntax as the <b>main.cf</b>
<b>mydestination</b> configuration parameter.
This section describes how the table lookups change when
the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax,
- see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
+ see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see
- <b>tcp</b><i>_</i><b>table</b>(5).
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
Each lookup operation uses the entire address once. Thus,
<i>user@domain</i> mail addresses are not broken up into their
details and for default values. Use the <b>postfix reload</b>
command after a configuration change.
- <b>virtual</b><i>_</i><b>alias</b><i>_</i><b>maps</b>
+ <b>virtual_alias_maps</b>
List of virtual aliasing tables.
- <b>virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>
+ <b>virtual_alias_domains</b>
List of virtual alias domains. This uses the same
syntax as the <b>mydestination</b> parameter.
Other parameters of interest:
- <b>inet</b><i>_</i><b>interfaces</b>
+ <b>inet_interfaces</b>
The network interface addresses that this system
receives mail on. You need to stop and start Post-
fix when this parameter changes.
The domain that is appended to any address that
does not have a domain.
- <b>owner</b><i>_</i><b>request</b><i>_</i><b>special</b>
+ <b>owner_request_special</b>
Give special treatment to <b>owner-</b><i>xxx</i> and <i>xxx</i><b>-request</b>
addresses.
when creating a new file. Instead, create a new file with default
access permissions (mode 0644).
.IP "\fB-q \fIkey\fR"
-Search the specified maps for \fIkey\fR and print the first value
-found on the standard output stream. The exit status is zero
+Search the specified maps for \fIkey\fR and write the first value
+found to the standard output stream. The exit status is zero
when the requested information was found.
If a key value of \fB-\fR is specified, the program reads key
-values from the standard input stream and prints one line of
+values from the standard input stream and writes one line of
\fIkey value\fR output for each key that was found. The exit
status is zero when at least one of the requested keys was found.
.IP \fB-r\fR
.nf
.ad
.fi
-The format of the access table is as follows:
+The input format for the \fBpostmap\fR(1) command is as follows:
.IP "\fIpattern action\fR"
When \fIpattern\fR matches a mail address, domain or host address,
perform the corresponding \fIaction\fR.
.ad
.fi
With lookups from indexed files such as DB or DBM, or from networked
-tables such as NIS, LDAP or SQL, the following lookup patterns are
-examined in the order as listed:
+tables such as NIS, LDAP or SQL, patterns are tried in the order as
+listed below:
.IP \fIuser\fR@\fIdomain\fR
Matches the specified mail address.
.IP \fIdomain.tld\fR
.IP "[\fB45\fR]\fINN text\fR"
Reject the address etc. that matches the pattern, and respond with
the numerical code and text.
-.IP \fBREJECT\fR
.IP "\fBREJECT \fIoptional text...\fR
Reject the address etc. that matches the pattern. Reply with
\fI$reject_code optional text...\fR when the optional text is
specified, otherwise reply with a generic error response message.
-.IP \fBDEFER_IF_REJECT\fR
.IP "\fBDEFER_IF_REJECT \fIoptional text...\fR
Defer the request if some later restriction would result in a
REJECT action. Reply with "\fB450\fI optional text...\fR when the
optional text is specified, otherwise reply with a generic error
response message.
-.IP \fBDEFER_IF_PERMIT\fR
.IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR
Defer the request if some later restriction would result in a
PERMIT action (there is an implied PERMIT at the end of each
Pretend that the lookup key was not found in this table. This
prevents Postfix from trying substrings of the lookup key
(such as a subdomain name, or a network address subnetwork).
-.IP \fBHOLD\fR
.IP "\fBHOLD \fIoptional text...\fR"
Place the message on the \fBhold\fR queue, where it will sit
until someone either deletes it or releases it for delivery.
the \fBpostsuper\fR(1) command.
.sp
Note: this action currently affects all recipients of the message.
-.IP \fBDISCARD\fR
.IP "\fBDISCARD \fIoptional text...\fR
Claim successful delivery and silently discard the message.
Log the optional text if specified, otherwise log a generic
.nf
.ad
.fi
-The format of the \fBcanonical\fR table is as follows:
+The input format for the \fBpostmap\fR(1) command is as follows:
.IP "\fIpattern result\fR"
When \fIpattern\fR matches a mail address, replace it by the
corresponding \fIresult\fR.
.IP "\fBif /\fIpattern\fB/\fIflags\fR"
.IP "\fBif !/\fIpattern\fB/\fIflags\fR"
.IP "\fBendif\fR"
-Examine the lines between \fBif\fR..\fBendif\fR only if
-\fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR
-can nest. Do not prepend whitespace to patterns inside
+Match the search string against the patterns between \fBif\fR
+and \fBendif\fR, if and only if the search string matches (does
+not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+.sp
+Note: do not prepend whitespace to patterns inside
\fBif\fR..\fBendif\fR.
.PP
Each pattern is a perl-like regular expression. The expression
.IP "\fBif /\fIpattern\fB/\fIflags\fR"
.IP "\fBif !/\fIpattern\fB/\fIflags\fR"
.IP "\fBendif\fR"
-Examine the lines between \fBif\fR..\fBendif\fR only if
-\fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR
-can nest.
-Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
+Match the search string against the patterns between \fBif\fR
+and \fBendif\fR, if and only if the search string matches (does
+not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+.sp
+Note: do not prepend whitespace to patterns inside
+\fBif\fR..\fBendif\fR.
.PP
Each pattern is a regular expression enclosed by a pair of delimiters.
The regular expression syntax is described in \fIre_format\fR(7).
.nf
.ad
.fi
-The format of the table is as follows:
+The input format for the \fBpostmap\fR(1) command is as follows:
.IP \(bu
An entry has one of the following form:
.ti +5
-\fIkey new_location\fR
+\fIpattern new_location\fR
.br
Where \fInew_location\fR specifies contact information such as
an email address, or perhaps a street address or telephone number.
starts with whitespace continues a logical line.
.PP
With lookups from indexed files such as DB or DBM, or from networked
-tables such as NIS, LDAP or SQL, the \fIkey\fR field is one of the
-following:
+tables such as NIS, LDAP or SQL, patterns are tried in the order as
+listed below:
.IP \fIuser\fR@\fIdomain\fR
Matches \fIuser\fR@\fIdomain\fR. This form has precedence over all
other forms.
.nf
.ad
.fi
-The format of the transport table is as follows:
+The input format for the \fBpostmap\fR(1) command is as follows:
.IP "\fIpattern result\fR"
When \fIpattern\fR matches the recipient address or domain, use the
corresponding \fIresult\fR.
.nf
.ad
.fi
-The format of the virtual table is as follows, mappings being
-tried in the order as listed in this manual page:
+The input format for the \fBpostmap\fR(1) command is as follows:
.IP "\fIpattern result\fR"
When \fIpattern\fR matches a mail address, replace it by the
corresponding \fIresult\fR.
.IP \fBheader_address_token_limit\fR
Limits the number of address tokens used to process a message header.
.IP \fBheader_size_limit\fR
-Limits the amount of memory in bytes used to process a message header.
+Limits the amount of memory in bytes used to store a message header.
.IP \fBin_flow_delay\fR
Amount of time to pause before accepting a message, when the
message arrival rate exceeds the message delivery rate.
The hostname to use when sending an EHLO command to the
SMTP proxy server.
.SH "Authentication controls"
-.IP \fBenable_sasl_authentication\fR
+.IP \fBsmtpd_sasl_auth_enable\fR
Enable per-session authentication as per RFC 2554 (SASL).
This functionality is available only when explicitly selected
at program build time and explicitly enabled at runtime.
# TABLE FORMAT
# .ad
# .fi
-# The format of the access table is as follows:
+# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP "\fIpattern action\fR"
# When \fIpattern\fR matches a mail address, domain or host address,
# perform the corresponding \fIaction\fR.
# .ad
# .fi
# With lookups from indexed files such as DB or DBM, or from networked
-# tables such as NIS, LDAP or SQL, the following lookup patterns are
-# examined in the order as listed:
+# tables such as NIS, LDAP or SQL, patterns are tried in the order as
+# listed below:
# .IP \fIuser\fR@\fIdomain\fR
# Matches the specified mail address.
# .IP \fIdomain.tld\fR
# .IP "[\fB45\fR]\fINN text\fR"
# Reject the address etc. that matches the pattern, and respond with
# the numerical code and text.
-# .IP \fBREJECT\fR
# .IP "\fBREJECT \fIoptional text...\fR
# Reject the address etc. that matches the pattern. Reply with
# \fI$reject_code optional text...\fR when the optional text is
# specified, otherwise reply with a generic error response message.
-# .IP \fBDEFER_IF_REJECT\fR
# .IP "\fBDEFER_IF_REJECT \fIoptional text...\fR
# Defer the request if some later restriction would result in a
# REJECT action. Reply with "\fB450\fI optional text...\fR when the
# optional text is specified, otherwise reply with a generic error
# response message.
-# .IP \fBDEFER_IF_PERMIT\fR
# .IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR
# Defer the request if some later restriction would result in a
# PERMIT action (there is an implied PERMIT at the end of each
# Pretend that the lookup key was not found in this table. This
# prevents Postfix from trying substrings of the lookup key
# (such as a subdomain name, or a network address subnetwork).
-# .IP \fBHOLD\fR
# .IP "\fBHOLD \fIoptional text...\fR"
# Place the message on the \fBhold\fR queue, where it will sit
# until someone either deletes it or releases it for delivery.
# the \fBpostsuper\fR(1) command.
# .sp
# Note: this action currently affects all recipients of the message.
-# .IP \fBDISCARD\fR
# .IP "\fBDISCARD \fIoptional text...\fR
# Claim successful delivery and silently discard the message.
# Log the optional text if specified, otherwise log a generic
# TABLE FORMAT
# .ad
# .fi
-# The format of the \fBcanonical\fR table is as follows:
+# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP "\fIpattern result\fR"
# When \fIpattern\fR matches a mail address, replace it by the
# corresponding \fIresult\fR.
# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
# .IP "\fBif !/\fIpattern\fB/\fIflags\fR"
# .IP "\fBendif\fR"
-# Examine the lines between \fBif\fR..\fBendif\fR only if
-# \fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR
-# can nest. Do not prepend whitespace to patterns inside
+# Match the search string against the patterns between \fBif\fR
+# and \fBendif\fR, if and only if the search string matches (does
+# not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+# .sp
+# Note: do not prepend whitespace to patterns inside
# \fBif\fR..\fBendif\fR.
# .PP
# Each pattern is a perl-like regular expression. The expression
# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
# .IP "\fBif !/\fIpattern\fB/\fIflags\fR"
# .IP "\fBendif\fR"
-# Examine the lines between \fBif\fR..\fBendif\fR only if
-# \fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR
-# can nest.
-# Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
+# Match the search string against the patterns between \fBif\fR
+# and \fBendif\fR, if and only if the search string matches (does
+# not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+# .sp
+# Note: do not prepend whitespace to patterns inside
+# \fBif\fR..\fBendif\fR.
# .PP
# Each pattern is a regular expression enclosed by a pair of delimiters.
# The regular expression syntax is described in \fIre_format\fR(7).
# TABLE FORMAT
# .ad
# .fi
-# The format of the table is as follows:
+# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP \(bu
# An entry has one of the following form:
# .ti +5
-# \fIkey new_location\fR
+# \fIpattern new_location\fR
# .br
# Where \fInew_location\fR specifies contact information such as
# an email address, or perhaps a street address or telephone number.
# starts with whitespace continues a logical line.
# .PP
# With lookups from indexed files such as DB or DBM, or from networked
-# tables such as NIS, LDAP or SQL, the \fIkey\fR field is one of the
-# following:
+# tables such as NIS, LDAP or SQL, patterns are tried in the order as
+# listed below:
# .IP \fIuser\fR@\fIdomain\fR
# Matches \fIuser\fR@\fIdomain\fR. This form has precedence over all
# other forms.
# TABLE FORMAT
# .ad
# .fi
-# The format of the transport table is as follows:
+# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP "\fIpattern result\fR"
# When \fIpattern\fR matches the recipient address or domain, use the
# corresponding \fIresult\fR.
# TABLE FORMAT
# .ad
# .fi
-# The format of the virtual table is as follows, mappings being
-# tried in the order as listed in this manual page:
+# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP "\fIpattern result\fR"
# When \fIpattern\fR matches a mail address, replace it by the
# corresponding \fIresult\fR.
/* .IP \fBheader_address_token_limit\fR
/* Limits the number of address tokens used to process a message header.
/* .IP \fBheader_size_limit\fR
-/* Limits the amount of memory in bytes used to process a message header.
+/* Limits the amount of memory in bytes used to store a message header.
/* .IP \fBin_flow_delay\fR
/* Amount of time to pause before accepting a message, when the
/* message arrival rate exceeds the message delivery rate.
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
-#define MAIL_RELEASE_DATE "200307804"
+#define MAIL_RELEASE_DATE "20030812"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "2.0.14-" MAIL_RELEASE_DATE
* aren't going to have lmtp defined as a service, use a default value
* instead of just blowing up.
*/
- if ((port = atoi(service)) != 0)
+ if (alldig(service) && (port = atoi(service)) != 0)
*portp = htons(port);
else if ((sp = getservbyname(service, protocol)) != 0)
*portp = sp->s_port;
/*
* The mini symbol table name and keys used for expanding macros in
* command-line arguments.
+ *
+ * XXX Update the parse_callback() routine when something gets added here,
+ * even when the macro is not recipient dependent.
*/
#define PIPE_DICT_TABLE "pipe_command" /* table name */
#define PIPE_DICT_NEXTHOP "nexthop" /* key */
#define PIPE_FLAG_USER (1<<1)
#define PIPE_FLAG_EXTENSION (1<<2)
#define PIPE_FLAG_MAILBOX (1<<3)
-#define PIPE_FLAG_SIZE (1<<4)
/*
* Additional flags. These are colocated with mail_copy() flags. Allow some
off_t size_limit; /* max size in bytes we will accept */
} PIPE_ATTR;
+ /*
+ * Structure for command-line parameter macro expansion.
+ */
+typedef struct {
+ const char *service; /* for warnings */
+ int expand_flag; /* callback result */
+} PIPE_STATE;
+
/*
* Silly little macros.
*/
static int parse_callback(int type, VSTRING *buf, char *context)
{
- int *expand_flag = (int *) context;
+ PIPE_STATE *state = (PIPE_STATE *) context;
+ struct cmd_flags {
+ const char *name;
+ int flags;
+ };
+ static struct cmd_flags cmd_flags[] = {
+ PIPE_DICT_NEXTHOP, 0,
+ PIPE_DICT_RCPT, PIPE_FLAG_RCPT,
+ PIPE_DICT_SENDER, 0,
+ PIPE_DICT_USER, PIPE_FLAG_USER,
+ PIPE_DICT_EXTENSION, PIPE_FLAG_EXTENSION,
+ PIPE_DICT_MAILBOX, PIPE_FLAG_MAILBOX,
+ PIPE_DICT_SIZE, 0,
+ 0, 0,
+ };
+ struct cmd_flags *p;
/*
* See if this command-line argument references a special macro.
*/
if (type == MAC_PARSE_VARNAME) {
- if (strcmp(vstring_str(buf), PIPE_DICT_RCPT) == 0)
- *expand_flag |= PIPE_FLAG_RCPT;
- else if (strcmp(vstring_str(buf), PIPE_DICT_USER) == 0)
- *expand_flag |= PIPE_FLAG_USER;
- else if (strcmp(vstring_str(buf), PIPE_DICT_EXTENSION) == 0)
- *expand_flag |= PIPE_FLAG_EXTENSION;
- else if (strcmp(vstring_str(buf), PIPE_DICT_MAILBOX) == 0)
- *expand_flag |= PIPE_FLAG_MAILBOX;
+ for (p = cmd_flags; /* see below */ ; p++) {
+ if (p->name == 0) {
+ msg_warn("file %s/%s: service %s: unknown macro name: \"%s\"",
+ var_config_dir, MASTER_CONF_FILE,
+ state->service, vstring_str(buf));
+ return (MAC_PARSE_ERROR);
+ } else if (strcmp(vstring_str(buf), p->name) == 0) {
+ state->expand_flag |= p->flags;
+ return (0);
+ }
+ }
}
return (0);
}
/* expand_argv - expand macros in the argument vector */
-static ARGV *expand_argv(char **argv, RECIPIENT_LIST *rcpt_list, int flags)
+static ARGV *expand_argv(const char *service, char **argv,
+ RECIPIENT_LIST *rcpt_list, int flags)
{
VSTRING *buf = vstring_alloc(100);
ARGV *result;
char **cpp;
- int expand_flag;
+ PIPE_STATE state;
int i;
char *ext;
* would screw up mail addresses that contain $ characters.
*/
#define NO 0
+#define EARLY_RETURN(x) { argv_free(result); vstring_free(buf); return (x); }
result = argv_alloc(1);
for (cpp = argv; *cpp; cpp++) {
- expand_flag = 0;
- mac_parse(*cpp, parse_callback, (char *) &expand_flag);
- if (expand_flag == 0) { /* no $recipient etc. */
+ state.service = service;
+ state.expand_flag = 0;
+ if (mac_parse(*cpp, parse_callback, (char *) &state) & MAC_PARSE_ERROR)
+ EARLY_RETURN(0);
+ if (state.expand_flag == 0) { /* no $recipient etc. */
argv_add(result, dict_eval(PIPE_DICT_TABLE, *cpp, NO), ARGV_END);
} else { /* contains $recipient etc. */
for (i = 0; i < rcpt_list->len; i++) {
/*
* This argument contains $recipient.
*/
- if (expand_flag & PIPE_FLAG_RCPT) {
+ if (state.expand_flag & PIPE_FLAG_RCPT) {
morph_recipient(buf, rcpt_list->info[i].address, flags);
dict_update(PIPE_DICT_TABLE, PIPE_DICT_RCPT, STR(buf));
}
* skipping empty user parts will also prevent other
* expansions of this specific command-line argument.
*/
- if (expand_flag & PIPE_FLAG_USER) {
+ if (state.expand_flag & PIPE_FLAG_USER) {
morph_recipient(buf, rcpt_list->info[i].address,
flags & PIPE_OPT_FOLD_FLAGS);
if (split_at_right(STR(buf), '@') == 0)
* extension: anything between the leftmost extension
* delimiter and the rightmost @. The extension may be blank.
*/
- if (expand_flag & PIPE_FLAG_EXTENSION) {
+ if (state.expand_flag & PIPE_FLAG_EXTENSION) {
morph_recipient(buf, rcpt_list->info[i].address,
flags & PIPE_OPT_FOLD_FLAGS);
if (split_at_right(STR(buf), '@') == 0)
* This argument contains $mailbox. Extract the mailbox name:
* anything to the left of the rightmost @.
*/
- if (expand_flag & PIPE_FLAG_MAILBOX) {
+ if (state.expand_flag & PIPE_FLAG_MAILBOX) {
morph_recipient(buf, rcpt_list->info[i].address,
flags & PIPE_OPT_FOLD_FLAGS);
if (split_at_right(STR(buf), '@') == 0)
vstring_sprintf(buf, "%ld", (long) request->data_size);
dict_update(PIPE_DICT_TABLE, PIPE_DICT_SIZE, STR(buf));
vstring_free(buf);
- expanded_argv = expand_argv(attr.command, rcpt_list, attr.flags);
+
+ if ((expanded_argv = expand_argv(service, attr.command,
+ rcpt_list, attr.flags)) == 0) {
+ deliver_status = eval_command_status(PIPE_STAT_DEFER, service,
+ request, request->fp,
+ "mailer configuration error");
+ DELIVER_MSG_CLEANUP();
+ return (deliver_status);
+ }
export_env = argv_split(var_export_environ, ", \t\r\n");
command_status = pipe_command(request->fp, why,
/* when creating a new file. Instead, create a new file with default
/* access permissions (mode 0644).
/* .IP "\fB-q \fIkey\fR"
-/* Search the specified maps for \fIkey\fR and print the first value
-/* found on the standard output stream. The exit status is zero
+/* Search the specified maps for \fIkey\fR and write the first value
+/* found to the standard output stream. The exit status is zero
/* when the requested information was found.
/*
/* If a key value of \fB-\fR is specified, the program reads key
-/* values from the standard input stream and prints one line of
+/* values from the standard input stream and writes one line of
/* \fIkey value\fR output for each key that was found. The exit
/* status is zero when at least one of the requested keys was found.
/* .IP \fB-r\fR
/*
* Convert service to port number, network byte order.
*/
- if ((port = atoi(service)) != 0) {
+ if (alldig(service) && (port = atoi(service)) != 0) {
*portp = htons(port);
} else {
if ((sp = getservbyname(service, protocol)) == 0)
/* The hostname to use when sending an EHLO command to the
/* SMTP proxy server.
/* .SH "Authentication controls"
-/* .IP \fBenable_sasl_authentication\fR
+/* .IP \fBsmtpd_sasl_auth_enable\fR
/* Enable per-session authentication as per RFC 2554 (SASL).
/* This functionality is available only when explicitly selected
/* at program build time and explicitly enabled at runtime.
451, reply_name));
}
-/* checkv8_maps_find - reject with temporary failure if dict lookup fails */
-
-static const char *checkv8_maps_find(SMTPD_STATE *state, const char *reply_name,
- MAPS *maps, const char *key)
-{
- const char *result;
-
- dict_errno = 0;
- if ((result = virtual8_maps_find(maps, key)) == 0
- && dict_errno == DICT_ERR_RETRY)
- reject_dict_retry(state, reply_name);
- return (result);
-}
-
/* check_mail_addr_find - reject with temporary failure if dict lookup fails */
static const char *check_mail_addr_find(SMTPD_STATE *state,
}
/*
- * DEFER_IF_PERMIT means NO, eventually. Use optional text or generate a
- * generic error response.
+ * DEFER_IF_PERMIT changes "permit" into "maybe". Use optional text or
+ * generate a generic error response.
*/
if (STREQUAL(value, DEFER_IF_PERMIT, cmd_len)) {
DEFER_IF_PERMIT3(state, MAIL_ERROR_POLICY,
}
/*
- * DEFER_IF_REJECT means NO, eventually. Use optional text or generate a
- * generic error response.
+ * DEFER_IF_REJECT changes "reject" into "maybe". Use optional text or
+ * generate a generic error response.
*/
if (STREQUAL(value, DEFER_IF_REJECT, cmd_len)) {
DEFER_IF_REJECT3(state, MAIL_ERROR_POLICY,
if (attr_clnt_request(policy_clnt,
ATTR_FLAG_NONE, /* Query attributes. */
- ATTR_TYPE_STR, MAIL_ATTR_REQ, "smtpd_access_policy",
+ ATTR_TYPE_STR, MAIL_ATTR_REQ, "smtpd_access_policy",
ATTR_TYPE_STR, MAIL_ATTR_PROTO_STATE, state->where,
ATTR_TYPE_STR, MAIL_ATTR_PROTO_NAME, state->protocol,
ATTR_TYPE_STR, MAIL_ATTR_CLIENT_ADDR, state->addr,
#define NOMATCH(map, rcpt) (MATCH(map, rcpt) == 0)
-#define NOMATCHV8(map, rcpt) \
- (checkv8_maps_find(state, recipient, map, rcpt) == 0)
-
/*
* XXX We assume the recipient address is OK if it matches a canonical
* map or virtual alias map. Eventually, the address resolver should give
*/
if ((reply->flags & RESOLVE_CLASS_VIRTUAL)
&& *var_virt_mailbox_maps
- && NOMATCHV8(virt_mailbox_maps, CONST_STR(reply->recipient)))
+ && NOMATCH(virt_mailbox_maps, CONST_STR(reply->recipient)))
return (smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
"%d <%s>: User unknown%s",
var_virt_mailbox_code, recipient,
find_inet.o: find_inet.c
find_inet.o: sys_defs.h
find_inet.o: msg.h
+find_inet.o: stringops.h
+find_inet.o: vstring.h
+find_inet.o: vbuf.h
find_inet.o: find_inet.h
fsspace.o: fsspace.c
fsspace.o: sys_defs.h
/* Application-specific. */
#include "msg.h"
+#include "stringops.h"
#include "find_inet.h"
#ifndef INADDR_NONE
struct servent *sp;
int port;
- if ((port = atoi(service)) != 0) {
+ if (alldig(service) && (port = atoi(service)) != 0) {
return (htons(port));
} else {
if ((sp = getservbyname(service, protocol)) == 0)
* client has disconnected in the mean time. The data that was sent with
* connect() write() close() is lost, even though the write() and close()
* reported successful completion. This was fixed shortly before FreeBSD
- * 4.3. However, other systems may make that same mistake again, so we're
- * adding a special warning.
+ * 4.3.
*
* XXX HP-UX 11 returns ENOBUFS when the client has disconnected in the mean
* time.
projects / thirdparty / postfix.git / commitdiff
