From: Wietse Venema <wietse@porcupine.org>
Date: Tue, 6 Mar 2007 05:00:00 +0000 (-0500)
Subject: postfix-2.4.0-RC4
X-Git-Tag: v2.4.0-RC4^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3061d780ec532f180754114767085e446eb12dd5;p=thirdparty%2Fpostfix.git

postfix-2.4.0-RC4
---

diff --git a/postfix/README_FILES/QSHAPE_README b/postfix/README_FILES/QSHAPE_README
index fc04162d5..05c546a87 100644
--- a/postfix/README_FILES/QSHAPE_README
+++ b/postfix/README_FILES/QSHAPE_README
@@ -4,15 +4,11 @@ PPoossttffiixx BBoottttlleenneecckk AAnnaallyyssiiss
 
 PPuurrppoossee ooff tthhiiss ddooccuummeenntt
 
-This document describes the qshape(1) program which helps the administrator
-understand the Postfix queue message distribution sorted by time and by sender
-or recipient domain. qshape(1) is bundled with the Postfix 2.1 source under the
-"auxiliary" directory.
-
-In order to understand the output of qshape(1), it useful to understand the
-various Postfix queues. To this end the role of each Postfix queue directory is
-described briefly in the "Background info: Postfix queue directories" section
-near the end of this document.
+This document is an introduction to Postfix queue congestion analysis. It
+explains how the qshape(1) program can help to track down the reason for queue
+congestion. qshape(1) is bundled with Postfix 2.1 and later source code, under
+the "auxiliary" directory. This document describes qshape(1) as bundled with
+Postfix 2.4.
 
 This document covers the following topics:
 
@@ -22,7 +18,7 @@ This document covers the following topics:
   * Example 2: Deferred queue full of dictionary attack bounces
   * Example 3: Congestion in the active queue
   * Example 4: High volume destination backlog
-  * Background info: Postfix queue directories
+  * Postfix queue directories
 
       o The "maildrop" queue
       o The "hold" queue
@@ -69,14 +65,20 @@ sender domain distribution for captured spam in the "hold" queue:
     10 and 20 minutes old, 1 between 320 and 640 minutes old and 12 older than
     1280 minutes (1440 minutes in a day).
 
+When the output is a terminal intermediate results showing the top 20 domains
+(-n option) are displayed after every 1000 messages (-N option) and the final
+output also shows only the top 20 domains. This makes qshape useful even when
+the deferred queue is very large and it may otherwise take prohibitively long
+to read the entire deferred queue.
+
 By default, qshape shows statistics for the union of both the incoming and
 active queues which are the most relevant queues to look at when analyzing
 performance.
 
 One can request an alternate list of queues:
 
-    $ qshape deferred | less
-    $ qshape incoming active deferred | less
+    $ qshape deferred
+    $ qshape incoming active deferred
 
 this will show the age distribution of the deferred queue or the union of the
 incoming active and deferred queues.
@@ -95,18 +97,19 @@ stopped.
 
 The problem destinations or sender domains appear near the top left corner of
 the output table. Remember that the active queue can accommodate up to 20000
-($qmgr_message_active_limit) messages. To check wether this limit has been
+($qmgr_message_active_limit) messages. To check whether this limit has been
 reached, use:
 
-    $ qshape -s active | head       (show sender statistics)
+    $ qshape -s active       (show sender statistics)
 
 If the total sender count is below 20000 the active queue is not yet saturated,
 any high volume sender domains show near the top of the output.
 
-The active queue is also limited to at most 20000 recipient addresses
-($qmgr_message_recipient_limit). To check for exhaustion of this limit use:
+With oqmgr(8) the active queue is also limited to at most 20000 recipient
+addresses ($qmgr_message_recipient_limit). To check for exhaustion of this
+limit use:
 
-    $ qshape active | head          (show recipient statistics)
+    $ qshape active          (show recipient statistics)
 
 Having found the high volume domains, it is often useful to search the logs for
 recent messages pertaining to the domains in question.
@@ -268,7 +271,10 @@ for the queue manager to mark the destination as "dead" despite the transient
 nature of the errors. The destination will be retried again after the
 expiration of a $minimal_backoff_time timer. If the error bursts are frequent
 enough it may be that only a small quantity of email is delivered before the
-destination is again marked "dead".
+destination is again marked "dead". In some cases enabling static (not on
+demand) connection caching by listing the appropriate nexthop domain in a table
+included in "smtp_connection_cache_destinations" may help to reduce the error
+rate, because most messages will re-use existing connections.
 
 The MTA that has been observed most frequently to exhibit such bursts of errors
 is Microsoft Exchange, which refuses connections under load. Some proxy virus
@@ -276,14 +282,13 @@ scanners in front of the Exchange server propagate the refused connection to
 the client as a "421" error.
 
 Note that it is now possible to configure Postfix to exhibit similarly erratic
-behavior by misconfiguring the anvil(8) server (not included in Postfix 2.1.).
-Do not use anvil(8) for steady-state rate limiting, its purpose is DoS
-prevention and the rate limits set should be very generous!
+behavior by misconfiguring the anvil(8) service. Do not use anvil(8) for
+steady-state rate limiting, its purpose is (unintentional) DoS prevention and
+the rate limits set should be very generous!
 
-In the long run it is hoped that the Postfix dead host detection and
-concurrency control mechanism will be tuned to be more "noise" tolerant. If one
-finds oneself needing to deliver a high volume of mail to a destination that
-exhibits frequent brief bursts of errors, there is a subtle workaround.
+If one finds oneself needing to deliver a high volume of mail to a destination
+that exhibits frequent brief bursts of errors and connection caching does not
+solve the problem, there is a subtle workaround.
 
   * In master.cf set up a dedicated clone of the "smtp" transport for the
     destination in question.
@@ -292,15 +297,15 @@ exhibits frequent brief bursts of errors, there is a subtle workaround.
     number in the 10-20 range is typical).
 
   * IMPORTANT!!! In main.cf configure a very large initial and destination
-    concurrency limit for this transport (say 200).
+    concurrency limit for this transport (say 2000).
 
     /etc/postfix/main.cf:
-        initial_destination_concurrency = 200
-        transportname_destination_concurrency_limit = 200
+        initial_destination_concurrency = 2000
+        transportname_destination_concurrency_limit = 2000
 
     Where transportname is the name of the master.cf entry in question.
 
-The effect of this surprising configuration is that up to 200 consecutive
+The effect of this surprising configuration is that up to 2000 consecutive
 errors are tolerated without marking the destination dead, while the total
 concurrency remains reasonable (10-20 processes). This trick is only for a very
 specialized situation: high volume delivery into a channel with multi-error
@@ -334,7 +339,7 @@ connection caching is introduced.
 Hopefully a more elegant solution to these problems will be found in the
 future.
 
-BBaacckkggrroouunndd iinnffoo:: PPoossttffiixx qquueeuuee ddiirreeccttoorriieess
+PPoossttffiixx qquueeuuee ddiirreeccttoorriieess
 
 The following sections describe Postfix queues: their purpose, what normal
 behavior looks like, and how to diagnose abnormal behavior.
@@ -355,8 +360,9 @@ the "maildrop" queue and to notify the pickup(8) service of its arrival.
 
 All mail that enters the main Postfix queue does so via the cleanup(8) service.
 The cleanup service is responsible for envelope and header rewriting, header
-and body regular expression checks, automatic bcc recipient processing and
-guaranteed insertion of the message into the Postfix "incoming" queue.
+and body regular expression checks, automatic bcc recipient processing, milter
+content processing, and reliable insertion of the message into the Postfix
+"incoming" queue.
 
 In the absence of excessive CPU consumption in cleanup(8) header or body
 regular expression checks or other software consuming all available CPU
@@ -372,16 +378,16 @@ not negligible) of the cleanup service.
 
 Congestion in this queue is indicative of an excessive local message submission
 rate or perhaps excessive CPU consumption in the cleanup(8) service due to
-excessive body_checks.
+excessive body_checks, or (Postfix >= 2.3) high latency milters.
 
 Note, that once the active queue is full, the cleanup service will attempt to
 slow down message injection by pausing $in_flow_delay for each message. In this
 case "maildrop" queue congestion may be a consequence of congestion downstream,
 rather than a problem in its own right.
 
-Note also, that one should not attempt to deliver large volumes of mail via the
-pickup(8) service. High volume sites must avoid using content filters that
-reinject scanned mail via Postfix sendmail(1) and postdrop(1).
+Note, you should not attempt to deliver large volumes of mail via the pickup(8)
+service. High volume sites should avoid using "simple" content filters that re-
+inject scanned mail via Postfix sendmail(1) and postdrop(1).
 
 A high arrival rate of locally submitted mail may be an indication of an
 uncaught forwarding loop, or a run-away notification program. Try to keep the
@@ -401,13 +407,12 @@ processing and placed indefinitely in the "hold" queue. Messages placed in the
 delivery attempts are made for messages in the "hold" queue. The postsuper(1)
 command can be used to manually release messages into the "deferred" queue.
 
-Messages can potentially stay in the "hold" queue for a time exceeding the
-normal maximal queue lifetime (after which undelivered messages are bounced
-back to the sender). If such "old" messages need to be released from the "hold"
-queue, they should typically be moved into the "maildrop" queue, so that the
-message gets a new timestamp and is given more than one opportunity to be
-delivered. Messages that are "young" can be moved directly into the "deferred"
-queue.
+Messages can potentially stay in the "hold" queue longer than
+$maximal_queue_lifetime. If such "old" messages need to be released from the
+"hold" queue, they should typically be moved into the "maildrop" queue using
+"postsuper -r", so that the message gets a new timestamp and is given more than
+one opportunity to be delivered. Messages that are "young" can be moved
+directly into the "deferred" queue using "postsuper -H".
 
 The "hold" queue plays little role in Postfix performance, and monitoring of
 the "hold" queue is typically more closely motivated by tracking spam and
@@ -435,10 +440,14 @@ queue as soon as they become available.
 
 The incoming queue grows when the message input rate spikes above the rate at
 which the queue manager can import messages into the active queue. The main
-factor slowing down the queue manager is transport queries to the trivial-
-rewrite service. If the queue manager is routinely not keeping up, consider not
-using "slow" lookup services (MySQL, LDAP, ...) for transport lookups or
-speeding up the hosts that provide the lookup service.
+factors slowing down the queue manager are disk I/O and lookup queries to the
+trivial-rewrite service. If the queue manager is routinely not keeping up,
+consider not using "slow" lookup services (MySQL, LDAP, ...) for transport
+lookups or speeding up the hosts that provide the lookup service. If the
+problem is I/O starvation, consider striping the queue over more disks, faster
+controllers with a battery write cache, or other hardware improvements. At the
+very least, make sure that the queue directory is mounted with the "noatime"
+option if applicable to the underlying filesystem.
 
 The in_flow_delay parameter is used to clamp the input rate when the queue
 manager starts to fall behind. The cleanup(8) service will pause for
@@ -484,22 +493,37 @@ of recipients that share the same transport/nexthop combination; the group size
 is capped by the transport's recipient concurrency limit.
 
 Multiple recipient groups (from one or more messages) are queued for delivery
-via the common transport/nexthop combination. The destination concurrency limit
-for the transports caps the number of simultaneous delivery attempts for each
-nexthop. Transports with a recipient concurrency limit of 1 are special: these
-are grouped by the actual recipient address rather than the nexthop, thereby
-enabling per-recipient concurrency limits rather than per-domain concurrency
-limits. Per-recipient limits are appropriate when performing final delivery to
+grouped by transport/nexthop combination. The ddeessttiinnaattiioonn concurrency limit for
+the transports caps the number of simultaneous delivery attempts for each
+nexthop. Transports with a rreecciippiieenntt concurrency limit of 1 are special: these
+are grouped by the actual recipient address rather than the nexthop, yielding
+per-recipient concurrency limits rather than per-domain concurrency limits.
+Per-recipient limits are appropriate when performing final delivery to
 mailboxes rather than when relaying to a remote server.
 
 Congestion occurs in the active queue when one or more destinations drain
-slower than the corresponding message input rate. If a destination is down for
-some time, the queue manager will mark it dead, and immediately defer all mail
-for the destination without trying to assign it to a delivery agent. In this
-case the messages will quickly leave the active queue and end up in the
-deferred queue. If the destination is instead simply slow, or there is a
-problem causing an excessive arrival rate the active queue will grow and will
-become dominated by mail to the congested destination.
+slower than the corresponding message input rate.
+
+Input into the active queue comes both from new mail in the "incoming" queue,
+and retries of mail in the "deferred" queue. Should the "deferred" queue get
+really large, retries of old mail can dominate the arrival rate of new mail.
+Systems with more CPU, faster disks and more network bandwidth can deal with
+larger deferred queues, but as a rule of thumb the deferred queue scales to
+somewhere between 100,000 and 1,000,000 messages with good performance unlikely
+above that "limit". Systems with queues this large should typically stop
+accepting new mail, or put the backlog "on hold" until the underlying issue is
+fixed (provided that there is enough capacity to handle just the new mail).
+
+When a destination is down for some time, the queue manager will mark it dead,
+and immediately defer all mail for the destination without trying to assign it
+to a delivery agent. In this case the messages will quickly leave the active
+queue and end up in the deferred queue (with Postfix < 2.4, this is done
+directly by the queue manager, with Postfix >= 2.4 this is done via the "retry"
+delivery agent).
+
+When the destination is instead simply slow, or there is a problem causing an
+excessive arrival rate the active queue will grow and will become dominated by
+mail to the congested destination.
 
 The only way to reduce congestion is to either reduce the input rate or
 increase the throughput. Increasing the throughput requires either increasing
@@ -523,23 +547,52 @@ ESTABLISHED or SYN_SENT) reaches the process limit, mail is draining slowly and
 the system and network are not loaded, raise the "smtp" and/or "relay" process
 limits!
 
-Especially for the "relay" transport, consider lower SMTP connection timeouts
-(1-5 seconds) and higher than default destination concurrency limits. Compute
-the expected latency when 1 out of N of the MX hosts for a high volume site is
-down and not responding, and make sure that the configured concurrency divided
-by this latency exceeds the required steady-state message rate. If the
-destination is managed by you, consider load balancers in front of groups of MX
-hosts. Load balancers have higher uptime and will be able to hide individual MX
-host failures.
-
-If necessary, dedicate and tune custom transports for high volume destinations.
+When a high volume destination is served by multiple MX hosts with typically
+low delivery latency, performance can suffer dramatically when one of the MX
+hosts is unresponsive and SMTP connections to that host timeout. For example,
+if there are 2 equal weight MX hosts, the SMTP connection timeout is 30 seconds
+and one of the MX hosts is down, the average SMTP connection will take
+approximately 15 seconds to complete. With a default per-destination
+concurrency limit of 20 connections, throughput falls to just over 1 message
+per second.
+
+The best way to avoid bottlenecks when one or more MX hosts is non-responsive
+is to use connection caching. Connection caching was introduced with Postfix
+2.2 and is by default enabled on demand for destinations with a backlog of mail
+in the active queue. When connection caching is in effect for a particular
+destination, established connections are re-used to send additional messages,
+this reduces the number of connections made per message delivery and maintains
+good throughput even in the face of partial unavailability of the destination's
+MX hosts.
+
+If connection caching is not available (Postfix < 2.2) or does not provide a
+sufficient latency reduction, especially for the "relay" transport used to
+forward mail to "your own" domains, consider setting lower than default SMTP
+connection timeouts (1-5 seconds) and higher than default destination
+concurrency limits. This will further reduce latency and provide more
+concurrency to maintain throughput should latency rise.
+
+Setting high concurrency limits to domains that are not your own may be viewed
+as hostile by the receiving system, and steps may be taken to prevent you from
+monopolizing the destination system's resources. The defensive measures may
+substantially reduce your throughput or block access entirely. Do not set
+aggressive concurrency limits to remote domains without coordinating with the
+administrators of the target domain.
+
+If necessary, dedicate and tune custom transports for selected high volume
+destinations. The "relay" transport is provided for forwarding mail to domains
+for which your server is a primary or backup MX host. These can make up a
+substantial fraction of your email traffic. Use the "relay" and not the "smtp"
+transport to send email to these domains. Using the "relay" transport allocates
+a separate delivery agent pool to these destinations and allows separate tuning
+of timeouts and concurrency limits.
 
 Another common cause of congestion is unwarranted flushing of the entire
 deferred queue. The deferred queue holds messages that are likely to fail to be
-delivered and are also likely to be slow to fail delivery (timeouts). This
-means that the most common reaction to a large deferred queue (flush it!) is
-more than likely counter- productive, and is likely to make the problem worse.
-Do not flush the deferred queue unless you expect that most of its content has
+delivered and are also likely to be slow to fail delivery (time out). As a
+result the most common reaction to a large deferred queue (flush it!) is more
+than likely counter-productive, and typically makes the congestion worse. Do
+not flush the deferred queue unless you expect that most of its content has
 recently become deliverable (e.g. relayhost back up after an outage)!
 
 Note that whenever the queue manager is restarted, there may already be
@@ -549,7 +602,8 @@ the active queue messages back into the incoming queue, and then uses its
 normal incoming queue scan to refill the active queue. The process of moving
 all the messages back and forth, redoing transport table (trivial-rewrite(8)
 resolve service) lookups, and re-importing the messages back into memory is
-expensive. At all costs, avoid frequent restarts of the queue manager.
+expensive. At all costs, avoid frequent restarts of the queue manager (e.g. via
+frequent execution of "postfix reload").
 
 TThhee ""ddeeffeerrrreedd"" qquueeuuee
 
@@ -561,15 +615,15 @@ The queue manager scans the deferred queue periodically. The scan interval is
 controlled by the queue_run_delay parameter. While a deferred queue scan is in
 progress, if an incoming queue scan is also in progress (ideally these are
 brief since the incoming queue should be short), the queue manager alternates
-between bringing a new "incoming" message and a new "deferred" message into the
+between looking for messages in the "incoming" queue and in the "deferred"
 queue. This "round-robin" strategy prevents starvation of either the incoming
 or the deferred queues.
 
 Each deferred queue scan only brings a fraction of the deferred queue back into
 the active queue for a retry. This is because each message in the deferred
 queue is assigned a "cool-off" time when it is deferred. This is done by time-
-warping the modification times of the queue file into the future. The queue
-file is not eligible for a retry if its modification time is not yet reached.
+warping the modification time of the queue file into the future. The queue file
+is not eligible for a retry if its modification time is not yet reached.
 
 The "cool-off" time is at least $minimal_backoff_time and at most
 $maximal_backoff_time. The next retry time is set by doubling the message's age
@@ -578,24 +632,29 @@ that young messages are initially retried more often than old messages.
 
 If a high volume site routinely has large deferred queues, it may be useful to
 adjust the queue_run_delay, minimal_backoff_time and maximal_backoff_time to
-provide short enough delays on first failure, with perhaps longer delays after
-multiple failures, to reduce the retransmission rate of old messages and
-thereby reduce the quantity of previously deferred mail in the active queue.
+provide short enough delays on first failure (Postfix >= 2.4 has a sensibly low
+minimal backoff time by default), with perhaps longer delays after multiple
+failures, to reduce the retransmission rate of old messages and thereby reduce
+the quantity of previously deferred mail in the active queue. If you want a
+really low minimal_backoff_time, you may also want to lower queue_run_delay,
+but understand that more frequent scans will increase the demand for disk I/O.
 
 One common cause of large deferred queues is failure to validate recipients at
 the SMTP input stage. Since spammers routinely launch dictionary attacks from
 unrepliable sender addresses, the bounces for invalid recipient addresses clog
 the deferred queue (and at high volumes proportionally clog the active queue).
 Recipient validation is strongly recommended through use of the
-local_recipient_maps and relay_recipient_maps parameters.
+local_recipient_maps and relay_recipient_maps parameters. Even when bounces
+drain quickly they inundate innocent victims of forgery with unwanted email. To
+avoid this, do not accept mail for invalid recipients.
 
 When a host with lots of deferred mail is down for some time, it is possible
 for the entire deferred queue to reach its retry time simultaneously. This can
 lead to a very full active queue once the host comes back up. The phenomenon
 can repeat approximately every maximal_backoff_time seconds if the messages are
-again deferred after a brief burst of congestion. Ideally, in the future
-Postfix will add a random offset to the retry time (or use a combination of
-strategies) to reduce the chances of repeated complete deferred queue flushes.
+again deferred after a brief burst of congestion. Perhaps, a future Postfix
+release will add a random offset to the retry time (or use a combination of
+strategies) to reduce the odds of repeated complete deferred queue flushes.
 
 CCrreeddiittss
 
diff --git a/postfix/TODO b/postfix/TODO
index 68cb01571..843574f18 100644
--- a/postfix/TODO
+++ b/postfix/TODO
@@ -15,3 +15,5 @@ What needs to be done before Postfix 2.4.0 is finished:
 - Replace SPF policy server script by link to SPF website.
 
 - Remove MacOS X examples. They have not been updated.
+
+- Is "postmap -qf" still needed with regexp/pcre maps?
diff --git a/postfix/auxiliary/qshape/qshape.pl b/postfix/auxiliary/qshape/qshape.pl
index 67d378984..243df445a 100644
--- a/postfix/auxiliary/qshape/qshape.pl
+++ b/postfix/auxiliary/qshape/qshape.pl
@@ -13,6 +13,7 @@
 #	\fBqshape\fR [\fB-s\fR] [\fB-p\fR] [\fB-m \fImin_subdomains\fR]
 #		[\fB-b \fIbucket_count\fR] [\fB-t \fIbucket_time\fR]
 #		[\fB-l\fR] [\fB-w \fIterminal_width\fR]
+#		[\fB-N \fIbatch_msg_count\fR] [\fB-n \fIbatch_top_domains\fR]
 #		[\fB-c \fIconfig_directory\fR] [\fIqueue_name\fR ...]
 # DESCRIPTION
 #	The \fBqshape\fR program helps the administrator understand the
@@ -63,6 +64,15 @@
 #	parent domain rows are shown as '.+' followed by the last 16 bytes
 #	of the domain name. If this is still too narrow to show the domain
 #	name and all the counters, the terminal_width limit is violated.
+# .IP "\fB-N \fIbatch_msg_count\fR"
+#	When the output device is a terminal, intermediate results are
+#	shown each "batch_msg_count" messages. This produces usable results
+#	in a reasonable time even when the deferred queue is large. The
+#	default is to show intermediate results every 1000 messages.
+# .IP "\fB-n \fIbatch_top_domains\fR"
+#	When reporting intermediate or final results to a termainal, report
+#	only the top "batch_top_domains" domains. The default limit is 20
+#	domains.
 # .IP "\fB-c \fIconfig_directory\fR"
 #	The \fBmain.cf\fR configuration file is in the named directory
 #	instead of the default configuration directory.
@@ -104,6 +114,9 @@ use IO::File;
 use File::Find;
 use Getopt::Std;
 
+my $cls;		# Clear screen escape sequence
+my $batch_msg_count;	# Interim result frequency
+my $batch_top_domains;	# Interim result count
 my %opts;		# Command line switches
 my %q;			# domain counts for queues and buckets
 my %sub;		# subdomain counts for parent domains
@@ -120,6 +133,7 @@ do {
     	warn "$0: $_[0]" unless exists($opts{"h"});
 	die "Usage: $0 [ -s ] [ -p ] [ -m <min_subdomains> ] [ -l ]\n".
 	    "\t[ -b <bucket_count> ] [ -t <bucket_time> ] [ -w <terminal_width> ]\n".
+	    "\t[ -N <batch_msg_count> ] [ -n <batch_top_domains> ]\n".
 	    "\t[ -c <config_directory> ] [ <queue_name> ... ]\n".
 	"The 's' option shows sender domain counts.\n".
 	"The 'p' option shows address counts by for parent domains.\n".
@@ -142,7 +156,7 @@ do {
 	"not supported. If necessary, use explicit absolute paths for all queues.\n";
     };
 
-    getopts("lhc:psw:b:t:m:", \%opts);
+    getopts("lhc:psw:b:t:m:n:N:", \%opts);
     warn "Help message" if (exists $opts{"h"});
 
     @qlist = @ARGV if (@ARGV > 0);
@@ -169,6 +183,16 @@ $bnum = $opts{"b"} if (exists $opts{"b"} && $opts{"b"} > 0);
 $tick = $opts{"t"} if (exists $opts{"t"} && $opts{"t"} > 0);
 $minsub = $opts{"m"} if (exists $opts{"m"} && $opts{"m"} > 0);
 
+if ( -t STDOUT ) {
+    $batch_msg_count = 1000 unless defined($batch_msg_count = $opts{"N"});
+    $batch_top_domains = 20 unless defined ($batch_top_domains = $opts{"n"});
+    $cls = `clear`;
+} else {
+    $batch_msg_count = 0;
+    $batch_top_domains = 0;
+    $cls = "";
+}
+
 sub rec_get {
     my ($h) = @_;
     my $r = getc($h) || return;
@@ -263,6 +287,7 @@ sub bucket {
 
 # Collate by age of message in the selected queues.
 #
+my $msgs;
 sub wanted {
     if (my ($t, $s, @r) = qenv($_)) {
 	my $b = bucket($t, $now);
@@ -281,26 +306,15 @@ sub wanted {
 		$new = ! $old;
 	    } while ($opts{"p"} && $a =~ s/^(?:\.)?[^.]+\.(.*\.)/.$1/);
 	}
+    	if ($batch_msg_count > 0 && ++$msgs % $batch_msg_count == 0) {
+	    results();
+	}
     }
 }
-find(\&wanted, @qlist);
 
 my @heads;
-my $fmt = "";
-my $dw = $width;
-
-for (my $i = 0, my $t = 0; $i <= $bnum; ) {
-    $q{"TOTAL"}->[$i] ||= 0;
-    my $l = length($q{"TOTAL"}->[$i]);
-    my $h = ($i == 0) ? "T" : $t;
-    $l = length($h) if (length($h) >= $l);
-    $l = ($l > 2) ? $l + 1 : 3;
-    push(@heads, $h);
-    $fmt .= sprintf "%%%ds", $l;
-    $dw -= $l;
-    if (++$i < $bnum) { $t += ($t && !$opts{"l"}) ? $t : $tick; } else { $t = "$t+"; }
-}
-$dw = $dwidth if ($dw < $dwidth);
+my $fmt;
+my $dw;
 
 sub pdomain {
     my ($d, @count) = @_;
@@ -318,18 +332,45 @@ sub pdomain {
     printf "$fmt\n", @count;
 }
 
-# Print headings
-#
-pdomain("", @heads);
+sub results {
+    @heads = ();
+    $dw = $width;
+    $fmt = "";
+    for (my $i = 0, my $t = 0; $i <= $bnum; ) {
+	$q{"TOTAL"}->[$i] ||= 0;
+	my $l = length($q{"TOTAL"}->[$i]);
+	my $h = ($i == 0) ? "T" : $t;
+	$l = length($h) if (length($h) >= $l);
+	$l = ($l > 2) ? $l + 1 : 3;
+	push(@heads, $h);
+	$fmt .= sprintf "%%%ds", $l;
+	$dw -= $l;
+	if (++$i < $bnum) { $t += ($t && !$opts{"l"}) ? $t : $tick; } else { $t = "$t+"; }
+    }
+    $dw = $dwidth if ($dw < $dwidth);
 
-# Show per-domain totals
-#
-foreach my $d (sort { $q{$b}->[0] <=> $q{$a}->[0] ||
-		       length($a) <=> length($b) } keys %q) {
+    print $cls if ($batch_msg_count > 0);
 
-    # Skip parent domains with < $minsub subdomains.
+    # Print headings
     #
-    next if ($d =~ /^\./ && $sub{$d} < $minsub);
+    pdomain("", @heads);
 
-    pdomain($d, @{$q{$d}});
+    my $n = 0;
+
+    # Show per-domain totals
+    #
+    foreach my $d (sort { $q{$b}->[0] <=> $q{$a}->[0] ||
+			   length($a) <=> length($b) } keys %q) {
+
+	# Skip parent domains with < $minsub subdomains.
+	#
+	next if ($d =~ /^\./ && $sub{$d} < $minsub);
+
+	last if ($batch_top_domains > 0 && ++$n > $batch_top_domains);
+
+	pdomain($d, @{$q{$d}});
+    }
 }
+
+find(\&wanted, @qlist);
+results();
diff --git a/postfix/conf/access b/postfix/conf/access
index bfdb724e1..2e26b50b6 100644
--- a/postfix/conf/access
+++ b/postfix/conf/access
@@ -1,7 +1,7 @@
 # ACCESS(5)                                                            ACCESS(5)
 # 
 # NAME
-#        access - Postfix access table format
+#        access - Postfix SMTP server access table
 # 
 # SYNOPSIS
 #        postmap /etc/postfix/access
@@ -11,36 +11,34 @@
 #        postmap -q - /etc/postfix/access <inputfile
 # 
 # DESCRIPTION
-#        The  optional  access(5)  table  directs  the Postfix SMTP
-#        server to selectively reject or accept mail. Access can be
-#        allowed  or  denied for specific host names, domain names,
-#        networks, host addresses or mail addresses.
-# 
-#        For an example, see the EXAMPLE section at the end of this
-#        manual page.
-# 
-#        Normally,  the access(5) table is specified as a text file
-#        that serves as  input  to  the  postmap(1)  command.   The
-#        result,  an  indexed file in dbm or db format, is used for
-#        fast searching by the mail  system.  Execute  the  command
-#        "postmap  /etc/postfix/access"  in  order  to  rebuild the
-#        indexed file after changing the access table.
-# 
-#        When the table is provided via other means  such  as  NIS,
-#        LDAP  or  SQL,  the  same lookups are done as for ordinary
+#        The  Postfix SMTP server access(5) table specifies actions
+#        that are triggered by information  from  or  about  remote
+#        SMTP  clients:  host  names,  network  addresses, or email
+#        addresses. An action may grant or deny access, or  it  may
+#        change  the way that an email transaction will be handled.
+# 
+#        Normally, the access(5) table is specified as a text  file
+#        that  serves  as  input  to  the  postmap(1) command.  The
+#        result, an indexed file in dbm or db format, is  used  for
+#        fast  searching  by  the  mail system. Execute the command
+#        "postmap /etc/postfix/access" to rebuild an  indexed  file
+#        after changing the corresponding text file.
+# 
+#        When  the  table  is provided via other means such as NIS,
+#        LDAP or SQL, the same lookups are  done  as  for  ordinary
 #        indexed files.
 # 
-#        Alternatively, the table can be  provided  as  a  regular-
+#        Alternatively,  the  table  can  be provided as a regular-
 #        expression map where patterns are given as regular expres-
-#        sions, or lookups can be directed to TCP-based server.  In
-#        that  case,  the  lookups are done in a slightly different
-#        way as described below under "REGULAR  EXPRESSION  TABLES"
-#        and "TCP-BASED TABLES".
+#        sions,  or lookups can be directed to TCP-based server. In
+#        those cases, the lookups are done in a slightly  different
+#        way  as  described below under "REGULAR EXPRESSION TABLES"
+#        or "TCP-BASED TABLES".
 # 
 # CASE FOLDING
-#        The  search  string is folded to lowercase before database
-#        lookup. As of Postfix 2.3, the search string is  not  case
-#        folded  with database types such as regexp: or pcre: whose
+#        The search string is folded to lowercase  before  database
+#        lookup.  As  of Postfix 2.3, the search string is not case
+#        folded with database types such as regexp: or pcre:  whose
 #        lookup fields can match both upper and lower case.
 # 
 # TABLE FORMAT
@@ -51,53 +49,53 @@
 #               address, perform the corresponding action.
 # 
 #        blank lines and comments
-#               Empty lines and whitespace-only lines are  ignored,
-#               as  are  lines whose first non-whitespace character
+#               Empty  lines and whitespace-only lines are ignored,
+#               as are lines whose first  non-whitespace  character
 #               is a `#'.
 # 
 #        multi-line text
-#               A logical line starts with non-whitespace  text.  A
-#               line  that starts with whitespace continues a logi-
+#               A  logical  line starts with non-whitespace text. A
+#               line that starts with whitespace continues a  logi-
 #               cal line.
 # 
 # EMAIL ADDRESS PATTERNS
 #        With lookups from indexed files such as DB or DBM, or from
-#        networked  tables  such  as NIS, LDAP or SQL, patterns are
+#        networked tables such as NIS, LDAP or  SQL,  patterns  are
 #        tried in the order as listed below:
 # 
 #        user@domain
 #               Matches the specified mail address.
 # 
 #        domain.tld
-#               Matches domain.tld as the domain part of  an  email
+#               Matches  domain.tld  as the domain part of an email
 #               address.
 # 
 #               The pattern domain.tld also matches subdomains, but
 #               only when the string smtpd_access_maps is listed in
-#               the  Postfix  parent_domain_matches_subdomains con-
-#               figuration setting (note that this is  the  default
-#               for  some versions of Postfix).  Otherwise, specify
-#               .domain.tld (note the  initial  dot)  in  order  to
+#               the Postfix  parent_domain_matches_subdomains  con-
+#               figuration  setting  (note that this is the default
+#               for some versions of Postfix).  Otherwise,  specify
+#               .domain.tld  (note  the  initial  dot)  in order to
 #               match subdomains.
 # 
-#        user@  Matches  all mail addresses with the specified user
+#        user@  Matches all mail addresses with the specified  user
 #               part.
 # 
-#        Note: lookup of the null sender address  is  not  possible
-#        with  some types of lookup table. By default, Postfix uses
-#        <> as the lookup key for  such  addresses.  The  value  is
-#        specified  with the smtpd_null_access_lookup_key parameter
+#        Note:  lookup  of  the null sender address is not possible
+#        with some types of lookup table. By default, Postfix  uses
+#        <>  as  the  lookup  key  for such addresses. The value is
+#        specified with the smtpd_null_access_lookup_key  parameter
 #        in the Postfix main.cf file.
 # 
 # EMAIL ADDRESS EXTENSION
 #        When a mail address localpart contains the optional recip-
-#        ient  delimiter  (e.g., user+foo@domain), the lookup order
-#        becomes: user+foo@domain, user@domain, domain,  user+foo@,
+#        ient delimiter (e.g., user+foo@domain), the  lookup  order
+#        becomes:  user+foo@domain, user@domain, domain, user+foo@,
 #        and user@.
 # 
 # HOST NAME/ADDRESS PATTERNS
 #        With lookups from indexed files such as DB or DBM, or from
-#        networked tables such as NIS, LDAP or SQL,  the  following
+#        networked  tables  such as NIS, LDAP or SQL, the following
 #        lookup patterns are examined in the order as listed:
 # 
 #        domain.tld
@@ -105,9 +103,9 @@
 # 
 #               The pattern domain.tld also matches subdomains, but
 #               only when the string smtpd_access_maps is listed in
-#               the  Postfix  parent_domain_matches_subdomains con-
+#               the Postfix  parent_domain_matches_subdomains  con-
 #               figuration setting.  Otherwise, specify .domain.tld
-#               (note  the  initial  dot)  in order to match subdo-
+#               (note the initial dot) in  order  to  match  subdo-
 #               mains.
 # 
 #        net.work.addr.ess
@@ -116,21 +114,21 @@
 # 
 #        net.work
 # 
-#        net    Matches the specified IPv4 host address or  subnet-
-#               work.  An  IPv4  host address is a sequence of four
+#        net    Matches  the specified IPv4 host address or subnet-
+#               work. An IPv4 host address is a  sequence  of  four
 #               decimal octets separated by ".".
 # 
-#               Subnetworks are matched  by  repeatedly  truncating
+#               Subnetworks  are  matched  by repeatedly truncating
 #               the last ".octet" from the remote IPv4 host address
-#               string until a match is found in the access  table,
+#               string  until a match is found in the access table,
 #               or until further truncation is not possible.
 # 
 #               NOTE 1: The information in the access map should be
 #               in canonical form, with unnecessary null characters
-#               eliminated.    Address   information  must  not  be
+#               eliminated.   Address  information  must   not   be
 #               enclosed with "[]" characters.
 # 
-#               NOTE 2: use the cidr lookup table type  to  specify
+#               NOTE  2:  use the cidr lookup table type to specify
 #               network/netmask  patterns.  See  cidr_table(5)  for
 #               details.
 # 
@@ -140,12 +138,12 @@
 # 
 #        net:work
 # 
-#        net    Matches the specified IPv6 host address or  subnet-
-#               work.  An  IPv6 host address is a sequence of three
-#               to eight hexadecimal octet pairs separated by  ":".
+#        net    Matches  the specified IPv6 host address or subnet-
+#               work. An IPv6 host address is a sequence  of  three
+#               to  eight hexadecimal octet pairs separated by ":".
 # 
-#               Subnetworks  are  matched  by repeatedly truncating
-#               the last ":octetpair" from  the  remote  IPv6  host
+#               Subnetworks are matched  by  repeatedly  truncating
+#               the  last  ":octetpair"  from  the remote IPv6 host
 #               address string until a match is found in the access
 #               table, or until further truncation is not possible.
 # 
@@ -155,10 +153,10 @@
 # 
 #               NOTE 2: The information in the access map should be
 #               in canonical form, with unnecessary null characters
-#               eliminated.    Address   information  must  not  be
+#               eliminated.   Address  information  must   not   be
 #               enclosed with "[]" characters.
 # 
-#               NOTE 3: use the cidr lookup table type  to  specify
+#               NOTE  3:  use the cidr lookup table type to specify
 #               network/netmask  patterns.  See  cidr_table(5)  for
 #               details.
 # 
@@ -169,36 +167,36 @@
 # 
 #        all-numerical
 #               An all-numerical result is treated as OK. This for-
-#               mat is generated by address-based relay  authoriza-
+#               mat  is generated by address-based relay authoriza-
 #               tion schemes such as pop-before-smtp.
 # 
 # REJECT ACTIONS
-#        Postfix  version  2.3  and  later  support enhanced status
-#        codes as defined in RFC 3463.  When no code  is  specified
-#        at  the  beginning  of  the  text below, Postfix inserts a
-#        default enhanced status code of "5.7.1"  in  the  case  of
-#        reject  actions, and "4.7.1" in the case of defer actions.
+#        Postfix version 2.3  and  later  support  enhanced  status
+#        codes  as  defined in RFC 3463.  When no code is specified
+#        at the beginning of the  text  below,  Postfix  inserts  a
+#        default  enhanced  status  code  of "5.7.1" in the case of
+#        reject actions, and "4.7.1" in the case of defer  actions.
 #        See "ENHANCED STATUS CODES" below.
 # 
 #        4NN text
 # 
 #        5NN text
-#               Reject the address etc. that matches  the  pattern,
+#               Reject  the  address etc. that matches the pattern,
 #               and respond with the numerical three-digit code and
-#               text. 4NN means "try again later", while 5NN  means
+#               text.  4NN means "try again later", while 5NN means
 #               "do not try again".
 # 
-#               The  reply  code "421" causes Postfix to disconnect
+#               The reply code "421" causes Postfix  to  disconnect
 #               immediately (Postfix version 2.3 and later).
 # 
 #        REJECT optional text...
-#               Reject the address etc. that matches  the  pattern.
-#               Reply  with  $reject_code optional text... when the
-#               optional text is specified, otherwise reply with  a
+#               Reject  the  address etc. that matches the pattern.
+#               Reply with $reject_code optional text...  when  the
+#               optional  text is specified, otherwise reply with a
 #               generic error response message.
 # 
 #        DEFER_IF_REJECT optional text...
-#               Defer  the  request if some later restriction would
+#               Defer the request if some later  restriction  would
 #               result in a REJECT action. Reply with "450 optional
 #               text... when the optional text is specified, other-
 #               wise reply with a generic error response message.
@@ -206,10 +204,10 @@
 #               This feature is available in Postfix 2.1 and later.
 # 
 #        DEFER_IF_PERMIT optional text...
-#               Defer  the  request if some later restriction would
-#               result in a an explicit or implicit PERMIT  action.
-#               Reply  with "450 optional text... when the optional
-#               text is specified, otherwise reply with  a  generic
+#               Defer the request if some later  restriction  would
+#               result  in a an explicit or implicit PERMIT action.
+#               Reply with "450 optional text... when the  optional
+#               text  is  specified, otherwise reply with a generic
 #               error response message.
 # 
 #               This feature is available in Postfix 2.1 and later.
@@ -220,160 +218,160 @@
 #               reject_unauth_destination, and so on).
 # 
 #        DISCARD optional text...
-#               Claim  successful delivery and silently discard the
-#               message.  Log the optional text if specified,  oth-
+#               Claim successful delivery and silently discard  the
+#               message.   Log the optional text if specified, oth-
 #               erwise log a generic message.
 # 
-#               Note:  this action currently affects all recipients
-#               of the message.   To  discard  only  one  recipient
-#               without  discarding  the  entire  message,  use the
+#               Note: this action currently affects all  recipients
+#               of  the  message.   To  discard  only one recipient
+#               without discarding  the  entire  message,  use  the
 #               transport(5) table to direct mail to the discard(8)
 #               service.
 # 
 #               This feature is available in Postfix 2.0 and later.
 # 
-#        DUNNO  Pretend that the lookup key  was  not  found.  This
-#               prevents  Postfix  from  trying  substrings  of the
-#               lookup key (such as a subdomain name, or a  network
+#        DUNNO  Pretend  that  the  lookup  key was not found. This
+#               prevents Postfix  from  trying  substrings  of  the
+#               lookup  key (such as a subdomain name, or a network
 #               address subnetwork).
 # 
 #               This feature is available in Postfix 2.0 and later.
 # 
 #        FILTER transport:destination
-#               After the message is queued, send the  entire  mes-
+#               After  the  message is queued, send the entire mes-
 #               sage through the specified external content filter.
-#               The transport:destination syntax  is  described  in
-#               the  transport(5)  manual  page.   More information
-#               about external content filters is  in  the  Postfix
+#               The  transport:destination  syntax  is described in
+#               the transport(5)  manual  page.   More  information
+#               about  external  content  filters is in the Postfix
 #               FILTER_README file.
 # 
-#               Note:   this  action  overrides  the  main.cf  con-
+#               Note:  this  action  overrides  the  main.cf   con-
 #               tent_filter  setting,  and  currently  affects  all
 #               recipients of the message.
 # 
 #               This feature is available in Postfix 2.0 and later.
 # 
 #        HOLD optional text...
-#               Place the message on the hold queue, where it  will
-#               sit  until someone either deletes it or releases it
-#               for delivery.  Log the optional text if  specified,
+#               Place  the message on the hold queue, where it will
+#               sit until someone either deletes it or releases  it
+#               for  delivery.  Log the optional text if specified,
 #               otherwise log a generic message.
 # 
-#               Mail  that  is  placed on hold can be examined with
-#               the postcat(1) command, and  can  be  destroyed  or
+#               Mail that is placed on hold can  be  examined  with
+#               the  postcat(1)  command,  and  can be destroyed or
 #               released with the postsuper(1) command.
 # 
-#               Note:  use  "postsuper -r" to release mail that was
-#               kept on hold for a significant fraction  of  $maxi-
+#               Note: use "postsuper -r" to release mail  that  was
+#               kept  on  hold for a significant fraction of $maxi-
 #               mal_queue_lifetime  or  $bounce_queue_lifetime,  or
 #               longer.
 # 
-#               Note: this action currently affects all  recipients
+#               Note:  this action currently affects all recipients
 #               of the message.
 # 
 #               This feature is available in Postfix 2.0 and later.
 # 
 #        PREPEND headername: headervalue
-#               Prepend the specified message header  to  the  mes-
-#               sage.  When this action is used multiple times, the
-#               first prepended header appears  before  the  second
-#               etc. prepended header.
+#               Prepend  the  specified  message header to the mes-
+#               sage.  When this action  executes  multiple  times,
+#               the  first prepended header appears before the sec-
+#               ond etc. prepended header.
 # 
-#               Note:  this action does not support multi-line mes-
+#               Note: this action does not support multi-line  mes-
 #               sage headers.
 # 
-#               Note: this action must be used before  the  message
-#               content   is   received;   it  cannot  be  used  in
-#               smtpd_end_of_data_restrictions.
+#               Note:  this  action must execute before the message
+#               content is received; it cannot execute in the  con-
+#               text of smtpd_end_of_data_restrictions.
 # 
 #               This feature is available in Postfix 2.1 and later.
 # 
 #        REDIRECT user@domain
-#               After  the  message  is queued, send the message to
+#               After the message is queued, send  the  message  to
 #               the  specified  address  instead  of  the  intended
 #               recipient(s).
 # 
-#               Note:  this action overrides the FILTER action, and
+#               Note: this action overrides the FILTER action,  and
 #               currently affects all recipients of the message.
 # 
 #               This feature is available in Postfix 2.1 and later.
 # 
 #        WARN optional text...
 #               Log a warning with the optional text, together with
-#               client information and  if  available,  with  helo,
+#               client  information  and  if  available, with helo,
 #               sender, recipient and protocol information.
 # 
 #               This feature is available in Postfix 2.1 and later.
 # 
 # ENHANCED STATUS CODES
-#        Postfix version 2.3  and  later  support  enhanced  status
-#        codes  as  defined  in  RFC 3463.  When an enhanced status
-#        code is specified in an access table,  it  is  subject  to
-#        modification.  The  following  transformations  are needed
-#        when the same access  table  is  used  for  client,  helo,
-#        sender,  or  recipient  access  restrictions;  they happen
+#        Postfix  version  2.3  and  later  support enhanced status
+#        codes as defined in RFC 3463.   When  an  enhanced  status
+#        code  is  specified  in  an access table, it is subject to
+#        modification. The  following  transformations  are  needed
+#        when  the  same  access  table  is  used for client, helo,
+#        sender, or  recipient  access  restrictions;  they  happen
 #        regardless of whether Postfix replies to a MAIL FROM, RCPT
 #        TO or other SMTP command.
 # 
-#        o      When  a sender address matches a REJECT action, the
-#               Postfix SMTP server will transform a recipient  DSN
-#               status  (e.g.,  4.1.1-4.1.6) into the corresponding
+#        o      When a sender address matches a REJECT action,  the
+#               Postfix  SMTP server will transform a recipient DSN
+#               status (e.g., 4.1.1-4.1.6) into  the  corresponding
 #               sender DSN status, and vice versa.
 # 
-#        o      When  non-address  information  matches  a   REJECT
-#               action  (such  as  the HELO command argument or the
-#               client hostname/address), the Postfix  SMTP  server
-#               will  transform  a  sender  or recipient DSN status
-#               into  a  generic  non-address  DSN  status   (e.g.,
+#        o      When   non-address  information  matches  a  REJECT
+#               action (such as the HELO command  argument  or  the
+#               client  hostname/address),  the Postfix SMTP server
+#               will transform a sender  or  recipient  DSN  status
+#               into   a  generic  non-address  DSN  status  (e.g.,
 #               4.0.0).
 # 
 # REGULAR EXPRESSION TABLES
-#        This  section  describes how the table lookups change when
+#        This section describes how the table lookups  change  when
 #        the table is given in the form of regular expressions. For
-#        a  description  of regular expression lookup table syntax,
+#        a description of regular expression lookup  table  syntax,
 #        see regexp_table(5) or pcre_table(5).
 # 
-#        Each pattern is a regular expression that  is  applied  to
+#        Each  pattern  is  a regular expression that is applied to
 #        the entire string being looked up. Depending on the appli-
-#        cation, that string  is  an  entire  client  hostname,  an
+#        cation,  that  string  is  an  entire  client hostname, an
 #        entire client IP address, or an entire mail address. Thus,
 #        no  parent  domain  or  parent  network  search  is  done,
-#        user@domain  mail  addresses  are not broken up into their
+#        user@domain mail addresses are not broken  up  into  their
 #        user@ and domain constituent parts, nor is user+foo broken
 #        up into user and foo.
 # 
-#        Patterns  are applied in the order as specified in the ta-
-#        ble, until a pattern is  found  that  matches  the  search
+#        Patterns are applied in the order as specified in the  ta-
+#        ble,  until  a  pattern  is  found that matches the search
 #        string.
 # 
-#        Actions  are  the  same as with indexed file lookups, with
-#        the additional feature that parenthesized substrings  from
+#        Actions are the same as with indexed  file  lookups,  with
+#        the  additional feature that parenthesized substrings from
 #        the pattern can be interpolated as $1, $2 and so on.
 # 
 # TCP-BASED TABLES
-#        This  section  describes how the table lookups change when
+#        This section describes how the table lookups  change  when
 #        lookups are directed to a TCP-based server. For a descrip-
 #        tion of the TCP client/server lookup protocol, see tcp_ta-
 #        ble(5).  This feature is not available up to and including
 #        Postfix version 2.4.
 # 
-#        Each  lookup  operation uses the entire query string once.
-#        Depending on the application, that  string  is  an  entire
+#        Each lookup operation uses the entire query  string  once.
+#        Depending  on  the  application,  that string is an entire
 #        client hostname, an entire client IP address, or an entire
-#        mail address.  Thus, no parent domain  or  parent  network
-#        search  is done, user@domain mail addresses are not broken
-#        up into their user@ and domain constituent parts,  nor  is
+#        mail  address.   Thus,  no parent domain or parent network
+#        search is done, user@domain mail addresses are not  broken
+#        up  into  their user@ and domain constituent parts, nor is
 #        user+foo broken up into user and foo.
 # 
 #        Actions are the same as with indexed file lookups.
 # 
 # EXAMPLE
-#        The  following  example  uses an indexed file, so that the
-#        order of table entries does not matter. The  example  per-
-#        mits  access  by the client at address 1.2.3.4 but rejects
-#        all other clients in 1.2.3.0/24. Instead  of  hash  lookup
-#        tables,  some  systems use dbm.  Use the command "postconf
-#        -m" to find out what lookup  tables  Postfix  supports  on
+#        The following example uses an indexed file,  so  that  the
+#        order  of  table entries does not matter. The example per-
+#        mits access by the client at address 1.2.3.4  but  rejects
+#        all  other  clients  in 1.2.3.0/24. Instead of hash lookup
+#        tables, some systems use dbm.  Use the  command  "postconf
+#        -m"  to  find  out  what lookup tables Postfix supports on
 #        your system.
 # 
 #        /etc/postfix/main.cf:
@@ -388,7 +386,7 @@
 #        editing the file.
 # 
 # BUGS
-#        The  table format does not understand quoting conventions.
+#        The table format does not understand quoting  conventions.
 # 
 # SEE ALSO
 #        postmap(1), Postfix lookup table manager
@@ -397,13 +395,13 @@
 #        transport(5), transport:nexthop syntax
 # 
 # README FILES
-#        Use "postconf readme_directory" or  "postconf  html_direc-
+#        Use  "postconf  readme_directory" or "postconf html_direc-
 #        tory" to locate this information.
 #        SMTPD_ACCESS_README, built-in SMTP server access control
 #        DATABASE_README, Postfix lookup table overview
 # 
 # LICENSE
-#        The  Secure  Mailer  license must be distributed with this
+#        The Secure Mailer license must be  distributed  with  this
 #        software.
 # 
 # AUTHOR(S)
diff --git a/postfix/conf/canonical b/postfix/conf/canonical
index 53f7dfeae..4c56641a3 100644
--- a/postfix/conf/canonical
+++ b/postfix/conf/canonical
@@ -20,8 +20,8 @@
 #        file  that serves as input to the postmap(1) command.  The
 #        result, an indexed file in dbm or db format, is  used  for
 #        fast  searching  by  the  mail system. Execute the command
-#        "postmap /etc/postfix/canonical" in order to  rebuild  the
-#        indexed file after changing the text file.
+#        "postmap /etc/postfix/canonical"  to  rebuild  an  indexed
+#        file after changing the corresponding text file.
 # 
 #        When  the  table  is provided via other means such as NIS,
 #        LDAP or SQL, the same lookups are  done  as  for  ordinary
@@ -30,9 +30,9 @@
 #        Alternatively,  the  table  can  be provided as a regular-
 #        expression map where patterns are given as regular expres-
 #        sions,  or lookups can be directed to TCP-based server. In
-#        that case, the lookups are done in  a  slightly  different
+#        those cases, the lookups are done in a slightly  different
 #        way  as  described below under "REGULAR EXPRESSION TABLES"
-#        and "TCP-BASED TABLES".
+#        or "TCP-BASED TABLES".
 # 
 #        By default the canonical(5) mapping affects  both  message
 #        header  addresses  (i.e. addresses that appear inside mes-
diff --git a/postfix/conf/generic b/postfix/conf/generic
index 9be1915c5..f5e5a10e9 100644
--- a/postfix/conf/generic
+++ b/postfix/conf/generic
@@ -33,8 +33,8 @@
 #        that serves as  input  to  the  postmap(1)  command.   The
 #        result,  an  indexed file in dbm or db format, is used for
 #        fast searching by the mail  system.  Execute  the  command
-#        "postmap  /etc/postfix/generic"  in  order  to rebuild the
-#        indexed file after changing the text file.
+#        "postmap  /etc/postfix/generic" to rebuild an indexed file
+#        after changing the corresponding text file.
 # 
 #        When the table is provided via other means  such  as  NIS,
 #        LDAP  or  SQL,  the  same lookups are done as for ordinary
@@ -43,9 +43,9 @@
 #        Alternatively, the table can be  provided  as  a  regular-
 #        expression map where patterns are given as regular expres-
 #        sions, or lookups can be directed to TCP-based server.  In
-#        that  case,  the  lookups are done in a slightly different
+#        those  case,  the lookups are done in a slightly different
 #        way as described below under "REGULAR  EXPRESSION  TABLES"
-#        and "TCP-BASED TABLES".
+#        or "TCP-BASED TABLES".
 # 
 # CASE FOLDING
 #        The  search  string is folded to lowercase before database
diff --git a/postfix/conf/relocated b/postfix/conf/relocated
index e0f70ae3b..5c602103d 100644
--- a/postfix/conf/relocated
+++ b/postfix/conf/relocated
@@ -15,8 +15,8 @@
 #        file that serves as input to the postmap(1) command.   The
 #        result,  an  indexed file in dbm or db format, is used for
 #        fast searching by the mail  system.  Execute  the  command
-#        "postmap  /etc/postfix/relocated"  in order to rebuild the
-#        indexed file after changing the relocated table.
+#        "postmap  /etc/postfix/relocated"  to  rebuild  an indexed
+#        file after changing the corresponding relocated table.
 # 
 #        When the table is provided via other means  such  as  NIS,
 #        LDAP  or  SQL,  the  same lookups are done as for ordinary
@@ -25,9 +25,9 @@
 #        Alternatively, the table can be  provided  as  a  regular-
 #        expression map where patterns are given as regular expres-
 #        sions, or lookups can be directed to TCP-based server.  In
-#        that  case,  the  lookups are done in a slightly different
+#        those  case,  the lookups are done in a slightly different
 #        way as described below under "REGULAR  EXPRESSION  TABLES"
-#        and "TCP-BASED TABLES".
+#        or "TCP-BASED TABLES".
 # 
 #        Table lookups are case insensitive.
 # 
diff --git a/postfix/conf/transport b/postfix/conf/transport
index 1258fb78a..2a6fa3795 100644
--- a/postfix/conf/transport
+++ b/postfix/conf/transport
@@ -49,8 +49,8 @@
 #        file that serves as input to the postmap(1) command.   The
 #        result,  an  indexed file in dbm or db format, is used for
 #        fast searching by the mail  system.  Execute  the  command
-#        "postmap  /etc/postfix/transport"  in order to rebuild the
-#        indexed file after changing the transport table.
+#        "postmap  /etc/postfix/transport"  to  rebuild  an indexed
+#        file after changing the corresponding transport table.
 # 
 #        When the table is provided via other means  such  as  NIS,
 #        LDAP  or  SQL,  the  same lookups are done as for ordinary
@@ -59,9 +59,9 @@
 #        Alternatively, the table can be  provided  as  a  regular-
 #        expression map where patterns are given as regular expres-
 #        sions, or lookups can be directed to TCP-based server.  In
-#        that  case,  the  lookups are done in a slightly different
+#        those  case,  the lookups are done in a slightly different
 #        way as described below under "REGULAR  EXPRESSION  TABLES"
-#        and "TCP-BASED TABLES".
+#        or "TCP-BASED TABLES".
 # 
 # CASE FOLDING
 #        The  search  string is folded to lowercase before database
diff --git a/postfix/conf/virtual b/postfix/conf/virtual
index e1f3980dd..b6030edcd 100644
--- a/postfix/conf/virtual
+++ b/postfix/conf/virtual
@@ -42,8 +42,8 @@
 #        text  file that serves as input to the postmap(1) command.
 #        The result, an indexed file in dbm or db format,  is  used
 #        for fast searching by the mail system. Execute the command
-#        "postmap /etc/postfix/virtual" in  order  to  rebuild  the
-#        indexed file after changing the text file.
+#        "postmap /etc/postfix/virtual" to rebuild an indexed  file
+#        after changing the corresponding text file.
 # 
 #        When  the  table  is provided via other means such as NIS,
 #        LDAP or SQL, the same lookups are  done  as  for  ordinary
@@ -52,9 +52,9 @@
 #        Alternatively,  the  table  can  be provided as a regular-
 #        expression map where patterns are given as regular expres-
 #        sions,  or lookups can be directed to TCP-based server. In
-#        that case, the lookups are done in  a  slightly  different
+#        those case, the lookups are done in a  slightly  different
 #        way  as  described below under "REGULAR EXPRESSION TABLES"
-#        and "TCP-BASED TABLES".
+#        or "TCP-BASED TABLES".
 # 
 # CASE FOLDING
 #        The search string is folded to lowercase  before  database
diff --git a/postfix/html/QSHAPE_README.html b/postfix/html/QSHAPE_README.html
index c15d95efd..905bc5ebb 100644
--- a/postfix/html/QSHAPE_README.html
+++ b/postfix/html/QSHAPE_README.html
@@ -19,17 +19,11 @@
 
 <h2>Purpose of this document </h2>
 
-<p> This document describes the <a href="qshape.1.html">qshape(1)</a> program which helps the
-administrator understand the Postfix queue message distribution
-sorted by time and by sender or recipient domain. <a href="qshape.1.html">qshape(1)</a> is
-bundled with the Postfix 2.1 source under the "auxiliary" directory.
-</p>
-
-<p> In order to understand the output of <a href="qshape.1.html">qshape(1)</a>, it useful to
-understand the various Postfix queues. To this end the role of each
-Postfix queue directory is described briefly in the "Background
-info:  Postfix queue directories" section near the end of this
-document.  </p>
+<p> This document is an introduction to Postfix queue congestion analysis.
+It explains how the <a href="qshape.1.html">qshape(1)</a> program can help to track down the
+reason for queue congestion.  <a href="qshape.1.html">qshape(1)</a> is bundled with Postfix
+2.1 and later source code, under the "auxiliary" directory. This
+document describes <a href="qshape.1.html">qshape(1)</a> as bundled with Postfix 2.4.  </p>
 
 <p> This document covers the following topics: </p>
 
@@ -49,7 +43,7 @@ queue</a></li>
 
 <li><a href="#backlog">Example 4: High volume destination backlog</a>
 
-<li><a href="#queues">Background info: Postfix queue directories</a>
+<li><a href="#queues">Postfix queue directories</a>
 
 <ul>
 
@@ -71,7 +65,6 @@ queue</a></li>
 
 <h2><a name="qshape">Introducing the qshape tool</a></h2>
 
-
 <p> When mail is draining slowly or the queue is unexpectedly large,
 run <a href="qshape.1.html">qshape(1)</a> as the super-user (root) to help zero in on the problem.
 The <a href="qshape.1.html">qshape(1)</a> program displays a tabular view of the Postfix queue
@@ -124,6 +117,12 @@ minutes old and 12 older than 1280 minutes (1440 minutes in a day).
 
 </ul>
 
+<p> When the output is a terminal intermediate results showing the top 20
+domains (-n option) are displayed after every 1000 messages (-N option)
+and the final output also shows only the top 20 domains. This makes
+qshape useful even when the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> is very large and it may
+otherwise take prohibitively long to read the entire <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>. </p>
+
 <p> By default, qshape shows statistics for the union of both the
 <a href="QSHAPE_README.html#incoming_queue">incoming</a> and <a href="QSHAPE_README.html#active_queue">active queues</a> which are the most relevant queues to
 look at when analyzing performance. </p>
@@ -132,8 +131,8 @@ look at when analyzing performance. </p>
 
 <blockquote>
 <pre>
-$ qshape deferred | less
-$ qshape incoming active deferred | less
+$ qshape deferred
+$ qshape incoming active deferred
 </pre>
 </blockquote>
 
@@ -157,11 +156,11 @@ a burst of mail started, and when it stopped. </p>
 <p> The problem destinations or sender domains appear near the top
 left corner of the output table. Remember that the <a href="QSHAPE_README.html#active_queue">active queue</a>
 can accommodate up to 20000 ($<a href="postconf.5.html#qmgr_message_active_limit">qmgr_message_active_limit</a>) messages.
-To check wether this limit has been reached, use: </p>
+To check whether this limit has been reached, use: </p>
 
 <blockquote>
 <pre>
-$ qshape -s active | head       <i>(show sender statistics)</i>
+$ qshape -s active       <i>(show sender statistics)</i>
 </pre>
 </blockquote>
 
@@ -169,13 +168,13 @@ $ qshape -s active | head       <i>(show sender statistics)</i>
 not yet saturated, any high volume sender domains show near the
 top of the output.
 
-<p> The <a href="QSHAPE_README.html#active_queue">active queue</a> is also limited to at most 20000 recipient
-addresses ($<a href="postconf.5.html#qmgr_message_recipient_limit">qmgr_message_recipient_limit</a>). To check for exhaustion
-of this limit use: </p>
+<p> With <a href="qmgr.8.html">oqmgr(8)</a> the <a href="QSHAPE_README.html#active_queue">active queue</a> is also limited to at most 20000
+recipient addresses ($<a href="postconf.5.html#qmgr_message_recipient_limit">qmgr_message_recipient_limit</a>). To check for
+exhaustion of this limit use: </p>
 
 <blockquote>
 <pre>
-$ qshape active | head          <i>(show recipient statistics)</i>
+$ qshape active          <i>(show recipient statistics)</i>
 </pre>
 </blockquote>
 
@@ -381,14 +380,17 @@ queue congestion is a greater cause for alarm; one might need to
 take measures to ensure that the mail is deferred instead or even
 add an <a href="access.5.html">access(5)</a> rule asking the sender to try again later. </p>
 
-<p> If a high volume destination exhibits frequent bursts of
-consecutive connections refused by all MX hosts or "421 Server busy
-errors", it is possible for the queue manager to mark the destination
-as "dead" despite the transient nature of the errors. The destination
-will be retried again after the expiration of a $<a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a>
-timer.  If the error bursts are frequent enough it may be that only
-a small quantity of email is delivered before the destination is
-again marked "dead". </p>
+<p> If a high volume destination exhibits frequent bursts of consecutive
+connections refused by all MX hosts or "421 Server busy errors", it
+is possible for the queue manager to mark the destination as "dead"
+despite the transient nature of the errors. The destination will be
+retried again after the expiration of a $<a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a> timer.
+If the error bursts are frequent enough it may be that only a small
+quantity of email is delivered before the destination is again marked
+"dead". In some cases enabling static (not on demand) connection
+caching by listing the appropriate nexthop domain in a table included in
+"<a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a>" may help to reduce the error rate,
+because most messages will re-use existing connections. </p>
 
 <p> The MTA that has been observed most frequently to exhibit such
 bursts of errors is Microsoft Exchange, which refuses connections
@@ -396,47 +398,44 @@ under load. Some proxy virus scanners in front of the Exchange
 server propagate the refused connection to the client as a "421"
 error. </p>
 
-<p> Note that it is now possible to configure Postfix to exhibit
-similarly erratic behavior by misconfiguring the <a href="anvil.8.html">anvil(8)</a> server
-(not included in Postfix 2.1.). Do not use <a href="anvil.8.html">anvil(8)</a> for steady-state
-rate limiting, its purpose is DoS prevention and the rate limits
-set should be very generous! </p>
+<p> Note that it is now possible to configure Postfix to exhibit similarly
+erratic behavior by misconfiguring the <a href="anvil.8.html">anvil(8)</a> service.  Do not use
+<a href="anvil.8.html">anvil(8)</a> for steady-state rate limiting, its purpose is (unintentional)
+DoS prevention and the rate limits set should be very generous! </p>
 
-<p> In the long run it is hoped that the Postfix dead host detection
-and concurrency control mechanism will be tuned to be more "noise"
-tolerant.  If one finds oneself needing to deliver a high volume
-of mail to a destination that exhibits frequent brief bursts of
-errors, there is a subtle workaround. </p>
+<p> If one finds oneself needing to deliver a high volume of mail to a
+destination that exhibits frequent brief bursts of errors and connection
+caching does not solve the problem, there is a subtle workaround. </p>
 
 <ul>
 
-<li> <p> In master.cf set up a dedicated clone of the "smtp"
+<li> <p> In <a href="master.5.html">master.cf</a> set up a dedicated clone of the "smtp"
 transport for the destination in question. </p>
 
-<li> <p> In master.cf configure a reasonable process limit for the
+<li> <p> In <a href="master.5.html">master.cf</a> configure a reasonable process limit for the
 transport (a number in the 10-20 range is typical). </p>
 
-<li> <p> IMPORTANT!!! In main.cf configure a very large initial
-and destination concurrency limit for this transport (say 200). </p>
+<li> <p> IMPORTANT!!! In <a href="postconf.5.html">main.cf</a> configure a very large initial
+and destination concurrency limit for this transport (say 2000). </p>
 
 <pre>
-/etc/postfix/main.cf:
-    <a href="postconf.5.html#initial_destination_concurrency">initial_destination_concurrency</a> = 200
-    <i>transportname</i>_destination_concurrency_limit = 200
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#initial_destination_concurrency">initial_destination_concurrency</a> = 2000
+    <i>transportname</i>_destination_concurrency_limit = 2000
 </pre>
 
-<p> Where <i>transportname</i> is the name of the master.cf entry
+<p> Where <i>transportname</i> is the name of the <a href="master.5.html">master.cf</a> entry
 in question. </p>
 
 </ul>
 
-<p> The effect of this surprising configuration is that up to 200
+<p> The effect of this surprising configuration is that up to 2000
 consecutive errors are tolerated without marking the destination
 dead, while the total concurrency remains reasonable (10-20
 processes). This trick is only for a very specialized situation:
 high volume delivery into a channel with multi-error bursts
 that is capable of high throughput, but is repeatedly throttled by
-the bursts of errors.
+the bursts of errors. </p>
 
 <p> When a destination is unable to handle the load even after the
 Postfix process limit is reduced to 1, a desperate measure is to
@@ -447,7 +446,7 @@ insert brief delays between delivery attempts. </p>
 <li> <p>  In the transport map entry for the problem destination,
 specify a dead host as the primary nexthop. </p>
 
-<li> <p> In the master.cf entry for the transport specify the
+<li> <p> In the <a href="master.5.html">master.cf</a> entry for the transport specify the
 problem destination as the <a href="postconf.5.html#fallback_relay">fallback_relay</a> and specify a small
 <a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> value. </p>
 
@@ -455,7 +454,7 @@ problem destination as the <a href="postconf.5.html#fallback_relay">fallback_rel
 /etc/postfix/transport:
     problem.example.com  slow:[dead.host]
 
-/etc/postfix/master.cf:
+/etc/postfix/<a href="master.5.html">master.cf</a>:
     # service type  private unpriv  chroot  wakeup  maxproc command
     slow      unix     -       -       n       -       1    smtp
         -o <a href="postconf.5.html#fallback_relay">fallback_relay</a>=problem.example.com
@@ -472,7 +471,7 @@ updated when SMTP connection caching is introduced.  </p>
 <p> Hopefully a more elegant solution to these problems will be
 found in the future. </p>
 
-<h2><a name="queues">Background info: Postfix queue directories</a></h2>
+<h2><a name="queues">Postfix queue directories</a></h2>
 
 <p> The following sections describe Postfix queues: their purpose,
 what normal behavior looks like, and how to diagnose abnormal
@@ -497,8 +496,8 @@ to notify the <a href="pickup.8.html">pickup(8)</a> service of its arrival. </p>
 <p> All mail that enters the main Postfix queue does so via the
 <a href="cleanup.8.html">cleanup(8)</a> service. The cleanup service is responsible for envelope
 and header rewriting, header and body regular expression checks,
-automatic bcc recipient processing and guaranteed insertion of the
-message into the Postfix "<a href="QSHAPE_README.html#incoming_queue">incoming" queue</a>. </p>
+automatic bcc recipient processing, milter content processing, and
+reliable insertion of the message into the Postfix "<a href="QSHAPE_README.html#incoming_queue">incoming" queue</a>. </p>
 
 <p> In the absence of excessive CPU consumption in <a href="cleanup.8.html">cleanup(8)</a> header
 or body regular expression checks or other software consuming all
@@ -514,9 +513,10 @@ one message at a time at a rate that does not exceed the reciprocal
 disk I/O latency (+ CPU if not negligible) of the cleanup service.
 </p>
 
-<p> Congestion in this queue is indicative of an excessive local
-message submission rate or perhaps excessive CPU consumption in
-the <a href="cleanup.8.html">cleanup(8)</a> service due to excessive <a href="postconf.5.html#body_checks">body_checks</a>. </p>
+<p> Congestion in this queue is indicative of an excessive local message
+submission rate or perhaps excessive CPU consumption in the <a href="cleanup.8.html">cleanup(8)</a>
+service due to excessive <a href="postconf.5.html#body_checks">body_checks</a>, or (Postfix &ge; 2.3) high latency
+milters. </p>
 
 <p> Note, that once the <a href="QSHAPE_README.html#active_queue">active queue</a> is full, the cleanup service
 will attempt to slow down message injection by pausing $<a href="postconf.5.html#in_flow_delay">in_flow_delay</a>
@@ -524,10 +524,10 @@ for each message. In this case "<a href="QSHAPE_README.html#maildrop_queue">mail
 a consequence of congestion downstream, rather than a problem in
 its own right. </p>
 
-<p> Note also, that one should not attempt to deliver large volumes
-of mail via the <a href="pickup.8.html">pickup(8)</a> service. High volume sites must avoid
-using content filters that reinject scanned mail via Postfix
-<a href="sendmail.1.html">sendmail(1)</a> and <a href="postdrop.1.html">postdrop(1)</a>. </p>
+<p> Note, you should not attempt to deliver large volumes of mail via
+the <a href="pickup.8.html">pickup(8)</a> service. High volume sites should avoid using "simple"
+content filters that re-inject scanned mail via Postfix <a href="sendmail.1.html">sendmail(1)</a>
+and <a href="postdrop.1.html">postdrop(1)</a>. </p>
 
 <p> A high arrival rate of locally submitted mail may be an indication
 of an uncaught forwarding loop, or a run-away notification program.
@@ -545,20 +545,19 @@ size of the "<a href="QSHAPE_README.html#maildrop_queue">maildrop" queue</a>. </
 <p> The administrator can define "smtpd" <a href="access.5.html">access(5)</a> policies, or
 <a href="cleanup.8.html">cleanup(8)</a> header/body checks that cause messages to be automatically
 diverted from normal processing and placed indefinitely in the
-"<a href="QSHAPE_README.html#hold_queue">hold" queue</a>.  Messages placed in the "hold" queue stay there until
+"<a href="QSHAPE_README.html#hold_queue">hold" queue</a>. Messages placed in the "hold" queue stay there until
 the administrator intervenes. No periodic delivery attempts are
 made for messages in the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a>. The <a href="postsuper.1.html">postsuper(1)</a> command
 can be used to manually release messages into the "<a href="QSHAPE_README.html#deferred_queue">deferred" queue</a>.
 </p>
 
-<p> Messages can potentially stay in the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a> for a time
-exceeding the normal maximal queue lifetime (after which undelivered
-messages are bounced back to the sender). If such "old" messages
-need to be released from the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a>, they should typically
-be moved into the "<a href="QSHAPE_README.html#maildrop_queue">maildrop" queue</a>, so that the message gets a new
-timestamp and is given more than one opportunity to be delivered.
-Messages that are "young" can be moved directly into the "deferred"
-queue. </p>
+<p> Messages can potentially stay in the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a> longer than
+$<a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a>. If such "old" messages need to be released from
+the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a>, they should typically be moved into the "maildrop"
+queue using "postsuper -r", so that the message gets a new timestamp and
+is given more than one opportunity to be delivered.  Messages that are
+"young" can be moved directly into the "<a href="QSHAPE_README.html#deferred_queue">deferred" queue</a> using
+"postsuper -H". </p>
 
 <p> The "<a href="QSHAPE_README.html#hold_queue">hold" queue</a> plays little role in Postfix performance, and
 monitoring of the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a> is typically more closely motivated
@@ -589,11 +588,15 @@ messages into the <a href="QSHAPE_README.html#active_queue">active queue</a> as
 
 <p> The <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> grows when the message input rate spikes
 above the rate at which the queue manager can import messages into
-the <a href="QSHAPE_README.html#active_queue">active queue</a>. The main factor slowing down the queue manager
-is transport queries to the trivial-rewrite service. If the queue
+the <a href="QSHAPE_README.html#active_queue">active queue</a>. The main factors slowing down the queue manager
+are disk I/O and lookup queries to the trivial-rewrite service. If the queue
 manager is routinely not keeping up, consider not using "slow"
 lookup services (MySQL, LDAP, ...) for transport lookups or speeding
-up the hosts that provide the lookup service.  </p>
+up the hosts that provide the lookup service.  If the problem is I/O
+starvation, consider striping the queue over more disks, faster controllers
+with a battery write cache, or other hardware improvements. At the very
+least, make sure that the queue directory is mounted with the "noatime"
+option if applicable to the underlying filesystem. </p>
 
 <p> The <a href="postconf.5.html#in_flow_delay">in_flow_delay</a> parameter is used to clamp the input rate
 when the queue manager starts to fall behind. The <a href="cleanup.8.html">cleanup(8)</a> service
@@ -645,26 +648,40 @@ combination; the group size is capped by the transport's recipient
 concurrency limit.  </p>
 
 <p> Multiple recipient groups (from one or more messages) are queued
-for delivery via the common transport/nexthop combination. The
-destination concurrency limit for the transports caps the number
+for delivery grouped by transport/nexthop combination. The
+<b>destination</b> concurrency limit for the transports caps the number
 of simultaneous delivery attempts for each nexthop. Transports with
-a recipient concurrency limit of 1 are special: these are grouped
-by the actual recipient address rather than the nexthop, thereby
-enabling per-recipient concurrency limits rather than per-domain
+a <b>recipient</b> concurrency limit of 1 are special: these are grouped
+by the actual recipient address rather than the nexthop, yielding
+per-recipient concurrency limits rather than per-domain
 concurrency limits. Per-recipient limits are appropriate when
 performing final delivery to mailboxes rather than when relaying
 to a remote server.  </p>
 
 <p> Congestion occurs in the <a href="QSHAPE_README.html#active_queue">active queue</a> when one or more destinations
-drain slower than the corresponding message input rate. If a
-destination is down for some time, the queue manager will mark it
-dead, and immediately defer all mail for the destination without
+drain slower than the corresponding message input rate. </p>
+
+<p> Input into the <a href="QSHAPE_README.html#active_queue">active queue</a> comes both from new mail in the "incoming"
+queue, and retries of mail in the "<a href="QSHAPE_README.html#deferred_queue">deferred" queue</a>. Should the "deferred"
+queue get really large, retries of old mail can dominate the arrival
+rate of new mail. Systems with more CPU, faster disks and more network
+bandwidth can deal with larger <a href="QSHAPE_README.html#deferred_queue">deferred queues</a>, but as a rule of thumb
+the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scales to somewhere between 100,000 and 1,000,000
+messages with good performance unlikely above that "limit". Systems with
+queues this large should typically stop accepting new mail, or put the
+backlog "on hold" until the underlying issue is fixed (provided that
+there is enough capacity to handle just the new mail). </p>
+
+<p> When a destination is down for some time, the queue manager will
+mark it dead, and immediately defer all mail for the destination without
 trying to assign it to a delivery agent. In this case the messages
-will quickly leave the <a href="QSHAPE_README.html#active_queue">active queue</a> and end up in the deferred
-queue. If the destination is instead simply slow, or there is a
-problem causing an excessive arrival rate the <a href="QSHAPE_README.html#active_queue">active queue</a> will
-grow and will become dominated by mail to the congested destination.
-</p>
+will quickly leave the <a href="QSHAPE_README.html#active_queue">active queue</a> and end up in the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>
+(with Postfix &lt; 2.4, this is done directly by the queue manager,
+with Postfix &ge; 2.4 this is done via the "retry" delivery agent). </p>
+
+<p> When the destination is instead simply slow, or there is a problem
+causing an excessive arrival rate the <a href="QSHAPE_README.html#active_queue">active queue</a> will grow and will
+become dominated by mail to the congested destination.  </p>
 
 <p> The only way to reduce congestion is to either reduce the input
 rate or increase the throughput. Increasing the throughput requires
@@ -691,28 +708,56 @@ a high average latency. If the number of outbound SMTP connections
 is draining slowly and the system and network are not loaded, raise
 the "smtp" and/or "relay" process limits!  </p>
 
-<p> Especially for the "relay" transport, consider lower SMTP
-connection timeouts (1-5 seconds) and higher than default destination
-concurrency limits. Compute the expected latency when 1 out of N
-of the MX hosts for a high volume site is down and not responding,
-and make sure that the configured concurrency divided by this
-latency exceeds the required steady-state message rate. If the
-destination is managed by you, consider load balancers in front of
-groups of MX hosts. Load balancers have higher uptime and will be
-able to hide individual MX host failures.  </p>
-
-<p> If necessary, dedicate and tune custom transports for high
-volume destinations.  </p>
-
-<p> Another common cause of congestion is unwarranted flushing of
-the entire <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>. The deferred queue holds messages that
-are likely to fail to be delivered and are also likely to be slow
-to fail delivery (timeouts). This means that the most common reaction
-to a large <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> (flush it!) is more than likely counter-
-productive, and is likely to make the problem worse. Do not flush
-the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> unless you expect that most of its content has
-recently become deliverable (e.g. <a href="postconf.5.html#relayhost">relayhost</a> back up after an outage)!
-</p>
+<p> When a high volume destination is served by multiple MX hosts with
+typically low delivery latency, performance can suffer dramatically when
+one of the MX hosts is unresponsive and SMTP connections to that host
+timeout. For example, if there are 2 equal weight MX hosts, the SMTP
+connection timeout is 30 seconds and one of the MX hosts is down, the
+average SMTP connection will take approximately 15 seconds to complete.
+With a default per-destination concurrency limit of 20 connections,
+throughput falls to just over 1 message per second. </p>
+
+<p> The best way to avoid bottlenecks when one or more MX hosts is
+non-responsive is to use connection caching. Connection caching was
+introduced with Postfix 2.2 and is by default enabled on demand for
+destinations with a backlog of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>. When connection
+caching is in effect for a particular destination, established connections
+are re-used to send additional messages, this reduces the number of
+connections made per message delivery and maintains good throughput even
+in the face of partial unavailability of the destination's MX hosts. </p>
+
+<p> If connection caching is not available (Postfix &lt; 2.2) or does
+not provide a sufficient latency reduction, especially for the "relay"
+transport used to forward mail to "your own" domains, consider setting
+lower than default SMTP connection timeouts (1-5 seconds) and higher
+than default destination concurrency limits. This will further reduce
+latency and provide more concurrency to maintain throughput should
+latency rise. </p>
+
+<p> Setting high concurrency limits to domains that are not your own may
+be viewed as hostile by the receiving system, and steps may be taken
+to prevent you from monopolizing the destination system's resources.
+The defensive measures may substantially reduce your throughput or block
+access entirely. Do not set aggressive concurrency limits to remote
+domains without coordinating with the administrators of the target
+domain. </p>
+
+<p> If necessary, dedicate and tune custom transports for selected high
+volume destinations. The "relay" transport is provided for forwarding mail
+to domains for which your server is a primary or backup MX host. These can
+make up a substantial fraction of your email traffic. Use the "relay" and
+not the "smtp" transport to send email to these domains. Using the "relay"
+transport allocates a separate delivery agent pool to these destinations
+and allows separate tuning of timeouts and concurrency limits. </p>
+
+<p> Another common cause of congestion is unwarranted flushing of the
+entire <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>. The deferred queue holds messages that are likely
+to fail to be delivered and are also likely to be slow to fail delivery
+(time out). As a result the most common reaction to a large <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>
+(flush it!) is more than likely counter-productive, and typically makes
+the congestion worse. Do not flush the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> unless you expect
+that most of its content has recently become deliverable (e.g. <a href="postconf.5.html#relayhost">relayhost</a>
+back up after an outage)!  </p>
 
 <p> Note that whenever the queue manager is restarted, there may
 already be messages in the <a href="QSHAPE_README.html#active_queue">active queue</a> directory, but the "real"
@@ -723,7 +768,7 @@ queue scan to refill the <a href="QSHAPE_README.html#active_queue">active queue<
 the messages back and forth, redoing transport table (<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>
 resolve service) lookups, and re-importing the messages back into
 memory is expensive. At all costs, avoid frequent restarts of the
-queue manager.  </p>
+queue manager (e.g. via frequent execution of "postfix reload").  </p>
 
 <h3> <a name="deferred_queue"> The "deferred" queue </a> </h3>
 
@@ -732,20 +777,19 @@ and for some recipients delivery failed for a transient reason (it
 might succeed later), the message is placed in the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>.
 </p>
 
-<p> The queue manager scans the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> periodically. The
-scan interval is controlled by the <a href="postconf.5.html#queue_run_delay">queue_run_delay</a> parameter.
-While a <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scan is in progress, if an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>
-scan is also in progress (ideally these are brief since the incoming
-queue should be short), the queue manager alternates between bringing
-a new "incoming" message and a new "deferred" message into the
-queue.  This "round-robin" strategy prevents starvation of either
-the <a href="QSHAPE_README.html#incoming_queue">incoming</a> or the <a href="QSHAPE_README.html#deferred_queue">deferred queues</a>.  </p>
+<p> The queue manager scans the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> periodically. The scan
+interval is controlled by the <a href="postconf.5.html#queue_run_delay">queue_run_delay</a> parameter.  While a deferred
+queue scan is in progress, if an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> scan is also in progress
+(ideally these are brief since the <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> should be short), the
+queue manager alternates between looking for messages in the "incoming"
+queue and in the "<a href="QSHAPE_README.html#deferred_queue">deferred" queue</a>. This "round-robin" strategy prevents
+starvation of either the <a href="QSHAPE_README.html#incoming_queue">incoming</a> or the <a href="QSHAPE_README.html#deferred_queue">deferred queues</a>.  </p>
 
 <p> Each <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scan only brings a fraction of the deferred
 queue back into the <a href="QSHAPE_README.html#active_queue">active queue</a> for a retry. This is because each
 message in the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> is assigned a "cool-off" time when
 it is deferred.  This is done by time-warping the modification
-times of the queue file into the future. The queue file is not
+time of the queue file into the future. The queue file is not
 eligible for a retry if its modification time is not yet reached.
 </p>
 
@@ -756,28 +800,34 @@ within the limits. This means that young messages are initially
 retried more often than old messages.  </p>
 
 <p> If a high volume site routinely has large <a href="QSHAPE_README.html#deferred_queue">deferred queues</a>, it
-may be useful to adjust the <a href="postconf.5.html#queue_run_delay">queue_run_delay</a>, <a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a>
-and <a href="postconf.5.html#maximal_backoff_time">maximal_backoff_time</a> to provide short enough delays on first
-failure, with perhaps longer delays after multiple failures, to
-reduce the retransmission rate of old messages and thereby reduce
-the quantity of previously deferred mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.  </p>
+may be useful to adjust the <a href="postconf.5.html#queue_run_delay">queue_run_delay</a>, <a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a> and
+<a href="postconf.5.html#maximal_backoff_time">maximal_backoff_time</a> to provide short enough delays on first failure
+(Postfix &ge; 2.4 has a sensibly low minimal backoff time by default),
+with perhaps longer delays after multiple failures, to reduce the
+retransmission rate of old messages and thereby reduce the quantity
+of previously deferred mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.  If you want a really
+low <a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a>, you may also want to lower <a href="postconf.5.html#queue_run_delay">queue_run_delay</a>,
+but understand that more frequent scans will increase the demand for
+disk I/O. </p>
 
 <p> One common cause of large <a href="QSHAPE_README.html#deferred_queue">deferred queues</a> is failure to validate
 recipients at the SMTP input stage. Since spammers routinely launch
 dictionary attacks from unrepliable sender addresses, the bounces
-for invalid recipient addresses clog the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> (and at
-high volumes proportionally clog the <a href="QSHAPE_README.html#active_queue">active queue</a>). Recipient
-validation is strongly recommended through use of the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>
-and <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> parameters.  </p>
+for invalid recipient addresses clog the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> (and at high
+volumes proportionally clog the <a href="QSHAPE_README.html#active_queue">active queue</a>). Recipient validation
+is strongly recommended through use of the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> and
+<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> parameters. Even when bounces drain quickly they
+inundate innocent victims of forgery with unwanted email. To avoid
+this, do not accept mail for invalid recipients. </p>
 
 <p> When a host with lots of deferred mail is down for some time,
 it is possible for the entire <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> to reach its retry
 time simultaneously. This can lead to a very full <a href="QSHAPE_README.html#active_queue">active queue</a> once
 the host comes back up. The phenomenon can repeat approximately
 every <a href="postconf.5.html#maximal_backoff_time">maximal_backoff_time</a> seconds if the messages are again deferred
-after a brief burst of congestion. Ideally, in the future Postfix
+after a brief burst of congestion. Perhaps, a future Postfix release
 will add a random offset to the retry time (or use a combination
-of strategies) to reduce the chances of repeated complete deferred
+of strategies) to reduce the odds of repeated complete deferred
 queue flushes.  </p>
 
 <h2><a name="credits">Credits</a></h2>
diff --git a/postfix/html/access.5.html b/postfix/html/access.5.html
index 7e9fceca2..091f212a2 100644
--- a/postfix/html/access.5.html
+++ b/postfix/html/access.5.html
@@ -7,7 +7,7 @@
 ACCESS(5)                                                            ACCESS(5)
 
 <b>NAME</b>
-       access - Postfix access table format
+       access - Postfix SMTP server access table
 
 <b>SYNOPSIS</b>
        <b>postmap /etc/postfix/access</b>
@@ -17,36 +17,34 @@ ACCESS(5)                                                            ACCESS(5)
        <b>postmap -q - /etc/postfix/access</b> &lt;<i>inputfile</i>
 
 <b>DESCRIPTION</b>
-       The  optional  <a href="access.5.html"><b>access</b>(5)</a>  table  directs  the Postfix SMTP
-       server to selectively reject or accept mail. Access can be
-       allowed  or  denied for specific host names, domain names,
-       networks, host addresses or mail addresses.
-
-       For an example, see the EXAMPLE section at the end of this
-       manual page.
-
-       Normally,  the <a href="access.5.html"><b>access</b>(5)</a> table is specified as a text file
-       that serves as  input  to  the  <a href="postmap.1.html"><b>postmap</b>(1)</a>  command.   The
-       result,  an  indexed file in <b>dbm</b> or <b>db</b> format, is used for
-       fast searching by the mail  system.  Execute  the  command
-       "<b>postmap  /etc/postfix/access</b>"  in  order  to  rebuild the
-       indexed file after changing the access table.
-
-       When the table is provided via other means  such  as  NIS,
-       LDAP  or  SQL,  the  same lookups are done as for ordinary
+       The  Postfix SMTP server <a href="access.5.html"><b>access</b>(5)</a> table specifies actions
+       that are triggered by information  from  or  about  remote
+       SMTP  clients:  host  names,  network  addresses, or email
+       addresses. An action may grant or deny access, or  it  may
+       change  the way that an email transaction will be handled.
+
+       Normally, the <a href="access.5.html"><b>access</b>(5)</a> table is specified as a text  file
+       that  serves  as  input  to  the  <a href="postmap.1.html"><b>postmap</b>(1)</a> command.  The
+       result, an indexed file in <b>dbm</b> or <b>db</b> format, is  used  for
+       fast  searching  by  the  mail system. Execute the command
+       "<b>postmap /etc/postfix/access</b>" to rebuild an  indexed  file
+       after changing the corresponding text file.
+
+       When  the  table  is provided via other means such as NIS,
+       LDAP or SQL, the same lookups are  done  as  for  ordinary
        indexed files.
 
-       Alternatively, the table can be  provided  as  a  regular-
+       Alternatively,  the  table  can  be provided as a regular-
        expression map where patterns are given as regular expres-
-       sions, or lookups can be directed to TCP-based server.  In
-       that  case,  the  lookups are done in a slightly different
-       way as described below under "REGULAR  EXPRESSION  TABLES"
-       and "TCP-BASED TABLES".
+       sions,  or lookups can be directed to TCP-based server. In
+       those cases, the lookups are done in a slightly  different
+       way  as  described below under "REGULAR EXPRESSION TABLES"
+       or "TCP-BASED TABLES".
 
 <b>CASE FOLDING</b>
-       The  search  string is folded to lowercase before database
-       lookup. As of Postfix 2.3, the search string is  not  case
-       folded  with database types such as <a href="regexp_table.5.html">regexp</a>: or <a href="pcre_table.5.html">pcre</a>: whose
+       The search string is folded to lowercase  before  database
+       lookup.  As  of Postfix 2.3, the search string is not case
+       folded with database types such as <a href="regexp_table.5.html">regexp</a>: or <a href="pcre_table.5.html">pcre</a>:  whose
        lookup fields can match both upper and lower case.
 
 <b>TABLE FORMAT</b>
@@ -57,53 +55,53 @@ ACCESS(5)                                                            ACCESS(5)
               address, perform the corresponding <i>action</i>.
 
        blank lines and comments
-              Empty lines and whitespace-only lines are  ignored,
-              as  are  lines whose first non-whitespace character
+              Empty  lines and whitespace-only lines are ignored,
+              as are lines whose first  non-whitespace  character
               is a `#'.
 
        multi-line text
-              A logical line starts with non-whitespace  text.  A
-              line  that starts with whitespace continues a logi-
+              A  logical  line starts with non-whitespace text. A
+              line that starts with whitespace continues a  logi-
               cal line.
 
 <b>EMAIL ADDRESS PATTERNS</b>
        With lookups from indexed files such as DB or DBM, or from
-       networked  tables  such  as NIS, LDAP or SQL, patterns are
+       networked tables such as NIS, LDAP or  SQL,  patterns  are
        tried in the order as listed below:
 
        <i>user</i>@<i>domain</i>
               Matches the specified mail address.
 
        <i>domain.tld</i>
-              Matches <i>domain.tld</i> as the domain part of  an  email
+              Matches  <i>domain.tld</i>  as the domain part of an email
               address.
 
               The pattern <i>domain.tld</i> also matches subdomains, but
               only when the string <b>smtpd_access_maps</b> is listed in
-              the  Postfix  <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b> con-
-              figuration setting (note that this is  the  default
-              for  some versions of Postfix).  Otherwise, specify
-              <i>.domain.tld</i> (note the  initial  dot)  in  order  to
+              the Postfix  <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b>  con-
+              figuration  setting  (note that this is the default
+              for some versions of Postfix).  Otherwise,  specify
+              <i>.domain.tld</i>  (note  the  initial  dot)  in order to
               match subdomains.
 
-       <i>user</i>@  Matches  all mail addresses with the specified user
+       <i>user</i>@  Matches all mail addresses with the specified  user
               part.
 
-       Note: lookup of the null sender address  is  not  possible
-       with  some types of lookup table. By default, Postfix uses
-       &lt;&gt; as the lookup key for  such  addresses.  The  value  is
-       specified  with the <b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a></b> parameter
+       Note:  lookup  of  the null sender address is not possible
+       with some types of lookup table. By default, Postfix  uses
+       &lt;&gt;  as  the  lookup  key  for such addresses. The value is
+       specified with the <b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a></b>  parameter
        in the Postfix <a href="postconf.5.html"><b>main.cf</b></a> file.
 
 <b>EMAIL ADDRESS EXTENSION</b>
        When a mail address localpart contains the optional recip-
-       ient  delimiter  (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
-       becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>,  <i>user+foo</i>@,
+       ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the  lookup  order
+       becomes:  <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>, <i>user+foo</i>@,
        and <i>user</i>@.
 
 <b>HOST NAME/ADDRESS PATTERNS</b>
        With lookups from indexed files such as DB or DBM, or from
-       networked tables such as NIS, LDAP or SQL,  the  following
+       networked  tables  such as NIS, LDAP or SQL, the following
        lookup patterns are examined in the order as listed:
 
        <i>domain.tld</i>
@@ -111,9 +109,9 @@ ACCESS(5)                                                            ACCESS(5)
 
               The pattern <i>domain.tld</i> also matches subdomains, but
               only when the string <b>smtpd_access_maps</b> is listed in
-              the  Postfix  <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b> con-
+              the Postfix  <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b>  con-
               figuration setting.  Otherwise, specify <i>.domain.tld</i>
-              (note  the  initial  dot)  in order to match subdo-
+              (note the initial dot) in  order  to  match  subdo-
               mains.
 
        <i>net.work.addr.ess</i>
@@ -122,21 +120,21 @@ ACCESS(5)                                                            ACCESS(5)
 
        <i>net.work</i>
 
-       <i>net</i>    Matches the specified IPv4 host address or  subnet-
-              work.  An  IPv4  host address is a sequence of four
+       <i>net</i>    Matches  the specified IPv4 host address or subnet-
+              work. An IPv4 host address is a  sequence  of  four
               decimal octets separated by ".".
 
-              Subnetworks are matched  by  repeatedly  truncating
+              Subnetworks  are  matched  by repeatedly truncating
               the last ".octet" from the remote IPv4 host address
-              string until a match is found in the access  table,
+              string  until a match is found in the access table,
               or until further truncation is not possible.
 
               NOTE 1: The information in the access map should be
               in canonical form, with unnecessary null characters
-              eliminated.    Address   information  must  not  be
+              eliminated.   Address  information  must   not   be
               enclosed with "[]" characters.
 
-              NOTE 2: use the <b>cidr</b> lookup table type  to  specify
+              NOTE  2:  use the <b>cidr</b> lookup table type to specify
               network/netmask  patterns.  See  <a href="cidr_table.5.html"><b>cidr_table</b>(5)</a>  for
               details.
 
@@ -146,12 +144,12 @@ ACCESS(5)                                                            ACCESS(5)
 
        <i>net:work</i>
 
-       <i>net</i>    Matches the specified IPv6 host address or  subnet-
-              work.  An  IPv6 host address is a sequence of three
-              to eight hexadecimal octet pairs separated by  ":".
+       <i>net</i>    Matches  the specified IPv6 host address or subnet-
+              work. An IPv6 host address is a sequence  of  three
+              to  eight hexadecimal octet pairs separated by ":".
 
-              Subnetworks  are  matched  by repeatedly truncating
-              the last ":octetpair" from  the  remote  IPv6  host
+              Subnetworks are matched  by  repeatedly  truncating
+              the  last  ":octetpair"  from  the remote IPv6 host
               address string until a match is found in the access
               table, or until further truncation is not possible.
 
@@ -161,10 +159,10 @@ ACCESS(5)                                                            ACCESS(5)
 
               NOTE 2: The information in the access map should be
               in canonical form, with unnecessary null characters
-              eliminated.    Address   information  must  not  be
+              eliminated.   Address  information  must   not   be
               enclosed with "[]" characters.
 
-              NOTE 3: use the <b>cidr</b> lookup table type  to  specify
+              NOTE  3:  use the <b>cidr</b> lookup table type to specify
               network/netmask  patterns.  See  <a href="cidr_table.5.html"><b>cidr_table</b>(5)</a>  for
               details.
 
@@ -175,36 +173,36 @@ ACCESS(5)                                                            ACCESS(5)
 
        <i>all-numerical</i>
               An all-numerical result is treated as OK. This for-
-              mat is generated by address-based relay  authoriza-
+              mat  is generated by address-based relay authoriza-
               tion schemes such as pop-before-smtp.
 
 <b>REJECT ACTIONS</b>
-       Postfix  version  2.3  and  later  support enhanced status
-       codes as defined in <a href="http://www.faqs.org/rfcs/rfc3463.html">RFC 3463</a>.  When no code  is  specified
-       at  the  beginning  of  the  <i>text</i> below, Postfix inserts a
-       default enhanced status code of "5.7.1"  in  the  case  of
-       reject  actions, and "4.7.1" in the case of defer actions.
+       Postfix version 2.3  and  later  support  enhanced  status
+       codes  as  defined in <a href="http://www.faqs.org/rfcs/rfc3463.html">RFC 3463</a>.  When no code is specified
+       at the beginning of the  <i>text</i>  below,  Postfix  inserts  a
+       default  enhanced  status  code  of "5.7.1" in the case of
+       reject actions, and "4.7.1" in the case of defer  actions.
        See "ENHANCED STATUS CODES" below.
 
        <b>4</b><i>NN text</i>
 
        <b>5</b><i>NN text</i>
-              Reject the address etc. that matches  the  pattern,
+              Reject  the  address etc. that matches the pattern,
               and respond with the numerical three-digit code and
-              text. <b>4</b><i>NN</i> means "try again later", while <b>5</b><i>NN</i>  means
+              text.  <b>4</b><i>NN</i> means "try again later", while <b>5</b><i>NN</i> means
               "do not try again".
 
-              The  reply  code "421" causes Postfix to disconnect
+              The reply code "421" causes Postfix  to  disconnect
               immediately (Postfix version 2.3 and later).
 
        <b>REJECT</b> <i>optional text...</i>
-              Reject the address etc. that matches  the  pattern.
-              Reply  with  <i>$reject</i><b>_</b><i>code optional text...</i> when the
-              optional text is specified, otherwise reply with  a
+              Reject  the  address etc. that matches the pattern.
+              Reply with <i>$reject</i><b>_</b><i>code optional text...</i>  when  the
+              optional  text is specified, otherwise reply with a
               generic error response message.
 
        <b>DEFER_IF_REJECT</b> <i>optional text...</i>
-              Defer  the  request if some later restriction would
+              Defer the request if some later  restriction  would
               result in a REJECT action. Reply with "<b>450</b> <i>optional</i>
               <i>text...</i> when the optional text is specified, other-
               wise reply with a generic error response message.
@@ -212,10 +210,10 @@ ACCESS(5)                                                            ACCESS(5)
               This feature is available in Postfix 2.1 and later.
 
        <b>DEFER_IF_PERMIT</b> <i>optional text...</i>
-              Defer  the  request if some later restriction would
-              result in a an explicit or implicit PERMIT  action.
-              Reply  with "<b>450</b> <i>optional text...</i> when the optional
-              text is specified, otherwise reply with  a  generic
+              Defer the request if some later  restriction  would
+              result  in a an explicit or implicit PERMIT action.
+              Reply with "<b>450</b> <i>optional text...</i> when the  optional
+              text  is  specified, otherwise reply with a generic
               error response message.
 
               This feature is available in Postfix 2.1 and later.
@@ -226,160 +224,160 @@ ACCESS(5)                                                            ACCESS(5)
               <b><a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a></b>, and so on).
 
        <b>DISCARD</b> <i>optional text...</i>
-              Claim  successful delivery and silently discard the
-              message.  Log the optional text if specified,  oth-
+              Claim successful delivery and silently discard  the
+              message.   Log the optional text if specified, oth-
               erwise log a generic message.
 
-              Note:  this action currently affects all recipients
-              of the message.   To  discard  only  one  recipient
-              without  discarding  the  entire  message,  use the
+              Note: this action currently affects all  recipients
+              of  the  message.   To  discard  only one recipient
+              without discarding  the  entire  message,  use  the
               <a href="transport.5.html">transport(5)</a> table to direct mail to the <a href="discard.8.html">discard(8)</a>
               service.
 
               This feature is available in Postfix 2.0 and later.
 
-       <b>DUNNO</b>  Pretend that the lookup key  was  not  found.  This
-              prevents  Postfix  from  trying  substrings  of the
-              lookup key (such as a subdomain name, or a  network
+       <b>DUNNO</b>  Pretend  that  the  lookup  key was not found. This
+              prevents Postfix  from  trying  substrings  of  the
+              lookup  key (such as a subdomain name, or a network
               address subnetwork).
 
               This feature is available in Postfix 2.0 and later.
 
        <b>FILTER</b> <i>transport:destination</i>
-              After the message is queued, send the  entire  mes-
+              After  the  message is queued, send the entire mes-
               sage through the specified external content filter.
-              The <i>transport:destination</i> syntax  is  described  in
-              the  <a href="transport.5.html"><b>transport</b>(5)</a>  manual  page.   More information
-              about external content filters is  in  the  Postfix
+              The  <i>transport:destination</i>  syntax  is described in
+              the <a href="transport.5.html"><b>transport</b>(5)</a>  manual  page.   More  information
+              about  external  content  filters is in the Postfix
               <a href="FILTER_README.html">FILTER_README</a> file.
 
-              Note:   this  action  overrides  the  <a href="postconf.5.html"><b>main.cf</a>  <a href="postconf.5.html#content_filter">con</a>-</b>
+              Note:  this  action  overrides  the  <a href="postconf.5.html"><b>main.cf</a>   <a href="postconf.5.html#content_filter">con</a>-</b>
               <b><a href="postconf.5.html#content_filter">tent_filter</a></b>  setting,  and  currently  affects  all
               recipients of the message.
 
               This feature is available in Postfix 2.0 and later.
 
        <b>HOLD</b> <i>optional text...</i>
-              Place the message on the <b>hold</b> queue, where it  will
-              sit  until someone either deletes it or releases it
-              for delivery.  Log the optional text if  specified,
+              Place  the message on the <b>hold</b> queue, where it will
+              sit until someone either deletes it or releases  it
+              for  delivery.  Log the optional text if specified,
               otherwise log a generic message.
 
-              Mail  that  is  placed on hold can be examined with
-              the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and  can  be  destroyed  or
+              Mail that is placed on hold can  be  examined  with
+              the  <a href="postcat.1.html"><b>postcat</b>(1)</a>  command,  and  can be destroyed or
               released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command.
 
-              Note:  use  "<b>postsuper -r</b>" to release mail that was
-              kept on hold for a significant fraction  of  <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
+              Note: use "<b>postsuper -r</b>" to release mail  that  was
+              kept  on  hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
               <b><a href="postconf.5.html#maximal_queue_lifetime">mal_queue_lifetime</a></b>  or  <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>,  or
               longer.
 
-              Note: this action currently affects all  recipients
+              Note:  this action currently affects all recipients
               of the message.
 
               This feature is available in Postfix 2.0 and later.
 
        <b>PREPEND</b> <i>headername: headervalue</i>
-              Prepend the specified message header  to  the  mes-
-              sage.  When this action is used multiple times, the
-              first prepended header appears  before  the  second
-              etc. prepended header.
+              Prepend  the  specified  message header to the mes-
+              sage.  When this action  executes  multiple  times,
+              the  first prepended header appears before the sec-
+              ond etc. prepended header.
 
-              Note:  this action does not support multi-line mes-
+              Note: this action does not support multi-line  mes-
               sage headers.
 
-              Note: this action must be used before  the  message
-              content   is   received;   it  cannot  be  used  in
-              <b><a href="postconf.5.html#smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a></b>.
+              Note:  this  action must execute before the message
+              content is received; it cannot execute in the  con-
+              text of <b><a href="postconf.5.html#smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a></b>.
 
               This feature is available in Postfix 2.1 and later.
 
        <b>REDIRECT</b> <i>user@domain</i>
-              After  the  message  is queued, send the message to
+              After the message is queued, send  the  message  to
               the  specified  address  instead  of  the  intended
               recipient(s).
 
-              Note:  this action overrides the FILTER action, and
+              Note: this action overrides the FILTER action,  and
               currently affects all recipients of the message.
 
               This feature is available in Postfix 2.1 and later.
 
        <b>WARN</b> <i>optional text...</i>
               Log a warning with the optional text, together with
-              client information and  if  available,  with  helo,
+              client  information  and  if  available, with helo,
               sender, recipient and protocol information.
 
               This feature is available in Postfix 2.1 and later.
 
 <b>ENHANCED STATUS CODES</b>
-       Postfix version 2.3  and  later  support  enhanced  status
-       codes  as  defined  in  <a href="http://www.faqs.org/rfcs/rfc3463.html">RFC 3463</a>.  When an enhanced status
-       code is specified in an access table,  it  is  subject  to
-       modification.  The  following  transformations  are needed
-       when the same access  table  is  used  for  client,  helo,
-       sender,  or  recipient  access  restrictions;  they happen
+       Postfix  version  2.3  and  later  support enhanced status
+       codes as defined in <a href="http://www.faqs.org/rfcs/rfc3463.html">RFC 3463</a>.   When  an  enhanced  status
+       code  is  specified  in  an access table, it is subject to
+       modification. The  following  transformations  are  needed
+       when  the  same  access  table  is  used for client, helo,
+       sender, or  recipient  access  restrictions;  they  happen
        regardless of whether Postfix replies to a MAIL FROM, RCPT
        TO or other SMTP command.
 
-       <b>o</b>      When  a sender address matches a REJECT action, the
-              Postfix SMTP server will transform a recipient  DSN
-              status  (e.g.,  4.1.1-4.1.6) into the corresponding
+       <b>o</b>      When a sender address matches a REJECT action,  the
+              Postfix  SMTP server will transform a recipient DSN
+              status (e.g., 4.1.1-4.1.6) into  the  corresponding
               sender DSN status, and vice versa.
 
-       <b>o</b>      When  non-address  information  matches  a   REJECT
-              action  (such  as  the HELO command argument or the
-              client hostname/address), the Postfix  SMTP  server
-              will  transform  a  sender  or recipient DSN status
-              into  a  generic  non-address  DSN  status   (e.g.,
+       <b>o</b>      When   non-address  information  matches  a  REJECT
+              action (such as the HELO command  argument  or  the
+              client  hostname/address),  the Postfix SMTP server
+              will transform a sender  or  recipient  DSN  status
+              into   a  generic  non-address  DSN  status  (e.g.,
               4.0.0).
 
 <b>REGULAR EXPRESSION TABLES</b>
-       This  section  describes how the table lookups change when
+       This section describes how the table lookups  change  when
        the table is given in the form of regular expressions. For
-       a  description  of regular expression lookup table syntax,
+       a description of regular expression lookup  table  syntax,
        see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
 
-       Each pattern is a regular expression that  is  applied  to
+       Each  pattern  is  a regular expression that is applied to
        the entire string being looked up. Depending on the appli-
-       cation, that string  is  an  entire  client  hostname,  an
+       cation,  that  string  is  an  entire  client hostname, an
        entire client IP address, or an entire mail address. Thus,
        no  parent  domain  or  parent  network  search  is  done,
-       <i>user@domain</i>  mail  addresses  are not broken up into their
+       <i>user@domain</i> mail addresses are not broken  up  into  their
        <i>user@</i> and <i>domain</i> constituent parts, nor is <i>user+foo</i> broken
        up into <i>user</i> and <i>foo</i>.
 
-       Patterns  are applied in the order as specified in the ta-
-       ble, until a pattern is  found  that  matches  the  search
+       Patterns are applied in the order as specified in the  ta-
+       ble,  until  a  pattern  is  found that matches the search
        string.
 
-       Actions  are  the  same as with indexed file lookups, with
-       the additional feature that parenthesized substrings  from
+       Actions are the same as with indexed  file  lookups,  with
+       the  additional feature that parenthesized substrings from
        the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
 
 <b>TCP-BASED TABLES</b>
-       This  section  describes how the table lookups change when
+       This section describes how the table lookups  change  when
        lookups are directed to a TCP-based server. For a descrip-
        tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
        <a href="tcp_table.5.html"><b>ble</b>(5)</a>.  This feature is not available up to and including
        Postfix version 2.4.
 
-       Each  lookup  operation uses the entire query string once.
-       Depending on the application, that  string  is  an  entire
+       Each lookup operation uses the entire query  string  once.
+       Depending  on  the  application,  that string is an entire
        client hostname, an entire client IP address, or an entire
-       mail address.  Thus, no parent domain  or  parent  network
-       search  is done, <i>user@domain</i> mail addresses are not broken
-       up into their <i>user@</i> and <i>domain</i> constituent parts,  nor  is
+       mail  address.   Thus,  no parent domain or parent network
+       search is done, <i>user@domain</i> mail addresses are not  broken
+       up  into  their <i>user@</i> and <i>domain</i> constituent parts, nor is
        <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
 
        Actions are the same as with indexed file lookups.
 
 <b>EXAMPLE</b>
-       The  following  example  uses an indexed file, so that the
-       order of table entries does not matter. The  example  per-
-       mits  access  by the client at address 1.2.3.4 but rejects
-       all other clients in 1.2.3.0/24. Instead  of  <b>hash</b>  lookup
-       tables,  some  systems use <b>dbm</b>.  Use the command "<b>postconf</b>
-       <b>-m</b>" to find out what lookup  tables  Postfix  supports  on
+       The following example uses an indexed file,  so  that  the
+       order  of  table entries does not matter. The example per-
+       mits access by the client at address 1.2.3.4  but  rejects
+       all  other  clients  in 1.2.3.0/24. Instead of <b>hash</b> lookup
+       tables, some systems use <b>dbm</b>.  Use the  command  "<b>postconf</b>
+       <b>-m</b>"  to  find  out  what lookup tables Postfix supports on
        your system.
 
        /etc/postfix/<a href="postconf.5.html">main.cf</a>:
@@ -394,7 +392,7 @@ ACCESS(5)                                                            ACCESS(5)
        editing the file.
 
 <b>BUGS</b>
-       The  table format does not understand quoting conventions.
+       The table format does not understand quoting  conventions.
 
 <b>SEE ALSO</b>
        <a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager
@@ -407,7 +405,7 @@ ACCESS(5)                                                            ACCESS(5)
        <a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/anvil.8.html b/postfix/html/anvil.8.html
index b8f45190c..650506f61 100644
--- a/postfix/html/anvil.8.html
+++ b/postfix/html/anvil.8.html
@@ -182,27 +182,28 @@ ANVIL(8)                                                              ANVIL(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>SEE ALSO</b>
@@ -214,7 +215,7 @@ ANVIL(8)                                                              ANVIL(8)
        <a href="TUNING_README.html">TUNING_README</a>, performance tuning
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>HISTORY</b>
diff --git a/postfix/html/bounce.8.html b/postfix/html/bounce.8.html
index 6256c3efc..ef1104937 100644
--- a/postfix/html/bounce.8.html
+++ b/postfix/html/bounce.8.html
@@ -120,35 +120,36 @@ BOUNCE(8)                                                            BOUNCE(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
-              The  list of error classes that are reported to the
+              The list of error classes that are reported to  the
               postmaster.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The process ID  of  a  Postfix  command  or  daemon
+              The  process  ID  of  a  Postfix  command or daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The  process  name  of  a Postfix command or daemon
+              The process name of a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The location of the Postfix top-level queue  direc-
+              The  location of the Postfix top-level queue direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>FILES</b>
@@ -165,7 +166,7 @@ BOUNCE(8)                                                            BOUNCE(8)
        syslogd(8), system logging
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/canonical.5.html b/postfix/html/canonical.5.html
index 8c6ceced9..5ace31dc6 100644
--- a/postfix/html/canonical.5.html
+++ b/postfix/html/canonical.5.html
@@ -26,8 +26,8 @@ CANONICAL(5)                                                      CANONICAL(5)
        file  that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command.  The
        result, an indexed file in <b>dbm</b> or <b>db</b> format, is  used  for
        fast  searching  by  the  mail system. Execute the command
-       "<b>postmap /etc/postfix/canonical</b>" in order to  rebuild  the
-       indexed file after changing the text file.
+       "<b>postmap /etc/postfix/canonical</b>"  to  rebuild  an  indexed
+       file after changing the corresponding text file.
 
        When  the  table  is provided via other means such as NIS,
        LDAP or SQL, the same lookups are  done  as  for  ordinary
@@ -36,9 +36,9 @@ CANONICAL(5)                                                      CANONICAL(5)
        Alternatively,  the  table  can  be provided as a regular-
        expression map where patterns are given as regular expres-
        sions,  or lookups can be directed to TCP-based server. In
-       that case, the lookups are done in  a  slightly  different
+       those cases, the lookups are done in a slightly  different
        way  as  described below under "REGULAR EXPRESSION TABLES"
-       and "TCP-BASED TABLES".
+       or "TCP-BASED TABLES".
 
        By default the <a href="canonical.5.html"><b>canonical</b>(5)</a> mapping affects  both  message
        header  addresses  (i.e. addresses that appear inside mes-
diff --git a/postfix/html/cidr_table.5.html b/postfix/html/cidr_table.5.html
index d869dbb9e..440e58ef9 100644
--- a/postfix/html/cidr_table.5.html
+++ b/postfix/html/cidr_table.5.html
@@ -18,59 +18,62 @@ CIDR_TABLE(5)                                                    CIDR_TABLE(5)
        The  Postfix  mail  system  uses  optional  lookup tables.
        These tables are usually in <b>dbm</b> or  <b>db</b>  format.   Alterna-
        tively,  lookup tables can be specified in CIDR (Classless
-       Inter-Domain Routing) form.
+       Inter-Domain Routing) form. In this case,  each  input  is
+       compared  against  a  list  of  patterns.  When a match is
+       found, the corresponding result is returned and the search
+       is terminated.
 
-       To find out what types of lookup tables your Postfix  sys-
+       To  find out what types of lookup tables your Postfix sys-
        tem supports use the "<b>postconf -m</b>" command.
 
-       To  test  lookup  tables,  use the "<b>postmap -q</b>" command as
+       To test lookup tables, use the  "<b>postmap  -q</b>"  command  as
        described in the SYNOPSIS above.
 
 <b>TABLE FORMAT</b>
        The general form of a Postfix CIDR table is:
 
        <i>network</i><b>_</b><i>address</i><b>/</b><i>network</i><b>_</b><i>mask     result</i>
-              When a search string matches the specified  network
-              block,  use the corresponding <i>result</i> value. Specify
-              0.0.0.0/0 to match every IPv4 address, and ::/0  to
+              When  a search string matches the specified network
+              block, use the corresponding <i>result</i> value.  Specify
+              0.0.0.0/0  to match every IPv4 address, and ::/0 to
               match every IPv6 address.
 
               An IPv4 network address is a sequence of four deci-
-              mal octets separated by ".", and  an  IPv6  network
+              mal  octets  separated  by ".", and an IPv6 network
               address is a sequence of three to eight hexadecimal
               octet pairs separated by ":".
 
-              Before comparisons are made, lookup keys and  table
+              Before  comparisons are made, lookup keys and table
               entries are converted from string to binary. There-
-              fore table entries will be  matched  regardless  of
+              fore  table  entries  will be matched regardless of
               redundant zero characters.
 
-              Note:  address  information  may be enclosed inside
+              Note: address information may  be  enclosed  inside
               "[]" but this form is not recommended.
 
               IPv6 support is available in Postfix 2.2 and later.
 
        <i>network</i><b>_</b><i>address     result</i>
-              When  a search string matches the specified network
+              When a search string matches the specified  network
               address, use the corresponding <i>result</i> value.
 
        blank lines and comments
-              Empty lines and whitespace-only lines are  ignored,
-              as  are  lines whose first non-whitespace character
+              Empty  lines and whitespace-only lines are ignored,
+              as are lines whose first  non-whitespace  character
               is a `#'.
 
        multi-line text
-              A logical line starts with non-whitespace  text.  A
-              line  that starts with whitespace continues a logi-
+              A  logical  line starts with non-whitespace text. A
+              line that starts with whitespace continues a  logi-
               cal line.
 
 <b>TABLE SEARCH ORDER</b>
-       Patterns are applied in the order as specified in the  ta-
-       ble,  until  a  pattern  is  found that matches the search
+       Patterns  are applied in the order as specified in the ta-
+       ble, until a pattern is  found  that  matches  the  search
        string.
 
 <b>EXAMPLE SMTPD ACCESS MAP</b>
-       /etc/postfix/main.cf:
+       /etc/postfix/<a href="postconf.5.html">main.cf</a>:
            <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> = ... <a href="cidr_table.5.html">cidr</a>:/etc/postfix/client.cidr ...
 
        /etc/postfix/client.<a href="cidr_table.5.html">cidr</a>:
diff --git a/postfix/html/cleanup.8.html b/postfix/html/cleanup.8.html
index d207e4703..2cd0ceec3 100644
--- a/postfix/html/cleanup.8.html
+++ b/postfix/html/cleanup.8.html
@@ -412,31 +412,32 @@ CLEANUP(8)                                                          CLEANUP(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The  maximum  amount  of  time that an idle Postfix
-              daemon process waits for the next  service  request
-              before exiting.
+              daemon process waits  for  an  incoming  connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The  maximal number of connection requests before a
-              Postfix daemon process terminates.
+              The  maximal  number of incoming connections that a
+              Postfix daemon process will service  before  termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b>
               The internet hostname of this mail system.
 
        <b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
               The domain name that locally-posted mail appears to
-              come  from,  and that locally posted mail is deliv-
+              come from, and that locally posted mail  is  deliv-
               ered to.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The process ID  of  a  Postfix  command  or  daemon
+              The  process  ID  of  a  Postfix  command or daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The  process  name  of  a Postfix command or daemon
+              The process name of a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The location of the Postfix top-level queue  direc-
+              The  location of the Postfix top-level queue direc-
               tory.
 
        <b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
@@ -447,14 +448,14 @@ CLEANUP(8)                                                          CLEANUP(8)
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The mail system  name  that  is  prepended  to  the
-              process  name  in  syslog  records, so that "smtpd"
+              The  mail  system  name  that  is  prepended to the
+              process name in syslog  records,  so  that  "smtpd"
               becomes, for example, "postfix/smtpd".
 
        Available in Postfix version 2.1 and later:
 
        <b><a href="postconf.5.html#enable_original_recipient">enable_original_recipient</a> (yes)</b>
-              Enable  support  for  the   X-Original-To   message
+              Enable   support   for  the  X-Original-To  message
               header.
 
 <b>FILES</b>
@@ -478,7 +479,7 @@ CLEANUP(8)                                                          CLEANUP(8)
        <a href="CONTENT_INSPECTION_README.html">CONTENT_INSPECTION_README</a> content inspection
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/discard.8.html b/postfix/html/discard.8.html
index 2fb77c2e1..9325692c5 100644
--- a/postfix/html/discard.8.html
+++ b/postfix/html/discard.8.html
@@ -77,31 +77,32 @@ DISCARD(8)                                                          DISCARD(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The  location of the Postfix top-level queue direc-
+              The location of the Postfix top-level queue  direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The mail system  name  that  is  prepended  to  the
-              process  name  in  syslog  records, so that "smtpd"
+              The  mail  system  name  that  is  prepended to the
+              process name in syslog  records,  so  that  "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>SEE ALSO</b>
@@ -114,7 +115,7 @@ DISCARD(8)                                                          DISCARD(8)
        syslogd(8), system logging
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>HISTORY</b>
diff --git a/postfix/html/error.8.html b/postfix/html/error.8.html
index 849a55641..d66f9ead4 100644
--- a/postfix/html/error.8.html
+++ b/postfix/html/error.8.html
@@ -15,8 +15,8 @@ ERROR(8)                                                              ERROR(8)
 <b>DESCRIPTION</b>
        The  Postfix  <a href="error.8.html"><b>error</b>(8)</a>  delivery  agent processes delivery
        requests from the queue manager. Each request specifies  a
-       queue  file,  a sender address, a domain or host name that
-       is treated as the reason for non-delivery,  and  recipient
+       queue  file, a sender address, the reason for non-delivery
+       (specified as the  next-hop  destination),  and  recipient
        information.   The  reason  may  be  prefixed  with an RFC
        3463-compatible detail code.  This program expects  to  be
        run from the <a href="master.8.html"><b>master</b>(8)</a> process manager.
@@ -86,35 +86,36 @@ ERROR(8)                                                              ERROR(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The  maximum  amount  of  time that an idle Postfix
-              daemon process waits for the next  service  request
-              before exiting.
+              daemon process waits  for  an  incoming  connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The  maximal number of connection requests before a
-              Postfix daemon process terminates.
+              The  maximal  number of incoming connections that a
+              Postfix daemon process will service  before  termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
-              The list of error classes that are reported to  the
+              The  list of error classes that are reported to the
               postmaster.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The  location of the Postfix top-level queue direc-
+              The location of the Postfix top-level queue  direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The mail system  name  that  is  prepended  to  the
-              process  name  in  syslog  records, so that "smtpd"
+              The  mail  system  name  that  is  prepended to the
+              process name in syslog  records,  so  that  "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>SEE ALSO</b>
@@ -127,7 +128,7 @@ ERROR(8)                                                              ERROR(8)
        syslogd(8), system logging
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/flush.8.html b/postfix/html/flush.8.html
index cba373e9e..c5f3bb405 100644
--- a/postfix/html/flush.8.html
+++ b/postfix/html/flush.8.html
@@ -120,37 +120,38 @@ FLUSH(8)                                                              FLUSH(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
-       <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a>  (see  'postconf -d' out-</b>
+       <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf  -d'  out-</b>
        <b>put)</b>
               What   Postfix   features   match   subdomains   of
               "domain.tld" automatically, instead of requiring an
               explicit ".domain.tld" pattern.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The  location of the Postfix top-level queue direc-
+              The location of the Postfix top-level queue  direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The mail system  name  that  is  prepended  to  the
-              process  name  in  syslog  records, so that "smtpd"
+              The  mail  system  name  that  is  prepended to the
+              process name in syslog  records,  so  that  "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>FILES</b>
@@ -168,7 +169,7 @@ FLUSH(8)                                                              FLUSH(8)
        <a href="ETRN_README.html">ETRN_README</a>, Postfix ETRN howto
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>HISTORY</b>
diff --git a/postfix/html/generic.5.html b/postfix/html/generic.5.html
index ba40cc614..9b0ffc2e4 100644
--- a/postfix/html/generic.5.html
+++ b/postfix/html/generic.5.html
@@ -39,8 +39,8 @@ GENERIC(5)                                                          GENERIC(5)
        that serves as  input  to  the  <a href="postmap.1.html"><b>postmap</b>(1)</a>  command.   The
        result,  an  indexed file in <b>dbm</b> or <b>db</b> format, is used for
        fast searching by the mail  system.  Execute  the  command
-       "<b>postmap  /etc/postfix/generic</b>"  in  order  to rebuild the
-       indexed file after changing the text file.
+       "<b>postmap  /etc/postfix/generic</b>" to rebuild an indexed file
+       after changing the corresponding text file.
 
        When the table is provided via other means  such  as  NIS,
        LDAP  or  SQL,  the  same lookups are done as for ordinary
@@ -49,9 +49,9 @@ GENERIC(5)                                                          GENERIC(5)
        Alternatively, the table can be  provided  as  a  regular-
        expression map where patterns are given as regular expres-
        sions, or lookups can be directed to TCP-based server.  In
-       that  case,  the  lookups are done in a slightly different
+       those  case,  the lookups are done in a slightly different
        way as described below under "REGULAR  EXPRESSION  TABLES"
-       and "TCP-BASED TABLES".
+       or "TCP-BASED TABLES".
 
 <b>CASE FOLDING</b>
        The  search  string is folded to lowercase before database
diff --git a/postfix/html/local.8.html b/postfix/html/local.8.html
index 0e512a166..de3fd4f54 100644
--- a/postfix/html/local.8.html
+++ b/postfix/html/local.8.html
@@ -560,33 +560,34 @@ LOCAL(8)                                                              LOCAL(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#prepend_delivered_header">prepend_delivered_header</a> (command, file, forward)</b>
-              The  message  delivery  contexts  where the Postfix
-              <a href="local.8.html"><b>local</b>(8)</a> delivery agent  prepends  a  Delivered-To:
-              message  header  with the address that the mail was
+              The message delivery  contexts  where  the  Postfix
+              <a href="local.8.html"><b>local</b>(8)</a>  delivery  agent  prepends a Delivered-To:
+              message header with the address that the  mail  was
               delivered to.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The process ID  of  a  Postfix  command  or  daemon
+              The  process  ID  of  a  Postfix  command or daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The  process  name  of  a Postfix command or daemon
+              The process name of a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> (canonical, virtual)</b>
-              What address lookup tables copy an  address  exten-
+              What  address  lookup tables copy an address exten-
               sion from the lookup key to the lookup result.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The  location of the Postfix top-level queue direc-
+              The location of the Postfix top-level queue  direc-
               tory.
 
        <b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
@@ -594,15 +595,15 @@ LOCAL(8)                                                              LOCAL(8)
               sions (user+foo).
 
        <b><a href="postconf.5.html#require_home_directory">require_home_directory</a> (no)</b>
-              Whether  or  not a <a href="local.8.html"><b>local</b>(8)</a> recipient's home direc-
-              tory must exist before mail delivery is  attempted.
+              Whether or not a <a href="local.8.html"><b>local</b>(8)</a> recipient's  home  direc-
+              tory  must exist before mail delivery is attempted.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>FILES</b>
@@ -622,14 +623,14 @@ LOCAL(8)                                                              LOCAL(8)
        syslogd(8), system logging
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>HISTORY</b>
        The <b>Delivered-To:</b> message header appears in the <b>qmail</b> sys-
        tem by Daniel Bernstein.
 
-       The  <i>maildir</i>  structure  appears  in  the  <b>qmail</b> system by
+       The <i>maildir</i> structure  appears  in  the  <b>qmail</b>  system  by
        Daniel Bernstein.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/master.8.html b/postfix/html/master.8.html
index 221984c85..859474805 100644
--- a/postfix/html/master.8.html
+++ b/postfix/html/master.8.html
@@ -27,12 +27,12 @@ MASTER(8)                                                            MASTER(8)
        number server.
 
        The behavior of the <a href="master.8.html"><b>master</b>(8)</a> daemon is controlled by  the
-       <b>master.cf</b> configuration file, as described in <a href="master.5.html"><b>master</b>(5)</a>.
+       <a href="master.5.html"><b>master.cf</b></a> configuration file, as described in <a href="master.5.html"><b>master</b>(5)</a>.
 
        Options:
 
        <b>-c</b> <i>config</i><b>_</b><i>dir</i>
-              Read  the <b>main.cf</b> and <b>master.cf</b> configuration files
+              Read  the <a href="postconf.5.html"><b>main.cf</b></a> and <a href="master.5.html"><b>master.cf</b></a> configuration files
               in the named directory instead of the default  con-
               figuration directory.  This also overrides the con-
               figuration files  for  other  Postfix  daemon  pro-
@@ -40,7 +40,7 @@ MASTER(8)                                                            MASTER(8)
 
        <b>-D</b>     After  initialization, run a debugger on the master
               process. The debugging command  is  specified  with
-              the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> in the <b>main.cf</b> global configu-
+              the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> in the <a href="postconf.5.html"><b>main.cf</b></a> global configu-
               ration file.
 
        <b>-d</b>     Do  not  redirect  stdin,  stdout  or   stderr   to
@@ -66,7 +66,7 @@ MASTER(8)                                                            MASTER(8)
        <b>SIGHUP</b> Upon  receipt of a <b>HUP</b> signal (e.g., after "<b>postfix</b>
               <b>reload</b>"), the master process re-reads its  configu-
               ration  files.  If  a service has been removed from
-              the <b>master.cf</b> file, its running processes are  ter-
+              the <a href="master.5.html"><b>master.cf</b></a> file, its running processes are  ter-
               minated  immediately.  Otherwise, running processes
               are allowed to terminate as soon as is  convenient,
               so  that  changes  in configuration settings affect
@@ -87,15 +87,15 @@ MASTER(8)                                                            MASTER(8)
        <b>MAIL_DEBUG</b>
               After initialization, start a debugger as specified
               with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b>  configuration  parameter
-              in the <b>main.cf</b> configuration file.
+              in the <a href="postconf.5.html"><b>main.cf</b></a> configuration file.
 
        <b>MAIL_CONFIG</b>
               Directory with Postfix configuration files.
 
 <b>CONFIGURATION PARAMETERS</b>
        Unlike most Postfix daemon processes, the <a href="master.8.html"><b>master</b>(8)</a> server
-       does not automatically pick up changes to <b>main.cf</b>. Changes
-       to  <b>master.cf</b>  are never picked up automatically.  Use the
+       does not automatically pick up changes to <a href="postconf.5.html"><b>main.cf</b></a>. Changes
+       to  <a href="master.5.html"><b>master.cf</b></a>  are never picked up automatically.  Use the
        "<b>postfix reload</b>" command after a configuration change.
 
 <b>RESOURCE AND RATE CONTROLS</b>
@@ -105,12 +105,13 @@ MASTER(8)                                                            MASTER(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The  maximum  amount  of  time that an idle Postfix
-              daemon process waits for the next  service  request
-              before exiting.
+              daemon process waits  for  an  incoming  connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The  maximal number of connection requests before a
-              Postfix daemon process terminates.
+              The  maximal  number of incoming connections that a
+              Postfix daemon process will service  before  termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#service_throttle_time">service_throttle_time</a> (60s)</b>
               How long the Postfix <a href="master.8.html"><b>master</b>(8)</a> waits before forking
@@ -118,11 +119,11 @@ MASTER(8)                                                            MASTER(8)
 
 <b>MISCELLANEOUS CONTROLS</b>
        <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
-              The  default  location  of  the Postfix main.cf and
-              master.cf configuration files.
+              The default location of  the  Postfix  <a href="postconf.5.html">main.cf</a>  and
+              <a href="master.5.html">master.cf</a> configuration files.
 
        <b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
-              The directory with  Postfix  support  programs  and
+              The  directory  with  Postfix  support programs and
               daemon programs.
 
        <b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
@@ -134,11 +135,11 @@ MASTER(8)                                                            MASTER(8)
               tem receives mail on.
 
        <b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (ipv4)</b>
-              The  Internet protocols Postfix will attempt to use
+              The Internet protocols Postfix will attempt to  use
               when making or accepting connections.
 
        <b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
-              The list of environment parameters that  a  Postfix
+              The  list  of environment parameters that a Postfix
               process  will  import  from  a  non-Postfix  parent
               process.
 
@@ -147,39 +148,39 @@ MASTER(8)                                                            MASTER(8)
               and most Postfix daemon processes.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The  location of the Postfix top-level queue direc-
+              The location of the Postfix top-level queue  direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The mail system  name  that  is  prepended  to  the
-              process  name  in  syslog  records, so that "smtpd"
+              The  mail  system  name  that  is  prepended to the
+              process name in syslog  records,  so  that  "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>FILES</b>
-       /etc/postfix/main.cf, global configuration file.
-       /etc/postfix/master.cf, master server configuration file.
+       /etc/postfix/<a href="postconf.5.html">main.cf</a>, global configuration file.
+       /etc/postfix/<a href="master.5.html">master.cf</a>, master server configuration file.
        /var/spool/postfix/pid/master.pid, master lock file.
 
 <b>SEE ALSO</b>
        <a href="qmgr.8.html">qmgr(8)</a>, queue manager
        <a href="verify.8.html">verify(8)</a>, address verification
-       <a href="master.5.html">master(5)</a>, master.cf configuration file syntax
-       <a href="postconf.5.html">postconf(5)</a>, main.cf configuration parameter syntax
+       <a href="master.5.html">master(5)</a>, <a href="master.5.html">master.cf</a> configuration file syntax
+       <a href="postconf.5.html">postconf(5)</a>, <a href="postconf.5.html">main.cf</a> configuration parameter syntax
        syslogd(8), system logging
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/pcre_table.5.html b/postfix/html/pcre_table.5.html
index 8698d02a8..10a560385 100644
--- a/postfix/html/pcre_table.5.html
+++ b/postfix/html/pcre_table.5.html
@@ -21,13 +21,14 @@ PCRE_TABLE(5)                                                    PCRE_TABLE(5)
 
        Alternatively, lookup tables can be specified in Perl Com-
        patible Regular Expression form. In this case, each  input
-       is  compared  against a list of patterns, and when a match
-       is found the corresponding result is returned.
+       is  compared  against  a list of patterns. When a match is
+       found, the corresponding result is returned and the search
+       is terminated.
 
-       To find out what types of lookup tables your Postfix  sys-
+       To  find out what types of lookup tables your Postfix sys-
        tem supports use the "<b>postconf -m</b>" command.
 
-       To  test  lookup  tables, use the "<b>postmap -fq</b>" command as
+       To test lookup tables, use the "<b>postmap  -fq</b>"  command  as
        described in the SYNOPSIS above.
 
 <b>TABLE FORMAT</b>
@@ -38,16 +39,16 @@ PCRE_TABLE(5)                                                    PCRE_TABLE(5)
               responding <i>result</i> value.
 
        <b>!/</b><i>pattern</i><b>/</b><i>flags result</i>
-              When  <i>pattern</i>  does <b>not</b> match the input string, use
+              When <i>pattern</i> does <b>not</b> match the input  string,  use
               the corresponding <i>result</i> value.
 
        <b>if /</b><i>pattern</i><b>/</b><i>flags</i>
 
        <b>endif</b>  Match the input string against the patterns between
-              <b>if</b>  and <b>endif</b>, if and only if the input string also
+              <b>if</b> and <b>endif</b>, if and only if the input string  also
               matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
 
-              Note: do not prepend whitespace to patterns  inside
+              Note:  do not prepend whitespace to patterns inside
               <b>if</b>..<b>endif</b>.
 
               This feature is available in Postfix 2.1 and later.
@@ -55,117 +56,117 @@ PCRE_TABLE(5)                                                    PCRE_TABLE(5)
        <b>if !/</b><i>pattern</i><b>/</b><i>flags</i>
 
        <b>endif</b>  Match the input string against the patterns between
-              <b>if</b>  and <b>endif</b>, if and only if the input string does
+              <b>if</b> and <b>endif</b>, if and only if the input string  does
               <b>not</b> match <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
 
-              Note: do not prepend whitespace to patterns  inside
+              Note:  do not prepend whitespace to patterns inside
               <b>if</b>..<b>endif</b>.
 
               This feature is available in Postfix 2.1 and later.
 
        blank lines and comments
-              Empty lines and whitespace-only lines are  ignored,
-              as  are  lines whose first non-whitespace character
+              Empty  lines and whitespace-only lines are ignored,
+              as are lines whose first  non-whitespace  character
               is a `#'.
 
        multi-line text
-              A logical line starts with non-whitespace  text.  A
-              line  that starts with whitespace continues a logi-
+              A  logical  line starts with non-whitespace text. A
+              line that starts with whitespace continues a  logi-
               cal line.
 
        Each  pattern  is  a  perl-like  regular  expression.  The
-       expression  delimiter  can be any character, except white-
-       space or characters that have special meaning  (tradition-
-       ally  the  forward slash is used).  The regular expression
+       expression delimiter can be any character,  except  white-
+       space  or characters that have special meaning (tradition-
+       ally the forward slash is used).  The  regular  expression
        can contain whitespace.
 
        By default, matching is case-insensitive, and newlines are
-       not  treated  as  special characters. The behavior is con-
-       trolled by flags, which are toggled by  appending  one  or
+       not treated as special characters. The  behavior  is  con-
+       trolled  by  flags,  which are toggled by appending one or
        more of the following characters after the pattern:
 
        <b>i</b> (default: on)
-              Toggles  the  case  sensitivity  flag.  By default,
+              Toggles the  case  sensitivity  flag.  By  default,
               matching is case insensitive.
 
        <b>m</b> (default: off)
-              Toggles the PCRE_MULTILINE flag. When this flag  is
-              on,  the  <b>^</b>  and <b>$</b> metacharacters match immediately
-              after and immediately before a  newline  character,
-              respectively,  in addition to matching at the start
+              Toggles  the PCRE_MULTILINE flag. When this flag is
+              on, the <b>^</b> and <b>$</b>  metacharacters  match  immediately
+              after  and  immediately before a newline character,
+              respectively, in addition to matching at the  start
               and end of the subject string.
 
        <b>s</b> (default: on)
               Toggles the PCRE_DOTALL flag. When this flag is on,
               the <b>.</b>  metacharacter matches the newline character.
               With Postfix versions prior to 2.0, The flag is off
-              by  default,  which  is inconvenient for multi-line
+              by default, which is  inconvenient  for  multi-line
               message header matching.
 
        <b>x</b> (default: off)
-              Toggles the pcre extended flag. When this  flag  is
-              on,  whitespace  in  the  pattern  (other than in a
+              Toggles  the  pcre extended flag. When this flag is
+              on, whitespace in the  pattern  (other  than  in  a
               character class) and characters between a <b>#</b> outside
-              a  character  class  and the next newline character
-              are ignored. An escaping backslash can be  used  to
-              include  a whitespace or <b>#</b> character as part of the
+              a character class and the  next  newline  character
+              are  ignored.  An escaping backslash can be used to
+              include a whitespace or <b>#</b> character as part of  the
               pattern.
 
        <b>A</b> (default: off)
-              Toggles the PCRE_ANCHORED flag.  When this flag  is
-              on,  the  pattern  is forced to be "anchored", that
+              Toggles  the PCRE_ANCHORED flag.  When this flag is
+              on, the pattern is forced to  be  "anchored",  that
               is, it is constrained to match only at the start of
-              the  string  which  is being searched (the "subject
-              string"). This  effect  can  also  be  achieved  by
+              the string which is being  searched  (the  "subject
+              string").  This  effect  can  also  be  achieved by
               appropriate constructs in the pattern itself.
 
        <b>E</b> (default: off)
-              Toggles  the  PCRE_DOLLAR_ENDONLY  flag.  When this
-              flag is  on,  a  <b>$</b>  metacharacter  in  the  pattern
-              matches  only  at  the  end  of the subject string.
-              Without this flag, a dollar  also  matches  immedi-
+              Toggles the  PCRE_DOLLAR_ENDONLY  flag.  When  this
+              flag  is  on,  a  <b>$</b>  metacharacter  in  the pattern
+              matches only at the  end  of  the  subject  string.
+              Without  this  flag,  a dollar also matches immedi-
               ately before the final character if it is a newline
               character (but not before any other newline charac-
-              ters).  This flag is ignored if PCRE_MULTILINE flag
+              ters). This flag is ignored if PCRE_MULTILINE  flag
               is set.
 
        <b>U</b> (default: off)
               Toggles the ungreedy matching flag.  When this flag
-              is  on,  the  pattern  matching  engine inverts the
-              "greediness" of the quantifiers so  that  they  are
-              not  greedy  by  default, but become greedy if fol-
-              lowed by "?".  This flag can also  set  by  a  (?U)
+              is on, the  pattern  matching  engine  inverts  the
+              "greediness"  of  the  quantifiers so that they are
+              not greedy by default, but become  greedy  if  fol-
+              lowed  by  "?".   This  flag can also set by a (?U)
               modifier within the pattern.
 
        <b>X</b> (default: off)
               Toggles the PCRE_EXTRA flag.  When this flag is on,
-              any backslash in a pattern that is  followed  by  a
+              any  backslash  in  a pattern that is followed by a
               letter that has no special meaning causes an error,
               thus reserving these combinations for future expan-
               sion.
 
 <b>SEARCH ORDER</b>
-       Patterns  are applied in the order as specified in the ta-
-       ble, until a pattern  is  found  that  matches  the  input
+       Patterns are applied in the order as specified in the  ta-
+       ble,  until  a  pattern  is  found  that matches the input
        string.
 
-       Each  pattern  is  applied  to  the  entire  input string.
-       Depending on the application, that  string  is  an  entire
+       Each pattern  is  applied  to  the  entire  input  string.
+       Depending  on  the  application,  that string is an entire
        client hostname, an entire client IP address, or an entire
-       mail address.  Thus, no parent domain  or  parent  network
-       search  is  done,  and  <i>user@domain</i> mail addresses are not
-       broken up into their <i>user</i> and  <i>domain</i>  constituent  parts,
+       mail  address.   Thus,  no parent domain or parent network
+       search is done, and <i>user@domain</i>  mail  addresses  are  not
+       broken  up  into  their <i>user</i> and <i>domain</i> constituent parts,
        nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
 
 <b>TEXT SUBSTITUTION</b>
-       Substitution  of  substrings  from  the matched expression
-       into the result string is possible using the  conventional
-       perl  syntax  ($1,  $2,  etc.);  specify $$ to produce a $
-       character as output.  The macros in the result string  may
+       Substitution of substrings  from  the  matched  expression
+       into  the result string is possible using the conventional
+       perl syntax ($1, $2, etc.); specify  $$  to  produce  a  $
+       character  as output.  The macros in the result string may
        need to be written as ${n} or $(n) if they aren't followed
        by whitespace.
 
-       Note: since negated patterns (those preceded by <b>!</b>)  return
+       Note:  since negated patterns (those preceded by <b>!</b>) return
        a result when the expression does not match, substitutions
        are not available for negated patterns.
 
diff --git a/postfix/html/pickup.8.html b/postfix/html/pickup.8.html
index d64cb5bf1..b4f72d493 100644
--- a/postfix/html/pickup.8.html
+++ b/postfix/html/pickup.8.html
@@ -81,31 +81,32 @@ PICKUP(8)                                                            PICKUP(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The  location of the Postfix top-level queue direc-
+              The location of the Postfix top-level queue  direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The mail system  name  that  is  prepended  to  the
-              process  name  in  syslog  records, so that "smtpd"
+              The  mail  system  name  that  is  prepended to the
+              process name in syslog  records,  so  that  "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>SEE ALSO</b>
@@ -118,7 +119,7 @@ PICKUP(8)                                                            PICKUP(8)
        syslogd(8), system logging
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/pipe.8.html b/postfix/html/pipe.8.html
index e47a2f54f..6eff2edd0 100644
--- a/postfix/html/pipe.8.html
+++ b/postfix/html/pipe.8.html
@@ -406,23 +406,24 @@ PIPE(8)                                                                PIPE(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The  location of the Postfix top-level queue direc-
+              The location of the Postfix top-level queue  direc-
               tory.
 
        <b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
@@ -433,8 +434,8 @@ PIPE(8)                                                                PIPE(8)
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>SEE ALSO</b>
@@ -446,7 +447,7 @@ PIPE(8)                                                                PIPE(8)
        syslogd(8), system logging
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index 3a882ce59..55605a71a 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -2012,9 +2012,9 @@ precision.  </p>
 
 <ul>
 
-<li> a = time before the queue manager, including message transmission
+<li> a = time from message arrival to last <a href="QSHAPE_README.html#active_queue">active queue</a> entry
 
-<li> b = time in queue manager
+<li> b = time from last <a href="QSHAPE_README.html#active_queue">active queue</a> entry to connection setup
 
 <li> c = time in connection setup, including DNS, EHLO and TLS
 
@@ -3347,7 +3347,7 @@ details. The table is not indexed by hostname for consistency with
 </DD>
 
 <DT><b><a name="lmtp_discard_lhlo_keywords">lmtp_discard_lhlo_keywords</a>
-(default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
+(default: empty)</b></DT><DD>
 
 <p> A case insensitive list of LHLO keywords (pipelining, starttls,
 auth, etc.) that the LMTP client will ignore in the LHLO response
@@ -4875,8 +4875,9 @@ Examples:
 (default: 100s)</b></DT><DD>
 
 <p>
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.  This parameter
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.  This
+parameter
 is ignored by the Postfix queue manager and by other long-lived
 Postfix daemon processes.
 </p>
@@ -4893,8 +4894,9 @@ The default time unit is s (seconds).
 (default: 100)</b></DT><DD>
 
 <p>
-The maximal number of connection requests before a Postfix daemon
-process terminates. This parameter is ignored by the Postfix queue
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.  This parameter
+is ignored by the Postfix queue
 manager and by other long-lived Postfix daemon processes.
 </p>
 
diff --git a/postfix/html/proxymap.8.html b/postfix/html/proxymap.8.html
index 57eca5eb4..f3a5270b6 100644
--- a/postfix/html/proxymap.8.html
+++ b/postfix/html/proxymap.8.html
@@ -117,23 +117,24 @@ PROXYMAP(8)                                                        PROXYMAP(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The  maximum  amount  of  time that an idle Postfix
-              daemon process waits for the next  service  request
-              before exiting.
+              daemon process waits  for  an  incoming  connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The  maximal number of connection requests before a
-              Postfix daemon process terminates.
+              The  maximal  number of incoming connections that a
+              Postfix daemon process will service  before  termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The process ID  of  a  Postfix  command  or  daemon
+              The  process  ID  of  a  Postfix  command or daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The  process  name  of  a Postfix command or daemon
+              The process name of a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#proxy_read_maps">proxy_read_maps</a> (see 'postconf -d' output)</b>
-              The lookup tables that the  <a href="proxymap.8.html"><b>proxymap</b>(8)</a>  server  is
+              The  lookup  tables  that the <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server is
               allowed to access.
 
 <b>SEE ALSO</b>
@@ -144,7 +145,7 @@ PROXYMAP(8)                                                        PROXYMAP(8)
        <a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>HISTORY</b>
diff --git a/postfix/html/qmqpd.8.html b/postfix/html/qmqpd.8.html
index 8f244435a..9583cc1a0 100644
--- a/postfix/html/qmqpd.8.html
+++ b/postfix/html/qmqpd.8.html
@@ -114,40 +114,41 @@ QMQPD(8)                                                              QMQPD(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#qmqpd_authorized_clients">qmqpd_authorized_clients</a> (empty)</b>
-              What  clients  are  allowed  to connect to the QMQP
+              What clients are allowed to  connect  to  the  QMQP
               server port.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The location of the Postfix top-level queue  direc-
+              The  location of the Postfix top-level queue direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
        <b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
-              The  characters  Postfix  accepts as VERP delimiter
-              characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command  line
+              The characters Postfix accepts  as  VERP  delimiter
+              characters  on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
               and in SMTP commands.
 
 <b>SEE ALSO</b>
@@ -160,7 +161,7 @@ QMQPD(8)                                                              QMQPD(8)
        <a href="QMQP_README.html">QMQP_README</a>, Postfix ezmlm-idx howto.
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>HISTORY</b>
diff --git a/postfix/html/qshape.1.html b/postfix/html/qshape.1.html
index 490cb713b..4feacadab 100644
--- a/postfix/html/qshape.1.html
+++ b/postfix/html/qshape.1.html
@@ -13,6 +13,7 @@ QSHAPE(1)                                                            QSHAPE(1)
        <b>qshape</b> [<b>-s</b>] [<b>-p</b>] [<b>-m</b> <i>min</i><b>_</b><i>subdomains</i>]
                [<b>-b</b> <i>bucket</i><b>_</b><i>count</i>] [<b>-t</b> <i>bucket</i><b>_</b><i>time</i>]
                [<b>-l</b>] [<b>-w</b> <i>terminal</i><b>_</b><i>width</i>]
+               [<b>-N</b> <i>batch</i><b>_</b><i>msg</i><b>_</b><i>count</i>] [<b>-n</b> <i>batch</i><b>_</b><i>top</i><b>_</b><i>domains</i>]
                [<b>-c</b> <i>config</i><b>_</b><i>directory</i>] [<i>queue</i><b>_</b><i>name</i> ...]
 
 <b>DESCRIPTION</b>
@@ -77,26 +78,39 @@ QSHAPE(1)                                                            QSHAPE(1)
               narrow  to  show  the domain name and all the coun-
               ters, the terminal_width limit is violated.
 
+       <b>-N</b> <i>batch</i><b>_</b><i>msg</i><b>_</b><i>count</i>
+              When the output device is a terminal,  intermediate
+              results  are shown each "batch_msg_count" messages.
+              This produces usable results in a  reasonable  time
+              even  when the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> is large. The default
+              is to show intermediate  results  every  1000  mes-
+              sages.
+
+       <b>-n</b> <i>batch</i><b>_</b><i>top</i><b>_</b><i>domains</i>
+              When  reporting  intermediate or final results to a
+              termainal, report only the top  "batch_top_domains"
+              domains. The default limit is 20 domains.
+
        <b>-c</b> <i>config</i><b>_</b><i>directory</i>
-              The <a href="postconf.5.html"><b>main.cf</b></a> configuration  file  is  in  the  named
+              The  <a href="postconf.5.html"><b>main.cf</b></a>  configuration  file  is  in the named
               directory  instead  of  the  default  configuration
               directory.
 
        Arguments:
 
        <i>queue</i><b>_</b><i>name</i>
-              By default <b>qshape</b> displays the  combined  distribu-
-              tion  of the <a href="QSHAPE_README.html#incoming_queue">incoming</a> and <a href="QSHAPE_README.html#active_queue">active queues</a>. To display
-              a different set of queues, just list  their  direc-
+              By  default  <b>qshape</b> displays the combined distribu-
+              tion of the <a href="QSHAPE_README.html#incoming_queue">incoming</a> and <a href="QSHAPE_README.html#active_queue">active queues</a>. To  display
+              a  different  set of queues, just list their direc-
               tory names on the command line.  Absolute paths are
-              used as is, other paths are taken relative  to  the
-              <a href="postconf.5.html"><b>main.cf</a>  <a href="postconf.5.html#queue_directory">queue_directory</a></b>  parameter setting.  While
-              <a href="postconf.5.html"><b>main.cf</b></a> supports the use of <i>$variable</i> expansion  in
-              the  definition  of  the <b><a href="postconf.5.html#queue_directory">queue_directory</a></b> parameter,
-              the <b>qshape</b> program does not. If you must use  vari-
+              used  as  is, other paths are taken relative to the
+              <a href="postconf.5.html"><b>main.cf</a> <a href="postconf.5.html#queue_directory">queue_directory</a></b> parameter  setting.   While
+              <a href="postconf.5.html"><b>main.cf</b></a>  supports the use of <i>$variable</i> expansion in
+              the definition of  the  <b><a href="postconf.5.html#queue_directory">queue_directory</a></b>  parameter,
+              the  <b>qshape</b> program does not. If you must use vari-
               able expansions in the <b><a href="postconf.5.html#queue_directory">queue_directory</a></b> setting, you
-              must specify an explicit  absolute  path  for  each
-              queue  subdirectory  even  if  you want the default
+              must  specify  an  explicit  absolute path for each
+              queue subdirectory even if  you  want  the  default
               <a href="QSHAPE_README.html#incoming_queue">incoming</a> and <a href="QSHAPE_README.html#active_queue">active queue</a> distribution.
 
 <b>SEE ALSO</b>
@@ -112,7 +126,7 @@ QSHAPE(1)                                                            QSHAPE(1)
        $<a href="postconf.5.html#queue_directory">queue_directory</a>/deferred/, messages postponed for later delivery.
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/regexp_table.5.html b/postfix/html/regexp_table.5.html
index d42fa4483..d3bddd342 100644
--- a/postfix/html/regexp_table.5.html
+++ b/postfix/html/regexp_table.5.html
@@ -21,13 +21,14 @@ REGEXP_TABLE(5)                                                REGEXP_TABLE(5)
 
        Alternatively, lookup tables can  be  specified  in  POSIX
        regular  expression form. In this case, each input is com-
-       pared against a list of patterns,  and  when  a  match  is
-       found the corresponding result is returned.
+       pared against a list of patterns. When a match  is  found,
+       the  corresponding  result  is  returned and the search is
+       terminated.
 
-       To  find out what types of lookup tables your Postfix sys-
+       To find out what types of lookup tables your Postfix  sys-
        tem supports use the "<b>postconf -m</b>" command.
 
-       To test lookup tables, use the "<b>postmap  -fq</b>"  command  as
+       To  test  lookup  tables, use the "<b>postmap -fq</b>" command as
        described in the SYNOPSIS above.
 
 <b>TABLE FORMAT</b>
@@ -38,7 +39,7 @@ REGEXP_TABLE(5)                                                REGEXP_TABLE(5)
               responding <i>result</i> value.
 
        <b>!/</b><i>pattern</i><b>/</b><i>flags result</i>
-              When  <i>pattern</i>  does <b>not</b> match the input string, use
+              When <i>pattern</i> does <b>not</b> match the input  string,  use
               the corresponding <i>result</i> value.
 
        <b>if /</b><i>pattern</i><b>/</b><i>flags</i>
@@ -47,7 +48,7 @@ REGEXP_TABLE(5)                                                REGEXP_TABLE(5)
               <b>if</b> and <b>endif</b>, if and only if that same input string
               also matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
 
-              Note: do not prepend whitespace to patterns  inside
+              Note:  do not prepend whitespace to patterns inside
               <b>if</b>..<b>endif</b>.
 
               This feature is available in Postfix 2.1 and later.
@@ -56,77 +57,77 @@ REGEXP_TABLE(5)                                                REGEXP_TABLE(5)
 
        <b>endif</b>  Match the input string against the patterns between
               <b>if</b> and <b>endif</b>, if and only if that same input string
-              does <b>not</b> match <i>pattern</i>.  The  <b>if</b>..<b>endif</b>  can  nest.
+              does  <b>not</b>  match  <i>pattern</i>.  The <b>if</b>..<b>endif</b> can nest.
               matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
 
-              Note:  do not prepend whitespace to patterns inside
+              Note: do not prepend whitespace to patterns  inside
               <b>if</b>..<b>endif</b>.
 
               This feature is available in Postfix 2.1 and later.
 
        blank lines and comments
-              Empty  lines and whitespace-only lines are ignored,
-              as are lines whose first  non-whitespace  character
+              Empty lines and whitespace-only lines are  ignored,
+              as  are  lines whose first non-whitespace character
               is a `#'.
 
        multi-line text
-              A  logical  line starts with non-whitespace text. A
-              line that starts with whitespace continues a  logi-
+              A logical line starts with non-whitespace  text.  A
+              line  that starts with whitespace continues a logi-
               cal line.
 
-       Each  pattern  is a POSIX regular expression enclosed by a
+       Each pattern is a POSIX regular expression enclosed  by  a
        pair of delimiters. The regular expression syntax is docu-
-       mented  in  <b>re_format</b>(7)  with  4.4BSD,  in  <b>regex</b>(5) with
+       mented in  <b>re_format</b>(7)  with  4.4BSD,  in  <b>regex</b>(5)  with
        Solaris, and in <b>regex</b>(7) with Linux. Other systems may use
        other document names.
 
-       The  expression  delimiter  can  be  any character, except
+       The expression delimiter  can  be  any  character,  except
        whitespace or characters that have special meaning (tradi-
-       tionally  the  forward slash is used). The regular expres-
+       tionally the forward slash is used). The  regular  expres-
        sion can contain whitespace.
 
        By default, matching is case-insensitive, and newlines are
-       not  treated  as  special characters. The behavior is con-
-       trolled by flags, which are toggled by  appending  one  or
+       not treated as special characters. The  behavior  is  con-
+       trolled  by  flags,  which are toggled by appending one or
        more of the following characters after the pattern:
 
        <b>i</b> (default: on)
-              Toggles  the  case  sensitivity  flag.  By default,
+              Toggles the  case  sensitivity  flag.  By  default,
               matching is case insensitive.
 
        <b>x</b> (default: on)
-              Toggles the extended  expression  syntax  flag.  By
-              default,  support for extended expression syntax is
+              Toggles  the  extended  expression  syntax flag. By
+              default, support for extended expression syntax  is
               enabled.
 
        <b>m</b> (default: off)
-              Toggle the multi-line mode flag. When this flag  is
-              on,  the  <b>^</b>  and <b>$</b> metacharacters match immediately
-              after and immediately before a  newline  character,
-              respectively,  in addition to matching at the start
+              Toggle  the multi-line mode flag. When this flag is
+              on, the <b>^</b> and <b>$</b>  metacharacters  match  immediately
+              after  and  immediately before a newline character,
+              respectively, in addition to matching at the  start
               and end of the input string.
 
 <b>TABLE SEARCH ORDER</b>
-       Patterns are applied in the order as specified in the  ta-
-       ble,  until  a  pattern  is  found  that matches the input
+       Patterns  are applied in the order as specified in the ta-
+       ble, until a pattern  is  found  that  matches  the  input
        string.
 
-       Each pattern  is  applied  to  the  entire  input  string.
-       Depending  on  the  application,  that string is an entire
+       Each  pattern  is  applied  to  the  entire  input string.
+       Depending on the application, that  string  is  an  entire
        client hostname, an entire client IP address, or an entire
-       mail  address.   Thus,  no parent domain or parent network
-       search is done, and <i>user@domain</i>  mail  addresses  are  not
-       broken  up  into  their <i>user</i> and <i>domain</i> constituent parts,
+       mail address.  Thus, no parent domain  or  parent  network
+       search  is  done,  and  <i>user@domain</i> mail addresses are not
+       broken up into their <i>user</i> and  <i>domain</i>  constituent  parts,
        nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
 
 <b>TEXT SUBSTITUTION</b>
-       Substitution of substrings  from  the  matched  expression
-       into  the  result  string  is possible using $1, $2, etc.;
+       Substitution  of  substrings  from  the matched expression
+       into the result string is possible  using  $1,  $2,  etc.;
        specify $$ to produce a $ character as output.  The macros
-       in  the  result  string  may need to be written as ${n} or
+       in the result string may need to be  written  as  ${n}  or
        $(n) if they aren't followed by whitespace.
 
-       Note: since negated patterns (those preceded by <b>!</b>)  return
+       Note:  since negated patterns (those preceded by <b>!</b>) return
        a result when the expression does not match, substitutions
        are not available for negated patterns.
 
diff --git a/postfix/html/relocated.5.html b/postfix/html/relocated.5.html
index ff47a34a7..d31e1628c 100644
--- a/postfix/html/relocated.5.html
+++ b/postfix/html/relocated.5.html
@@ -21,8 +21,8 @@ RELOCATED(5)                                                      RELOCATED(5)
        file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command.   The
        result,  an  indexed file in <b>dbm</b> or <b>db</b> format, is used for
        fast searching by the mail  system.  Execute  the  command
-       "<b>postmap  /etc/postfix/relocated</b>"  in order to rebuild the
-       indexed file after changing the relocated table.
+       "<b>postmap  /etc/postfix/relocated</b>"  to  rebuild  an indexed
+       file after changing the corresponding relocated table.
 
        When the table is provided via other means  such  as  NIS,
        LDAP  or  SQL,  the  same lookups are done as for ordinary
@@ -31,9 +31,9 @@ RELOCATED(5)                                                      RELOCATED(5)
        Alternatively, the table can be  provided  as  a  regular-
        expression map where patterns are given as regular expres-
        sions, or lookups can be directed to TCP-based server.  In
-       that  case,  the  lookups are done in a slightly different
+       those  case,  the lookups are done in a slightly different
        way as described below under "REGULAR  EXPRESSION  TABLES"
-       and "TCP-BASED TABLES".
+       or "TCP-BASED TABLES".
 
        Table lookups are case insensitive.
 
diff --git a/postfix/html/scache.8.html b/postfix/html/scache.8.html
index 868e14f53..9b3aacc2d 100644
--- a/postfix/html/scache.8.html
+++ b/postfix/html/scache.8.html
@@ -120,8 +120,8 @@ SCACHE(8)                                                            SCACHE(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The  maximum  amount  of  time that an idle Postfix
-              daemon process waits for the next  service  request
-              before exiting.
+              daemon process waits  for  an  incoming  connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
               The  process  ID  of  a  Postfix  command or daemon
diff --git a/postfix/html/showq.8.html b/postfix/html/showq.8.html
index 5cb1f446f..0d9ccd40c 100644
--- a/postfix/html/showq.8.html
+++ b/postfix/html/showq.8.html
@@ -72,31 +72,32 @@ SHOWQ(8)                                                              SHOWQ(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The  maximum  amount  of  time that an idle Postfix
-              daemon process waits for the next  service  request
-              before exiting.
+              daemon process waits  for  an  incoming  connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The  maximal number of connection requests before a
-              Postfix daemon process terminates.
+              The  maximal  number of incoming connections that a
+              Postfix daemon process will service  before  termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The process ID  of  a  Postfix  command  or  daemon
+              The  process  ID  of  a  Postfix  command or daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The  process  name  of  a Postfix command or daemon
+              The process name of a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The location of the Postfix top-level queue  direc-
+              The  location of the Postfix top-level queue direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>FILES</b>
@@ -111,7 +112,7 @@ SHOWQ(8)                                                              SHOWQ(8)
        syslogd(8), system logging
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/smtp.8.html b/postfix/html/smtp.8.html
index 7d4246aab..772e43d4a 100644
--- a/postfix/html/smtp.8.html
+++ b/postfix/html/smtp.8.html
@@ -42,8 +42,8 @@ SMTP(8)                                                                SMTP(8)
 
        By  default, connection caching is enabled temporarily for
        destinations that have a high volume of mail in the active
-       queue. Session caching can be enabled permanently for spe-
-       cific destinations.
+       queue.  Connection  caching can be enabled permanently for
+       specific destinations.
 
 <b>SMTP DESTINATION SYNTAX</b>
        SMTP destinations have the following form:
@@ -247,7 +247,7 @@ SMTP(8)                                                                SMTP(8)
               LMTP client will ignore in the LHLO response from a
               remote LMTP server.
 
-       <b><a href="postconf.5.html#lmtp_discard_lhlo_keywords">lmtp_discard_lhlo_keywords</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
+       <b><a href="postconf.5.html#lmtp_discard_lhlo_keywords">lmtp_discard_lhlo_keywords</a> (empty)</b>
               A  case insensitive list of LHLO keywords (pipelin-
               ing, starttls, auth, etc.)  that  the  LMTP  client
               will ignore in the LHLO response from a remote LMTP
@@ -655,69 +655,70 @@ SMTP(8)                                                                SMTP(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
               The network interface addresses that this mail sys-
-              tem receives mail on by way of a proxy  or  network
+              tem  receives  mail on by way of a proxy or network
               address translation unit.
 
        <b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
-              An  optional  numerical  network  address  that the
-              Postfix SMTP client should bind to when  making  an
+              An optional  numerical  network  address  that  the
+              Postfix  SMTP  client should bind to when making an
               IPv4 connection.
 
        <b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
-              An  optional  numerical  network  address  that the
-              Postfix SMTP client should bind to when  making  an
+              An optional  numerical  network  address  that  the
+              Postfix  SMTP  client should bind to when making an
               IPv6 connection.
 
        <b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
-              The  hostname to send in the SMTP EHLO or HELO com-
+              The hostname to send in the SMTP EHLO or HELO  com-
               mand.
 
        <b><a href="postconf.5.html#lmtp_lhloname">lmtp_lhlo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
               The hostname to send in the LMTP LHLO command.
 
        <b><a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a> (dns)</b>
-              What mechanisms when the Postfix SMTP  client  uses
+              What  mechanisms  when the Postfix SMTP client uses
               to look up a host's IP address.
 
        <b><a href="postconf.5.html#smtp_randomize_addresses">smtp_randomize_addresses</a> (yes)</b>
-              Randomize  the  order  of  equal-preference MX host
+              Randomize the order  of  equal-preference  MX  host
               addresses.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The mail system  name  that  is  prepended  to  the
-              process  name  in  syslog  records, so that "smtpd"
+              The  mail  system  name  that  is  prepended to the
+              process name in syslog  records,  so  that  "smtpd"
               becomes, for example, "postfix/smtpd".
 
        Available with Postfix 2.2 and earlier:
 
        <b><a href="postconf.5.html#fallback_relay">fallback_relay</a> (empty)</b>
-              Optional list of relay hosts for SMTP  destinations
+              Optional  list of relay hosts for SMTP destinations
               that can't be found or that are unreachable.
 
        Available with Postfix 2.3 and later:
 
        <b><a href="postconf.5.html#smtp_fallback_relay">smtp_fallback_relay</a> ($<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b>
-              Optional  list of relay hosts for SMTP destinations
+              Optional list of relay hosts for SMTP  destinations
               that can't be found or that are unreachable.
 
 <b>SEE ALSO</b>
@@ -735,7 +736,7 @@ SMTP(8)                                                                SMTP(8)
        <a href="TLS_README.html">TLS_README</a>, Postfix STARTTLS howto
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html
index 38b474b63..364f879b0 100644
--- a/postfix/html/smtpd.8.html
+++ b/postfix/html/smtpd.8.html
@@ -1048,35 +1048,36 @@ SMTPD(8)                                                              SMTPD(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The maximum amount of time  that  an  idle  Postfix
-              daemon  process  waits for the next service request
-              before exiting.
+              daemon  process  waits  for  an incoming connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The maximal number of connection requests before  a
-              Postfix daemon process terminates.
+              The maximal number of incoming connections  that  a
+              Postfix  daemon  process will service before termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b>
               The internet hostname of this mail system.
 
        <b><a href="postconf.5.html#mynetworks">mynetworks</a> (see 'postconf -d' output)</b>
-              The  list  of "trusted" SMTP clients that have more
+              The list of "trusted" SMTP clients that  have  more
               privileges than "strangers".
 
        <b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
               The domain name that locally-posted mail appears to
-              come  from,  and that locally posted mail is deliv-
+              come from, and that locally posted mail  is  deliv-
               ered to.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The process ID  of  a  Postfix  command  or  daemon
+              The  process  ID  of  a  Postfix  command or daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The  process  name  of  a Postfix command or daemon
+              The process name of a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The location of the Postfix top-level queue  direc-
+              The  location of the Postfix top-level queue direc-
               tory.
 
        <b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
@@ -1084,22 +1085,22 @@ SMTPD(8)                                                              SMTPD(8)
               sions (user+foo).
 
        <b><a href="postconf.5.html#smtpd_banner">smtpd_banner</a> ($<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b>
-              The text that follows the 220 status  code  in  the
+              The  text  that  follows the 220 status code in the
               SMTP greeting banner.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
        Available in Postfix version 2.2 and later:
 
        <b><a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a> (CONNECT, GET, POST)</b>
-              List  of  commands  that  causes  the  Postfix SMTP
-              server to immediately terminate the session with  a
+              List of  commands  that  causes  the  Postfix  SMTP
+              server  to immediately terminate the session with a
               221 code.
 
 <b>SEE ALSO</b>
@@ -1129,7 +1130,7 @@ SMTPD(8)                                                              SMTPD(8)
        <a href="XFORWARD_README.html">XFORWARD_README</a>, Postfix XFORWARD extension
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/spawn.8.html b/postfix/html/spawn.8.html
index b5e402946..afd13628b 100644
--- a/postfix/html/spawn.8.html
+++ b/postfix/html/spawn.8.html
@@ -110,31 +110,32 @@ SPAWN(8)                                                              SPAWN(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The  maximum  amount  of  time that an idle Postfix
-              daemon process waits for the next  service  request
-              before exiting.
+              daemon process waits  for  an  incoming  connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The  maximal number of connection requests before a
-              Postfix daemon process terminates.
+              The  maximal  number of incoming connections that a
+              Postfix daemon process will service  before  termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The process ID  of  a  Postfix  command  or  daemon
+              The  process  ID  of  a  Postfix  command or daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The  process  name  of  a Postfix command or daemon
+              The process name of a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The location of the Postfix top-level queue  direc-
+              The  location of the Postfix top-level queue direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>SEE ALSO</b>
@@ -143,7 +144,7 @@ SPAWN(8)                                                              SPAWN(8)
        syslogd(8), system logging
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/transport.5.html b/postfix/html/transport.5.html
index 5e06f5b55..a2a225f3b 100644
--- a/postfix/html/transport.5.html
+++ b/postfix/html/transport.5.html
@@ -55,8 +55,8 @@ TRANSPORT(5)                                                      TRANSPORT(5)
        file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command.   The
        result,  an  indexed file in <b>dbm</b> or <b>db</b> format, is used for
        fast searching by the mail  system.  Execute  the  command
-       "<b>postmap  /etc/postfix/transport</b>"  in order to rebuild the
-       indexed file after changing the transport table.
+       "<b>postmap  /etc/postfix/transport</b>"  to  rebuild  an indexed
+       file after changing the corresponding transport table.
 
        When the table is provided via other means  such  as  NIS,
        LDAP  or  SQL,  the  same lookups are done as for ordinary
@@ -65,9 +65,9 @@ TRANSPORT(5)                                                      TRANSPORT(5)
        Alternatively, the table can be  provided  as  a  regular-
        expression map where patterns are given as regular expres-
        sions, or lookups can be directed to TCP-based server.  In
-       that  case,  the  lookups are done in a slightly different
+       those  case,  the lookups are done in a slightly different
        way as described below under "REGULAR  EXPRESSION  TABLES"
-       and "TCP-BASED TABLES".
+       or "TCP-BASED TABLES".
 
 <b>CASE FOLDING</b>
        The  search  string is folded to lowercase before database
diff --git a/postfix/html/trivial-rewrite.8.html b/postfix/html/trivial-rewrite.8.html
index 2e045a1e6..18b5b7a34 100644
--- a/postfix/html/trivial-rewrite.8.html
+++ b/postfix/html/trivial-rewrite.8.html
@@ -252,45 +252,46 @@ TRIVIAL-REWRITE(8)                                          TRIVIAL-REWRITE(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The  maximum  amount  of  time that an idle Postfix
-              daemon process waits for the next  service  request
-              before exiting.
+              daemon process waits  for  an  incoming  connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The  maximal number of connection requests before a
-              Postfix daemon process terminates.
+              The  maximal  number of incoming connections that a
+              Postfix daemon process will service  before  termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#relocated_maps">relocated_maps</a> (empty)</b>
               Optional lookup tables with new contact information
               for users or domains that no longer exist.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The  process  ID  of  a  Postfix  command or daemon
+              The process ID  of  a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The process name of a  Postfix  command  or  daemon
+              The  process  name  of  a Postfix command or daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The  location of the Postfix top-level queue direc-
+              The location of the Postfix top-level queue  direc-
               tory.
 
        <b><a href="postconf.5.html#show_user_unknown_table_name">show_user_unknown_table_name</a> (yes)</b>
-              Display the name of  the  recipient  table  in  the
+              Display  the  name  of  the  recipient table in the
               "User unknown" responses.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
        Available in Postfix version 2.0 and later:
 
        <b><a href="postconf.5.html#helpful_warnings">helpful_warnings</a> (yes)</b>
-              Log  warnings  about problematic configuration set-
+              Log warnings about problematic  configuration  set-
               tings, and provide helpful suggestions.
 
 <b>SEE ALSO</b>
@@ -305,7 +306,7 @@ TRIVIAL-REWRITE(8)                                          TRIVIAL-REWRITE(8)
        <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a>, Postfix address verification
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/virtual.5.html b/postfix/html/virtual.5.html
index bc45d2a12..7df786e30 100644
--- a/postfix/html/virtual.5.html
+++ b/postfix/html/virtual.5.html
@@ -48,8 +48,8 @@ VIRTUAL(5)                                                          VIRTUAL(5)
        text  file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command.
        The result, an indexed file in <b>dbm</b> or <b>db</b> format,  is  used
        for fast searching by the mail system. Execute the command
-       "<b>postmap /etc/postfix/virtual</b>" in  order  to  rebuild  the
-       indexed file after changing the text file.
+       "<b>postmap /etc/postfix/virtual</b>" to rebuild an indexed  file
+       after changing the corresponding text file.
 
        When  the  table  is provided via other means such as NIS,
        LDAP or SQL, the same lookups are  done  as  for  ordinary
@@ -58,9 +58,9 @@ VIRTUAL(5)                                                          VIRTUAL(5)
        Alternatively,  the  table  can  be provided as a regular-
        expression map where patterns are given as regular expres-
        sions,  or lookups can be directed to TCP-based server. In
-       that case, the lookups are done in  a  slightly  different
+       those case, the lookups are done in a  slightly  different
        way  as  described below under "REGULAR EXPRESSION TABLES"
-       and "TCP-BASED TABLES".
+       or "TCP-BASED TABLES".
 
 <b>CASE FOLDING</b>
        The search string is folded to lowercase  before  database
diff --git a/postfix/html/virtual.8.html b/postfix/html/virtual.8.html
index eda09fc99..3d7e5268a 100644
--- a/postfix/html/virtual.8.html
+++ b/postfix/html/virtual.8.html
@@ -253,31 +253,32 @@ VIRTUAL(8)                                                          VIRTUAL(8)
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
               The  maximum  amount  of  time that an idle Postfix
-              daemon process waits for the next  service  request
-              before exiting.
+              daemon process waits  for  an  incoming  connection
+              before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The  maximal number of connection requests before a
-              Postfix daemon process terminates.
+              The  maximal  number of incoming connections that a
+              Postfix daemon process will service  before  termi-
+              nating voluntarily.
 
        <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The process ID  of  a  Postfix  command  or  daemon
+              The  process  ID  of  a  Postfix  command or daemon
               process.
 
        <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The  process  name  of  a Postfix command or daemon
+              The process name of a  Postfix  command  or  daemon
               process.
 
        <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
-              The location of the Postfix top-level queue  direc-
+              The  location of the Postfix top-level queue direc-
               tory.
 
        <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
 <b>SEE ALSO</b>
@@ -290,20 +291,20 @@ VIRTUAL(8)                                                          VIRTUAL(8)
        <a href="VIRTUAL_README.html">VIRTUAL_README</a>, domain hosting howto
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>HISTORY</b>
-       This delivery agent was originally based  on  the  Postfix
-       local  delivery  agent.  Modifications mainly consisted of
-       removing code that either was not applicable or  that  was
-       not  safe  in this context: aliases, ~user/.forward files,
+       This  delivery  agent  was originally based on the Postfix
+       local delivery agent. Modifications  mainly  consisted  of
+       removing  code  that either was not applicable or that was
+       not safe in this context: aliases,  ~user/.forward  files,
        delivery to "|command" or to /file/name.
 
        The <b>Delivered-To:</b> message header appears in the <b>qmail</b> sys-
        tem by Daniel Bernstein.
 
-       The  <b>maildir</b>  structure  appears  in  the  <b>qmail</b> system by
+       The <b>maildir</b> structure  appears  in  the  <b>qmail</b>  system  by
        Daniel Bernstein.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/man/man1/qshape.1 b/postfix/man/man1/qshape.1
index 4badd4c02..cd8b6350d 100644
--- a/postfix/man/man1/qshape.1
+++ b/postfix/man/man1/qshape.1
@@ -12,6 +12,7 @@ Print Postfix queue domain and age distribution
 \fBqshape\fR [\fB-s\fR] [\fB-p\fR] [\fB-m \fImin_subdomains\fR]
         [\fB-b \fIbucket_count\fR] [\fB-t \fIbucket_time\fR]
         [\fB-l\fR] [\fB-w \fIterminal_width\fR]
+        [\fB-N \fIbatch_msg_count\fR] [\fB-n \fIbatch_top_domains\fR]
         [\fB-c \fIconfig_directory\fR] [\fIqueue_name\fR ...]
 .SH DESCRIPTION
 .ad
@@ -64,6 +65,15 @@ are shown with the prefix replaced by a '+' character. Truncated
 parent domain rows are shown as '.+' followed by the last 16 bytes
 of the domain name. If this is still too narrow to show the domain
 name and all the counters, the terminal_width limit is violated.
+.IP "\fB-N \fIbatch_msg_count\fR"
+When the output device is a terminal, intermediate results are
+shown each "batch_msg_count" messages. This produces usable results
+in a reasonable time even when the deferred queue is large. The
+default is to show intermediate results every 1000 messages.
+.IP "\fB-n \fIbatch_top_domains\fR"
+When reporting intermediate or final results to a termainal, report
+only the top "batch_top_domains" domains. The default limit is 20
+domains.
 .IP "\fB-c \fIconfig_directory\fR"
 The \fBmain.cf\fR configuration file is in the named directory
 instead of the default configuration directory.
diff --git a/postfix/man/man5/access.5 b/postfix/man/man5/access.5
index 568a12df7..525d2022a 100644
--- a/postfix/man/man5/access.5
+++ b/postfix/man/man5/access.5
@@ -4,7 +4,7 @@
 .SH NAME
 access
 \-
-Postfix access table format
+Postfix SMTP server access table
 .SH "SYNOPSIS"
 .na
 .nf
@@ -16,29 +16,27 @@ Postfix access table format
 .SH DESCRIPTION
 .ad
 .fi
-The optional \fBaccess\fR(5) table directs the Postfix SMTP server
-to selectively reject or accept mail. Access can be allowed or
-denied for specific host names, domain names, networks, host
-addresses or mail addresses.
-
-For an example, see the EXAMPLE section at the end of this
-manual page.
+The Postfix SMTP server \fBaccess\fR(5) table specifies
+actions that are triggered by information from or about
+remote SMTP clients: host names, network addresses, or email
+addresses. An action may grant or deny access, or it may
+change the way that an email transaction will be handled.
 
 Normally, the \fBaccess\fR(5) table is specified as a text file
 that serves as input to the \fBpostmap\fR(1) command.
 The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
-is used for fast searching by the mail system. Execute the command
-"\fBpostmap /etc/postfix/access\fR" in order to rebuild the indexed
-file after changing the access table.
+is used for fast searching by the mail system. Execute the
+command "\fBpostmap /etc/postfix/access\fR" to rebuild an
+indexed file after changing the corresponding text file.
 
 When the table is provided via other means such as NIS, LDAP
 or SQL, the same lookups are done as for ordinary indexed files.
 
 Alternatively, the table can be provided as a regular-expression
 map where patterns are given as regular expressions, or lookups
-can be directed to TCP-based server. In that case, the lookups are
-done in a slightly different way as described below under
-"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+can be directed to TCP-based server. In those cases, the lookups
+are done in a slightly different way as described below under
+"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 .SH "CASE FOLDING"
 .na
 .nf
@@ -262,13 +260,14 @@ Note: this action currently affects all recipients of the message.
 This feature is available in Postfix 2.0 and later.
 .IP "\fBPREPEND \fIheadername: headervalue\fR"
 Prepend the specified message header to the message.
-When this action is used multiple times, the first prepended
+When this action executes multiple times, the first prepended
 header appears before the second etc. prepended header.
 .sp
 Note: this action does not support multi-line message headers.
 .sp
-Note: this action must be used before the message content
-is received; it cannot be used in \fBsmtpd_end_of_data_restrictions\fR.
+Note: this action must execute before the message content
+is received; it cannot execute in the context of
+\fBsmtpd_end_of_data_restrictions\fR.
 .sp
 This feature is available in Postfix 2.1 and later.
 .IP "\fBREDIRECT \fIuser@domain\fR"
diff --git a/postfix/man/man5/canonical.5 b/postfix/man/man5/canonical.5
index f8b4747fa..aeaee934f 100644
--- a/postfix/man/man5/canonical.5
+++ b/postfix/man/man5/canonical.5
@@ -25,17 +25,17 @@ Normally, the \fBcanonical\fR(5) table is specified as a text file
 that serves as input to the \fBpostmap\fR(1) command.
 The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
 is used for fast searching by the mail system. Execute the command
-"\fBpostmap /etc/postfix/canonical\fR" in order to rebuild the indexed
-file after changing the text file.
+"\fBpostmap /etc/postfix/canonical\fR" to rebuild an indexed
+file after changing the corresponding text file.
 
 When the table is provided via other means such as NIS, LDAP
 or SQL, the same lookups are done as for ordinary indexed files.
 
 Alternatively, the table can be provided as a regular-expression
 map where patterns are given as regular expressions, or lookups
-can be directed to TCP-based server. In that case, the lookups are
-done in a slightly different way as described below under
-"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+can be directed to TCP-based server. In those cases, the lookups
+are done in a slightly different way as described below under
+"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 
 By default the \fBcanonical\fR(5) mapping affects both message
 header addresses (i.e. addresses that appear inside messages)
diff --git a/postfix/man/man5/cidr_table.5 b/postfix/man/man5/cidr_table.5
index 30504a406..cb4ac93b5 100644
--- a/postfix/man/man5/cidr_table.5
+++ b/postfix/man/man5/cidr_table.5
@@ -17,7 +17,10 @@ format of Postfix CIDR tables
 The Postfix mail system uses optional lookup tables.
 These tables are usually in \fBdbm\fR or \fBdb\fR format.
 Alternatively, lookup tables can be specified in CIDR
-(Classless Inter-Domain Routing) form.
+(Classless Inter-Domain Routing) form. In this case, each
+input is compared against a list of patterns. When a match
+is found, the corresponding result is returned and the search
+is terminated.
 
 To find out what types of lookup tables your Postfix system
 supports use the "\fBpostconf -m\fR" command.
diff --git a/postfix/man/man5/generic.5 b/postfix/man/man5/generic.5
index 59fbc6651..32e310197 100644
--- a/postfix/man/man5/generic.5
+++ b/postfix/man/man5/generic.5
@@ -39,7 +39,7 @@ text file that serves as input to the \fBpostmap\fR(1)
 command.  The result, an indexed file in \fBdbm\fR or
 \fBdb\fR format, is used for fast searching by the mail
 system. Execute the command "\fBpostmap /etc/postfix/generic\fR"
-in order to rebuild the indexed file after changing the
+to rebuild an indexed file after changing the corresponding
 text file.
 
 When the table is provided via other means such as NIS, LDAP
@@ -47,9 +47,9 @@ or SQL, the same lookups are done as for ordinary indexed files.
 
 Alternatively, the table can be provided as a regular-expression
 map where patterns are given as regular expressions, or lookups
-can be directed to TCP-based server. In that case, the lookups are
-done in a slightly different way as described below under
-"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+can be directed to TCP-based server. In those case, the lookups
+are done in a slightly different way as described below under
+"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 .SH "CASE FOLDING"
 .na
 .nf
diff --git a/postfix/man/man5/pcre_table.5 b/postfix/man/man5/pcre_table.5
index dc2cb3dfa..3242fcd1c 100644
--- a/postfix/man/man5/pcre_table.5
+++ b/postfix/man/man5/pcre_table.5
@@ -20,8 +20,8 @@ rewriting or mail routing. These tables are usually in
 
 Alternatively, lookup tables can be specified in Perl Compatible
 Regular Expression form. In this case, each input is compared
-against a list of patterns, and when a match is found the
-corresponding result is returned.
+against a list of patterns. When a match is found, the
+corresponding result is returned and the search is terminated.
 
 To find out what types of lookup tables your Postfix system
 supports use the "\fBpostconf -m\fR" command.
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index 0894e6a06..5b61670cf 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -1104,9 +1104,9 @@ precision.
 .PP
 The format of the "delays=a/b/c/d" logging is as follows:
 .IP \(bu
-a = time before the queue manager, including message transmission
+a = time from message arrival to last active queue entry
 .IP \(bu
-b = time in queue manager
+b = time from last active queue entry to connection setup
 .IP \(bu
 c = time in connection setup, including DNS, EHLO and TLS
 .IP \(bu
@@ -1805,7 +1805,7 @@ details. The table is not indexed by hostname for consistency with
 smtpd_discard_ehlo_keyword_address_maps.
 .PP
 This feature is available in Postfix 2.3 and later.
-.SH lmtp_discard_lhlo_keywords (default: $myhostname)
+.SH lmtp_discard_lhlo_keywords (default: empty)
 A case insensitive list of LHLO keywords (pipelining, starttls,
 auth, etc.) that the LMTP client will ignore in the LHLO response
 from a remote LMTP server.
@@ -2649,16 +2649,18 @@ masquerade_exceptions = root
 .ad
 .ft R
 .SH max_idle (default: 100s)
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.  This parameter
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.  This
+parameter
 is ignored by the Postfix queue manager and by other long-lived
 Postfix daemon processes.
 .PP
 Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
 The default time unit is s (seconds).
 .SH max_use (default: 100)
-The maximal number of connection requests before a Postfix daemon
-process terminates. This parameter is ignored by the Postfix queue
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.  This parameter
+is ignored by the Postfix queue
 manager and by other long-lived Postfix daemon processes.
 .SH maximal_backoff_time (default: 4000s)
 The maximal time between attempts to deliver a deferred message.
diff --git a/postfix/man/man5/regexp_table.5 b/postfix/man/man5/regexp_table.5
index 43af5f38b..96a87dd37 100644
--- a/postfix/man/man5/regexp_table.5
+++ b/postfix/man/man5/regexp_table.5
@@ -20,8 +20,8 @@ rewriting or mail routing. These tables are usually in
 
 Alternatively, lookup tables can be specified in POSIX regular
 expression form. In this case, each input is compared against a
-list of patterns, and when a match is found the corresponding
-result is returned.
+list of patterns. When a match is found, the corresponding
+result is returned and the search is terminated.
 
 To find out what types of lookup tables your Postfix system
 supports use the "\fBpostconf -m\fR" command.
diff --git a/postfix/man/man5/relocated.5 b/postfix/man/man5/relocated.5
index 11f813618..ebfe3ee4a 100644
--- a/postfix/man/man5/relocated.5
+++ b/postfix/man/man5/relocated.5
@@ -19,17 +19,17 @@ Normally, the \fBrelocated\fR(5) table is specified as a text file
 that serves as input to the \fBpostmap\fR(1) command.
 The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
 is used for fast searching by the mail system. Execute the command
-"\fBpostmap /etc/postfix/relocated\fR" in order to rebuild the indexed
-file after changing the relocated table.
+"\fBpostmap /etc/postfix/relocated\fR" to rebuild an indexed
+file after changing the corresponding relocated table.
 
 When the table is provided via other means such as NIS, LDAP
 or SQL, the same lookups are done as for ordinary indexed files.
 
 Alternatively, the table can be provided as a regular-expression
 map where patterns are given as regular expressions, or lookups
-can be directed to TCP-based server. In that case, the lookups are
-done in a slightly different way as described below under
-"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+can be directed to TCP-based server. In those case, the lookups
+are done in a slightly different way as described below under
+"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 
 Table lookups are case insensitive.
 .SH "CASE FOLDING"
diff --git a/postfix/man/man5/transport.5 b/postfix/man/man5/transport.5
index dd5f12fa3..92a30338b 100644
--- a/postfix/man/man5/transport.5
+++ b/postfix/man/man5/transport.5
@@ -49,17 +49,17 @@ Normally, the \fBtransport\fR(5) table is specified as a text file
 that serves as input to the \fBpostmap\fR(1) command.
 The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
 for fast searching by the mail system. Execute the command
-"\fBpostmap /etc/postfix/transport\fR" in order to rebuild the indexed
-file after changing the transport table.
+"\fBpostmap /etc/postfix/transport\fR" to rebuild an indexed
+file after changing the corresponding transport table.
 
 When the table is provided via other means such as NIS, LDAP
 or SQL, the same lookups are done as for ordinary indexed files.
 
 Alternatively, the table can be provided as a regular-expression
 map where patterns are given as regular expressions, or lookups
-can be directed to TCP-based server. In that case, the lookups are
-done in a slightly different way as described below under
-"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+can be directed to TCP-based server. In those case, the lookups
+are done in a slightly different way as described below under
+"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 .SH "CASE FOLDING"
 .na
 .nf
diff --git a/postfix/man/man5/virtual.5 b/postfix/man/man5/virtual.5
index 139c87a4a..64d048f56 100644
--- a/postfix/man/man5/virtual.5
+++ b/postfix/man/man5/virtual.5
@@ -45,17 +45,17 @@ Normally, the \fBvirtual\fR(5) alias table is specified as a text file
 that serves as input to the \fBpostmap\fR(1) command.
 The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
 is used for fast searching by the mail system. Execute the command
-"\fBpostmap /etc/postfix/virtual\fR" in order to rebuild the indexed
-file after changing the text file.
+"\fBpostmap /etc/postfix/virtual\fR" to rebuild an indexed
+file after changing the corresponding text file.
 
 When the table is provided via other means such as NIS, LDAP
 or SQL, the same lookups are done as for ordinary indexed files.
 
 Alternatively, the table can be provided as a regular-expression
 map where patterns are given as regular expressions, or lookups
-can be directed to TCP-based server. In that case, the lookups are
-done in a slightly different way as described below under
-"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+can be directed to TCP-based server. In those case, the lookups
+are done in a slightly different way as described below under
+"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 .SH "CASE FOLDING"
 .na
 .nf
diff --git a/postfix/man/man8/anvil.8 b/postfix/man/man8/anvil.8
index f4aca61f2..8703e8683 100644
--- a/postfix/man/man8/anvil.8
+++ b/postfix/man/man8/anvil.8
@@ -230,11 +230,11 @@ request before it is terminated by a built-in watchdog timer.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/bounce.8 b/postfix/man/man8/bounce.8
index 0e100933b..76c66e399 100644
--- a/postfix/man/man8/bounce.8
+++ b/postfix/man/man8/bounce.8
@@ -103,11 +103,11 @@ and body_checks.
 The mail system name that is displayed in Received: headers, in
 the SMTP greeting banner, and in bounced mail.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBnotify_classes (resource, software)\fR"
 The list of error classes that are reported to the postmaster.
 .IP "\fBprocess_id (read-only)\fR"
diff --git a/postfix/man/man8/cleanup.8 b/postfix/man/man8/cleanup.8
index bf83d73c0..e6876820b 100644
--- a/postfix/man/man8/cleanup.8
+++ b/postfix/man/man8/cleanup.8
@@ -333,11 +333,11 @@ mail that is still queued.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBmyhostname (see 'postconf -d' output)\fR"
 The internet hostname of this mail system.
 .IP "\fBmyorigin ($myhostname)\fR"
diff --git a/postfix/man/man8/discard.8 b/postfix/man/man8/discard.8
index 48256947b..7a9cd7dae 100644
--- a/postfix/man/man8/discard.8
+++ b/postfix/man/man8/discard.8
@@ -74,11 +74,11 @@ by the mail system.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/error.8 b/postfix/man/man8/error.8
index 854837691..d774d74af 100644
--- a/postfix/man/man8/error.8
+++ b/postfix/man/man8/error.8
@@ -15,8 +15,8 @@ Postfix error/retry mail delivery agent
 The Postfix \fBerror\fR(8) delivery agent processes delivery
 requests from
 the queue manager. Each request specifies a queue file, a sender
-address, a domain or host name that is treated as the reason for
-non-delivery, and recipient information.
+address, the reason for non-delivery (specified as the
+next-hop destination), and recipient information.
 The reason may be prefixed with an RFC 3463-compatible detail code.
 This program expects to be run from the \fBmaster\fR(8) process
 manager.
@@ -81,11 +81,11 @@ by the mail system.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBnotify_classes (resource, software)\fR"
 The list of error classes that are reported to the postmaster.
 .IP "\fBprocess_id (read-only)\fR"
diff --git a/postfix/man/man8/flush.8 b/postfix/man/man8/flush.8
index c85d6eb44..91313b9f9 100644
--- a/postfix/man/man8/flush.8
+++ b/postfix/man/man8/flush.8
@@ -110,11 +110,11 @@ is deleted.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBparent_domain_matches_subdomains (see 'postconf -d' output)\fR"
 What Postfix features match subdomains of "domain.tld" automatically,
 instead of requiring an explicit ".domain.tld" pattern.
diff --git a/postfix/man/man8/local.8 b/postfix/man/man8/local.8
index 324bb2a27..445200745 100644
--- a/postfix/man/man8/local.8
+++ b/postfix/man/man8/local.8
@@ -545,11 +545,11 @@ communication channel.
 .IP "\fBlocal_command_shell (empty)\fR"
 Optional shell program for \fBlocal\fR(8) delivery to non-Postfix command.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprepend_delivered_header (command, file, forward)\fR"
 The message delivery contexts where the Postfix \fBlocal\fR(8) delivery
 agent prepends a Delivered-To:  message header with the address
diff --git a/postfix/man/man8/master.8 b/postfix/man/man8/master.8
index 05e7b839a..bc20cda9d 100644
--- a/postfix/man/man8/master.8
+++ b/postfix/man/man8/master.8
@@ -101,11 +101,11 @@ Use the "\fBpostfix reload\fR" command after a configuration change.
 The default maximal number of Postfix child processes that provide
 a given service.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBservice_throttle_time (60s)\fR"
 How long the Postfix \fBmaster\fR(8) waits before forking a server that
 appears to be malfunctioning.
diff --git a/postfix/man/man8/pickup.8 b/postfix/man/man8/pickup.8
index ece84a09d..2c7204091 100644
--- a/postfix/man/man8/pickup.8
+++ b/postfix/man/man8/pickup.8
@@ -87,11 +87,11 @@ communication channel.
 Upon input, long lines are chopped up into pieces of at most
 this length; upon delivery, long lines are reconstructed.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/pipe.8 b/postfix/man/man8/pipe.8
index 766b37447..e8e7747c2 100644
--- a/postfix/man/man8/pipe.8
+++ b/postfix/man/man8/pipe.8
@@ -351,11 +351,11 @@ communication channel.
 The UNIX system account that owns the Postfix queue and most Postfix
 daemon processes.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/proxymap.8 b/postfix/man/man8/proxymap.8
index 4cf7464a6..975e230a3 100644
--- a/postfix/man/man8/proxymap.8
+++ b/postfix/man/man8/proxymap.8
@@ -118,11 +118,11 @@ request before it is terminated by a built-in watchdog timer.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/qmqpd.8 b/postfix/man/man8/qmqpd.8
index b19fb1c93..6ca72e751 100644
--- a/postfix/man/man8/qmqpd.8
+++ b/postfix/man/man8/qmqpd.8
@@ -119,11 +119,11 @@ request before it is terminated by a built-in watchdog timer.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/scache.8 b/postfix/man/man8/scache.8
index 310ee8af4..4b200166a 100644
--- a/postfix/man/man8/scache.8
+++ b/postfix/man/man8/scache.8
@@ -120,8 +120,8 @@ request before it is terminated by a built-in watchdog timer.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/showq.8 b/postfix/man/man8/showq.8
index c8b802623..44791fa8e 100644
--- a/postfix/man/man8/showq.8
+++ b/postfix/man/man8/showq.8
@@ -71,11 +71,11 @@ The recipient of mail addressed to the null address.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/smtp.8 b/postfix/man/man8/smtp.8
index 198d25c7d..fd63091dc 100644
--- a/postfix/man/man8/smtp.8
+++ b/postfix/man/man8/smtp.8
@@ -39,7 +39,7 @@ may be used by any SMTP+LMTP client for a subsequent transaction.
 
 By default, connection caching is enabled temporarily for
 destinations that have a high volume of mail in the active
-queue. Session caching can be enabled permanently for
+queue. Connection caching can be enabled permanently for
 specific destinations.
 .SH "SMTP DESTINATION SYNTAX"
 .na
@@ -222,7 +222,7 @@ Lookup tables, indexed by the remote LMTP server address, with
 case insensitive lists of LHLO keywords (pipelining, starttls,
 auth, etc.) that the LMTP client will ignore in the LHLO response
 from a remote LMTP server.
-.IP "\fBlmtp_discard_lhlo_keywords ($myhostname)\fR"
+.IP "\fBlmtp_discard_lhlo_keywords (empty)\fR"
 A case insensitive list of LHLO keywords (pipelining, starttls,
 auth, etc.) that the LMTP client will ignore in the LHLO response
 from a remote LMTP server.
@@ -524,11 +524,11 @@ communication channel.
 .IP "\fBlmtp_tcp_port (24)\fR"
 The default TCP port that the Postfix LMTP client connects to.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8
index f76921ba0..21ab94646 100644
--- a/postfix/man/man8/smtpd.8
+++ b/postfix/man/man8/smtpd.8
@@ -829,11 +829,11 @@ the SMTP greeting banner, and in bounced mail.
 The UNIX system account that owns the Postfix queue and most Postfix
 daemon processes.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBmyhostname (see 'postconf -d' output)\fR"
 The internet hostname of this mail system.
 .IP "\fBmynetworks (see 'postconf -d' output)\fR"
diff --git a/postfix/man/man8/spawn.8 b/postfix/man/man8/spawn.8
index df72c346a..21418fc13 100644
--- a/postfix/man/man8/spawn.8
+++ b/postfix/man/man8/spawn.8
@@ -112,11 +112,11 @@ communication channel.
 The UNIX system account that owns the Postfix queue and most Postfix
 daemon processes.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/man/man8/trivial-rewrite.8 b/postfix/man/man8/trivial-rewrite.8
index 396147f95..7252e4388 100644
--- a/postfix/man/man8/trivial-rewrite.8
+++ b/postfix/man/man8/trivial-rewrite.8
@@ -224,11 +224,11 @@ The recipient of mail addressed to the null address.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBrelocated_maps (empty)\fR"
 Optional lookup tables with new contact information for users or
 domains that no longer exist.
diff --git a/postfix/man/man8/virtual.8 b/postfix/man/man8/virtual.8
index 72fdf2acd..9cf898111 100644
--- a/postfix/man/man8/virtual.8
+++ b/postfix/man/man8/virtual.8
@@ -260,11 +260,11 @@ sub-second delay values.
 The time limit for sending or receiving information over an internal
 communication channel.
 .IP "\fBmax_idle (100s)\fR"
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.
 .IP "\fBmax_use (100)\fR"
-The maximal number of connection requests before a Postfix daemon
-process terminates.
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
 .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/proto/QSHAPE_README.html b/postfix/proto/QSHAPE_README.html
index 2418eba7b..16394a138 100644
--- a/postfix/proto/QSHAPE_README.html
+++ b/postfix/proto/QSHAPE_README.html
@@ -19,17 +19,11 @@
 
 <h2>Purpose of this document </h2>
 
-<p> This document describes the qshape(1) program which helps the
-administrator understand the Postfix queue message distribution
-sorted by time and by sender or recipient domain. qshape(1) is
-bundled with the Postfix 2.1 source under the "auxiliary" directory.
-</p>
-
-<p> In order to understand the output of qshape(1), it useful to
-understand the various Postfix queues. To this end the role of each
-Postfix queue directory is described briefly in the "Background
-info:  Postfix queue directories" section near the end of this
-document.  </p>
+<p> This document is an introduction to Postfix queue congestion analysis.
+It explains how the qshape(1) program can help to track down the
+reason for queue congestion.  qshape(1) is bundled with Postfix
+2.1 and later source code, under the "auxiliary" directory. This
+document describes qshape(1) as bundled with Postfix 2.4.  </p>
 
 <p> This document covers the following topics: </p>
 
@@ -49,7 +43,7 @@ queue</a></li>
 
 <li><a href="#backlog">Example 4: High volume destination backlog</a>
 
-<li><a href="#queues">Background info: Postfix queue directories</a>
+<li><a href="#queues">Postfix queue directories</a>
 
 <ul>
 
@@ -71,7 +65,6 @@ queue</a></li>
 
 <h2><a name="qshape">Introducing the qshape tool</a></h2>
 
-
 <p> When mail is draining slowly or the queue is unexpectedly large,
 run qshape(1) as the super-user (root) to help zero in on the problem.
 The qshape(1) program displays a tabular view of the Postfix queue
@@ -124,6 +117,12 @@ minutes old and 12 older than 1280 minutes (1440 minutes in a day).
 
 </ul>
 
+<p> When the output is a terminal intermediate results showing the top 20
+domains (-n option) are displayed after every 1000 messages (-N option)
+and the final output also shows only the top 20 domains. This makes
+qshape useful even when the deferred queue is very large and it may
+otherwise take prohibitively long to read the entire deferred queue. </p>
+
 <p> By default, qshape shows statistics for the union of both the
 incoming and active queues which are the most relevant queues to
 look at when analyzing performance. </p>
@@ -132,8 +131,8 @@ look at when analyzing performance. </p>
 
 <blockquote>
 <pre>
-$ qshape deferred | less
-$ qshape incoming active deferred | less
+$ qshape deferred
+$ qshape incoming active deferred
 </pre>
 </blockquote>
 
@@ -157,11 +156,11 @@ a burst of mail started, and when it stopped. </p>
 <p> The problem destinations or sender domains appear near the top
 left corner of the output table. Remember that the active queue
 can accommodate up to 20000 ($qmgr_message_active_limit) messages.
-To check wether this limit has been reached, use: </p>
+To check whether this limit has been reached, use: </p>
 
 <blockquote>
 <pre>
-$ qshape -s active | head       <i>(show sender statistics)</i>
+$ qshape -s active       <i>(show sender statistics)</i>
 </pre>
 </blockquote>
 
@@ -169,13 +168,13 @@ $ qshape -s active | head       <i>(show sender statistics)</i>
 not yet saturated, any high volume sender domains show near the
 top of the output.
 
-<p> The active queue is also limited to at most 20000 recipient
-addresses ($qmgr_message_recipient_limit). To check for exhaustion
-of this limit use: </p>
+<p> With oqmgr(8) the active queue is also limited to at most 20000
+recipient addresses ($qmgr_message_recipient_limit). To check for
+exhaustion of this limit use: </p>
 
 <blockquote>
 <pre>
-$ qshape active | head          <i>(show recipient statistics)</i>
+$ qshape active          <i>(show recipient statistics)</i>
 </pre>
 </blockquote>
 
@@ -381,14 +380,17 @@ queue congestion is a greater cause for alarm; one might need to
 take measures to ensure that the mail is deferred instead or even
 add an access(5) rule asking the sender to try again later. </p>
 
-<p> If a high volume destination exhibits frequent bursts of
-consecutive connections refused by all MX hosts or "421 Server busy
-errors", it is possible for the queue manager to mark the destination
-as "dead" despite the transient nature of the errors. The destination
-will be retried again after the expiration of a $minimal_backoff_time
-timer.  If the error bursts are frequent enough it may be that only
-a small quantity of email is delivered before the destination is
-again marked "dead". </p>
+<p> If a high volume destination exhibits frequent bursts of consecutive
+connections refused by all MX hosts or "421 Server busy errors", it
+is possible for the queue manager to mark the destination as "dead"
+despite the transient nature of the errors. The destination will be
+retried again after the expiration of a $minimal_backoff_time timer.
+If the error bursts are frequent enough it may be that only a small
+quantity of email is delivered before the destination is again marked
+"dead". In some cases enabling static (not on demand) connection
+caching by listing the appropriate nexthop domain in a table included in
+"smtp_connection_cache_destinations" may help to reduce the error rate,
+because most messages will re-use existing connections. </p>
 
 <p> The MTA that has been observed most frequently to exhibit such
 bursts of errors is Microsoft Exchange, which refuses connections
@@ -396,17 +398,14 @@ under load. Some proxy virus scanners in front of the Exchange
 server propagate the refused connection to the client as a "421"
 error. </p>
 
-<p> Note that it is now possible to configure Postfix to exhibit
-similarly erratic behavior by misconfiguring the anvil(8) server
-(not included in Postfix 2.1.). Do not use anvil(8) for steady-state
-rate limiting, its purpose is DoS prevention and the rate limits
-set should be very generous! </p>
+<p> Note that it is now possible to configure Postfix to exhibit similarly
+erratic behavior by misconfiguring the anvil(8) service.  Do not use
+anvil(8) for steady-state rate limiting, its purpose is (unintentional)
+DoS prevention and the rate limits set should be very generous! </p>
 
-<p> In the long run it is hoped that the Postfix dead host detection
-and concurrency control mechanism will be tuned to be more "noise"
-tolerant.  If one finds oneself needing to deliver a high volume
-of mail to a destination that exhibits frequent brief bursts of
-errors, there is a subtle workaround. </p>
+<p> If one finds oneself needing to deliver a high volume of mail to a
+destination that exhibits frequent brief bursts of errors and connection
+caching does not solve the problem, there is a subtle workaround. </p>
 
 <ul>
 
@@ -417,12 +416,12 @@ transport for the destination in question. </p>
 transport (a number in the 10-20 range is typical). </p>
 
 <li> <p> IMPORTANT!!! In main.cf configure a very large initial
-and destination concurrency limit for this transport (say 200). </p>
+and destination concurrency limit for this transport (say 2000). </p>
 
 <pre>
 /etc/postfix/main.cf:
-    initial_destination_concurrency = 200
-    <i>transportname</i>_destination_concurrency_limit = 200
+    initial_destination_concurrency = 2000
+    <i>transportname</i>_destination_concurrency_limit = 2000
 </pre>
 
 <p> Where <i>transportname</i> is the name of the master.cf entry
@@ -430,13 +429,13 @@ in question. </p>
 
 </ul>
 
-<p> The effect of this surprising configuration is that up to 200
+<p> The effect of this surprising configuration is that up to 2000
 consecutive errors are tolerated without marking the destination
 dead, while the total concurrency remains reasonable (10-20
 processes). This trick is only for a very specialized situation:
 high volume delivery into a channel with multi-error bursts
 that is capable of high throughput, but is repeatedly throttled by
-the bursts of errors.
+the bursts of errors. </p>
 
 <p> When a destination is unable to handle the load even after the
 Postfix process limit is reduced to 1, a desperate measure is to
@@ -472,7 +471,7 @@ updated when SMTP connection caching is introduced.  </p>
 <p> Hopefully a more elegant solution to these problems will be
 found in the future. </p>
 
-<h2><a name="queues">Background info: Postfix queue directories</a></h2>
+<h2><a name="queues">Postfix queue directories</a></h2>
 
 <p> The following sections describe Postfix queues: their purpose,
 what normal behavior looks like, and how to diagnose abnormal
@@ -497,8 +496,8 @@ to notify the pickup(8) service of its arrival. </p>
 <p> All mail that enters the main Postfix queue does so via the
 cleanup(8) service. The cleanup service is responsible for envelope
 and header rewriting, header and body regular expression checks,
-automatic bcc recipient processing and guaranteed insertion of the
-message into the Postfix "incoming" queue. </p>
+automatic bcc recipient processing, milter content processing, and
+reliable insertion of the message into the Postfix "incoming" queue. </p>
 
 <p> In the absence of excessive CPU consumption in cleanup(8) header
 or body regular expression checks or other software consuming all
@@ -514,9 +513,10 @@ one message at a time at a rate that does not exceed the reciprocal
 disk I/O latency (+ CPU if not negligible) of the cleanup service.
 </p>
 
-<p> Congestion in this queue is indicative of an excessive local
-message submission rate or perhaps excessive CPU consumption in
-the cleanup(8) service due to excessive body_checks. </p>
+<p> Congestion in this queue is indicative of an excessive local message
+submission rate or perhaps excessive CPU consumption in the cleanup(8)
+service due to excessive body_checks, or (Postfix &ge; 2.3) high latency
+milters. </p>
 
 <p> Note, that once the active queue is full, the cleanup service
 will attempt to slow down message injection by pausing $in_flow_delay
@@ -524,10 +524,10 @@ for each message. In this case "maildrop" queue congestion may be
 a consequence of congestion downstream, rather than a problem in
 its own right. </p>
 
-<p> Note also, that one should not attempt to deliver large volumes
-of mail via the pickup(8) service. High volume sites must avoid
-using content filters that reinject scanned mail via Postfix
-sendmail(1) and postdrop(1). </p>
+<p> Note, you should not attempt to deliver large volumes of mail via
+the pickup(8) service. High volume sites should avoid using "simple"
+content filters that re-inject scanned mail via Postfix sendmail(1)
+and postdrop(1). </p>
 
 <p> A high arrival rate of locally submitted mail may be an indication
 of an uncaught forwarding loop, or a run-away notification program.
@@ -545,20 +545,19 @@ size of the "maildrop" queue. </p>
 <p> The administrator can define "smtpd" access(5) policies, or
 cleanup(8) header/body checks that cause messages to be automatically
 diverted from normal processing and placed indefinitely in the
-"hold" queue.  Messages placed in the "hold" queue stay there until
+"hold" queue. Messages placed in the "hold" queue stay there until
 the administrator intervenes. No periodic delivery attempts are
 made for messages in the "hold" queue. The postsuper(1) command
 can be used to manually release messages into the "deferred" queue.
 </p>
 
-<p> Messages can potentially stay in the "hold" queue for a time
-exceeding the normal maximal queue lifetime (after which undelivered
-messages are bounced back to the sender). If such "old" messages
-need to be released from the "hold" queue, they should typically
-be moved into the "maildrop" queue, so that the message gets a new
-timestamp and is given more than one opportunity to be delivered.
-Messages that are "young" can be moved directly into the "deferred"
-queue. </p>
+<p> Messages can potentially stay in the "hold" queue longer than
+$maximal_queue_lifetime. If such "old" messages need to be released from
+the "hold" queue, they should typically be moved into the "maildrop"
+queue using "postsuper -r", so that the message gets a new timestamp and
+is given more than one opportunity to be delivered.  Messages that are
+"young" can be moved directly into the "deferred" queue using
+"postsuper -H". </p>
 
 <p> The "hold" queue plays little role in Postfix performance, and
 monitoring of the "hold" queue is typically more closely motivated
@@ -589,11 +588,15 @@ messages into the active queue as soon as they become available.
 
 <p> The incoming queue grows when the message input rate spikes
 above the rate at which the queue manager can import messages into
-the active queue. The main factor slowing down the queue manager
-is transport queries to the trivial-rewrite service. If the queue
+the active queue. The main factors slowing down the queue manager
+are disk I/O and lookup queries to the trivial-rewrite service. If the queue
 manager is routinely not keeping up, consider not using "slow"
 lookup services (MySQL, LDAP, ...) for transport lookups or speeding
-up the hosts that provide the lookup service.  </p>
+up the hosts that provide the lookup service.  If the problem is I/O
+starvation, consider striping the queue over more disks, faster controllers
+with a battery write cache, or other hardware improvements. At the very
+least, make sure that the queue directory is mounted with the "noatime"
+option if applicable to the underlying filesystem. </p>
 
 <p> The in_flow_delay parameter is used to clamp the input rate
 when the queue manager starts to fall behind. The cleanup(8) service
@@ -645,26 +648,40 @@ combination; the group size is capped by the transport's recipient
 concurrency limit.  </p>
 
 <p> Multiple recipient groups (from one or more messages) are queued
-for delivery via the common transport/nexthop combination. The
-destination concurrency limit for the transports caps the number
+for delivery grouped by transport/nexthop combination. The
+<b>destination</b> concurrency limit for the transports caps the number
 of simultaneous delivery attempts for each nexthop. Transports with
-a recipient concurrency limit of 1 are special: these are grouped
-by the actual recipient address rather than the nexthop, thereby
-enabling per-recipient concurrency limits rather than per-domain
+a <b>recipient</b> concurrency limit of 1 are special: these are grouped
+by the actual recipient address rather than the nexthop, yielding
+per-recipient concurrency limits rather than per-domain
 concurrency limits. Per-recipient limits are appropriate when
 performing final delivery to mailboxes rather than when relaying
 to a remote server.  </p>
 
 <p> Congestion occurs in the active queue when one or more destinations
-drain slower than the corresponding message input rate. If a
-destination is down for some time, the queue manager will mark it
-dead, and immediately defer all mail for the destination without
+drain slower than the corresponding message input rate. </p>
+
+<p> Input into the active queue comes both from new mail in the "incoming"
+queue, and retries of mail in the "deferred" queue. Should the "deferred"
+queue get really large, retries of old mail can dominate the arrival
+rate of new mail. Systems with more CPU, faster disks and more network
+bandwidth can deal with larger deferred queues, but as a rule of thumb
+the deferred queue scales to somewhere between 100,000 and 1,000,000
+messages with good performance unlikely above that "limit". Systems with
+queues this large should typically stop accepting new mail, or put the
+backlog "on hold" until the underlying issue is fixed (provided that
+there is enough capacity to handle just the new mail). </p>
+
+<p> When a destination is down for some time, the queue manager will
+mark it dead, and immediately defer all mail for the destination without
 trying to assign it to a delivery agent. In this case the messages
-will quickly leave the active queue and end up in the deferred
-queue. If the destination is instead simply slow, or there is a
-problem causing an excessive arrival rate the active queue will
-grow and will become dominated by mail to the congested destination.
-</p>
+will quickly leave the active queue and end up in the deferred queue
+(with Postfix &lt; 2.4, this is done directly by the queue manager,
+with Postfix &ge; 2.4 this is done via the "retry" delivery agent). </p>
+
+<p> When the destination is instead simply slow, or there is a problem
+causing an excessive arrival rate the active queue will grow and will
+become dominated by mail to the congested destination.  </p>
 
 <p> The only way to reduce congestion is to either reduce the input
 rate or increase the throughput. Increasing the throughput requires
@@ -691,28 +708,56 @@ a high average latency. If the number of outbound SMTP connections
 is draining slowly and the system and network are not loaded, raise
 the "smtp" and/or "relay" process limits!  </p>
 
-<p> Especially for the "relay" transport, consider lower SMTP
-connection timeouts (1-5 seconds) and higher than default destination
-concurrency limits. Compute the expected latency when 1 out of N
-of the MX hosts for a high volume site is down and not responding,
-and make sure that the configured concurrency divided by this
-latency exceeds the required steady-state message rate. If the
-destination is managed by you, consider load balancers in front of
-groups of MX hosts. Load balancers have higher uptime and will be
-able to hide individual MX host failures.  </p>
-
-<p> If necessary, dedicate and tune custom transports for high
-volume destinations.  </p>
-
-<p> Another common cause of congestion is unwarranted flushing of
-the entire deferred queue. The deferred queue holds messages that
-are likely to fail to be delivered and are also likely to be slow
-to fail delivery (timeouts). This means that the most common reaction
-to a large deferred queue (flush it!) is more than likely counter-
-productive, and is likely to make the problem worse. Do not flush
-the deferred queue unless you expect that most of its content has
-recently become deliverable (e.g. relayhost back up after an outage)!
-</p>
+<p> When a high volume destination is served by multiple MX hosts with
+typically low delivery latency, performance can suffer dramatically when
+one of the MX hosts is unresponsive and SMTP connections to that host
+timeout. For example, if there are 2 equal weight MX hosts, the SMTP
+connection timeout is 30 seconds and one of the MX hosts is down, the
+average SMTP connection will take approximately 15 seconds to complete.
+With a default per-destination concurrency limit of 20 connections,
+throughput falls to just over 1 message per second. </p>
+
+<p> The best way to avoid bottlenecks when one or more MX hosts is
+non-responsive is to use connection caching. Connection caching was
+introduced with Postfix 2.2 and is by default enabled on demand for
+destinations with a backlog of mail in the active queue. When connection
+caching is in effect for a particular destination, established connections
+are re-used to send additional messages, this reduces the number of
+connections made per message delivery and maintains good throughput even
+in the face of partial unavailability of the destination's MX hosts. </p>
+
+<p> If connection caching is not available (Postfix &lt; 2.2) or does
+not provide a sufficient latency reduction, especially for the "relay"
+transport used to forward mail to "your own" domains, consider setting
+lower than default SMTP connection timeouts (1-5 seconds) and higher
+than default destination concurrency limits. This will further reduce
+latency and provide more concurrency to maintain throughput should
+latency rise. </p>
+
+<p> Setting high concurrency limits to domains that are not your own may
+be viewed as hostile by the receiving system, and steps may be taken
+to prevent you from monopolizing the destination system's resources.
+The defensive measures may substantially reduce your throughput or block
+access entirely. Do not set aggressive concurrency limits to remote
+domains without coordinating with the administrators of the target
+domain. </p>
+
+<p> If necessary, dedicate and tune custom transports for selected high
+volume destinations. The "relay" transport is provided for forwarding mail
+to domains for which your server is a primary or backup MX host. These can
+make up a substantial fraction of your email traffic. Use the "relay" and
+not the "smtp" transport to send email to these domains. Using the "relay"
+transport allocates a separate delivery agent pool to these destinations
+and allows separate tuning of timeouts and concurrency limits. </p>
+
+<p> Another common cause of congestion is unwarranted flushing of the
+entire deferred queue. The deferred queue holds messages that are likely
+to fail to be delivered and are also likely to be slow to fail delivery
+(time out). As a result the most common reaction to a large deferred queue
+(flush it!) is more than likely counter-productive, and typically makes
+the congestion worse. Do not flush the deferred queue unless you expect
+that most of its content has recently become deliverable (e.g. relayhost
+back up after an outage)!  </p>
 
 <p> Note that whenever the queue manager is restarted, there may
 already be messages in the active queue directory, but the "real"
@@ -723,7 +768,7 @@ queue scan to refill the active queue. The process of moving all
 the messages back and forth, redoing transport table (trivial-rewrite(8)
 resolve service) lookups, and re-importing the messages back into
 memory is expensive. At all costs, avoid frequent restarts of the
-queue manager.  </p>
+queue manager (e.g. via frequent execution of "postfix reload").  </p>
 
 <h3> <a name="deferred_queue"> The "deferred" queue </a> </h3>
 
@@ -732,20 +777,19 @@ and for some recipients delivery failed for a transient reason (it
 might succeed later), the message is placed in the deferred queue.
 </p>
 
-<p> The queue manager scans the deferred queue periodically. The
-scan interval is controlled by the queue_run_delay parameter.
-While a deferred queue scan is in progress, if an incoming queue
-scan is also in progress (ideally these are brief since the incoming
-queue should be short), the queue manager alternates between bringing
-a new "incoming" message and a new "deferred" message into the
-queue.  This "round-robin" strategy prevents starvation of either
-the incoming or the deferred queues.  </p>
+<p> The queue manager scans the deferred queue periodically. The scan
+interval is controlled by the queue_run_delay parameter.  While a deferred
+queue scan is in progress, if an incoming queue scan is also in progress
+(ideally these are brief since the incoming queue should be short), the
+queue manager alternates between looking for messages in the "incoming"
+queue and in the "deferred" queue. This "round-robin" strategy prevents
+starvation of either the incoming or the deferred queues.  </p>
 
 <p> Each deferred queue scan only brings a fraction of the deferred
 queue back into the active queue for a retry. This is because each
 message in the deferred queue is assigned a "cool-off" time when
 it is deferred.  This is done by time-warping the modification
-times of the queue file into the future. The queue file is not
+time of the queue file into the future. The queue file is not
 eligible for a retry if its modification time is not yet reached.
 </p>
 
@@ -756,28 +800,34 @@ within the limits. This means that young messages are initially
 retried more often than old messages.  </p>
 
 <p> If a high volume site routinely has large deferred queues, it
-may be useful to adjust the queue_run_delay, minimal_backoff_time
-and maximal_backoff_time to provide short enough delays on first
-failure, with perhaps longer delays after multiple failures, to
-reduce the retransmission rate of old messages and thereby reduce
-the quantity of previously deferred mail in the active queue.  </p>
+may be useful to adjust the queue_run_delay, minimal_backoff_time and
+maximal_backoff_time to provide short enough delays on first failure
+(Postfix &ge; 2.4 has a sensibly low minimal backoff time by default),
+with perhaps longer delays after multiple failures, to reduce the
+retransmission rate of old messages and thereby reduce the quantity
+of previously deferred mail in the active queue.  If you want a really
+low minimal_backoff_time, you may also want to lower queue_run_delay,
+but understand that more frequent scans will increase the demand for
+disk I/O. </p>
 
 <p> One common cause of large deferred queues is failure to validate
 recipients at the SMTP input stage. Since spammers routinely launch
 dictionary attacks from unrepliable sender addresses, the bounces
-for invalid recipient addresses clog the deferred queue (and at
-high volumes proportionally clog the active queue). Recipient
-validation is strongly recommended through use of the local_recipient_maps
-and relay_recipient_maps parameters.  </p>
+for invalid recipient addresses clog the deferred queue (and at high
+volumes proportionally clog the active queue). Recipient validation
+is strongly recommended through use of the local_recipient_maps and
+relay_recipient_maps parameters. Even when bounces drain quickly they
+inundate innocent victims of forgery with unwanted email. To avoid
+this, do not accept mail for invalid recipients. </p>
 
 <p> When a host with lots of deferred mail is down for some time,
 it is possible for the entire deferred queue to reach its retry
 time simultaneously. This can lead to a very full active queue once
 the host comes back up. The phenomenon can repeat approximately
 every maximal_backoff_time seconds if the messages are again deferred
-after a brief burst of congestion. Ideally, in the future Postfix
+after a brief burst of congestion. Perhaps, a future Postfix release
 will add a random offset to the retry time (or use a combination
-of strategies) to reduce the chances of repeated complete deferred
+of strategies) to reduce the odds of repeated complete deferred
 queue flushes.  </p>
 
 <h2><a name="credits">Credits</a></h2>
diff --git a/postfix/proto/access b/postfix/proto/access
index ff9876cf6..ca229c60b 100644
--- a/postfix/proto/access
+++ b/postfix/proto/access
@@ -2,7 +2,7 @@
 # NAME
 #	access 5
 # SUMMARY
-#	Postfix access table format
+#	Postfix SMTP server access table
 # SYNOPSIS
 #	\fBpostmap /etc/postfix/access\fR
 #
@@ -10,29 +10,27 @@
 #
 #	\fBpostmap -q - /etc/postfix/access <\fIinputfile\fR
 # DESCRIPTION
-#	The optional \fBaccess\fR(5) table directs the Postfix SMTP server
-#	to selectively reject or accept mail. Access can be allowed or
-#	denied for specific host names, domain names, networks, host
-#	addresses or mail addresses.
-#
-#	For an example, see the EXAMPLE section at the end of this
-#	manual page.
+#	The Postfix SMTP server \fBaccess\fR(5) table specifies
+#	actions that are triggered by information from or about
+#	remote SMTP clients: host names, network addresses, or email
+#	addresses. An action may grant or deny access, or it may
+#	change the way that an email transaction will be handled.
 #
 #	Normally, the \fBaccess\fR(5) table is specified as a text file
 #	that serves as input to the \fBpostmap\fR(1) command.
 #	The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
-#	is used for fast searching by the mail system. Execute the command
-#	"\fBpostmap /etc/postfix/access\fR" in order to rebuild the indexed
-#	file after changing the access table.
+#	is used for fast searching by the mail system. Execute the
+#	command "\fBpostmap /etc/postfix/access\fR" to rebuild an
+#	indexed file after changing the corresponding text file.
 #
 #	When the table is provided via other means such as NIS, LDAP
 #	or SQL, the same lookups are done as for ordinary indexed files.
 #
 #	Alternatively, the table can be provided as a regular-expression
 #	map where patterns are given as regular expressions, or lookups
-#	can be directed to TCP-based server. In that case, the lookups are
-#	done in a slightly different way as described below under
-#	"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+#	can be directed to TCP-based server. In those cases, the lookups
+#	are done in a slightly different way as described below under
+#	"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 # CASE FOLDING
 # .ad
 # .fi
@@ -267,13 +265,14 @@
 #	This feature is available in Postfix 2.0 and later.
 # .IP "\fBPREPEND \fIheadername: headervalue\fR"
 #	Prepend the specified message header to the message.
-#	When this action is used multiple times, the first prepended
+#	When this action executes multiple times, the first prepended
 #	header appears before the second etc. prepended header.
 # .sp
 #	Note: this action does not support multi-line message headers.
 # .sp
-#	Note: this action must be used before the message content
-#	is received; it cannot be used in \fBsmtpd_end_of_data_restrictions\fR.
+#	Note: this action must execute before the message content
+#	is received; it cannot execute in the context of
+#	\fBsmtpd_end_of_data_restrictions\fR.
 # .sp
 #	This feature is available in Postfix 2.1 and later.
 # .IP "\fBREDIRECT \fIuser@domain\fR"
diff --git a/postfix/proto/canonical b/postfix/proto/canonical
index 67683058f..d0112fa1f 100644
--- a/postfix/proto/canonical
+++ b/postfix/proto/canonical
@@ -19,17 +19,17 @@
 #	that serves as input to the \fBpostmap\fR(1) command.
 #	The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
 #	is used for fast searching by the mail system. Execute the command
-#	"\fBpostmap /etc/postfix/canonical\fR" in order to rebuild the indexed
-#	file after changing the text file.
+#	"\fBpostmap /etc/postfix/canonical\fR" to rebuild an indexed
+#	file after changing the corresponding text file.
 #
 #	When the table is provided via other means such as NIS, LDAP
 #	or SQL, the same lookups are done as for ordinary indexed files.
 #
 #	Alternatively, the table can be provided as a regular-expression
 #	map where patterns are given as regular expressions, or lookups
-#	can be directed to TCP-based server. In that case, the lookups are
-#	done in a slightly different way as described below under
-#	"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+#	can be directed to TCP-based server. In those cases, the lookups
+#	are done in a slightly different way as described below under
+#	"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 #
 #	By default the \fBcanonical\fR(5) mapping affects both message
 #	header addresses (i.e. addresses that appear inside messages)
diff --git a/postfix/proto/cidr_table b/postfix/proto/cidr_table
index 478326222..75b0c5ab5 100644
--- a/postfix/proto/cidr_table
+++ b/postfix/proto/cidr_table
@@ -11,7 +11,10 @@
 #	The Postfix mail system uses optional lookup tables.
 #	These tables are usually in \fBdbm\fR or \fBdb\fR format.
 #	Alternatively, lookup tables can be specified in CIDR
-#	(Classless Inter-Domain Routing) form.
+#	(Classless Inter-Domain Routing) form. In this case, each
+#	input is compared against a list of patterns. When a match
+#	is found, the corresponding result is returned and the search
+#	is terminated.
 #
 #	To find out what types of lookup tables your Postfix system
 #	supports use the "\fBpostconf -m\fR" command.
diff --git a/postfix/proto/generic b/postfix/proto/generic
index e87029c87..7c4374ced 100644
--- a/postfix/proto/generic
+++ b/postfix/proto/generic
@@ -33,7 +33,7 @@
 #	command.  The result, an indexed file in \fBdbm\fR or
 #	\fBdb\fR format, is used for fast searching by the mail
 #	system. Execute the command "\fBpostmap /etc/postfix/generic\fR"
-#	in order to rebuild the indexed file after changing the
+#	to rebuild an indexed file after changing the corresponding
 #	text file.
 #
 #	When the table is provided via other means such as NIS, LDAP
@@ -41,9 +41,9 @@
 #
 #	Alternatively, the table can be provided as a regular-expression
 #	map where patterns are given as regular expressions, or lookups
-#	can be directed to TCP-based server. In that case, the lookups are
-#	done in a slightly different way as described below under
-#	"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+#	can be directed to TCP-based server. In those case, the lookups
+#	are done in a slightly different way as described below under
+#	"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 # CASE FOLDING
 # .ad
 # .fi
diff --git a/postfix/proto/pcre_table b/postfix/proto/pcre_table
index a2620d2ca..8f54da366 100644
--- a/postfix/proto/pcre_table
+++ b/postfix/proto/pcre_table
@@ -14,8 +14,8 @@
 #
 #	Alternatively, lookup tables can be specified in Perl Compatible
 #	Regular Expression form. In this case, each input is compared
-#	against a list of patterns, and when a match is found the
-#	corresponding result is returned.
+#	against a list of patterns. When a match is found, the
+#	corresponding result is returned and the search is terminated.
 #
 #	To find out what types of lookup tables your Postfix system
 #	supports use the "\fBpostconf -m\fR" command.
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index bbf125e7a..0c8da3d8b 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -2565,8 +2565,9 @@ masquerade_exceptions = root
 %PARAM max_idle 100s
 
 <p>
-The maximum amount of time that an idle Postfix daemon process
-waits for the next service request before exiting.  This parameter
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.  This
+parameter
 is ignored by the Postfix queue manager and by other long-lived
 Postfix daemon processes.
 </p>
@@ -2579,8 +2580,9 @@ The default time unit is s (seconds).
 %PARAM max_use 100
 
 <p>
-The maximal number of connection requests before a Postfix daemon
-process terminates. This parameter is ignored by the Postfix queue
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.  This parameter
+is ignored by the Postfix queue
 manager and by other long-lived Postfix daemon processes.
 </p>
 
@@ -9031,9 +9033,9 @@ precision.  </p>
 
 <ul>
 
-<li> a = time before the queue manager, including message transmission
+<li> a = time from message arrival to last active queue entry
 
-<li> b = time in queue manager
+<li> b = time from last active queue entry to connection setup
 
 <li> c = time in connection setup, including DNS, EHLO and TLS
 
@@ -9132,7 +9134,7 @@ smtpd_discard_ehlo_keyword_address_maps. </p>
 
 <p> This feature is available in Postfix 2.3 and later. </p>
 
-%PARAM lmtp_discard_lhlo_keywords $myhostname
+%PARAM lmtp_discard_lhlo_keywords 
 
 <p> A case insensitive list of LHLO keywords (pipelining, starttls,
 auth, etc.) that the LMTP client will ignore in the LHLO response
diff --git a/postfix/proto/regexp_table b/postfix/proto/regexp_table
index 5662d4603..ea4c703e7 100644
--- a/postfix/proto/regexp_table
+++ b/postfix/proto/regexp_table
@@ -14,8 +14,8 @@
 #
 #	Alternatively, lookup tables can be specified in POSIX regular
 #	expression form. In this case, each input is compared against a
-#	list of patterns, and when a match is found the corresponding
-#	result is returned.
+#	list of patterns. When a match is found, the corresponding
+#	result is returned and the search is terminated.
 #
 #	To find out what types of lookup tables your Postfix system
 #	supports use the "\fBpostconf -m\fR" command.
diff --git a/postfix/proto/relocated b/postfix/proto/relocated
index 332911b3e..34b6beee4 100644
--- a/postfix/proto/relocated
+++ b/postfix/proto/relocated
@@ -13,17 +13,17 @@
 #	that serves as input to the \fBpostmap\fR(1) command.
 #	The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
 #	is used for fast searching by the mail system. Execute the command
-#	"\fBpostmap /etc/postfix/relocated\fR" in order to rebuild the indexed
-#	file after changing the relocated table.
+#	"\fBpostmap /etc/postfix/relocated\fR" to rebuild an indexed
+#	file after changing the corresponding relocated table.
 #
 #	When the table is provided via other means such as NIS, LDAP
 #	or SQL, the same lookups are done as for ordinary indexed files.
 #
 #	Alternatively, the table can be provided as a regular-expression
 #	map where patterns are given as regular expressions, or lookups
-#	can be directed to TCP-based server. In that case, the lookups are
-#	done in a slightly different way as described below under
-#	"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+#	can be directed to TCP-based server. In those case, the lookups
+#	are done in a slightly different way as described below under
+#	"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 #
 #	Table lookups are case insensitive.
 # CASE FOLDING
diff --git a/postfix/proto/transport b/postfix/proto/transport
index e06cfb639..6f1985496 100644
--- a/postfix/proto/transport
+++ b/postfix/proto/transport
@@ -43,17 +43,17 @@
 #	that serves as input to the \fBpostmap\fR(1) command.
 #	The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
 #	for fast searching by the mail system. Execute the command
-#	"\fBpostmap /etc/postfix/transport\fR" in order to rebuild the indexed
-#	file after changing the transport table.
+#	"\fBpostmap /etc/postfix/transport\fR" to rebuild an indexed
+#	file after changing the corresponding transport table.
 #
 #	When the table is provided via other means such as NIS, LDAP
 #	or SQL, the same lookups are done as for ordinary indexed files.
 #
 #	Alternatively, the table can be provided as a regular-expression
 #	map where patterns are given as regular expressions, or lookups
-#	can be directed to TCP-based server. In that case, the lookups are
-#	done in a slightly different way as described below under
-#	"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+#	can be directed to TCP-based server. In those case, the lookups
+#	are done in a slightly different way as described below under
+#	"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 # CASE FOLDING
 # .ad
 # .fi
diff --git a/postfix/proto/virtual b/postfix/proto/virtual
index 971e3c713..f5295e9a0 100644
--- a/postfix/proto/virtual
+++ b/postfix/proto/virtual
@@ -39,17 +39,17 @@
 #	that serves as input to the \fBpostmap\fR(1) command.
 #	The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
 #	is used for fast searching by the mail system. Execute the command
-#	"\fBpostmap /etc/postfix/virtual\fR" in order to rebuild the indexed
-#	file after changing the text file.
+#	"\fBpostmap /etc/postfix/virtual\fR" to rebuild an indexed
+#	file after changing the corresponding text file.
 #
 #	When the table is provided via other means such as NIS, LDAP
 #	or SQL, the same lookups are done as for ordinary indexed files.
 #
 #	Alternatively, the table can be provided as a regular-expression
 #	map where patterns are given as regular expressions, or lookups
-#	can be directed to TCP-based server. In that case, the lookups are
-#	done in a slightly different way as described below under
-#	"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
+#	can be directed to TCP-based server. In those case, the lookups
+#	are done in a slightly different way as described below under
+#	"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
 # CASE FOLDING
 # .ad
 # .fi
diff --git a/postfix/src/anvil/anvil.c b/postfix/src/anvil/anvil.c
index e3e1d222a..0308f8d26 100644
--- a/postfix/src/anvil/anvil.c
+++ b/postfix/src/anvil/anvil.c
@@ -208,11 +208,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/bounce/bounce.c b/postfix/src/bounce/bounce.c
index c09d36eed..bef13b961 100644
--- a/postfix/src/bounce/bounce.c
+++ b/postfix/src/bounce/bounce.c
@@ -91,11 +91,11 @@
 /*	The mail system name that is displayed in Received: headers, in
 /*	the SMTP greeting banner, and in bounced mail.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBnotify_classes (resource, software)\fR"
 /*	The list of error classes that are reported to the postmaster.
 /* .IP "\fBprocess_id (read-only)\fR"
diff --git a/postfix/src/cleanup/cleanup.c b/postfix/src/cleanup/cleanup.c
index 6e555ca10..0f41b8a3b 100644
--- a/postfix/src/cleanup/cleanup.c
+++ b/postfix/src/cleanup/cleanup.c
@@ -303,11 +303,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBmyhostname (see 'postconf -d' output)\fR"
 /*	The internet hostname of this mail system.
 /* .IP "\fBmyorigin ($myhostname)\fR"
diff --git a/postfix/src/discard/discard.c b/postfix/src/discard/discard.c
index 04855889b..2e7b24b31 100644
--- a/postfix/src/discard/discard.c
+++ b/postfix/src/discard/discard.c
@@ -60,11 +60,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/error/error.c b/postfix/src/error/error.c
index 77ae72ca8..6887ddd52 100644
--- a/postfix/src/error/error.c
+++ b/postfix/src/error/error.c
@@ -9,8 +9,8 @@
 /*	The Postfix \fBerror\fR(8) delivery agent processes delivery
 /*	requests from
 /*	the queue manager. Each request specifies a queue file, a sender
-/*	address, a domain or host name that is treated as the reason for
-/*	non-delivery, and recipient information.
+/*	address, the reason for non-delivery (specified as the
+/*	next-hop destination), and recipient information.
 /*	The reason may be prefixed with an RFC 3463-compatible detail code.
 /*	This program expects to be run from the \fBmaster\fR(8) process
 /*	manager.
@@ -67,11 +67,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBnotify_classes (resource, software)\fR"
 /*	The list of error classes that are reported to the postmaster.
 /* .IP "\fBprocess_id (read-only)\fR"
diff --git a/postfix/src/flush/flush.c b/postfix/src/flush/flush.c
index 06f19f15b..bfa4ca574 100644
--- a/postfix/src/flush/flush.c
+++ b/postfix/src/flush/flush.c
@@ -96,11 +96,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBparent_domain_matches_subdomains (see 'postconf -d' output)\fR"
 /*	What Postfix features match subdomains of "domain.tld" automatically,
 /*	instead of requiring an explicit ".domain.tld" pattern.
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 667158819..c2ffb7f67 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -21,7 +21,7 @@
   * patchlevel; they change the release date only.
   */
 #define MAIL_RELEASE_DATE	"20070306"
-#define MAIL_VERSION_NUMBER	"2.4.0-RC3"
+#define MAIL_VERSION_NUMBER	"2.4.0-RC4"
 
 #ifdef SNAPSHOT
 # define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
diff --git a/postfix/src/local/local.c b/postfix/src/local/local.c
index 623bd4782..c24a55d55 100644
--- a/postfix/src/local/local.c
+++ b/postfix/src/local/local.c
@@ -501,11 +501,11 @@
 /* .IP "\fBlocal_command_shell (empty)\fR"
 /*	Optional shell program for \fBlocal\fR(8) delivery to non-Postfix command.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprepend_delivered_header (command, file, forward)\fR"
 /*	The message delivery contexts where the Postfix \fBlocal\fR(8) delivery
 /*	agent prepends a Delivered-To:  message header with the address
diff --git a/postfix/src/master/master.c b/postfix/src/master/master.c
index 3304b1cdb..c8b1e693d 100644
--- a/postfix/src/master/master.c
+++ b/postfix/src/master/master.c
@@ -87,11 +87,11 @@
 /*	The default maximal number of Postfix child processes that provide
 /*	a given service.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBservice_throttle_time (60s)\fR"
 /*	How long the Postfix \fBmaster\fR(8) waits before forking a server that
 /*	appears to be malfunctioning.
diff --git a/postfix/src/pickup/pickup.c b/postfix/src/pickup/pickup.c
index 04514a448..ca3d97c8d 100644
--- a/postfix/src/pickup/pickup.c
+++ b/postfix/src/pickup/pickup.c
@@ -67,11 +67,11 @@
 /*	Upon input, long lines are chopped up into pieces of at most
 /*	this length; upon delivery, long lines are reconstructed.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/pipe/pipe.c b/postfix/src/pipe/pipe.c
index b6ecb75e3..bf9bbf1aa 100644
--- a/postfix/src/pipe/pipe.c
+++ b/postfix/src/pipe/pipe.c
@@ -329,11 +329,11 @@
 /*	The UNIX system account that owns the Postfix queue and most Postfix
 /*	daemon processes.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/proxymap/proxymap.c b/postfix/src/proxymap/proxymap.c
index 076d8089f..1e143d2dd 100644
--- a/postfix/src/proxymap/proxymap.c
+++ b/postfix/src/proxymap/proxymap.c
@@ -102,11 +102,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/qmqpd/qmqpd.c b/postfix/src/qmqpd/qmqpd.c
index 0254a3875..19d804697 100644
--- a/postfix/src/qmqpd/qmqpd.c
+++ b/postfix/src/qmqpd/qmqpd.c
@@ -95,11 +95,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/scache/scache.c b/postfix/src/scache/scache.c
index 9d2b0dbb7..28de18c34 100644
--- a/postfix/src/scache/scache.c
+++ b/postfix/src/scache/scache.c
@@ -102,8 +102,8 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/showq/showq.c b/postfix/src/showq/showq.c
index 8cbb27897..30ed5f9bb 100644
--- a/postfix/src/showq/showq.c
+++ b/postfix/src/showq/showq.c
@@ -55,11 +55,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/smtp/smtp.c b/postfix/src/smtp/smtp.c
index 91ee7e814..363b8132b 100644
--- a/postfix/src/smtp/smtp.c
+++ b/postfix/src/smtp/smtp.c
@@ -33,7 +33,7 @@
 /*
 /*	By default, connection caching is enabled temporarily for
 /*	destinations that have a high volume of mail in the active
-/*	queue. Session caching can be enabled permanently for
+/*	queue. Connection caching can be enabled permanently for
 /*	specific destinations.
 /* SMTP DESTINATION SYNTAX
 /* .ad
@@ -200,7 +200,7 @@
 /*	case insensitive lists of LHLO keywords (pipelining, starttls,
 /*	auth, etc.) that the LMTP client will ignore in the LHLO response
 /*	from a remote LMTP server.
-/* .IP "\fBlmtp_discard_lhlo_keywords ($myhostname)\fR"
+/* .IP "\fBlmtp_discard_lhlo_keywords (empty)\fR"
 /*	A case insensitive list of LHLO keywords (pipelining, starttls,
 /*	auth, etc.) that the LMTP client will ignore in the LHLO response
 /*	from a remote LMTP server.
@@ -486,11 +486,11 @@
 /* .IP "\fBlmtp_tcp_port (24)\fR"
 /*	The default TCP port that the Postfix LMTP client connects to.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index f38a0fe3c..96d09ef94 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -775,11 +775,11 @@
 /*	The UNIX system account that owns the Postfix queue and most Postfix
 /*	daemon processes.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBmyhostname (see 'postconf -d' output)\fR"
 /*	The internet hostname of this mail system.
 /* .IP "\fBmynetworks (see 'postconf -d' output)\fR"
diff --git a/postfix/src/spawn/spawn.c b/postfix/src/spawn/spawn.c
index 71345724a..9fa0eb9ec 100644
--- a/postfix/src/spawn/spawn.c
+++ b/postfix/src/spawn/spawn.c
@@ -92,11 +92,11 @@
 /*	The UNIX system account that owns the Postfix queue and most Postfix
 /*	daemon processes.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"
diff --git a/postfix/src/trivial-rewrite/trivial-rewrite.c b/postfix/src/trivial-rewrite/trivial-rewrite.c
index 406c6c6f6..233d740a4 100644
--- a/postfix/src/trivial-rewrite/trivial-rewrite.c
+++ b/postfix/src/trivial-rewrite/trivial-rewrite.c
@@ -198,11 +198,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBrelocated_maps (empty)\fR"
 /*	Optional lookup tables with new contact information for users or
 /*	domains that no longer exist.
diff --git a/postfix/src/virtual/virtual.c b/postfix/src/virtual/virtual.c
index 51329cf26..1ccbcc67d 100644
--- a/postfix/src/virtual/virtual.c
+++ b/postfix/src/virtual/virtual.c
@@ -224,11 +224,11 @@
 /*	The time limit for sending or receiving information over an internal
 /*	communication channel.
 /* .IP "\fBmax_idle (100s)\fR"
-/*	The maximum amount of time that an idle Postfix daemon process
-/*	waits for the next service request before exiting.
+/*	The maximum amount of time that an idle Postfix daemon process waits
+/*	for an incoming connection before terminating voluntarily.
 /* .IP "\fBmax_use (100)\fR"
-/*	The maximal number of connection requests before a Postfix daemon
-/*	process terminates.
+/*	The maximal number of incoming connections that a Postfix daemon
+/*	process will service before terminating voluntarily.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
 /* .IP "\fBprocess_name (read-only)\fR"