see, but in the case of PID=1 mode on Linux, no-one would
care. Viktor Dukhovni. File: util/killme_after.c.
- Bugfix: missing error tls_server_start() error handling in
- tlsproxy(8). File: tlsproxy/tlsproxy.c.
+ Bugfix (introduced: Postfix 2.8): missing tls_server_start()
+ error propagation in tlsproxy(8) resulting in segfault after
+ TLS handshake error. Found during code maintenance. File:
+ tlsproxy/tlsproxy.c.
+
+20180425
+
+ Cleanup: dnsblog proccesses now retire voluntarily after
+ max_use*max_idle seconds. Files: master/mail_server.h,
+ master/single_server.c, dnsblog/dnsblog.c.
+
+20180429
+
+ Documentation: smtpd_relay_restrictions was incorrectly
+ listed before smtpd_recipient_restrictions. File:
+ proto/SMTPD_ACCESS_README.html.
+
+20180509
+
+ Bugfix (introduced: 20170617): postconf(1) command segfault
+ if unable to open a Postfix database configuration file due
+ to a file permission error. Report by Andreas Hasenack, fix
+ by Viktor Dukhovni. File: postconf/postconf_dbms.c.
+
+20180519
+
+ Documentation: updated descriptions of PID 1 mode in manpages
+ and source-code comments. Files: postfix/postfix.c,
+ master/master.c, master/master_sig.c, util/killme_after.c.
+
+ Documentation: document non-iterative lookup behavior
+ in postmap and postalias manpages. Files: postmap/postmap.c,
+ postalias/postalias.c.
# Don't accept mail from domains that don't exist.
smtpd_sender_restrictions = reject_unknown_sender_domain
- # Relay control (Postfix 2.10 and later): local clients and
- # authenticated clients may specify any destination domain.
- smtpd_relay_restrictions = permit_mynetworks,
- permit_sasl_authenticated,
- reject_unauth_destination
-
# Spam control: exclude local clients and authenticated clients
# from DNSBL lookups.
smtpd_recipient_restrictions = permit_mynetworks,
reject_rhsbl_helo dbl.spamhaus.org,
reject_rhsbl_sender dbl.spamhaus.org
+ # Relay control (Postfix 2.10 and later): local clients and
+ # authenticated clients may specify any destination domain.
+ smtpd_relay_restrictions = permit_mynetworks,
+ permit_sasl_authenticated,
+ reject_unauth_destination
+
# Block clients that speak too early.
smtpd_data_restrictions = reject_unauth_pipelining
| | | |information|
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
| | |Required if | |
- | |>= 2.10|smtpd_recipient_restrictions| |
+ | |>= 2.10|smtpd_relay_restrictions | |
| | |does not enforce relay |Reject RCPT|
- |smtpd_relay_restrictions | |policy |TO |
+ |smtpd_recipient_restrictions | |policy |TO |
| |_\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |information|
| | | | |
- | |< 2.10 |Not available | |
+ | |< 2.10 |Required | |
| | | | |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
| | |Required if | |
- | |>= 2.10|smtpd_relay_restrictions | |
+ | |>= 2.10|smtpd_recipient_restrictions| |
| | |does not enforce relay |Reject RCPT|
- |smtpd_recipient_restrictions | |policy |TO |
+ |smtpd_relay_restrictions | |policy |TO |
| |_\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |information|
| | | | |
- | |< 2.10 |Required | |
+ | |< 2.10 |Not available | |
| | | | |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
|smtpd_data_restrictions |>= 2.0 |Optional |Reject DATA|
;;
start-fg)
# Foreground start-up is incompatible with multi-instance mode.
- # Use "exec $daemon_directory/master -i" only if PID == 1.
+ # Use "exec $daemon_directory/master" only if PID == 1.
# Otherwise, doing so would break process group management,
# and "postfix stop" would kill too many processes.
case $instances in
# Don't accept mail from domains that don't exist.
<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>
- # Relay control (Postfix 2.10 and later): local clients and
- # authenticated clients may specify any destination domain.
- <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
- <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>,
- <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
-
# Spam control: exclude local clients and authenticated clients
# from DNSBL lookups.
<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
<a href="postconf.5.html#reject_rhsbl_helo">reject_rhsbl_helo</a> dbl.spamhaus.org,
<a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> dbl.spamhaus.org
+ # Relay control (Postfix 2.10 and later): local clients and
+ # authenticated clients may specify any destination domain.
+ <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
+ <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>,
+ <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
+
# Block clients that speak too early.
<a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> = <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a>
Optional </td> <td>
Reject MAIL FROM information </td> </tr>
-<tr> <td rowspan="2"> <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> </td> <td> ≥ 2.10
-</td> <td> Required if <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> does not enforce
+<tr> <td rowspan="2"> <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> </td> <td> ≥
+2.10 </td> <td> Required if <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> does not enforce
relay policy</td>
<td rowspan="2"> Reject RCPT TO information </td> </tr>
-<tr> <td> < 2.10</td> <td> Not available </td>
-</tr>
+<tr> <td> < 2.10</td> <td> Required </td> </tr>
-<tr> <td rowspan="2"> <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> </td> <td> ≥
-2.10 </td> <td> Required if <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> does not enforce
+<tr> <td rowspan="2"> <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> </td> <td> ≥ 2.10
+</td> <td> Required if <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> does not enforce
relay policy</td>
<td rowspan="2"> Reject RCPT TO information </td> </tr>
-<tr> <td> < 2.10</td> <td> Required </td> </tr>
+<tr> <td> < 2.10</td> <td> Not available </td>
+</tr>
<tr> <td> <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> </td> <td> ≥ 2.0 </td> <td>
Optional </td> <td>
cesses terminate at their convenience.
<b>-i</b> Enable <b>init</b> mode: do not attempt to become a session or process
- group leader. This mode is allowed only if the process ID equals
- 1.
+ group leader; and to force termination, set an explicit signal
+ handler instead of relying on the default signal action. This
+ mode is allowed only if the process ID equals 1.
- <b>-t</b> Test mode. Return a zero exit status when the <b>master.pid</b> lock
- file does not exist or when that file is not locked. This is
+ <b>-t</b> Test mode. Return a zero exit status when the <b>master.pid</b> lock
+ file does not exist or when that file is not locked. This is
evidence that the <a href="master.8.html"><b>master</b>(8)</a> daemon is not running.
- <b>-v</b> Enable verbose logging for debugging purposes. This option is
+ <b>-v</b> Enable verbose logging for debugging purposes. This option is
passed on to child processes. Multiple <b>-v</b> options make the soft-
ware increasingly verbose.
<b>-w</b> Wait in a dummy foreground process, while the real master daemon
- initializes in a background process. The dummy foreground
- process returns a zero exit status only if the master daemon
- initialization is successful, and if it completes in a reason-
+ initializes in a background process. The dummy foreground
+ process returns a zero exit status only if the master daemon
+ initialization is successful, and if it completes in a reason-
able amount of time.
This feature is available in Postfix 2.10 and later.
Signals:
<b>SIGHUP</b> Upon receipt of a <b>HUP</b> signal (e.g., after "<b>postfix reload</b>"), the
- master process re-reads its configuration files. If a service
- has been removed from the <a href="master.5.html"><b>master.cf</b></a> file, its running processes
- are terminated immediately. Otherwise, running processes are
- allowed to terminate as soon as is convenient, so that changes
+ master process re-reads its configuration files. If a service
+ has been removed from the <a href="master.5.html"><b>master.cf</b></a> file, its running processes
+ are terminated immediately. Otherwise, running processes are
+ allowed to terminate as soon as is convenient, so that changes
in configuration settings affect only new service requests.
<b>SIGTERM</b>
Upon receipt of a <b>TERM</b> signal (e.g., after "<b>postfix abort</b>"), the
- master process passes the signal on to its child processes and
- terminates. This is useful for an emergency shutdown. Normally
- one would terminate only the master ("<b>postfix stop</b>") and allow
+ master process passes the signal on to its child processes and
+ terminates. This is useful for an emergency shutdown. Normally
+ one would terminate only the master ("<b>postfix stop</b>") and allow
running processes to finish what they are doing.
<b>DIAGNOSTICS</b>
- Problems are reported to <b>syslogd</b>(8). The exit status is non-zero in
- case of problems, including problems while initializing as a master
+ Problems are reported to <b>syslogd</b>(8). The exit status is non-zero in
+ case of problems, including problems while initializing as a master
daemon process in the background.
<b>ENVIRONMENT</b>
<b>MAIL_DEBUG</b>
- After initialization, start a debugger as specified with the
+ After initialization, start a debugger as specified with the
<b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration parameter in the <a href="postconf.5.html"><b>main.cf</b></a> configu-
ration file.
Directory with Postfix configuration files.
<b>CONFIGURATION PARAMETERS</b>
- Unlike most Postfix daemon processes, the <a href="master.8.html"><b>master</b>(8)</a> server does not
- automatically pick up changes to <a href="postconf.5.html"><b>main.cf</b></a>. Changes to <a href="master.5.html"><b>master.cf</b></a> are
- never picked up automatically. Use the "<b>postfix reload</b>" command after
+ Unlike most Postfix daemon processes, the <a href="master.8.html"><b>master</b>(8)</a> server does not
+ automatically pick up changes to <a href="postconf.5.html"><b>main.cf</b></a>. Changes to <a href="master.5.html"><b>master.cf</b></a> are
+ never picked up automatically. Use the "<b>postfix reload</b>" command after
a configuration change.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#default_process_limit">default_process_limit</a> (100)</b>
- The default maximal number of Postfix child processes that pro-
+ The default maximal number of Postfix child processes that pro-
vide a given service.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix daemon process
+ The maximum amount of time that an idle Postfix daemon process
waits for an incoming connection before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
process will service before terminating voluntarily.
<b><a href="postconf.5.html#service_throttle_time">service_throttle_time</a> (60s)</b>
- How long the Postfix <a href="master.8.html"><b>master</b>(8)</a> waits before forking a server
+ How long the Postfix <a href="master.8.html"><b>master</b>(8)</a> waits before forking a server
that appears to be malfunctioning.
Available in Postfix version 2.6 and later:
<b><a href="postconf.5.html#master_service_disable">master_service_disable</a> (empty)</b>
- Selectively disable <a href="master.8.html"><b>master</b>(8)</a> listener ports by service type or
+ Selectively disable <a href="master.8.html"><b>master</b>(8)</a> listener ports by service type or
by service name and type.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
invoked with the -D option.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
- The network interface addresses that this mail system receives
+ The network interface addresses that this mail system receives
mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (all)</b>
- The Internet protocols Postfix will attempt to use when making
+ The Internet protocols Postfix will attempt to use when making
or accepting connections.
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
- The list of environment parameters that a privileged Postfix
- process will import from a non-Postfix parent process, or
+ The list of environment parameters that a privileged Postfix
+ process will import from a non-Postfix parent process, or
name=value environment overrides.
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
- The UNIX system account that owns the Postfix queue and most
+ The UNIX system account that owns the Postfix queue and most
Postfix daemon processes.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- A prefix that is prepended to the process name in syslog
+ A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
Available in Postfix 3.3 and later:
The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process.
<b>FILES</b>
- To expand the directory names below into their actual values, use the
+ To expand the directory names below into their actual values, use the
command "<b>postconf <a href="postconf.5.html#config_directory">config_directory</a></b>" etc.
$<a href="postconf.5.html#config_directory">config_directory</a>/<a href="postconf.5.html">main.cf</a>, global configuration file.
found to the standard output stream. The exit status is zero
when the requested information was found.
+ Note: this performs a single query with the key as specified,
+ and does not make iterative queries with substrings of the key
+ as described in the <a href="aliases.5.html">aliases(5)</a> manual page.
+
If a key value of <b>-</b> is specified, the program reads key values
from the standard input stream and writes one line of <i>key: value</i>
output for each key that was found. The exit status is zero when
check described above.
<b>start-fg</b>
- Like <b>start</b>, but keep the master daemon running in the fore-
- ground, if possible as PID 1. This command requires that
- multi-instance support is disabled (i.e. the
- <a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> parameter value must be empty). When
- running Postfix inside a container, mount the container host's
- /dev/log socket inside the container (example: "docker run -v
- /dev/log:/dev/log ...") and specify a distinct Postfix "sys-
- log_name" prefix that identifies logging from the Postfix
- instance.
+ Like <b>start</b>, but keep the <a href="master.8.html"><b>master</b>(8)</a> daemon running in the fore-
+ ground, and enable <a href="master.8.html"><b>master</b>(8)</a> "init" mode when running as PID 1.
+ This command requires that multi-instance support is disabled
+ (i.e. the <a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> parameter value must be
+ empty). When running Postfix inside a container, mount the con-
+ tainer host's /dev/log socket inside the container (example:
+ "docker run -v /dev/log:/dev/log ...") and specify a distinct
+ Postfix "<a href="postconf.5.html#syslog_name">syslog_name</a>" prefix that identifies logging from the
+ Postfix instance.
<b>stop</b> Stop the Postfix mail system in an orderly fashion. If possible,
running processes are allowed to terminate at their earliest
found to the standard output stream. The exit status is zero
when the requested information was found.
- If a key value of <b>-</b> is specified, the program reads key values
- from the standard input stream and writes one line of <i>key value</i>
+ Note: this performs a single query with the key as specified,
+ and does not make iterative queries with substrings of the key
+ as described for <a href="access.5.html">access(5)</a>, <a href="canonical.5.html">canonical(5)</a>, <a href="transport.5.html">transport(5)</a>, <a href="virtual.5.html">vir-</a>
+ <a href="virtual.5.html">tual(5)</a> and other Postfix table-driven features.
+
+ If a key value of <b>-</b> is specified, the program reads key values
+ from the standard input stream and writes one line of <i>key value</i>
output for each key that was found. The exit status is zero when
at least one of the requested keys was found.
- <b>-r</b> When updating a table, do not complain about attempts to update
+ <b>-r</b> When updating a table, do not complain about attempts to update
existing entries, and make those updates anyway.
- <b>-s</b> Retrieve all database elements, and write one line of <i>key value</i>
- output for each element. The elements are printed in database
- order, which is not necessarily the same as the original input
+ <b>-s</b> Retrieve all database elements, and write one line of <i>key value</i>
+ output for each element. The elements are printed in database
+ order, which is not necessarily the same as the original input
order.
- This feature is available in Postfix version 2.2 and later, and
+ This feature is available in Postfix version 2.2 and later, and
is not available for all database types.
- <b>-u</b> Disable UTF-8 support. UTF-8 support is enabled by default when
- "<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> = yes". It requires that keys and values are
+ <b>-u</b> Disable UTF-8 support. UTF-8 support is enabled by default when
+ "<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> = yes". It requires that keys and values are
valid UTF-8 strings.
<b>-U</b> With "<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> = yes", force UTF-8 syntax checks with the
<b>-b</b> and <b>-h</b> options.
- <b>-v</b> Enable verbose logging for debugging purposes. Multiple <b>-v</b>
+ <b>-v</b> Enable verbose logging for debugging purposes. Multiple <b>-v</b>
options make the software increasingly verbose.
- <b>-w</b> When updating a table, do not complain about attempts to update
+ <b>-w</b> When updating a table, do not complain about attempts to update
existing entries, and ignore those attempts.
Arguments:
The <a href="postmap.1.html"><b>postmap</b>(1)</a> command can query any supported file type, but it
can create only the following file types:
- <b>btree</b> The output file is a btree file, named <i>file</i><b>_</b><i>name</i><b>.db</b>.
- This is available on systems with support for <b>db</b> data-
+ <b>btree</b> The output file is a btree file, named <i>file</i><b>_</b><i>name</i><b>.db</b>.
+ This is available on systems with support for <b>db</b> data-
bases.
- <b>cdb</b> The output consists of one file, named <i>file</i><b>_</b><i>name</i><b>.cdb</b>.
- This is available on systems with support for <b>cdb</b> data-
+ <b>cdb</b> The output consists of one file, named <i>file</i><b>_</b><i>name</i><b>.cdb</b>.
+ This is available on systems with support for <b>cdb</b> data-
bases.
<b>dbm</b> The output consists of two files, named <i>file</i><b>_</b><i>name</i><b>.pag</b> and
<i>file</i><b>_</b><i>name</i><b>.dir</b>. This is available on systems with support
for <b>dbm</b> databases.
- <b>hash</b> The output file is a hashed file, named <i>file</i><b>_</b><i>name</i><b>.db</b>.
- This is available on systems with support for <b>db</b> data-
+ <b>hash</b> The output file is a hashed file, named <i>file</i><b>_</b><i>name</i><b>.db</b>.
+ This is available on systems with support for <b>db</b> data-
bases.
- <b>fail</b> A table that reliably fails all requests. The lookup ta-
- ble name is used for logging only. This table exists to
+ <b>fail</b> A table that reliably fails all requests. The lookup ta-
+ ble name is used for logging only. This table exists to
simplify Postfix error tests.
<b>sdbm</b> The output consists of two files, named <i>file</i><b>_</b><i>name</i><b>.pag</b> and
<i>file</i><b>_</b><i>name</i><b>.dir</b>. This is available on systems with support
for <b>sdbm</b> databases.
- When no <i>file</i><b>_</b><i>type</i> is specified, the software uses the database
- type specified via the <b><a href="postconf.5.html#default_database_type">default_database_type</a></b> configuration
+ When no <i>file</i><b>_</b><i>type</i> is specified, the software uses the database
+ type specified via the <b><a href="postconf.5.html#default_database_type">default_database_type</a></b> configuration
parameter.
<i>file</i><b>_</b><i>name</i>
<b>DIAGNOSTICS</b>
Problems are logged to the standard error stream and to <b>syslogd</b>(8). No
- output means that no problems were detected. Duplicate entries are
+ output means that no problems were detected. Duplicate entries are
skipped and are flagged with a warning.
<a href="postmap.1.html"><b>postmap</b>(1)</a> terminates with zero exit status in case of success (includ-
- ing successful "<b>postmap -q</b>" lookup) and terminates with non-zero exit
+ ing successful "<b>postmap -q</b>" lookup) and terminates with non-zero exit
status in case of failure.
<b>ENVIRONMENT</b>
Enable verbose logging for debugging purposes.
<b>CONFIGURATION PARAMETERS</b>
- The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
- gram.
The text below provides only a parameter summary. See <a href="postconf.5.html"><b>post-</b></a>
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
+ gram.
The text below provides only a parameter summary. See <a href="postconf.5.html"><b>post-</b></a>
<a href="postconf.5.html"><b>conf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#berkeley_db_create_buffer_size">berkeley_db_create_buffer_size</a> (16777216)</b>
- The per-table I/O buffer size for programs that create Berkeley
+ The per-table I/O buffer size for programs that create Berkeley
DB hash or btree tables.
<b><a href="postconf.5.html#berkeley_db_read_buffer_size">berkeley_db_read_buffer_size</a> (131072)</b>
hash or btree tables.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
- The list of environment parameters that a privileged Postfix
- process will import from a non-Postfix parent process, or
+ The list of environment parameters that a privileged Postfix
+ process will import from a non-Postfix parent process, or
name=value environment overrides.
<b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
- Enable preliminary SMTPUTF8 support for the protocols described
+ Enable preliminary SMTPUTF8 support for the protocols described
in <a href="http://tools.ietf.org/html/rfc6531">RFC 6531</a>..6533.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- A prefix that is prepended to the process name in syslog
+ A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
<b>SEE ALSO</b>
found to the standard output stream. The exit status is zero
when the requested information was found.
+Note: this performs a single query with the key as specified,
+and does not make iterative queries with substrings of the
+key as described in the aliases(5) manual page.
+
If a key value of \fB\-\fR is specified, the program reads key
values from the standard input stream and writes one line of
\fIkey: value\fR output for each key that was found. The exit
Start the Postfix mail system. This also runs the configuration
check described above.
.IP \fBstart\-fg\fR
-Like \fBstart\fR, but keep the master daemon running in the
-foreground, if possible as PID 1. This command requires
-that multi\-instance support is disabled (i.e. the
-multi_instance_directories parameter value must be empty).
-When running Postfix inside a container, mount the container
-host's /dev/log socket inside the container (example: "docker
-run \-v /dev/log:/dev/log ...") and specify a distinct
-Postfix "syslog_name" prefix that identifies logging from
-the Postfix instance.
+Like \fBstart\fR, but keep the \fBmaster\fR(8) daemon running
+in the foreground, and enable \fBmaster\fR(8) "init" mode
+when running as PID 1.
+This command requires that multi\-instance support is
+disabled (i.e. the multi_instance_directories parameter
+value must be empty). When running Postfix inside a container,
+mount the container host's /dev/log socket inside the
+container (example: "docker run \-v /dev/log:/dev/log ...")
+and specify a distinct Postfix "syslog_name" prefix that
+identifies logging from the Postfix instance.
.IP \fBstop\fR
Stop the Postfix mail system in an orderly fashion. If
possible, running processes are allowed to terminate at
found to the standard output stream. The exit status is zero
when the requested information was found.
+Note: this performs a single query with the key as specified,
+and does not make iterative queries with substrings of the
+key as described for access(5), canonical(5), transport(5),
+virtual(5) and other Postfix table\-driven features.
+
If a key value of \fB\-\fR is specified, the program reads key
values from the standard input stream and writes one line of
\fIkey value\fR output for each key that was found. The exit
processes terminate at their convenience.
.IP \fB\-i\fR
Enable \fBinit\fR mode: do not attempt to become a session
-or process group leader. This mode is allowed only if the
-process ID equals 1.
+or process group leader; and to force termination, set an
+explicit signal handler instead of relying on the default
+signal action. This mode is allowed only if the process ID
+equals 1.
.IP \fB\-t\fR
Test mode. Return a zero exit status when the \fBmaster.pid\fR lock
file does not exist or when that file is not locked. This is evidence
# Don't accept mail from domains that don't exist.
smtpd_sender_restrictions = reject_unknown_sender_domain
- # Relay control (Postfix 2.10 and later): local clients and
- # authenticated clients may specify any destination domain.
- smtpd_relay_restrictions = permit_mynetworks,
- permit_sasl_authenticated,
- reject_unauth_destination
-
# Spam control: exclude local clients and authenticated clients
# from DNSBL lookups.
smtpd_recipient_restrictions = permit_mynetworks,
reject_rhsbl_helo dbl.spamhaus.org,
reject_rhsbl_sender dbl.spamhaus.org
+ # Relay control (Postfix 2.10 and later): local clients and
+ # authenticated clients may specify any destination domain.
+ smtpd_relay_restrictions = permit_mynetworks,
+ permit_sasl_authenticated,
+ reject_unauth_destination
+
# Block clients that speak too early.
smtpd_data_restrictions = reject_unauth_pipelining
Optional </td> <td>
Reject MAIL FROM information </td> </tr>
-<tr> <td rowspan="2"> smtpd_relay_restrictions </td> <td> ≥ 2.10
-</td> <td> Required if smtpd_recipient_restrictions does not enforce
+<tr> <td rowspan="2"> smtpd_recipient_restrictions </td> <td> ≥
+2.10 </td> <td> Required if smtpd_relay_restrictions does not enforce
relay policy</td>
<td rowspan="2"> Reject RCPT TO information </td> </tr>
-<tr> <td> < 2.10</td> <td> Not available </td>
-</tr>
+<tr> <td> < 2.10</td> <td> Required </td> </tr>
-<tr> <td rowspan="2"> smtpd_recipient_restrictions </td> <td> ≥
-2.10 </td> <td> Required if smtpd_relay_restrictions does not enforce
+<tr> <td rowspan="2"> smtpd_relay_restrictions </td> <td> ≥ 2.10
+</td> <td> Required if smtpd_recipient_restrictions does not enforce
relay policy</td>
<td rowspan="2"> Reject RCPT TO information </td> </tr>
-<tr> <td> < 2.10</td> <td> Required </td> </tr>
+<tr> <td> < 2.10</td> <td> Not available </td>
+</tr>
<tr> <td> smtpd_data_restrictions </td> <td> ≥ 2.0 </td> <td>
Optional </td> <td>
CA_MAIL_SERVER_TIME_TABLE(time_table),
CA_MAIL_SERVER_POST_INIT(post_jail_init),
CA_MAIL_SERVER_UNLIMITED,
+ CA_MAIL_SERVER_RETIRE_ME,
0);
}
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20180422"
+#define MAIL_RELEASE_DATE "20180519"
#define MAIL_VERSION_NUMBER "3.4"
#ifdef SNAPSHOT
#define MAIL_SERVER_IN_FLOW_DELAY 20
#define MAIL_SERVER_SLOW_EXIT 21
#define MAIL_SERVER_BOUNCE_INIT 22
+#define MAIL_SERVER_RETIRE_ME 23
typedef void (*MAIL_SERVER_INIT_FN) (char *, char **);
typedef int (*MAIL_SERVER_LOOP_FN) (char *, char **);
#define CA_MAIL_SERVER_IN_FLOW_DELAY MAIL_SERVER_IN_FLOW_DELAY
#define CA_MAIL_SERVER_SLOW_EXIT(v) MAIL_SERVER_SLOW_EXIT, CHECK_VAL(MAIL_SERVER, MAIL_SERVER_SLOW_EXIT_FN, (v))
#define CA_MAIL_SERVER_BOUNCE_INIT(v, w) MAIL_SERVER_BOUNCE_INIT, CHECK_PTR(MAIL_SERVER, char, (v)), CHECK_PPTR(MAIL_SERVER, char, (w))
+#define CA_MAIL_SERVER_RETIRE_ME MAIL_SERVER_RETIRE_ME
CHECK_VAL_HELPER_DCL(MAIL_SERVER, MAIL_SERVER_SLOW_EXIT_FN);
CHECK_VAL_HELPER_DCL(MAIL_SERVER, MAIL_SERVER_LOOP_FN);
/* processes terminate at their convenience.
/* .IP \fB-i\fR
/* Enable \fBinit\fR mode: do not attempt to become a session
-/* or process group leader. This mode is allowed only if the
-/* process ID equals 1.
+/* or process group leader; and to force termination, set an
+/* explicit signal handler instead of relying on the default
+/* signal action. This mode is allowed only if the process ID
+/* equals 1.
/* .IP \fB-t\fR
/* Test mode. Return a zero exit status when the \fBmaster.pid\fR lock
/* file does not exist or when that file is not locked. This is evidence
break;
case 'i':
if (getpid() != 1)
- msg_fatal("-i is allowed with for PID 1 process");
+ msg_fatal("-i is allowed only for PID 1 process");
init_mode = 1;
break;
case 'D':
msg_info("terminating on signal %d", sig);
/*
- * Linux kill(1, sig) does not terminate, but returns no error.
+ * Undocumented: when a process runs with PID 1, Linux won't deliver a
+ * signal unless the process specifies a handler (i.e. SIG_DFL is treated
+ * as SIG_IGN).
*/
if (init_mode)
/* Don't call exit() from a signal handler. */
/* .IP "CA_MAIL_SERVER_BOUNCE_INIT(const char *, const char **)"
/* Initialize the DSN filter for the bounce/defer service
/* clients with the specified map source and map names.
+/* .IP "CA_MAIL_SERVER_RETIRE_ME"
+/* Terminate voluntarily when idle after (max_use * max_idle)
+/* seconds. This setting prevents a process from being reused
+/* indefinitely when var_use_limit is set to zero.
/* .PP
/* The var_use_limit variable limits the number of clients that
/* a server can service before it commits suicide.
+/* Do not change this setting before calling single_server_main().
/* This value is taken from the global \fBmain.cf\fR configuration
-/* file. Setting \fBvar_idle_limit\fR to zero disables the client limit.
+/* file. Setting \fBvar_use_limit\fR to zero disables the client limit.
+/* Specify CA_MAIL_SERVER_RETIRE_ME (see above) to limit the total
+/* process lifetime.
/*
/* The var_idle_limit variable limits the time that a service
/* receives no client connection requests before it commits suicide.
+/* Do not change this setting before calling single_server_main().
/* This value is taken from the global \fBmain.cf\fR configuration
-/* file. Setting \fBvar_use_limit\fR to zero disables the idle limit.
+/* file. Setting \fBvar_idle_limit\fR to zero disables the idle limit.
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
/* BUGS
exit(0);
}
+/* single_server_retire - retire when idle */
+
+static NORETURN single_server_retire(int unused_event, void *unused_context)
+{
+ if (msg_verbose)
+ msg_info("time to retire -- exiting");
+ single_server_exit();
+}
+
/* single_server_abort - terminate after abnormal master exit */
static void single_server_abort(int unused_event, void *unused_context)
int redo_syslog_init = 0;
const char *dsn_filter_title;
const char **dsn_filter_maps;
+ int retire_me = 0;
/*
* Process environment options as early as we can.
dsn_filter_maps = va_arg(ap, const char **);
bounce_client_init(dsn_filter_title, *dsn_filter_maps);
break;
+ case MAIL_SERVER_RETIRE_ME:
+ retire_me = 1;
+ break;
default:
msg_panic("%s: unknown argument type: %d", myname, key);
}
*/
if (var_idle_limit > 0)
event_request_timer(single_server_timeout, (void *) 0, var_idle_limit);
+ if (retire_me)
+ event_request_timer(single_server_retire, (void *) 0,
+ var_idle_limit > INT_MAX / var_use_limit ?
+ INT_MAX : var_idle_limit * var_use_limit);
for (fd = MASTER_LISTEN_FD; fd < MASTER_LISTEN_FD + socket_count; fd++) {
event_enable_read(fd, single_server_accept, CAST_INT_TO_VOID_PTR(fd));
close_on_exec(fd, CLOSE_ON_EXEC);
/* found to the standard output stream. The exit status is zero
/* when the requested information was found.
/*
+/* Note: this performs a single query with the key as specified,
+/* and does not make iterative queries with substrings of the
+/* key as described in the aliases(5) manual page.
+/*
/* If a key value of \fB-\fR is specified, the program reads key
/* values from the standard input stream and writes one line of
/* \fIkey: value\fR output for each key that was found. The exit
*/
dict = dict_ht_open(dict_spec, O_CREAT | O_RDWR, 0);
dict_register(dict_spec, dict);
- if ((fp = vstream_fopen(cf_file, O_RDONLY, 0)) == 0
- && errno != EACCES) {
- msg_warn("open \"%s\" configuration \"%s\": %m",
- dp->db_type, cf_file);
+ if ((fp = vstream_fopen(cf_file, O_RDONLY, 0)) == 0) {
+ if (errno != EACCES)
+ msg_warn("open \"%s\" configuration \"%s\": %m",
+ dp->db_type, cf_file);
myfree(dict_spec);
return;
}
/* Start the Postfix mail system. This also runs the configuration
/* check described above.
/* .IP \fBstart-fg\fR
-/* Like \fBstart\fR, but keep the master daemon running in the
-/* foreground, if possible as PID 1. This command requires
-/* that multi-instance support is disabled (i.e. the
-/* multi_instance_directories parameter value must be empty).
-/* When running Postfix inside a container, mount the container
-/* host's /dev/log socket inside the container (example: "docker
-/* run -v /dev/log:/dev/log ...") and specify a distinct
-/* Postfix "syslog_name" prefix that identifies logging from
-/* the Postfix instance.
+/* Like \fBstart\fR, but keep the \fBmaster\fR(8) daemon running
+/* in the foreground, and enable \fBmaster\fR(8) "init" mode
+/* when running as PID 1.
+/* This command requires that multi-instance support is
+/* disabled (i.e. the multi_instance_directories parameter
+/* value must be empty). When running Postfix inside a container,
+/* mount the container host's /dev/log socket inside the
+/* container (example: "docker run -v /dev/log:/dev/log ...")
+/* and specify a distinct Postfix "syslog_name" prefix that
+/* identifies logging from the Postfix instance.
/* .IP \fBstop\fR
/* Stop the Postfix mail system in an orderly fashion. If
/* possible, running processes are allowed to terminate at
/* found to the standard output stream. The exit status is zero
/* when the requested information was found.
/*
+/* Note: this performs a single query with the key as specified,
+/* and does not make iterative queries with substrings of the
+/* key as described for access(5), canonical(5), transport(5),
+/* virtual(5) and other Postfix table-driven features.
+/*
/* If a key value of \fB-\fR is specified, the program reads key
/* values from the standard input stream and writes one line of
/* \fIkey value\fR output for each key that was found. The exit
* even if we are being called from a signal handler and SIGALRM delivery
* is blocked.
*
- * Undocumented: when running in "init" mode on Linux, the signal won't be
- * delivered unless the process specifies a handler. Conveniently,
- * _exit() can be used directly as a signal handler. This changes the
- * wait status that a parent would see, but in the case of "init" mode on
- * Linux, no-one would care.
+ * Undocumented: when running in "init" mode on Linux, a signal won't be
+ * delivered unless the process specifies a handler (i.e. SIG_DFL is
+ * treated as SIG_IGN). Conveniently, _exit() can be used directly as a
+ * signal handler. This changes the wait status that a parent would see,
+ * but in the case of "init" mode on Linux, no-one would care.
*/
alarm(0);
sigemptyset(&sig_action.sa_mask);
projects / thirdparty / postfix.git / commitdiff
