229 lines
10 KiB
HTML
229 lines
10 KiB
HTML
|
<html> <head> </head> <body> <pre>
|
||
|
|
||
|
VIRTUAL(8) VIRTUAL(8)
|
||
|
|
||
|
<b>NAME</b>
|
||
|
virtual - Postfix virtual domain mail delivery agent
|
||
|
|
||
|
<b>SYNOPSIS</b>
|
||
|
<b>virtual</b> [generic Postfix daemon options]
|
||
|
|
||
|
<b>DESCRIPTION</b>
|
||
|
The <b>virtual</b> delivery agent is designed for virtual mail
|
||
|
hosting services. Originally based on the Postfix local
|
||
|
delivery agent, this agent looks up recipients with map
|
||
|
lookups of their full recipient address, instead of using
|
||
|
hard-coded unix password file lookups of the address local
|
||
|
part only.
|
||
|
|
||
|
This delivery agent only delivers mail. Other features
|
||
|
such as mail forwarding, out-of-office notifications,
|
||
|
etc., must be configured via virtual maps or via similar
|
||
|
lookup mechanisms.
|
||
|
|
||
|
<b>MAILBOX</b> <b>LOCATION</b>
|
||
|
The mailbox location is controlled by the <b>virtual</b><i>_</i><b>mail-</b>
|
||
|
<b>box</b><i>_</i><b>base</b> and <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps</b> configuration parameters
|
||
|
(see below). The <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps</b> table is indexed by
|
||
|
the full recipient address.
|
||
|
|
||
|
The mailbox pathname is constructed as follows:
|
||
|
|
||
|
<b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>base/$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps(</b><i>recipient</i><b>)</b>
|
||
|
|
||
|
where <i>recipient</i> is the full recipient address.
|
||
|
|
||
|
<b>UNIX</b> <b>MAILBOX</b> <b>FORMAT</b>
|
||
|
When the mailbox location does not end in <b>/</b>, the message
|
||
|
is delivered in UNIX mailbox format. This format stores
|
||
|
multiple messages in one textfile.
|
||
|
|
||
|
The <b>virtual</b> delivery agent prepends a "<b>From</b> <i>sender</i>
|
||
|
<i>time_stamp</i>" envelope header to each message, prepends a
|
||
|
<b>Delivered-To:</b> message header with the envelope recipient
|
||
|
address, prepends a <b>Return-Path:</b> message header with the
|
||
|
envelope sender address, prepends a > character to lines
|
||
|
beginning with "<b>From</b> ", and appends an empty line.
|
||
|
|
||
|
The mailbox is locked for exclusive access while delivery
|
||
|
is in progress. In case of problems, an attempt is made to
|
||
|
truncate the mailbox to its original length.
|
||
|
|
||
|
<b>QMAIL</b> <b>MAILDIR</b> <b>FORMAT</b>
|
||
|
When the mailbox location ends in <b>/</b>, the message is deliv-
|
||
|
ered in qmail <b>maildir</b> format. This format stores one mes-
|
||
|
sage per file.
|
||
|
|
||
|
The <b>virtual</b> delivery agent daemon prepends a <b>Delivered-To:</b>
|
||
|
message header with the envelope recipient address and
|
||
|
prepends a <b>Return-Path:</b> message header with the envelope
|
||
|
sender address.
|
||
|
|
||
|
By definition, <b>maildir</b> format does not require file lock-
|
||
|
ing during mail delivery or retrieval.
|
||
|
|
||
|
<b>MAILBOX</b> <b>OWNERSHIP</b>
|
||
|
Mailbox ownership is controlled by the <b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>
|
||
|
and <b>virtual</b><i>_</i><b>gid</b><i>_</i><b>maps</b> lookup tables, which are indexed with
|
||
|
the full recipient address. Each table provides a string
|
||
|
with the numerical user and group ID, respectively.
|
||
|
|
||
|
The <b>virtual</b><i>_</i><b>minimum</b><i>_</i><b>uid</b> parameter imposes a lower bound on
|
||
|
numerical user ID values that may be specified in any <b>vir-</b>
|
||
|
<b>tual</b><i>_</i><b>owner</b><i>_</i><b>maps</b> or <b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>.
|
||
|
|
||
|
<b>SECURITY</b>
|
||
|
The virtual delivery agent is not security sensitive, pro-
|
||
|
vided that the lookup tables with recipient user/group ID
|
||
|
information are adequately protected. This program is not
|
||
|
designed to run chrooted.
|
||
|
|
||
|
<b>STANDARDS</b>
|
||
|
<a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
|
||
|
|
||
|
<b>DIAGNOSTICS</b>
|
||
|
Mail bounces when the recipient has no mailbox or when the
|
||
|
recipient is over disk quota. In all other cases, mail for
|
||
|
an existing recipient is deferred and a warning is logged.
|
||
|
|
||
|
Problems and transactions are logged to <b>syslogd</b>(8). Cor-
|
||
|
rupted message files are marked so that the queue manager
|
||
|
can move them to the <b>corrupt</b> queue afterwards.
|
||
|
|
||
|
Depending on the setting of the <b>notify</b><i>_</i><b>classes</b> parameter,
|
||
|
the postmaster is notified of bounces and of other trou-
|
||
|
ble.
|
||
|
|
||
|
<b>BUGS</b>
|
||
|
This delivery agent silently ignores address extensions.
|
||
|
|
||
|
Postfix should have lookup tables that can return multiple
|
||
|
result attributes. In order to avoid the inconvenience of
|
||
|
maintaining three tables, use an LDAP or MYSQL database.
|
||
|
|
||
|
<b>CONFIGURATION</b> <b>PARAMETERS</b>
|
||
|
The following <b>main.cf</b> parameters are especially relevant
|
||
|
to this program. See the Postfix <b>main.cf</b> file for syntax
|
||
|
details and for default values. Use the <b>postfix</b> <b>reload</b>
|
||
|
command after a configuration change.
|
||
|
|
||
|
<b>Mailbox</b> <b>delivery</b>
|
||
|
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>base</b>
|
||
|
Specifies a path that is prepended to all mailbox
|
||
|
or maildir paths. This is a safety measure to
|
||
|
ensure that an out of control map in <b>virtual</b><i>_</i><b>mail-</b>
|
||
|
<b>box</b><i>_</i><b>maps</b> doesn't litter the filesystem with mail-
|
||
|
boxes. While it could be set to "/", this setting
|
||
|
isn't recommended.
|
||
|
|
||
|
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps</b> (regexp maps disallowed)
|
||
|
Recipients are looked up in these maps to determine
|
||
|
the path to their mailbox or maildir. If the
|
||
|
returned path ends in a slash ("/"), maildir-style
|
||
|
delivery is carried out, otherwise the path is
|
||
|
assumed to specify a UNIX-style mailbox file.
|
||
|
|
||
|
Note that <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>base</b> is unconditionally
|
||
|
prepended to this path.
|
||
|
|
||
|
<b>virtual</b><i>_</i><b>minimum</b><i>_</i><b>uid</b>
|
||
|
Specifies a minimum uid that will be accepted as a
|
||
|
return from a <b>virtual</b><i>_</i><b>owner</b><i>_</i><b>maps</b> or <b>vir-</b>
|
||
|
<b>tual</b><i>_</i><b>uid</b><i>_</i><b>maps</b> lookup. Returned values less than
|
||
|
this will be rejected, and the message will be
|
||
|
deferred.
|
||
|
|
||
|
<b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b> (regexp maps disallowed)
|
||
|
Recipients are looked up in these maps to determine
|
||
|
the user ID to be used when writing to the target
|
||
|
mailbox.
|
||
|
|
||
|
<b>virtual</b><i>_</i><b>gid</b><i>_</i><b>maps</b> (regexp maps disallowed)
|
||
|
Recipients are looked up in these maps to determine
|
||
|
the group ID to be used when writing to the target
|
||
|
mailbox.
|
||
|
|
||
|
<b>Locking</b> <b>controls</b>
|
||
|
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>lock</b>
|
||
|
How to lock UNIX-style mailboxes: one or more of
|
||
|
<b>flock</b>, <b>fcntl</b> or <b>dotlock</b>. The <b>dotlock</b> method
|
||
|
requires that the recipient UID or GID has write
|
||
|
access to the parent directory of the mailbox file.
|
||
|
|
||
|
This setting is ignored with <b>maildir</b> style deliv-
|
||
|
ery, because such deliveries are safe without
|
||
|
explicit locks.
|
||
|
|
||
|
Use the command <b>postconf</b> <b>-l</b> to find out what lock-
|
||
|
ing methods are available on your system.
|
||
|
|
||
|
<b>deliver</b><i>_</i><b>lock</b><i>_</i><b>attempts</b>
|
||
|
Limit the number of attempts to acquire an exclu-
|
||
|
sive lock on a UNIX-style mailbox file.
|
||
|
|
||
|
<b>deliver</b><i>_</i><b>lock</b><i>_</i><b>delay</b>
|
||
|
Time (default: seconds) between successive attempts
|
||
|
to acquire an exclusive lock on a UNIX-style mail-
|
||
|
box file. The actual delay is slightly randomized.
|
||
|
|
||
|
<b>stale</b><i>_</i><b>lock</b><i>_</i><b>time</b>
|
||
|
Limit the time after which a stale lockfile is
|
||
|
removed (applicable to UNIX-style mailboxes only).
|
||
|
|
||
|
<b>Resource</b> <b>controls</b>
|
||
|
<b>virtual</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b>
|
||
|
Limit the number of parallel deliveries to the same
|
||
|
domain via the <b>virtual</b> delivery agent. The default
|
||
|
limit is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>concur-</b>
|
||
|
<b>rency</b><i>_</i><b>limit</b> parameter. The limit is enforced by
|
||
|
the Postfix queue manager.
|
||
|
|
||
|
<b>virtual</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
|
||
|
Limit the number of recipients per message delivery
|
||
|
via the <b>virtual</b> delivery agent. The default limit
|
||
|
is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>recipi-</b>
|
||
|
<b>ent</b><i>_</i><b>limit</b> parameter. The limit is enforced by the
|
||
|
Postfix queue manager.
|
||
|
|
||
|
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>limit</b>
|
||
|
The maximal size in bytes of a mailbox or maildir
|
||
|
file. Set to zero to disable the limit.
|
||
|
|
||
|
<b>HISTORY</b>
|
||
|
This agent was originally based on the Postfix local
|
||
|
delivery agent. Modifications mainly consisted of removing
|
||
|
code that either was not applicable or that was not safe
|
||
|
in this context: aliases, ~user/.forward files, delivery
|
||
|
to "|command" or to /file/name.
|
||
|
|
||
|
The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
|
||
|
Daniel Bernstein.
|
||
|
|
||
|
The <b>maildir</b> structure appears in the <b>qmail</b> system by
|
||
|
Daniel Bernstein.
|
||
|
|
||
|
<b>SEE</b> <b>ALSO</b>
|
||
|
<a href="bounce.8.html">bounce(8)</a> non-delivery status reports
|
||
|
syslogd(8) system logging
|
||
|
<a href="qmgr.8.html">qmgr(8)</a> queue manager
|
||
|
|
||
|
<b>LICENSE</b>
|
||
|
The Secure Mailer license must be distributed with this
|
||
|
software.
|
||
|
|
||
|
<b>AUTHOR(S)</b>
|
||
|
Wietse Venema
|
||
|
IBM T.J. Watson Research
|
||
|
P.O. Box 704
|
||
|
Yorktown Heights, NY 10598, USA
|
||
|
|
||
|
Andrew McNamara
|
||
|
andrewm@connect.com.au
|
||
|
connect.com.au Pty. Ltd.
|
||
|
Level 3, 213 Miller St
|
||
|
North Sydney 2060, NSW, Australia
|
||
|
|
||
|
1
|
||
|
|
||
|
</pre> </body> </html>
|