The stable Postfix release is called postfix-3.0.x where 3=major

release number, 0=minor release number, x=patchlevel.  The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.

New features are developed in snapshot releases. These are called
postfix-3.1-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day).  Patches are never issued for snapshot releases;
instead, a new snapshot is released.

The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.

If you upgrade from Postfix 2.10 or earlier, read RELEASE_NOTES-2.11
before proceeding.

Notes for distribution maintainers
----------------------------------

* New backwards-compatibility safety net.

With NEW Postfix installs, you MUST install a main.cf file with
the setting "compatibility_level = 2". See conf/main.cf for an
example.

With UPGRADES of existing Postfix systems, you MUST NOT change the
main.cf compatibility_level setting, nor add this setting if it
does not exist.

Several Postfix default settings have changed with Postfix 3.0.  To
avoid massive frustration with existing Postfix installations,
Postfix 3.0 comes with a safety net that forces Postfix to keep
running with backwards-compatible main.cf and master.cf default
settings. This safety net depends on the main.cf compatibility_level
setting (default: 0). Details are in COMPATIBILITY_README.

* New Postfix build system.

The Postfix build/install procedure has changed to support Postfix
dynamically-linked libraries and database plugins. These must not
be "shared" with non-Postfix programs, and therefore must not be
installed in a public directory.

To avoid massive frustration due to broken patches, PLEASE BUILD
POSTFIX FIRST WITHOUT APPLYING ANY PATCHES.  Follow the INSTALL
instructions (see "Building with Postfix dynamically-linked libraries
and database plugins"), and see how things work and what the
dynamically-linked libraries, database plugin, and configuration
files look like.  Then, go ahead and perform your platform-specific
customizations. The INSTALL section "Tips for distribution maintainers"
has further suggestions.

Major changes - critical
------------------------

[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.

Major changes - default settings
--------------------------------

[Incompat 20141009] The default settings have changed for relay_domains
(new: empty, old: $mydestination) and mynetworks_style (new: host,
old: subnet).  However the backwards-compatibility safety net will
prevent these changes from taking effect, giving the system
administrator the option to make an old default setting permanent
in main.cf or to adopt the new default setting, before turning off
backwards compatibility. See COMPATIBILITY_README for details.

[Incompat 20141001] A new backwards-compatibility safety net forces
Postfix to run with backwards-compatible main.cf and master.cf
default settings after an upgrade to a newer but incompatible Postfix
version. See COMPATIBILITY_README for details.

While the backwards-compatible default settings are in effect,
Postfix logs what services or what email would be affected by the
incompatible change. Based on this the administrator can make some
backwards-compatibility settings permanent in main.cf or master.cf,
before turning off backwards compatibility.

See postconf.5.html#compatibility_level for details.

[Incompat 20141001] The default settings
have changed for append_dot_mydomain (new: no.  old: yes), master.cf
chroot (new: n, old: y), and smtputf8 (new: yes, old: no).

Major changes - access control
------------------------------

[Feature 20141119] Support for BCC actions in header/body_checks
and milter_header_checks.  There is no limit on the number of BCC
actions that may be specified, other than the implicit limit due
to finite storage. BCC support will not be implemented in Postfix
delivery agent header/body_checks.

It works in the same way as always_bcc and sender/recipient_bcc_maps:
there can be only one address per action, recipients are added with
the NOTIFY=NONE delivery status notification option, and duplicate
recipients are ignored (with the same delivery status notification
options).

[Incompat 20141009] The default settings have changed for relay_domains
(new: empty, old: $mydestination) and mynetworks_style (new: host,
old: subnet).  However the backwards-compatibility safety net will
prevent these changes from taking effect, giving the system
administrator the option to make an old default setting permanent
in main.cf or to adopt the new default setting, before turning off
backwards compatibility. See COMPATIBILITY_README for details.

[Feature 20140618] New INFO action in access(5) tables, for consistency
with header/body_checks.

[Feature 20140620] New check_xxx_a_access (for xxx in client,
reverse_client, helo, sender, recipient) implements access control
on all A and AAAA IP addresses for respectively the client hostname,
helo parameter, sender domain or recipient domain. This complements
the existing check_xxx_mx_access and check_xxx_ns_access features.

Major changes - address rewriting
---------------------------------

[Incompat 20141001] The default settings have changed for
append_dot_mydomain (new: no.  old: yes), master.cf chroot (new:
n, old: y), and smtputf8 (new: yes, old: no).

Major changes - address verification
------------------------------------

[Feature 20141227] The new smtp_address_verify_target parameter
(default: rcpt) specifies what protocol stage decides if a recipient
is valid. Specify "data" for servers that reject invalid recipients
in response to the DATA command.

Major changes - database support
--------------------------------

[Feature 20140512] Support for Berkeley DB version 6.

[Feature 20140618] The "randmap" lookup table performs random
selection. This may be used to implement load balancing, for example:

/etc/postfix/transport:
    # Deliver my own domain as usual.
    example.com :
    .example.com :

/etc/postfix/main.cf:
    transport_maps =
        # Deliver my own domain as usual.
        hash:/etc/postfix/transport
        # Deliver other domains via randomly-selected relayhosts
        randmap:{smtp:smtp0.example.com, smtp:smtp1.example.com}

A variant of this can randomly select SMTP clients with different
smtp_bind_address settings.

To implement different weights, specify lookup results multiple
times. For example, to choose smtp:smtp1.example.com twice as often
as smtp:smtp0.example.com, specify smtp:smtp1.example.com twice.

A future version may support randmap:/path/to/file to load a list
of results from file.

[Feature 20140618] As the name suggests, the "pipemap" table
implements a pipeline of lookup tables. The name of the table
specifies the pipeline as a sequence of tables. For example, the
following prevents SMTP mail to system accounts that have "nologin"
as their login shell:

    /etc/postfix/main.cf:
        local_recipient_maps =
            pipemap:{unix:passwd.byname, pcre:/etc/postfix/no-nologin.pcre}
            alias_maps

    /etc/postfix/no-nologin.pcre:
        !/nologin/      whatever

Each "pipemap:" query is given to the first table. Each table
lookup result becomes the query for the next table in the pipeline,
and the last table produces the final result.  When any table lookup
produces no result, the entire pipeline produces no result.

A future version may support pipemap:/path/to/file to load a list
of lookup tables from file.

[Feature 20140924] Support for unionmap, with the same syntax as
pipemap.  This sends a query to all tables, and concatenates non-empty
results, separated by comma.

[Feature 20131121] The "static" lookup table now supports whitespace
when invoked as "static:{ text with whitespace }", so that it can
be used, for example, at the end of smtpd_mumble_restrictions as
"check_mumble_access static:{reject text...}".

[Feature 20141126] "inline:{key=value, { key = text with comma/space}}"
avoids the need to create a database for just a few entries.

Major changes - delivery status notifications
---------------------------------------------

[Feature 20140321] Delivery status filter support, to replace the
delivery status codes and explanatory text of successful or
unsuccessful deliveries by Postfix mail delivery agents.

This was originally implemented for sites that want to turn certain
soft delivery errors into hard delivery errors, but it can also be
used to censor out information from delivery confirmation reports.

This feature is implemented as a filter that replaces the three-number
enhanced status code and descriptive text in Postfix delivery agent
success, bounce, or defer messages. Note: this will not override
"soft_bounce=yes", and this will not change a successful delivery
status into an unsuccessful status or vice versa.

The first example turns specific soft TLS errors into hard
errors, by overriding the first number in the enhanced status code.

/etc/postfix/main.cf:
    smtp_delivery_status_filter = pcre:/etc/postfix/smtp_dsn_filter

/etc/postfix/smtp_dsn_filter:
    /^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/ 5$1
    /^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/ 5$1

The second example removes the destination command name and file
name from local(8) successful delivery reports, so that they will
not be reported when a sender requests confirmation of delivery.

/etc/postfix/main.cf:
    local_delivery_status_filter = pcre:/etc/postfix/local_dsn_filter

/etc/postfix/local_dsn_filter:
    /^(2\S+ delivered to file).+/    $1
    /^(2\S+ delivered to command).+/ $1

This feature is supported in the lmtp(8), local(8), pipe(8), smtp(8)
and virtual(8) delivery agents. That is, all delivery agents that
actually deliver mail.  It will not be implemented in the error and
retry pseudo-delivery agents.

The new main.cf parameters and default values are:

    default_delivery_status_filter =
    lmtp_delivery_status_filter = $default_delivery_status_filter
    local_delivery_status_filter = $default_delivery_status_filter
    pipe_delivery_status_filter = $default_delivery_status_filter
    smtp_delivery_status_filter = $default_delivery_status_filter
    virtual_delivery_status_filter = $default_delivery_status_filter

See the postconf(5) manpage for more details.

[Incompat 20140618] The pipe(8) delivery agent will now log a limited
amount of command output upon successful delivery, and will report
that output in "SUCCESS" delivery status reports. This is another
good reason to disable inbound DSN requests at the Internet perimeter.

[Feature 20140907] With "confirm_delay_cleared = yes", Postfix
informs the sender when delayed mail leaves the queue (this is in
addition to the delay_warning_time feature that warns when mail is
still queued).  This feature is disabled by default, because it can
result in a sudden burst of notifications when the queue drains at
the end of a prolonged network outage.

Major changes - dns
-------------------

[Feature 20141128] Support for DNS server reply filters in the
Postfix SMTP/LMTP client and SMTP server. This helps to work around
mail delivery problems with sites that have incorrect DNS information.
Note: this has no effect on the implicit DNS lookups that are made
by nsswitch.conf or equivalent mechanisms.

This feature renders each lookup result as one line of text in
standard zone-file format as shown below. The class field is always
"IN", the preference field exists only for MX records, the names
of hosts, domains, etc. end in ".", and those names are in ASCII
form (xn--mumble form for internationalized domain names).

    name         ttl   class type preference value
    ---------------------------------------------------------
    postfix.org. 86400 IN    MX   10         mail.cloud9.net.

Typically, one would match this text with a regexp: or pcre: table.
When a match is found, the table lookup result specifies an action.
By default, the table query and the action name are case-insensitive.
Currently, only the IGNORE action is implemented.

For safety reasons, Postfix logs a warning or defers mail delivery
when a DNS reply filter removes all lookup results from a successful
query.

The Postfix SMTP/LMTP client uses the smtp_dns_reply_filter and
lmtp_dns_reply_filter features only for Postfix SMTP client lookups
of MX, A, and AAAAA records to locate a remote SMTP or LMTP server,
including lookups that implement the features reject_unverified_sender
and reject_unverified_recipient. The filters are not used for lookups
made through nsswitch.conf and similar mechanisms.

The Postfix SMTP server uses the smtpd_dns_reply_filter feature
only for Postfix SMTP server lookups of MX, A, AAAAA, and TXT records
to implement the features reject_unknown_helo_hostname,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
reject_rbl_*, and reject_rhsbl_*. The filter is not used for lookups
made through nsswitch.conf and similar mechanisms, such as lookups
of the remote SMTP client name.

[Feature 20141126] Nullmx support (MX records with a null hostname).
This change affects error messages only.  The Postfix SMTP client
already bounced mail for such domains, and the Postfix SMTP server
already rejected such domains with reject_unknown_sender/recipient_domain.
This feature introduces a new SMTP server configuration parameter
nullmx_reject_code (default: 556).

Major changes - dynamic linking
-------------------------------

[Feature 20140530] Support to build Postfix with Postfix
dynamically-linked libraries, and with dynamically-loadable database
clients. These MUST NOT be used by non-Postfix programs. Postfix
dynamically-linked libraries introduce minor runtime overhead and
result in smaller Postfix executable files. Dynamically-loadable
database clients are useful when you distribute or install pre-compiled
packages.  Postfix 3.0 supports dynamic loading for CDB, LDAP, LMDB,
MYSQL, PCRE, PGSQL, SDBM, and SQLITE database clients.

This implementation is based on Debian code by LaMont Jones, initially
ported by Viktor Dukhovni. Currently, support exists for recent
versions of Linux, FreeBSD, MacOS X, and for the ancient Solaris 9.

To support Postfix dynamically-linked libraries and dynamically-loadable
database clients, the Postfix build procedure had to be changed
(specifically, the files makedefs and Makefile.in, and the files
postfix-install and post-install that install or update Postfix).

[Incompat 20140530] The Postfix 3.0 build procedure expects that
you specify database library dependencies with variables named
AUXLIBS_CDB, AUXLIBS_LDAP, etc.  With Postfix 3.0 and later, the
old AUXLIBS variable still supports building a statically-loaded
CDB etc.  database client, but only the new AUXLIBS_CDB etc. variables
support building a dynamically-loaded or statically-loaded CDB etc.
database client.  See CDB_README, LDAP_README, etc. for details.

Failure to follow this advice will defeat the purpose of dynamic
database client loading. Every Postfix executable file will have
database library dependencies. And that was exactly what dynamic
database client loading was meant to avoid.

Major changes - future proofing
-------------------------------

[Cleanup 20141224] The changes described here have no visible effect
on Postfix behavior, but they make Postfix code easier to maintain,
and therefore make new functionality easier to add.

* Compile-time argument typechecks of non-printf/scanf-like variadic
  function argument lists.

* Deprecating the use of "char *" for non-text purposes such as
  memory allocation and pointers to application context for call-back
  functions. This dates from long-past days before void * became
  universally available.

* Replace integer types for counters and sizes with size_t or ssize_t
  equivalents.  This eliminates some wasteful 64<->32bit conversions
  on 64-bit systems.

Major changes - installation pathnames
--------------------------------------

[Incompat 20140625] For compliance with file system policies, some
non-executable files have been moved from $daemon_directory to the
directory specified with the new meta_directory configuration
parameter which has the same default value as the config_directory
parameter. This change affects non-executable files that are shared
between multiple Postfix instances such as postfix-files, dynamicmaps.cf,
and multi-instance template files.

For backwards compatibility with Postfix 2.6 .. 2.11, specify
"meta_directory = $daemon_directory" in main.cf before installing
or upgrading Postfix, or specify "meta_directory = /path/name" on
the "make makefiles", "make install" or "make upgrade" command line.

Major changes - milter
----------------------

[Feature 20140928] Support for per-Milter settings that override
main.cf parameters.  For details see the section "Advanced policy
client configuration" in the SMTPD_POLICY_README document.

Here is an example that uses both old and new syntax:

    smtpd_milters = { inet:127.0.0.1:port1, default_action=accept, ... },
        inet:127.0.0.1:port2, ...

The supported attribute names are: command_timeout, connect_timeout,
content_timeout, default_action, and protocol. These have the same
names as the corresponding main.cf parameters, without the "milter_"
prefix.

The per-milter settings are specified as attribute=value pairs
separated by comma or space; specify { name = value } to allow
spaces around the "=" or within an attribute value.

[Feature 20141018] DMARC compatibility: when a Milter inserts a
header ABOVE Postfix's own Received: header, Postfix no longer
exposes its own Received: header to Milters (violating protocol)
and Postfix no longer hides the Milter-inserted header from Milters
(wtf).

Major changes - parameter syntax
--------------------------------

[Feature 20140921] In preparation for configurable mail headers and
logging, new main.cf support for if-then-else expressions:

    ${name?{text1}:{text2}}

and for logical expressions:

    ${{text1}=={text2}?{text3}:{text4}}
    ${{text1}!={text2}?{text3}:{text4}}

Whitespace before and after {text} is ignored. This can help to
make complex expressions more readable.  See the postconf(5) manpage
for further details.

[Feature 20140928] Support for whitespace in daemon command-line
arguments. For details, see the "Command name + arguments" section
in the master(5) manpage.  Example:

    smtpd -o { parameter = value containing whitespace } ...

The { ... } form is also available for non-option command-line
arguments in master.cf, for example:

    pipe ... argv=command { argument containing whitespace } ...

In both cases, whitespace immediately after "{" and before "}"
is ignored.

[Feature 20141005] Postfix import_environment and export_environment
now allow "{ name=value }" to protect whitespace in attribute values.

[Feature 20141006] The new message_drop_header parameter replaces
a hard-coded table that specifies what message headers the cleanup
daemon will remove.  The list of supported header names covers RFC
5321, 5322, MIME RFCs, and some historical names.

Major changes - pipe daemon
---------------------------

[Incompat 20140618] The pipe(8) delivery agent will now log a limited
amount of command output upon successful delivery, and will report
that output in "SUCCESS" delivery status reports. This is another
good reason to disable inbound DSN requests at the Internet perimeter.

Major changes - policy client
-----------------------------

[Feature 20140703] This release introduces three new configuration
parameters that control error recovery for failed SMTPD policy
requests.

  * smtpd_policy_service_default_action (default: 451 4.3.5 Server
    configuration problem): The default action when an SMTPD policy
    service request fails.

  * smtpd_policy_service_try_limit (default: 2): The maximal number
    of attempts to send an SMTPD policy service request before
    giving up. This must be a number greater than zero.

  * smtpd_policy_service_retry_delay (default: 1s): The delay between
    attempts to resend a failed SMTPD policy service request. This
    must be a number greater than zero.

See postconf(5) for details and limitations.

[Feature 20140928] Support for per-policy service settings that
override main.cf parameters.  For details see the section "Different
settings for different Milter applications" in the MILTER_README
document.

Here is an example that uses both old and new syntax:

smtpd_recipient_restrictions = ...
    check_policy_service { inet:127.0.0.1:port3, default_action=DUNNO }
    check_policy_service inet:127.0.0.1:port4
    ...

The per-policy service settings are specified as attribute=value pairs
separated by comma or space; specify { name = value } to allow
spaces around the "=" or within an attribute value.

The supported attribute names are: default_action, max_idle, max_ttl,
request_limit, retry_delay, timeout, try_limit. These have the same
names as the corresponding main.cf parameters, without the
"smtpd_policy_service_" prefix.

[Feature 20140505] A client port attribute was added to the policy
delegation protocol.

[Feature 20140630] New smtpd_policy_service_request_limit feature to
limit the number of requests per Postfix SMTP server policy connection.
This is a workaround to avoid error-recovery delays with policy
servers that cannot maintain a persistent connection.

Major changes - position-independent executables
------------------------------------------------

[Feature 20150205] Preliminary support for building position-independent
executables (PIE), tested on Fedora Core 20, Ubuntu 14.04, FreeBSD
9 and 10, and NetBSD 6. Specify:

$ make makefiles pie=yes ...other arguments...

On some systems, PIE is used by the ASLR exploit mitigation technique
(ASLR = Address-Space Layout Randomization). Whether specifying
"pie=yes" has any effect at all depends on the compiler.  Reportedly,
some compilers always produce PIE executables.

Major changes - postscreen
--------------------------

[Feature 20140501] Configurable time limit (postscreen_dnsbl_timeout)
for DNSBL or DNSWL lookups. This is separate from the timeouts in
the dnsblog(8) daemon which are controlled by system resolver(3)
routines.

Major changes - session fingerprint
-----------------------------------

[Feature 20140801] The Postfix SMTP server now logs at the end of
a session how many times an SMTP command was successfully invoked,
followed by the total number of invocations if some invocations
were unsuccessful.

This logging will enough to diagnose many problems without using
verbose logging or network sniffer.

    Normal session, no TLS:
        disconnect from name[addr] ehlo=1 mail=1 rcpt=1 data=1 quit=1

    Normal session. with TLS:
        disconnect from name[addr] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1

    All recipients rejected, no ESMTP command pipelining:
        disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 quit=1

    All recipients rejected, with ESMTP command pipelining:
        disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1

    Password guessing bot, hangs up without QUIT:
        disconnect from name[addr] ehlo=1 auth=0/1

    Mis-configured client trying to use TLS wrappermode on port 587:
        disconnect from name[addr] unknown=0/1

Logfile analyzers can trigger on the presence of "/". It indicates
that Postfix rejected at least one command.

[Feature 20150118] As a late addition, the SMTP server now also
logs the total number of commands (as "commands=x/y") even when the
client did not send any commands. This helps logfile analyzers to
recognize sessions without commands.

Major changes - smtp client
---------------------------

[Feature 20141227] The new smtp_address_verify_target parameter
(default: rcpt) determines what protocol stage decides if a recipient
is valid. Specify "data" for servers that reject recipients after
the DATA command.

Major changes - smtputf8
------------------------

[Incompat 20141001] The default settings have changed for
append_dot_mydomain (new: no, old: yes), master.cf chroot (new:
n, old: y), and smtputf8 (new: yes, old: no).

[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.

[Feature 20140715] Support for Email Address Internationalization
(EAI) as defined in RFC 6531..6533. This supports UTF-8 in SMTP/LMTP
sender addresses, recipient addresses, and message header values.
The implementation is based on initial work by Arnt Gulbrandsen
that was funded by CNNIC.

See SMTPUTF8_README for a description of Postfix SMTPUTF8 support.

[Feature 20150112] UTF-8 Casefolding support for Postfix lookup
tables and matchlists (mydestination, relay_domains, etc.).  This
is enabled only with "smtpuf8 = yes".

[Feature 20150112] With smtputf8_enable=yes, SMTP commands with
UTF-8 syntax errors are rejected, table lookup results with invalid
UTF-8 syntax are handled as configuration errors, and UTF-8 syntax
errors in policy server replies result in execution of the policy
server's default action.

Major changes - tls support
---------------------------

(see "Major changes - delivery status notifications" above for
turning 4XX soft errors into 5XX bounces when a remote SMTP server
does not offer STARTTLS support).

[Feature 20140209] the Postfix SMTP client now also falls back to
plaintext when TLS fails AFTER the TLS protocol handshake.

[Feature 20140218] The Postfix SMTP client now requires that a queue
file is older than $minimal_backoff_time, before falling back from
failed TLS to plaintext (both during or after the TLS handshake).

[Feature 20141021] Per IETF TLS WG consensus, the tls_session_ticket_cipher
default setting was changed from aes-128-cbc to aes-256-cbc.

[Feature 20150116] TLS wrappermode support in the Postfix smtp(8)
client (new smtp_tls_wrappermode parameter) and in posttls-finger(1)
(new -w option). There still is life in that deprecated protocol,
and people should not have to jump hoops with stunnel.
This commit is contained in:
christos 2017-02-14 01:13:32 +00:00
parent 7d343bc869
commit e262b48e47
939 changed files with 36900 additions and 11327 deletions

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,7 +1,8 @@
# Usage:
# make makefiles [CC=compiler] [OPT=compiler-flags] [DEBUG=debug-flags]
# make makefiles [name=value]...
#
# The defaults are: CC=gcc, OPT=-O, and DEBUG=-g. Examples:
# See makedefs for a descripton of available options.
# Examples:
#
# make makefiles
# make makefiles CC="purify cc"

View File

@ -1,7 +1,7 @@
SHELL = /bin/sh
WARN = -Wmissing-prototypes -Wformat -Wno-comment
OPTS = 'CC=$(CC)'
DIRS = src/util src/global src/dns src/tls src/xsasl src/milter src/master \
OPTS = 'WARN=$(WARN)'
DIRS = src/util src/global src/dns src/tls src/xsasl src/master src/milter \
src/postfix src/fsstone src/smtpstone \
src/sendmail src/error src/pickup src/cleanup src/smtpd src/local \
src/trivial-rewrite src/qmgr src/oqmgr src/smtp src/bounce \
@ -12,50 +12,101 @@ DIRS = src/util src/global src/dns src/tls src/xsasl src/milter src/master \
src/postmulti src/postscreen src/dnsblog src/tlsproxy \
src/posttls-finger
MANDIRS = proto man html
LIBEXEC = libexec/post-install libexec/postfix-files libexec/postfix-script \
libexec/postfix-wrapper libexec/main.cf libexec/master.cf \
libexec/postmulti-script
LIBEXEC = libexec/post-install libexec/postfix-script libexec/postfix-wrapper \
libexec/postmulti-script libexec/postfix-tls-script
PLUGINS = meta/dynamicmaps.cf
META = meta/main.cf.proto meta/master.cf.proto meta/postfix-files \
meta/makedefs.out $(PLUGINS)
EXPAND = sed -e "s;\$${LIB_PREFIX};$(LIB_PREFIX);" \
-e "s;\$${LIB_SUFFIX};$(LIB_SUFFIX);"
SHLIB_DIR_OVERRIDE = \
$${shlib_directory:-`$(SHLIB_ENV) bin/postconf -dhx shlib_directory`}
default: update
makefiles Makefiles:
# While generating the top-level Makefile, we must get the PLUGIN_LD
# setting directly from the latest makedefs.out result.
makefiles Makefiles conf/makedefs.out:
(echo "# Do not edit -- this file documents how Postfix was built for your machine."; $(SHELL) makedefs) >makedefs.tmp
set +e; if cmp makedefs.tmp conf/makedefs.out; then rm makedefs.tmp; \
else mv makedefs.tmp conf/makedefs.out; fi >/dev/null 2>/dev/null
set -e; for i in $(DIRS); do \
(set -e; echo "[$$i]"; cd $$i; rm -f Makefile; \
$(MAKE) -f Makefile.in Makefile MAKELEVEL=) || exit 1; \
done;
rm -f Makefile; (cat conf/makedefs.out Makefile.in) >Makefile
done
@set -- `grep '^PLUGIN_LD' conf/makedefs.out`; \
rm -f Makefile; (cat conf/makedefs.out; \
case "$$3" in \
""|":") grep -v '^PLUGINS' Makefile.in;; \
*) cat Makefile.in;; \
esac) >Makefile
update printfck tests root_tests:
set -e; for i in $(DIRS); do \
(set -e; echo "[$$i]"; cd $$i; $(MAKE) $(OPTS) $@ MAKELEVEL=) || exit 1; \
done
update: $(LIBEXEC)
update: $(META) $(LIBEXEC)
libexec/post-install: conf/post-install
rm -f $@ && ln -f $? $@
libexec/postfix-files: conf/postfix-files
rm -f $@ && ln -f $? $@
# Censor out build directory information.
meta/makedefs.out: conf/makedefs.out
grep -v SHLIB_ENV $? > $@
meta/postfix-files: conf/postfix-files conf/makedefs.out Makefile
rm -f $@
(if [ "${SHLIB_DIR}" = "no" -o "${SHLIB_DIR}" = "" ]; then \
sed -e '/^\$$shlib_directory/d' \
-e '/dynamicmaps.cf/d' conf/postfix-files; \
elif [ "${PLUGIN_LD}" = ":" -o "${PLUGIN_LD}" = "" ]; then \
sed -e '/dynamicmaps.cf/d' \
-e '/^\$$shlib_directory\/\$${LIB_PREFIX}/d' \
conf/postfix-files | $(EXPAND); \
else \
$(EXPAND) conf/postfix-files | awk -F: ' \
BEGIN { \
count = split("'"$(DEFINED_MAP_TYPES)"'", names, " "); \
for (n = 1; n <= count; n++) \
have["$$shlib_directory/$(LIB_PREFIX)" names[n] \
"$(LIB_SUFFIX)"] = 1; } \
/^[$$]shlib_directory.$(LIB_PREFIX)/ { \
if (have[$$1]) print; next } \
{ print } \
'; \
fi) | case "$(MAKE_FIX)" in \
*) cat;; \
esac > $@
libexec/postfix-script: conf/postfix-script
rm -f $@ && ln -f $? $@
libexec/postfix-tls-script: conf/postfix-tls-script
rm -f $@ && ln -f $? $@
libexec/postfix-wrapper: conf/postfix-wrapper
rm -f $@ && ln -f $? $@
libexec/main.cf: conf/main.cf
meta/main.cf.proto: conf/main.cf
rm -f $@ && ln -f $? $@
libexec/master.cf: conf/master.cf
meta/master.cf.proto: conf/master.cf
rm -f $@ && ln -f $? $@
libexec/postmulti-script: conf/postmulti-script
rm -f $@ && ln -f $? $@
meta/dynamicmaps.cf: conf/dynamicmaps.cf Makefile
rm -f $@ && $(EXPAND) conf/dynamicmaps.cf | $(AWK) ' \
BEGIN { split("'"$(DEFINED_MAP_TYPES)"'", map_types); \
for (n in map_types) has_type[map_types[n]] = n } \
/^#/ { print } \
/^[a-z]/ { if (has_type[$$1]) print } \
' >$@
manpages:
set -e; for i in $(MANDIRS); do \
(set -e; echo "[$$i]"; cd $$i; $(MAKE) -f Makefile.in $(OPTS) MAKELEVEL=) || exit 1; \
@ -63,17 +114,31 @@ manpages:
printfck: update
# The build-time shlib_directory setting must take precedence over
# the installed main.cf settings, otherwise we can't update an
# installed system from dynamicmaps=yes<->dynamicmaps=no or from
# shared=yes<->shared=no.
install: update
$(SHELL) postfix-install
SHLIB_ENV_VAR= SHLIB_ENV_VAL= \
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install
package: update
$(SHELL) postfix-install -package
SHLIB_ENV_VAR= SHLIB_ENV_VAL= \
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install -package
upgrade: update
$(SHELL) postfix-install -non-interactive
SHLIB_ENV_VAR= SHLIB_ENV_VAL= \
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install -non-interactive
non-interactive-package: update
$(SHELL) postfix-install -non-interactive -package
SHLIB_ENV_VAR= SHLIB_ENV_VAL= \
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install -non-interactive -package
depend clean:
set -e; for i in $(DIRS); do \
@ -92,6 +157,8 @@ tidy: clean
rm -f README_FILES/RELEASE_NOTES
ln -s ../RELEASE_NOTES README_FILES
rm -f bin/[!CRS]* lib/[!CRS]* include/[!CRS]* libexec/[!CRS]* \
src/*/libpostfix-*.so src/*/libpostfix-*.dylib \
src/*/postfix-*.so src/*/postfix-*.dylib \
junk */junk */*/junk \
*core */*core */*/*core \
.nfs* */.nfs* */*/.nfs* \
@ -105,7 +172,7 @@ tidy: clean
*.bak */*.bak */*/*.bak \
make.err */make.err */*/make.err \
*.gmon */*.gmon */*/*.gmon \
conf/main.cf.default conf/bounce.cf.default
conf/main.cf.default conf/bounce.cf.default meta/*
find . -type s -print | xargs rm -f
find . -type d -print | xargs chmod 755
find . -type f -print | xargs chmod a+r

View File

@ -1,7 +1,8 @@
# Usage:
# make makefiles [CC=compiler] [OPT=compiler-flags] [DEBUG=debug-flags]
# make makefiles [name=value]...
#
# The defaults are: CC=gcc, OPT=-O, and DEBUG=-g. Examples:
# See makedefs for a descripton of available options.
# Examples:
#
# make makefiles
# make makefiles CC="purify cc"

View File

@ -12,7 +12,9 @@ GGeenneerraall ccoonnffiigguurraattiioonn
* TLS_README: TLS Encryption and authentication
* FORWARD_SECRECY_README: TLS Forward Secrecy
* IPV6_README: IP Version 6 Support
* MULTI_INSTANCE_README: Multiple-instance management
* IPV6_README: IP Version 6 Support
* SMTPUTF8_README: SMTPUTF8 Support
* COMPATIBILITY_README: Backwards-Compatibility Safety Net
* INSTALL: Installation from source code
PPrroobblleemm ssoollvviinngg

View File

@ -164,7 +164,8 @@ WWhhaatt cclliieennttss ttoo rreellaayy mmaaiill ffrroo
By default, Postfix will forward mail from clients in authorized network blocks
to any destination. Authorized networks are defined with the mynetworks
configuration parameter. The default is to authorize all clients in the IP
configuration parameter. The current default is to authorize the local machine
only. Prior to Postfix 3.0, the default was to authorize all clients in the IP
subnetworks that the local machine is attached to.
Postfix can also be configured to relay mail from "mobile" clients that send

View File

@ -52,6 +52,8 @@ Topics covered by this document:
* Limitations of Postfix header/body checks
* Preventing daily mail status reports from being blocked
* Configuring header/body checks for mail from outside users only
* Configuring different header/body checks for MX service and submission
service
* Configuring header/body checks for mail to some domains only
WWhhaatt mmaaiill iiss ssuubbjjeecctteedd ttoo hheeaaddeerr//bbooddyy cchheecckkss
@ -105,8 +107,9 @@ make the decision in the cleanup(8) server, as this program receives mail from
so many different sources. Instead, header/body checks are requested by the
source. Examples of how to turn off header/body checks for mail received with
smtpd(8), qmqpd(8) or pickup(8) are given below under "Configuring header/body
checks for mail from outside users only" and "Configuring header/body checks
for mail to some domains only".
checks for mail from outside users only", "Configuring different header/body
checks for MX service and submission service", and "Configuring header/body
checks for mail to some domains only".
LLiimmiittaattiioonnss ooff PPoossttffiixx hheeaaddeerr//bbooddyy cchheecckkss
@ -248,6 +251,50 @@ server IP addresses in master.cf:
# =================================================================
1.2.3.5:smtp inet n - n - - smtpd
CCoonnffiigguurriinngg ddiiffffeerreenntt hheeaaddeerr//bbooddyy cchheecckkss ffoorr MMXX sseerrvviiccee aanndd ssuubbmmiissssiioonn sseerrvviiccee
If authorized user submissions require different header/body checks than mail
from remote MTAs, then this is possible as long as you have separate mail
streams for authorized users and for MX service.
The example below assumes that authorized users connect to TCP port 587
(submission) or 465 (smtps), and that remote MTAs connect to TCP port 25
(smtp).
First, we define a few "user-defined" parameters that will override settings
for the submission and smtps services.
/etc/postfix/main.cf:
msa_cleanup_service_name = msa_cleanup
msa_header_checks = pcre:/etc/postfix/msa_header_checks
msa_body_checks = pcre:/etc/postfix/msa_body_checks
Next, we define msa_cleanup as a dedicated cleanup service that will be used
only by the submission and smtps services. This service uses the header_checks
and body_checks overrides that were defined above.
/etc/postfix.master.cf:
# =================================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
# =================================================================
smtp inet n - n - - smtpd
msa_cleanup unix n - n - 0 cleanup
-o header_checks=$msa_header_checks
-o body_checks=$msa_body_checks
submission inet n - n - - smtpd
-o cleanup_service_name=$msa_cleanup_service_name
-o syslog_name=postfix/submission
...[see sample master.cf file for more]...
smtps inet n - n - - smtpd
-o cleanup_service_name=$msa_cleanup_service_name
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
...[see sample master.cf file for more]...
By keeping the "msa_xxx" parameter settings in main.cf, you keep your master.cf
file simple, and you minimize the amount of duplication.
CCoonnffiigguurriinngg hheeaaddeerr//bbooddyy cchheecckkss ffoorr mmaaiill ttoo ssoommee ddoommaaiinnss oonnllyy
The following information applies to Postfix 2.1. Earlier Postfix versions do

View File

@ -42,7 +42,7 @@ To build Postfix after you have installed tinycdb, use something like:
% make tidy
% CDB=../../../tinycdb-0.5
% make -f Makefile.init makefiles "CCARGS=-DHAS_CDB -I$CDB" \
"AUXLIBS=$CDB/libcdb.a"
"AUXLIBS_CDB=$CDB/libcdb.a"
% make
Alternatively, for the D.J.B. version of CDB:
@ -50,9 +50,20 @@ Alternatively, for the D.J.B. version of CDB:
% make tidy
% CDB=../../../cdb-0.75
% make -f Makefile.init makefiles "CCARGS=-DHAS_CDB -I$CDB" \
"AUXLIBS=$CDB/cdb.a $CDB/alloc.a $CDB/buffer.a $CDB/unix.a $CDB/byte.a"
"AUXLIBS_CDB=$CDB/cdb.a $CDB/alloc.a $CDB/buffer.a $CDB/unix.a $CDB/
byte.a"
% make
Postfix versions before 3.0 use AUXLIBS instead of AUXLIBS_CDB. With Postfix
3.0 and later, the old AUXLIBS variable still supports building a statically-
loaded CDB database client, but only the new AUXLIBS_CDB variable supports
building a dynamically-loaded or statically-loaded CDB database client.
Failure to use the AUXLIBS_CDB variable will defeat the purpose of dynamic
database client loading. Every Postfix executable file will have CDB
database library dependencies. And that was exactly what dynamic database
client loading was meant to avoid.
After Postfix has been built with cdb support, you can use "cdb" tables
wherever you can use read-only "hash", "btree" or "dbm" tables. However, the
"ppoossttmmaapp --ii" (incremental record insertion) and "ppoossttmmaapp --dd" (incremental

View File

@ -0,0 +1,205 @@
PPoossttffiixx BBaacckkwwaarrddss--CCoommppaattiibbiilliittyy SSaaffeettyy NNeett
-------------------------------------------------------------------------------
PPuurrppoossee ooff tthhiiss ddooccuummeenntt
Postfix 3.0 introduces a safety net that runs Postfix programs with backwards-
compatible default settings after an upgrade. The safety net will log a warning
whenever a "new" default setting could have an negative effect on your mail
flow.
This document provides information on the following topics:
* Detailed descriptions of Postfix backwards-compatibility warnings.
* What backwards-compatible settings you may have to make permanent in
main.cf or master.cf.
* How to turn off Postfix backwards-compatibility warnings.
OOvveerrvviieeww
With backwards compatibility turned on, Postfix logs a message whenever a
backwards-compatible default setting may be required for continuity of service.
Based on this logging the system administrator can decide if any backwards-
compatible settings need to be made permanent in main.cf or master.cf, before
turning off the backwards-compatibility safety net as described at the end of
this document.
The following messages may be logged:
* Using backwards-compatible default setting append_dot_mydomain=yes
* Using backwards-compatible default setting chroot=y
* Using backwards-compatible default setting mynetworks_style=subnet
* Using backwards-compatible default setting relay_domains=$mydestination
* Using backwards-compatible default setting smtputf8_enable=no
If such a message is logged in the context of a legitimate request, the system
administrator should make the backwards-compatible setting permanent in main.cf
or master.cf, as detailed in the sections that follow.
When no more backwards-compatible settings need to be made permanent, the
system administrator should turn off the backwards-compatibility safety net as
described at the end of this document.
UUssiinngg bbaacckkwwaarrddss--ccoommppaattiibbllee ddeeffaauulltt sseettttiinngg aappppeenndd__ddoott__mmyyddoommaaiinn==yyeess
The append_dot_mydomain default value has changed from "yes" to "no". As long
as the append_dot_mydomain parameter is left at its implicit default value, and
the backwards-compatible default setting is turned on, Postfix may log one of
the following messages:
* Messages about missing "localhost" in mydestination or other address class:
postfix/trivial-rewrite[14777]: using backwards-compatible
default setting append_dot_mydomain=yes to rewrite
"localhost" to "localhost.example.com"; please add
"localhost" to mydestination or other address class
If Postfix logs the above message, add "localhost" to mydestination (or
virtual_alias_domains, virtual_mailbox_domains, or relay_domains) and
execute the command "ppoossttffiixx rreellooaadd".
* Messages about incomplete domains in email addresses:
postfix/trivial-rewrite[25835]: using backwards-compatible
default setting append_dot_mydomain=yes to rewrite "foo" to
"foo.example.com"
If Postfix logs the above message for domains different from "localhost",
and the sender cannot be changed to use complete domain names in email
addresses, then the system administrator should make the backwards-
compatible setting "append_dot_mydomain = yes" permanent in main.cf:
# ppoossttccoonnff aappppeenndd__ddoott__mmyyddoommaaiinn==yyeess
# ppoossttffiixx rreellooaadd
UUssiinngg bbaacckkwwaarrddss--ccoommppaattiibbllee ddeeffaauulltt sseettttiinngg cchhrroooott==yy
The master.cf chroot default value has changed from "y" (yes) to "n" (no). As
long as a master.cf chroot field is left at its implicit default value, and the
backwards-compatible default setting is turned on, Postfix may log the
following message while it reads the master.cf file:
postfix/master[27664]: /etc/postfix/master.cf: line 72: using
backwards-compatible default setting chroot=y
If this service should remain chrooted, then the system administrator should
make the backwards-compatible setting "chroot = y" permanent in master.cf. For
example, to update the chroot setting for the "smtp inet" service:
# ppoossttccoonnff --FF ssmmttpp//iinneett//cchhrroooott==yy
# ppoossttffiixx rreellooaadd
UUssiinngg bbaacckkwwaarrddss--ccoommppaattiibbllee ddeeffaauulltt sseettttiinngg mmyynneettwwoorrkkss__ssttyyllee==ssuubbnneett
The mynetworks_style default value has changed from "subnet" to "host". This
parameter is used to implement the "permit_mynetworks" feature. As long as the
mynetworks and mynetworks_style parameters are left at their implicit default
values, and the backwards-compatible default setting is turned on, the Postfix
SMTP server may log one of the following messages:
postfix/smtpd[17375]: using backwards-compatible default setting
mynetworks_style=subnet to permit request from client
"foo.example.com[10.1.1.1]"
postfix/postscreen[24982]: using backwards-compatible default
setting mynetworks_style=subnet to permit request from client
"10.1.1.1"
If the client request should not be rejected, then the system administrator
should make the backwards-compatible setting "mynetworks_style = subnet"
permanent in main.cf:
# ppoossttccoonnff mmyynneettwwoorrkkss__ssttyyllee==ssuubbnneett
# ppoossttffiixx rreellooaadd
UUssiinngg bbaacckkwwaarrddss--ccoommppaattiibbllee ddeeffaauulltt sseettttiinngg rreellaayy__ddoommaaiinnss==$$mmyyddeessttiinnaattiioonn
The relay_domains default value has changed from "$mydestination" to the empty
value. As long as the relay_domains parameter is left at its implicit default
value, and the backwards-compatible default setting is turned on, Postfix may
log one of the following messages.
* Messages about accepting mail for a remote domain:
postfix/smtpd[19052]: using backwards-compatible default setting
relay_domains=$mydestination to accept mail for domain
"foo.example.com"
postfix/smtpd[19052]: using backwards-compatible default setting
relay_domains=$mydestination to accept mail for address
"user@foo.example.com"
* Messages about providing ETRN service for a remote domain:
postfix/smtpd[19138]: using backwards-compatible default setting
relay_domains=$mydestination to flush mail for domain
"bar.example.com"
postfix/smtp[13945]: using backwards-compatible default setting
relay_domains=$mydestination to update fast-flush logfile for
domain "bar.example.com"
If Postfix should continue to accept mail for that domain or continue to
provide ETRN service for that domain, then the system administrator should make
the backwards-compatible setting "relay_domains = $mydestination" permanent in
main.cf:
# ppoossttccoonnff ''rreellaayy__ddoommaaiinnss==$$mmyyddeessttiinnaattiioonn''
# ppoossttffiixx rreellooaadd
Note: quotes are required as indicated above.
Instead of $mydestination, it may be better to specify an explicit list of
domain names.
UUssiinngg bbaacckkwwaarrddss--ccoommppaattiibbllee ddeeffaauulltt sseettttiinngg ssmmttppuuttff88__eennaabbllee==nnoo
The smtputf8_enable default value has changed from "no" to "yes. With the new
"yes" setting, the Postfix SMTP server rejects non-ASCII addresses from clients
that don't request SMTPUTF8 support. With the old "no" setting, Postfix will
accept such addresses, even if such addresses are not permitted by traditional
SMTP standards.
As long as the smtputf8_enable parameter is left at its implicit default value,
and the backwards-compatible default setting is turned on, Postfix logs a
warning each time an SMTP command uses a non-ASCII address localpart without
requesting SMTPUTF8 support:
postfix/smtpd[27560]: using backwards-compatible default setting
smtputf8_enable=no to accept non-ASCII sender address
"??@example.org" from localhost[127.0.0.1]
postfix/smtpd[27560]: using backwards-compatible default setting
smtputf8_enable=no to accept non-ASCII recipient address
"??@example.com" from localhost[127.0.0.1]
If the address should not be rejected, and the client cannot be updated to use
SMTPUTF8, then the system administrator should make the backwards-compatible
setting "smtputf8_enable = no" permanent in main.cf:
# ppoossttccoonnff ssmmttppuuttff88__eennaabbllee==nnoo
# ppoossttffiixx rreellooaadd
TTuurrnniinngg ooffff tthhee bbaacckkwwaarrddss--ccoommppaattiibbiilliittyy ssaaffeettyy nneett
Backwards compatibility is turned off by updating the compatibility_level
setting in main.cf.
# ppoossttccoonnff ccoommppaattiibbiilliittyy__lleevveell==NN
# ppoossttffiixx rreellooaadd
For N specify the number that is logged in your postfix(1) warning message:
warning: To disable backwards compatibility use "postconf
compatibility_level=N" and "postfix reload"
Sites that don't care about backwards compatibility may set
"compatibility_level = 9999" at their own risk.

View File

@ -212,6 +212,12 @@ To find out what database types your Postfix system supports, use the "ppooss
are created with the postmap(1) or postalias(1) command, and private
databases are maintained by Postfix daemons. The database name as used
in "hash:table" is the database file name without the ".db" suffix.
iinnlliinnee (read-only)
A non-shared, in-memory lookup table. Example: "inline:{ key=value,
{ key = text with whitespace or comma }}". Key-value pairs are
separated by whitespace or comma; whitespace after "{" and before "}"
is ignored. Inline tables eliminate the need to create a database file
for just a few fixed elements. See also the static: map type.
iinntteerrnnaall
A non-shared, in-memory hash table. Its content are lost when a process
terminates.
@ -242,12 +248,26 @@ To find out what database types your Postfix system supports, use the "ppooss
A lookup table based on Perl Compatible Regular Expressions. The file
format is described in pcre_table(5). The lookup table name as used in
"pcre:table" is the name of the regular expression file.
ppiippeemmaapp (read-only)
A pipeline of lookup tables. Example: "pipemap:{type1:name1, ...,
typen:namen}". Each "pipemap:" query is given to the first table. Each
lookup result becomes the query for the next table in the pipeline, and
the last table produces the final result. When any table lookup
produces no result, the pipeline produces no result. The first and last
characters of the "pipemap:" table name must be "{" and "}". Within
these, individual maps are separated with comma or whitespace.
ppggssqqll (read-only)
PostgreSQL database client. Configuration details are given in
pgsql_table(5).
pprrooxxyy
Postfix proxymap(8) client for shared access to Postfix databases. The
lookup table name syntax is "proxy:type:table".
rraannddmmaapp (read-only)
An in-memory table that performs random selection. Example: "randmap:
{result1. ..., resultn}". Each table query returns a random choice from
the specified results. The first and last characters of the "randmap:
" table name must be "{" and "}". Within these, individual maps are
separated with comma or whitespace.
rreeggeexxpp (read-only)
A lookup table based on regular expressions. The file format is
described in regexp_table(5). The lookup table name as used in "regexp:
@ -268,6 +288,9 @@ To find out what database types your Postfix system supports, use the "ppooss
ssttaattiicc (read-only)
A table that always returns its name as the lookup result. For example,
"static:foobar" always returns the string "foobar" as lookup result.
Specify "static:{ text with whitespace }" when the result contains
whitespace; this form ignores whitespace after "{" and before "}". See
also the inline: map type.
ttccpp
TCP/IP client. The protocol is described in tcp_table(5). The lookup
table name is "tcp:host:port" where "host" specifies a symbolic
@ -279,6 +302,10 @@ To find out what database types your Postfix system supports, use the "ppooss
and that texthash: does not detect changes after the file is read. The
lookup table name is "texthash:filename", where the file name is taken
literally; no suffix is appended.
uunniioonnmmaapp (read-only)
A table that sends each query to multiple lookup tables and that
concatenates all found results, separated by comma. The table name
syntax is the same as for pipemap tables.
uunniixx (read-only)
A limited view of the UNIX authentication database. The following
tables are implemented:

View File

@ -373,8 +373,12 @@ When reporting a problem, be sure to include the following information.
host names consistently. Replace each letter by "A", each digit by "D" so
that the helpers can still recognize syntactical errors.
* Output from "ppoossttccoonnff --nn". Please do not send your main.cf file, or 500+
lines of ppoossttccoonnff output.
* Command output from:
o "ppoossttccoonnff --nn". Please do not send your main.cf file, or 1000+ lines of
ppoossttccoonnff command output.
o "ppoossttccoonnff --MMff" (Postfix 2.9 or later).
* Better, provide output from the ppoossttffiinnggeerr tool. This can be found at http:
//ftp.wl0.org/SOURCES/postfinger.

View File

@ -124,7 +124,8 @@ EEDDHH SSeerrvveerr ssuuppppoorrtt
Postfix >= 2.2 support 1024-bit-prime EDH out of the box, with no additional
configuration, but you may want to override the default prime to be 2048 bits
long, and you may want to regenerate your primes periodically. See the quick-
start section for details.
start section for details. With Postfix >= 3.1 the out of the box (compiled-in)
EDH prime size is 2048 bits.
With prime-field EDH, OpenSSL wants the server to provide two explicitly-
selected (prime, generator) combinations. One for the now long-obsolete
@ -135,7 +136,9 @@ configured overrides.
* The "export" EDH parameters are used only with the obsolete "export"
ciphers. To use a non-default prime, generate a 512-bit DH parameter file
and set smtpd_tls_dh512_param_file to the filename (see the quick-start
section for details).
section for details). With Postfix releases after the middle of 2015 the
default opportunistic TLS cipher grade (smtpd_tls_ciphers) is "medium" or
stronger, and export ciphers are no longer used.
* The non-export EDH parameters are used for all other EDH cipher suites. To
use a non-default prime, generate a 1024-bit or 2048-bit DH parameter file
@ -143,9 +146,10 @@ configured overrides.
is simply the non-export parameter file and the prime need not actually be
1024 bits long (see the quick-start section for details).
It turns out that (inadvisably-patched in some Debian releases) Exim SMTP
clients require a >= 2048-bit length for the non-export prime. See the quick-
start section for the recommended configuration to work around this issue.
As of mid-2015, SMTP clients are starting to reject TLS handshakes with primes
smaller than 2048 bits. Each site needs to determine which prime size works
best for the majority of its clients. See the quick-start section for the
recommended configuration to work around this issue.
EEEECCDDHH SSeerrvveerr ssuuppppoorrtt
@ -181,31 +185,38 @@ main.cf.
FFoorrwwaarrdd SSeeccrreeccyy iinn tthhee PPoossttffiixx SSMMTTPP CClliieenntt
The Postfix >= 2.2 SMTP client supports forward secrecy in its default
configuration. No configuration changes are needed besides turning on elliptic-
curve support with Postfix 2.6 and 2.7 (see the quick-start section). If the
remote SMTP server supports cipher suites with forward secrecy (and does not
override the SMTP client's cipher preference), then the traffic between the
server and client will resist decryption even if the server's long-term
authentication keys are later compromised.
configuration. All supported OpenSSL releases support EDH key exchange. OpenSSL
releases >= 1.0.0 also support EECDH key exchange (provided elliptic-curve
support has not been disabled by the vendor as in some versions of RedHat
Linux). If the remote SMTP server supports cipher suites with forward secrecy
(and does not override the SMTP client's cipher preference), then the traffic
between the server and client will resist decryption even if the server's long-
term authentication keys are later compromised.
The default Postfix SMTP client cipher lists are correctly ordered to prefer
EECDH and EDH cipher suites ahead of similar cipher suites that don't implement
forward secrecy. Administrators are strongly discouraged from changing the
cipher list definitions. It is likely safe to set "smtp_tls_ciphers = medium"
if you wish to disable the obsolete "export" and "low" grade ciphers even with
opportunistic TLS. Setting a minimum strength does not change the preference
order. Note that strengths higher than "medium" exclude Exchange 2003 and
likely other widely used MTAs, thus "high" grade ciphers should only be used on
a case-by-case basis via the TLS policy table.
cipher list definitions.
The default minimum cipher grade for opportunistic TLS is "medium" for Postfix
releases after the middle of 2015, "export" for older releases. Changing the
minimum cipher grade does not change the cipher preference order. Note that
cipher grades higher than "medium" exclude Exchange 2003 and likely other MTAs,
thus a "high" cipher grade should be chosen only on a case-by-case basis via
the TLS policy table.
GGeettttiinngg ssttaarrtteedd,, qquuiicckk aanndd ddiirrttyy
EEEECCDDHH CClliieenntt aanndd sseerrvveerr ssuuppppoorrtt ((PPoossttffiixx >>== 22..66 wwiitthh OOppeennSSSSLL >>== 11..00..00))
EEEECCDDHH CClliieenntt ssuuppppoorrtt ((PPoossttffiixx >>== 22..22 wwiitthh OOppeennSSSSLL >>== 11..00..00))
This works "out of the box" without additional configuration.
EEEECCDDHH SSeerrvveerr ssuuppppoorrtt ((PPoossttffiixx >>== 22..66 wwiitthh OOppeennSSSSLL >>== 11..00..00))
With Postfix 2.6 and 2.7, enable elliptic-curve support in the Postfix SMTP
client and server. This is the default with Postfix >= 2.8. Note, however, that
elliptic-curve support may be disabled by the vendor, as in some versions of
RedHat Linux.
server. This is the default with Postfix >= 2.8. Note, however, that elliptic-
curve support may be disabled by the vendor, as in some versions of RedHat
Linux.
/etc/postfix/main.cf:
# Postfix 2.6 or 2.7 only. This is default with Postfix 2.8 and later.
@ -251,7 +262,10 @@ the submission entry in master.cf accordingly:
/etc/postfix/master.cf:
submission inet n - n - - smtpd
# Some submission clients may not yet do 2048-bit EDH, if such
# clients use your MSA, configure 1024-bit EDH instead:
# clients use your MSA, configure 1024-bit EDH instead. However,
# as of mid-2015, many submission clients no longer accept primes
# with less than 2048-bits. Each site needs to determine which
# type of client is more important to support.
-o smtpd_tls_dh1024_param_file=${config_directory}/dh1024.pem
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
@ -402,8 +416,8 @@ peer certificate with expected public-key or certificate fingerprint)
PPoossttffiixx SSMMTTPP sseerrvveerr:: The status is never "Verified", because the Postfix
SMTP server never verifies the remote SMTP client name against the names in
the client certificate, and because the Postfix SMTP does not expect a
specific fingerprint in the client public key or certificate.
the client certificate, and because the Postfix SMTP server does not expect
a specific fingerprint in the client public key or certificate.
CCrreeddiittss

View File

@ -52,14 +52,24 @@ this in the top level of your Postfix source tree should work:
% make tidy
% make makefiles CCARGS="-I/usr/local/include -DHAS_LDAP" \
AUXLIBS="-L/usr/local/lib -lldap -L/usr/local/lib -llber"
AUXLIBS_LDAP="-L/usr/local/lib -lldap -L/usr/local/lib -llber"
Postfix versions before 3.0 use AUXLIBS instead of AUXLIBS_LDAP. With Postfix
3.0 and later, the old AUXLIBS variable still supports building a statically-
loaded LDAP database client, but only the new AUXLIBS_LDAP variable supports
building a dynamically-loaded or statically-loaded LDAP database client.
Failure to use the AUXLIBS_LDAP variable will defeat the purpose of dynamic
database client loading. Every Postfix executable file will have LDAP
database library dependencies. And that was exactly what dynamic database
client loading was meant to avoid.
On Solaris 2.x you may have to specify run-time link information, otherwise
ld.so will not find some of the shared libraries:
% make tidy
% make makefiles CCARGS="-I/usr/local/include -DHAS_LDAP" \
AUXLIBS="-L/usr/local/lib -R/usr/local/lib -lldap \
AUXLIBS_LDAP="-L/usr/local/lib -R/usr/local/lib -lldap \
-L/usr/local/lib -R/usr/local/lib -llber"
The 'make tidy' command is needed only if you have previously built Postfix

View File

@ -28,13 +28,23 @@ Postfix normally does not enable LMDB support. To build Postfix with LMDB
support, use something like:
% make makefiles CCARGS="-DHAS_LMDB -I/usr/local/include" \
AUXLIBS="-L/usr/local/lib -llmdb"
AUXLIBS_LMDB="-L/usr/local/lib -llmdb"
% make
Postfix versions before 3.0 use AUXLIBS instead of AUXLIBS_LMDB. With Postfix
3.0 and later, the old AUXLIBS variable still supports building a statically-
loaded LMDB database client, but only the new AUXLIBS_LMDB variable supports
building a dynamically-loaded or statically-loaded LMDB database client.
Failure to use the AUXLIBS_LMDB variable will defeat the purpose of dynamic
database client loading. Every Postfix executable file will have LMDB
database library dependencies. And that was exactly what dynamic database
client loading was meant to avoid.
Solaris may need this:
% make makefiles CCARGS="-DHAS_LMDB -I/usr/local/include" \
AUXLIBS="-R/usr/local/lib -L/usr/local/lib -llmdb"
AUXLIBS_LMDB="-R/usr/local/lib -L/usr/local/lib -llmdb"
% make
The exact pathnames depend on how LMDB was installed.
@ -47,7 +57,7 @@ When building Postfix fails with:
Add the "-lpthread" library to the "make makefiles" command.
% make makefiles .... AUXLIBS="... -lpthread"
% make makefiles .... AUXLIBS_LMDB="... -lpthread"
CCoonnffiigguurriinngg LLMMDDBB sseettttiinnggss

View File

@ -12,11 +12,9 @@ is queued.
The reason for adding Milter support to Postfix is that there exists a large
collection of applications, not only to block unwanted mail, but also to verify
authenticity (examples: OpenDKIM, DomainKeys Identified Mail (DKIM),
SenderID+SPF and DomainKeys) or to digitally sign mail (examples: OpenDKIM,
DomainKeys Identified Mail (DKIM), DomainKeys). Having yet another Postfix-
specific version of all that software is a poor use of human and system
resources.
authenticity (examples: OpenDKIM and DMARC) or to digitally sign mail (example:
OpenDKIM). Having yet another Postfix-specific version of all that software is
a poor use of human and system resources.
The Milter protocol has evolved over time, and different Postfix versions
implement different feature sets. See the workarounds and limitations sections
@ -89,51 +87,26 @@ deals with C applications only. For these, you need an object library that
implements the Sendmail 8 Milter protocol. Postfix currently does not provide
such a library, but Sendmail does.
* The first option is to use a pre-compiled library. Some systems install the
Sendmail libmilter library by default. With other systems, libmilter may be
provided by a package (called "sendmail-devel" on some Linux systems).
Some systems install the Sendmail libmilter library by default. With other
systems, libmilter may be provided by a package (called "sendmail-devel" on
some Linux systems).
Once libmilter is installed, applications such as OpenDKIM, dkim-milter and
sid-milter build out of the box without requiring any tinkering:
Once libmilter is installed, applications such as OpenDKIM and OpenDMARC build
out of the box without requiring any tinkering:
$ ggzzccaatt ooppeennddkkiimm--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
$ ccdd ooppeennddkkiimm--xx..yy..zz
$ ..//ccoonnffiigguurree ......ooppttiioonnss......
$ mmaakkee
[...lots of output omitted...]
$ mmaakkee iinnssttaallll
$ ggzzccaatt ddkkiimm--mmiilltteerr--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
$ ccdd ddkkiimm--mmiilltteerr--xx..yy..zz
$ mmaakkee
[...lots of output omitted...]
* The other option is to build the libmilter library from Sendmail source
code:
$ ggzzccaatt sseennddmmaaiill--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
$ ccdd sseennddmmaaiill--xx..yy..zz//lliibbmmiilltteerr
$ mmaakkee
[...lots of output omitted...]
After building your own libmilter library, follow the installation
instructions in the Milter application source distribution to specify the
location of the libmilter include files and object library. Typically,
these settings are configured in a file named sid-filter/Makefile.m4 or
similar:
APPENDDEF(`confINCDIRS', `-I/some/where/sendmail-x.y.z/include')
APPENDDEF(`confLIBDIRS', `-L/some/where/sendmail-x.y.z/obj.systemtype/
libmilter')
Then build the Milter application.
$ ggzzccaatt ooppeennddkkiimm--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
$ ccdd ooppeennddkkiimm--xx..yy..zz
$ ..//ccoonnffiigguurree ......ooppttiioonnss......
$ mmaakkee
[...lots of output omitted...]
$ mmaakkee iinnssttaallll
RRuunnnniinngg MMiilltteerr aapppplliiccaattiioonnss
To run a Milter application, see the documentation of the filter for options. A
typical command looks like this:
# //ssoommee//wwhheerree//ddkkiimm--ffiilltteerr --uu uusseerriidd --pp iinneett::ppoorrttnnuummbbeerr@@llooccaallhhoosstt ......ootthheerr
# //ssoommee//wwhheerree//ooppeennddkkiimm --ll --uu uusseerriidd --pp iinneett::ppoorrttnnuummbbeerr@@llooccaallhhoosstt ......ootthheerr
ooppttiioonnss......
Please specify a userid value that isn't used for other applications (not
@ -142,10 +115,9 @@ Please specify a userid value that isn't used for other applications (not
CCoonnffiigguurriinngg PPoossttffiixx
Like Sendmail, Postfix has a lot of configuration options that control how it
talks to Milter applications. With the initial Postfix Milter protocol
implementation, many options are global, that is, they apply to all Milter
applications. Future Postfix versions may support per-Milter timeouts, per-
Milter error handling, etc.
talks to Milter applications. Besides global options that apply to all Milter
applications, Postfix 3.0 and later support per-Milter timeouts, per-Milter
error handling, etc.
Information in this section:
@ -154,7 +126,9 @@ Information in this section:
* Milter error handling
* Milter protocol version
* Milter protocol timeouts
* Different settings for different Milter applications
* Sendmail macro emulation
* What macros will Postfix send to Milters?
SSMMTTPP--OOnnllyy MMiilltteerr aapppplliiccaattiioonnss
@ -164,10 +138,11 @@ mail from authorized SMTP clients. Mail that arrives via the Postfix smtpd(8)
server is not filtered by the non-SMTP filters that are described in the next
section.
NOTE: Do not use the header_checks(5) IGNORE action to remove Postfix's own
Received: message header. This causes problems with mail signing filters.
Instead, keep Postfix's own Received: message header and use the header_checks
(5) REPLACE action to sanitize information.
NOTE for Postfix versions that have a mail_release_date before 20141018: do
not use the header_checks(5) IGNORE action to remove Postfix's own
Received: message header. This causes problems with mail signing filters.
Instead, keep Postfix's own Received: message header and use the
header_checks(5) REPLACE action to sanitize information.
You specify SMTP-only Milter applications (there can be more than one) with the
smtpd_milters parameter. Each Milter application is identified by the name of
@ -247,7 +222,22 @@ must not REJECT or TEMPFAIL simulated RCPT TO commands. When a
non_smtpd_milters application REJECTs or TEMPFAILs a recipient, Postfix will
report a configuration error, and mail will stay in the queue.
None of this is a problem for mail filters that digitally sign mail.
SSiiggnniinngg iinntteerrnnaallllyy--ggeenneerraatteedd bboouunnccee mmeessssaaggeess
Postfix normally does not apply content filters to mail that is generated
internally such as bounces or Postmaster notifications. Filtering internally-
generated bounces would result in loss of mail when a filter rejects a message,
as the resulting double-bounce message would almost certainly also be blocked.
To sign Postfix's own bounce messages, enable filtering of internally-generated
bounces (line 2 below), and don't reject any internally-generated bounces with
non_smtpd_milters, header_checks or body_checks (lines 3-5 below).
1 /etc/postfix/main.cf:
2 internal_mail_filter_classes = bounce
3 non_smtpd_milters = don't reject internally-generated bounces
4 header_checks = don't reject internally-generated bounces
5 body_checks = don't reject internally-generated bounces
MMiilltteerr eerrrroorr hhaannddlliinngg
@ -263,6 +253,9 @@ the message in the "hold" queue, and is available with Postfix 2.6 or later.
# or quarantine (Postfix 2.6 or later).
milter_default_action = tempfail
See "Different settings for different Milter applications" for advanced
configuration options.
MMiilltteerr pprroottooccooll vveerrssiioonn
As Postfix is not built with the Sendmail libmilter library, you may need to
@ -298,6 +291,9 @@ The remedy is to lower the Postfix milter_protocol version number. Postfix 2.8
and later will automatically turn off protocol features that the application's
libmilter library does not expect.
See "Different settings for different Milter applications" for advanced
configuration options.
MMiilltteerr pprroottooccooll ttiimmeeoouuttss
Postfix uses different time limits at different Milter protocol stages. The
@ -319,6 +315,40 @@ lookups. However, if you increase the above timeouts too much, remote SMTP
clients may hang up and mail may be delivered multiple times. This is an
inherent problem with before-queue filtering.
See "Different settings for different Milter applications" for advanced
configuration options.
DDiiffffeerreenntt sseettttiinnggss ffoorr ddiiffffeerreenntt MMiilltteerr aapppplliiccaattiioonnss
The previous sections list a number of Postfix main.cf parameters that control
time limits and other settings for all Postfix Milter clients. This is
sufficient for simple configurations. With more complex configurations it
becomes desirable to have different settings for different Milter clients. This
is supported with Postfix 3.0 and later.
The following example shows a "non-critical" Milter client with a short connect
timeout, and with "accept" as default action when the service is unvailable.
1 /etc/postfix/main.cf:
2 smtpd_milters = { inet:host:port,
3 connect_timeout=10s, default_action=accept }
Instead of a server endpoint, we now have a list enclosed in {}.
* Line 2: The first item in the list is the server endpoint. This supports
the exact same "inet" and "unix" syntax as described earlier.
* Line 3: The remainder of the list contains per-Milter settings. These
settings override global main.cf parameters, and have the same name as
those parameters, without the "milter_" prefix. The per-Milter settings
that are supported as of Postfix 3.0 are command_timeout, connect_timeout,
content_timeout, default_action, and protocol.
Inside the list, syntax is similar to what we already know from main.cf: items
separated by space or comma. There is one difference: yyoouu mmuusstt eenncclloossee aa
sseettttiinngg iinn ppaarreenntthheesseess,, aass iinn ""{{ nnaammee == vvaalluuee }}"",, iiff yyoouu wwaanntt ttoo hhaavvee ssppaaccee oorr
ccoommmmaa wwiitthhiinn aa vvaalluuee oorr aarroouunndd ""=="".
SSeennddmmaaiill mmaaccrroo eemmuullaattiioonn
Postfix emulates a limited number of Sendmail macros, as shown in the table.
@ -409,10 +439,12 @@ Sendmail. See the workarounds section below for solutions.
|v |Always |value of milter_macro_v |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
WWhhaatt mmaaccrrooss wwiillll PPoossttffiixx sseenndd ttoo MMiilltteerrss??
Postfix sends specific sets of macros at different Milter protocol stages. The
sets are configured with the parameters as described in the table (EOH = end of
headers; EOM = end of message). The protocol version is a number that Postfix
sends at the beginning of the Milter protocol handshake.
sets are configured with the parameters as shown in the table below (EOH = end
of headers; EOM = end of message). The protocol version is a number that
Postfix sends at the beginning of the Milter protocol handshake.
As of Sendmail 8.14.0, Milter applications can specify what macros they want to
receive at different Milter protocol stages. An application-specified list
@ -439,6 +471,16 @@ takes precedence over a Postfix-specified list.
|milter_unknown_command_macros|3 or higher |unknown command |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
By default, Postfix will send only macros whose values have been updated with
information from main.cf or master.cf, from an SMTP session (for example; SASL
login, or TLS certificates) or from a Mail delivery transaction (for example;
queue ID, sender, or recipient).
To force a macro to be sent even when its value has not been updated, you may
specify macro default values with the milter_macro_defaults parameter. Specify
zero or more name=value pairs separated by comma or whitespace; you may even
specify macro names that Postfix does know about!
WWoorrkkaarroouunnddss
* To avoid breaking DKIM etc. signatures with an SMTP-based content filter,
@ -552,11 +594,6 @@ the CONTENT_INSPECTION_README document for a discussion.
commands. When this rule is violated, Postfix will report a configuration
error, and mail will stay in the queue.
* Postfix currently does not apply content filters to mail that is forwarded
or aliased internally, or to mail that is generated internally such as
bounces or Postmaster notifications. This may be a problem when you want to
apply a signing Milter to such mail.
* When you use the before-queue content filter for incoming SMTP mail (see
SMTPD_PROXY_README), Milter applications have access only to the SMTP
command information; they have no access to the message header or body, and

View File

@ -33,17 +33,27 @@ obtained from:
In order to build Postfix with mysql map support, you will need to add -
DHAS_MYSQL and -I for the directory containing the mysql headers, and the
mysqlclient library (and libm) to AUXLIBS, for example:
mysqlclient library (and libm) to AUXLIBS_MYSQL, for example:
make -f Makefile.init makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include' \
'AUXLIBS=-L/usr/local/mysql/lib -lmysqlclient -lz -lm'
'AUXLIBS_MYSQL=-L/usr/local/mysql/lib -lmysqlclient -lz -lm'
Postfix versions before 3.0 use AUXLIBS instead of AUXLIBS_MYSQL. With Postfix
3.0 and later, the old AUXLIBS variable still supports building a statically-
loaded MySQL database client, but only the new AUXLIBS_MYSQL variable supports
building a dynamically-loaded or statically-loaded MySQL database client.
Failure to use the AUXLIBS_MYSQL variable will defeat the purpose of
dynamic database client loading. Every Postfix executable file will have
MYSQL database library dependencies. And that was exactly what dynamic
database client loading was meant to avoid.
On Solaris, use this instead:
make -f Makefile.init makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include' \
'AUXLIBS=-L/usr/local/mysql/lib -R/usr/local/mysql/lib \
'AUXLIBS_MYSQL=-L/usr/local/mysql/lib -R/usr/local/mysql/lib \
-lmysqlclient -lz -lm'
Then, just run 'make'. This requires libz, the compression library. Older mysql
@ -84,8 +94,20 @@ where_field = alias
# Don't forget the leading "AND"!
additional_conditions = AND status = 'paid'
# This is necessary to make UTF8 queries work for Postfix 2.11 .. 3.1,
# and is the default setting as of Postfix 3.2,
option_group = client
AAddddiittiioonnaall nnootteess
Postfix 3.2 and later read [[cclliieenntt]] option group settings by default. To
disable this, specify no ooppttiioonn__ffiillee and specify "ooppttiioonn__ggrroouupp ==" (i.e. an
empty value).
Postfix 3.1 and earlier don't read [[cclliieenntt]] option group settings unless a non-
empty ooppttiioonn__ffiillee or ooppttiioonn__ggrroouupp value are specified. To enable this, specify,
for example "ooppttiioonn__ggrroouupp == cclliieenntt".
The MySQL configuration interface setup allows for multiple mysql databases:
you can use one for a virtual table, one for an access table, and one for an
aliases table if you want.

View File

@ -57,6 +57,12 @@ installation parameters on the command line:
With Postfix versions before 2.2 you must invoke the post-install script
directly (% sshh ppoosstt--iinnssttaallll --nnoonn--iinntteerraaccttiivvee iinnssttaallll__rroooott......).
With Postfix 3.0 and later, the command "make package name=value ..." will
replace the string MAIL_VERSION in a configuration parameter value with the
Postfix release version. Do not try to specify something like $mail_version on
this command line. This produces inconsistent results with different versions
of the make(1) command.
BBeeggiinn SSeeccuurriittyy AAlleerrtt
WWhheenn bbuuiillddiinngg aann aarrcchhiivvee ffoorr ddiissttrriibbuuttiioonn,, bbee ssuurree ttoo aarrcchhiivvee oonnllyy ffiilleess aanndd

View File

@ -35,18 +35,22 @@ which can be obtained from:
NOTE: pcre versions prior to 2.06 cannot be used.
In order to build Postfix with PCRE support you need to add -DHAS_PCRE and a -
I for the PCRE include file to CCARGS, and add the path to the PCRE library to
AUXLIBS, for example:
I option for the PCRE include file to CCARGS, and add the path to the PCRE
library to AUXLIBS_PCRE, for example:
make -f Makefile.init makefiles \
"CCARGS=-DHAS_PCRE -I/usr/local/include" \
"AUXLIBS=-L/usr/local/lib -lpcre"
"CCARGS=-DHAS_PCRE `pcre-config --cflags`" \
"AUXLIBS_PCRE=`pcre-config --libs`"
Solaris needs run-time path information too:
Postfix versions before 3.0 use AUXLIBS instead of AUXLIBS_PCRE. With Postfix
3.0 and later, the old AUXLIBS variable still supports building a statically-
loaded PCRE database client, but only the new AUXLIBS_PCRE variable supports
building a dynamically-loaded or statically-loaded PCRE database client.
make -f Makefile.init makefiles \
"CCARGS=-DHAS_PCRE -I/usr/local/include" \
"AUXLIBS=-L/usr/local/lib -R/usr/local/lib -lpcre"
Failure to use the AUXLIBS_PCRE variable will defeat the purpose of dynamic
database client loading. Every Postfix executable file will have PCRE
library dependencies. And that was exactly what dynamic database client
loading was meant to avoid.
TThhiinnggss ttoo kknnooww

View File

@ -34,7 +34,18 @@ For example:
% make tidy
% make -f Makefile.init makefiles \
'CCARGS=-DHAS_PGSQL -I/usr/local/include/pgsql' \
'AUXLIBS=-L/usr/local/lib -lpq'
'AUXLIBS_PGSQL=-L/usr/local/lib -lpq'
Postfix versions before 3.0 use AUXLIBS instead of AUXLIBS_PGSQL. With Postfix
3.0 and later, the old AUXLIBS variable still supports building a statically-
loaded PostgreSQL database client, but only the new AUXLIBS_PGSQL variable
supports building a dynamically-loaded or statically-loaded PostgreSQL database
client.
Failure to use the AUXLIBS_PGSQL variable will defeat the purpose of
dynamic database client loading. Every Postfix executable file will have
PGSQL database library dependencies. And that was exactly what dynamic
database client loading was meant to avoid.
Then just run 'make'.

View File

@ -622,8 +622,8 @@ mail:
postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply
/etc/postfix/dnsbl_reply:
# Secret DNSBL name Name in postscreen(8) replies
secret.zen.spamhaus.org zen.spamhaus.org
# Secret DNSBL name Name in postscreen(8) replies
secret.zen.dq.spamhaus.net zen.spamhaus.org
The texthash: format is similar to hash: except that there is no need to
run postmap(1) before the file can be used, and that it does not detect
@ -704,14 +704,17 @@ more of:
disconnect.
When the good client comes back in a later session, it is allowed to talk
directly to a Postfix SMTP server. See "after_220 Tests after the 220 SMTP
server greeting above for limitations with AUTH and other features that
clients may need.
directly to a Postfix SMTP server. See "Tests after the 220 SMTP server
greeting" above for limitations with AUTH and other features that clients
may need.
An unexpected benefit from "deep protocol tests" is that some "good"
clients don't return after the 4XX reply; these clients were not so good
after all. Wietse enables "deep protocol tests" on his own internet-facing
mail server.
after all.
Unfortunately, some senders will retry requests from different IP
addresses, and may never get whitelisted. For this reason, Wietse stopped
using "deep protocol tests" on his own internet-facing mail server.
* There is also support for permanent blacklisting and whitelisting; see the
description of the postscreen_access_list parameter for details.

View File

@ -1,26 +1,161 @@
The stable Postfix release is called postfix-2.11.x where 2=major
release number, 11=minor release number, x=patchlevel. The stable
This is the Postfix 3.1 (stable) release.
The stable Postfix release is called postfix-3.1.x where 3=major
release number, 1=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
New features are developed in snapshot releases. These are called
postfix-2.12-yyyymmdd where yyyymmdd is the release date (yyyy=year,
postfix-3.2-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). Patches are never issued for snapshot releases;
instead, a new snapshot is released.
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
If you upgrade from Postfix 2.9 or earlier, read RELEASE_NOTES-2.10
If you upgrade from Postfix 2.11 or earlier, read RELEASE_NOTES-3.0
before proceeding.
Incompatible change with Postfix 2.11.6
---------------------------------------
Workaround - UTF8 support in Postfix MySQL queries
--------------------------------------------------
As of the middle of 2015, all supported Postfix releases no longer
enable "export" grade ciphers for opportunistic TLS, and no longer
use the deprecated SSLv2 and SSLv3 protocols for mandatory or
opportunistic TLS.
Someone reported false "not found" errors with MySQL map queries
that contain UTF8-encoded text. To avoid such errors, specify
"option_group = client" in Postfix MySQL configuration files. This
will be the default setting with Postfix 3.2 and later.
Major changes - address verification safety
-------------------------------------------
[Feature 20151227] The new address_verify_pending_request_limit
parameter introduces a safety limit for the number of address
verification probes in the active queue. The default limit is 1/4
of the active queue maximum size. The queue manager enforces the
limit by tempfailing probe messages that exceed the limit. This
design avoids dependencies on global counters that get out of sync
after a process or system crash.
Tempfailing verify requests is not as bad as one might think. The
Postfix verify cache proactively updates active addresses weeks
before they expire. The address_verify_pending_request_limit affects
only unknown addresses, and inactive addresses that have expired
from the address verify cache (by default, after 31 days).
Major changes - json support
----------------------------
[Feature 20151129] Machine-readable, JSON-formatted queue listing
with "postqueue -j" (no "mailq" equivalent). The output is a stream
of JSON objects, one per queue file. To simplify parsing, each
JSON object is formatted as one text line followed by one newline
character. See the postqueue(1) manpage for a detailed description
of the output format.
Major changes - milter support
------------------------------
[Feature 20150523] The milter_macro_defaults feature provides an
optional list of macro name=value pairs. These specify default
values for Milter macros when no value is available from the SMTP
session context.
For example, with "milter_macro_defaults = auth_type=TLS", the
Postfix SMTP server will send an auth_type of "TLS" to a Milter,
unless the remote client authenticates with SASL.
This feature was originally implemented for a submission service
that may authenticate clients with a TLS certificate, without having
to make changes to the code that implements TLS support.
Major changes - output rate control
-----------------------------------
[Feature 20150710] Destination-independent delivery rate delay
Support to enforce a destination-independent delay between email
deliveries. The following example inserts 20 seconds of delay
between all deliveries with the SMTP transport, limiting the delivery
rate to at most three messages per minute.
/etc/postfix/main.cf:
smtp_transport_rate_delay = 20s
For details, see the description of default_transport_rate_delay
and transport_transport_rate_delay in the postconf(5) manpage.
Major changes - postscreen dnsbl
--------------------------------
[Feature 20150710] postscreen support for the TTL of DNSBL and DNSWL
lookup results
Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
that a "not found" result from a DNSBL server will be valid for one
hour. This may have been adequate five years ago when postscreen
was first implemented, but nowadays, that one hour can result in
missed opportunities to block new spambots.
To address this, postscreen now respects the TTL of DNSBL "not
found" replies, as well as the TTL of DNSWL replies (both "found"
and "not found"). The TTL for a "not found" reply is determined
according to RFC 2308 (the TTL of an SOA record in the reply).
Support for DNSBL or DNSWL reply TTL values is controlled by two
configuration parameters:
postscreen_dnsbl_min_ttl (default: 60 seconds).
This parameter specifies a minimum for the amount of time that
a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
This prevents an excessive number of postscreen cache updates
when a DNSBL or DNSWL server specifies a very small reply TTL.
postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour)
This parameter specifies a maximum for the amount of time that
a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
This prevents cache pollution when a DNSBL or DNSWL server
specifies a very large reply TTL.
The postscreen_dnsbl_ttl parameter is now obsolete, and has become
the default value for the new postscreen_dnsbl_max_ttl parameter.
Major changes - sasl auth safety
--------------------------------
[Feature 20151031] New "smtpd_client_auth_rate_limit" feature, to
enforce an optional rate limit on AUTH commands per SMTP client IP
address. Similar to other smtpd_client_*_rate_limit features, this
enforces a limit on the number of requests per $anvil_rate_time_unit.
Major changes - smtpd policy
----------------------------
[Feature 20150913] New SMTPD policy service attribute "policy_context",
with a corresponding "smtpd_policy_service_policy_context" configuration
parameter. Originally, this was implemented to share the same SMTPD
policy service endpoint among multiple check_policy_service clients.
Major changes - tls
-------------------
[Feature 20160207] A new "postfix tls" command to quickly enable
opportunistic TLS in the Postfix SMTP client or server, and to
manage SMTP server keys and certificates, including certificate
signing requests and TLSA DNS records for DANE. See the postfix-tls(1)
manpage for a detailed description.
[Feature 20160103] The Postfix SMTP client by default enables DANE
policies when an MX host has a (DNSSEC) secure TLSA DNS record,
even if the MX DNS record was obtained with insecure lookups. The
existence of a secure TLSA record implies that the host wants to
talk TLS and not plaintext. For details see the
smtp_tls_dane_insecure_mx_policy configuration parameter.
[Incompat 20150721] As of the middle of 2015, all supported Postfix
releases no longer enable "export" grade ciphers for opportunistic
TLS, and no longer use the deprecated SSLv2 and SSLv3 protocols for
mandatory or opportunistic TLS.
These changes are very unlikely to cause problems with server-to-server
communication over the Internet, but they may result in interoperability
@ -48,267 +183,12 @@ selective, use "-o name=value" parameter overrides on specific
services in master.cf. Execute the command "postfix reload" to make
the changes effective.
Major changes - tls
-------------------
[Incompat 20150719] The default Diffie-Hellman non-export prime was
updated from 1024 to 2048 bits, because SMTP clients are starting
to reject TLS handshakes with primes smaller than 2048 bits.
[Documentation 20131218] The new FORWARD_SECRECY_README document
conveniently presents all information about Postfix "perfect" forward
secrecy support in one place: what forward secrecy is, how to tweak
settings, and what you can expect to see when Postfix uses ciphers
with forward secrecy.
Historically, this prime size is not negotiable, and each site needs
to determine which prime size works best for the majority of its
clients. See FORWARD_SECRECY_README for some hints in the quick-start
section.
[Feature 20130602] Support for PKI-less TLS server certificate
verification, where the CA public key or the server certificate is
identified via DNSSEC lookup.
This feature introduces new TLS security levels called "dane" and
"dane-only" (DNS-based Authentication of Named Entities) that use
DNSSEC to look up CA or server certificate information. The details
of DANE core protocols are still evolving, as are the details of
how DANE should be used in the context of SMTP. Postfix implements
what appears to be a "rational" subset of the DANE profiles that
is suitable for SMTP.
The problem with conventional PKI is that there are literally
hundreds of organizations world-wide that can provide a certificate
in anyone's name. There have been widely-published incidents in
recent history where a certificate authority gave out an inappropriate
certificate (e.g., a certificate in the name of Microsoft to someone
who did not represent Microsoft), where a CA was compromised (e.g.,
DigiNotar, Comodo), or where a CA made operational mistakes (e.g.,
TURKTRUST). Another concern is that a legitimate CA might be coerced
to provide a certificate that allows its government to play
man-in-the-middle on TLS traffic and observe the plaintext.
Major changes - LMDB database support
-------------------------------------
LMDB is a memory-mapped database that was originally developed as
part of OpenLDAP. The Postfix LMDB driver was originally contributed
by Howard Chu, LMDB's creator.
LMDB can be used for all Postfix lookup tables and caches. It is
the first persistent Postfix database that can be shared among
multiple writers such as postscreen daemons (Postfix already supported
shared non-persistent memcached caches). See lmdb_table(5) and
LMDB_README for further information, including how to access Postfix
LMDB databases with non-Postfix programs.
Postfix currently requires LMDB version 0.9.11 or later. The minimum
version may change over time in the light of deployment experience.
Major changes - postscreen whitelisting
---------------------------------------
[Feature 20130512] Allow a remote SMTP client to skip postscreen(8)
tests based on its postscreen_dnsbl_sites score.
Specify a negative "postscreen_dnsbl_whitelist_threshold" value to
enable this feature. When a client passes the threshold value
without having failed other tests, all pending or disabled tests
are flagged as completed.
This feature can mitigate the email delays due to "after 220 greeting"
protocol tests, which otherwise require that a client reconnects
before it can deliver mail. Some providers such as Google don't
retry from the same IP address. This can result in large email
delivery delays.
Major changes - recipient_delimiter
-----------------------------------
[Feature 20130405] The recipient_delimiter parameter can now specify
a set of characters. A user name is now separated from its address
extension by the first character that matches the recipient_delimiter
set.
For example, specify "recipient_delimiter = +-" to support both the
Postfix-style "+" and the qmail-style "-" extension delimiter.
As before, this implementation recognizes one delimiter character
per email address, and one address extension per email address.
Major changes - smtpd access control
------------------------------------
[Feature 20131031] The check_sasl_access feature can be used to
block hijacked logins. Like other check_mumble_access features it
queries a lookup table (in this case with the SASL login name), and
it supports the same actions as any Postfix access(5) table.
[Feature 20130924] The reject_known_sender_login_mismatch feature
applies reject_sender_login_mismatch only to MAIL FROM addresses
that are known in $smtpd_sender_login_maps.
Major changes - MacOS X
-----------------------
[Feature 20130325] Full support for kqueue() event handling which
scales better with large numbers of file handles, plus a workaround
for timeout handling on file handles (such as /dev/urandom) that
still do not correctly support poll().
Major changes - master
----------------------
[Incompat 20131217] The master_service_disable parameter value
syntax has changed: use "service/type" instead of "service.type".
The new form is consistent with postconf(1) namespaces for master.cf.
The old form is still supported to avoid breaking existing
configurations.
Major changes - milter
----------------------
[Feature 20131126] Support for ESMTP parameters "NOTIFY" and "ORCPT"
in the SMFIR_ADDRCPT_PAR (add recipient with parameters) request.
Credits: Andrew Ayer.
Major changes - mysql
---------------------
[Feature 20131117] MySQL client support for option_file, option_group,
tls_cert_file, tls_key_file, tls_CAfile, tls_CApath, tls_verify_cert.
Credits: Gareth Palmer.
Major changes - postconf
------------------------
[Feature 20131217] Support for advanced master.cf query and update
operations. This was implemented primarily to support automated
system management tools.
The goal is to make all Postfix master.cf details accessible as
lists of "name=value" pairs, where the names are organized into
structured name spaces. This allows other programs to query
information or request updates, without having to worry about the
exact layout of master.cf files.
Managing master.cf service attributes
-------------------------------------
First, an example that shows the smtp/inet service in the traditional
form:
$ postconf -M smtp/inet
smtp inet n - n - - smtpd
Different variants of this command show different amounts of output.
For example, "postconf -M smtp" enumerates all services that have
a name "smtp" and any service type ("inet", "unix", etc.), and
"postconf -M" enumerates all master.cf services.
General rule: each name component that is not present becomes a "*"
wildcard.
Coming back to the above example, the postconf -F option can now
enumerate the smtp/inet service fields as follows:
$ postconf -F smtp/inet
smtp/inet/service = smtp
smtp/inet/type = inet
smtp/inet/private = n
smtp/inet/unprivileged = -
smtp/inet/chroot = n
smtp/inet/wakeup = -
smtp/inet/process_limit = -
smtp/inet/command = smtpd
This form makes it very easy to change one field in master.cf.
For example to turn on chroot on the smtp/inet service you use:
$ postconf -F smtp/inet/chroot=y
$ postfix reload
Moreover, with "-F" you can specify "*" for service name or service
type to get a wild-card match. For example, to turn off chroot on
all Postfix daemons, use this:
$ postconf -F '*/*/chroot=n'
$ postfix reload
Managing master.cf service "-o parameter=value" settings
--------------------------------------------------------
For a second example, let's look at the submission service. This
service typically has multiple "-o parameter=value" overrides. First
the traditional view:
$ postconf -Mf submission
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
...
The postconf -P option can now enumerate these parameters as follows:
$ postconf -P submission
submission/inet/smtpd_sasl_auth_enable = yes
submission/inet/smtpd_tls_security_level = encrypt
...
Again, this form makes it very easy to modify one parameter
setting. For example, to change the smtpd_tls_security_level setting
for the submission/inet service:
$ postconf -P 'submission/inet/smtpd_tls_security_level=may'
You can create or remove a parametername=parametervalue setting:
Create:
$ postconf -P 'submission/inet/parametername=parametervalue'
Remove:
$ postconf -PX submission/inet/parametername
Finally, always execute "postfix reload" after updating master.cf.
Managing master.cf service entries
----------------------------------
Finally, adding master.cf entries is possible, but currently this
does not yet have "advanced" support. It can only be done at the
level of the traditional master.cf file format.
Suppose that you need to configure a Postfix SMTP client that will
handle slow email deliveries. To implement this you need to clone
the smtp/unix service settings and create a new delay/unix service.
First, you would enumerate the smtp/unix service like this:
$ postconf -M smtp/unix
smtp unix - - n - - smtp
Then you would copy those fields (except the first field) by hand
to create the delay/unix service:
$ postconf -M delay/unix="delay unix - - n - - smtp"
To combine the above steps in one command:
$ postconf -M delay/unix="`postconf -M smtp/unix|awk '{$1 = "delay"}'`"
This is perhaps not super-convenient for manual cloning, but it
should be sufficient for programmatic configuration management.
Again, always execute "postfix reload" after updating master.cf.
Deleting or commenting out master.cf entries
--------------------------------------------
The -X (delete entry) and -# (comment out entry) options already
exist for main.cf, and they now also work work for entire master.cf
entries:
Remove main.cf or master.cf entry:
$ postconf -X parametername
$ postconf -MX delay/unix
Comment out main.cf or master.cf entry:
$ postconf -# parametername
$ postconf -M# delay/unix
As with main.cf, there is no support to "undo" master.cf changes
that are made with -X or -#.
Again, always execute "postfix reload" after updating master.cf.

View File

@ -975,12 +975,12 @@ authentication information:
The mmmmeennccooddee command is part of the metamail software.
* Using Perl MMIIMMEE::::BBaassee6644:
* Using Perl MMIIMMEE::::BBaassee6644 (from http://www.cpan.org/):
% ppeerrll --MMMMIIMMEE::::BBaassee6644 --ee \\
''pprriinntt eennccooddee__bbaassee6644((""\\00uusseerrnnaammee\\00ppaasssswwoorrdd""));;''
MIME::Base64 is available from http://www.cpan.org/.
If the username or password contain "@", you must specify "\@".
* Using the ggeenn--aauutthh script:
@ -1029,6 +1029,8 @@ username/password information.
/etc/postfix/main.cf:
smtp_sasl_auth_enable = yes
smtp_tls_security_level = encrypt
smtp_sasl_tls_security_options = noanonymous
relayhost = [mail.isp.example]
# Alternative form:
# relayhost = [mail.isp.example]:submission
@ -1038,6 +1040,10 @@ username/password information.
will configure the client's username and password information in the second
part of the example.
* The smtp_tls_security_level setting ensures that the connection to the
remote smtp server will be encrypted, and smtp_sasl_tls_security_options
removes the prohibition on plaintext passwords.
* The relayhost setting forces the Postfix SMTP to send all remote messages
to the specified mail server instead of trying to deliver them directly to
their destination.
@ -1114,7 +1120,7 @@ final resort.
/etc/postfix/sasl_passwd:
# Per-sender authentication; see also /etc/postfix/sender_relay.
user1@example.com username2:password2
user1@example.com username1:password1
user2@example.net username2:password2
# Login information for the default relayhost.
[mail.isp.example] username:password

View File

@ -146,6 +146,7 @@ Examples of simple restriction lists are:
# (available with Postfix 2.10 and later).
reject_unauth_destination
reject_rbl_client zen.spamhaus.org,
reject_rhsbl_reverse_client dbl.spamhaus.org,
reject_rhsbl_helo dbl.spamhaus.org,
reject_rhsbl_sender dbl.spamhaus.org
@ -156,7 +157,7 @@ Examples of simple restriction lists are:
smtpd_end_of_data_restrictions = check_policy_service unix:private/policy
Each restriction list is evaluated from left to right until some restriction
produces a result of PERMIT, REJECT or DEFER (try again later). The end of the
produces a result of PERMIT, REJECT or DEFER (try again later). The end of each
list is equivalent to a PERMIT result. By placing a PERMIT restriction before a
REJECT restriction you can make exceptions for specific clients or users. This
is called whitelisting; the fourth example above allows mail from local

View File

@ -26,7 +26,8 @@ incoming SMTP connections.
This document covers the following topics:
* Policy protocol description
* Policy client/server configuration
* Simple policy client/server configuration
* Advanced policy client configuration
* Example: greylist policy server
* Greylisting mail from frequently forged domains
* Greylisting all your mail
@ -73,6 +74,10 @@ a delegated SMTPD access policy request:
stress=
PPoossttffiixx vveerrssiioonn 22..99 aanndd llaatteerr::
ccert_pubkey_fingerprint=68:B3:29:DA:98:93:E3:40:99:C7:D8:AD:5C:B9:C9:40
PPoossttffiixx vveerrssiioonn 33..00 aanndd llaatteerr::
client_port=1234
PPoossttffiixx vveerrssiioonn 33..11 aanndd llaatteerr::
policy_context=submission
[empty line]
Notes:
@ -142,6 +147,9 @@ Notes:
* The "stress" attribute is either empty or "yes". See the STRESS_README
document for further information.
* The "policy_context" attribute provides a way to pass information that is
not available via other attributes (Postfix version 3.1 and later).
The following is specific to SMTPD delegated policy requests:
* Protocol names are ESMTP or SMTP.
@ -164,7 +172,7 @@ In case of trouble the policy server must not send a reply. Instead the server
must log a warning and disconnect. Postfix will retry the request at some later
time.
PPoolliiccyy cclliieenntt//sseerrvveerr ccoonnffiigguurraattiioonn
SSiimmppllee ppoolliiccyy cclliieenntt//sseerrvveerr ccoonnffiigguurraattiioonn
The Postfix delegated policy client can connect to a TCP socket or to a UNIX-
domain socket. Examples:
@ -194,6 +202,7 @@ use something like this:
9 check_policy_service unix:private/policy
10 ...
11 policy_time_limit = 3600
12 # smtpd_policy_service_request_limit = 1
NOTES:
@ -225,6 +234,9 @@ NOTES:
(in the above example, "policy") and a built-in suffix (in the above
example: "_time_limit").
* Line 12: specify smtpd_policy_service_request_limit to avoid error-recovery
delays with policy servers that cannot maintain a persistent connection.
* With Solaris < 9, or Postfix < 2.10 on any Solaris version, use TCP sockets
instead of UNIX-domain sockets:
@ -239,9 +251,14 @@ NOTES:
9 check_policy_service inet:127.0.0.1:9998
10 ...
11 127.0.0.1:9998_time_limit = 3600
12 # smtpd_policy_service_request_limit = 1
Other configuration parameters that control the client side of the policy
delegation protocol:
Configuration parameters that control the client side of the policy delegation
protocol:
* smtpd_policy_service_default_action (default: 451 4.3.5 Server
configuration problem): The default action when an SMTPD policy service
request fails. Available with Postfix 3.0 and later.
* smtpd_policy_service_max_idle (default: 300s): The amount of time before
the Postfix SMTP server closes an unused policy client connection.
@ -249,9 +266,82 @@ delegation protocol:
* smtpd_policy_service_max_ttl (default: 1000s): The amount of time before
the Postfix SMTP server closes an active policy client connection.
* smtpd_policy_service_request_limit (default: 0): The maximal number of
requests per policy connection, or zero (no limit). Available with Postfix
3.0 and later.
* smtpd_policy_service_timeout (default: 100s): The time limit to connect to,
send to or receive from a policy server.
* smtpd_policy_service_try_limit (default: 2): The maximal number of attempts
to send an SMTPD policy service request before giving up. Available with
Postfix 3.0 and later.
* smtpd_policy_service_retry_delay (default: 1s): The delay between attempts
to resend a failed SMTPD policy service request. Available with Postfix 3.0
and later.
* smtpd_policy_service_policy_context (default: empty): Optional information
that is passed in the "policy_context" attribute of an SMTPD policy service
request (originally, to share the same SMTPD service endpoint among
multiple check_policy_service clients). Available with Postfix 3.1 and
later.
Configuration parameters that control the server side of the policy delegation
protocol:
* transport_time_limit ($command_time_limit): The maximal amount of time the
policy daemon is allowed to run before it is terminated. The transport is
the service name of the master.cf entry for the policy daemon service. In
the above examples, the service name is "policy" or "127.0.0.1:9998".
AAddvvaanncceedd ppoolliiccyy cclliieenntt ccoonnffiigguurraattiioonn
The previous section lists a number of Postfix main.cf parameters that control
time limits and other settings for all policy clients. This is sufficient for
simple configurations. With more complex configurations it becomes desirable to
have different settings per policy client. This is supported with Postfix 3.0
and later.
The following example shows a "non-critical" policy service with a short
timeout, and with "DUNNO" as default action when the service is unvailable. The
"DUNNO" action causes Postfix to ignore the result.
1 /etc/postfix/main.cf:
2 smtpd_recipient_restrictions =
3 ...
4 reject_unauth_destination
5 check_policy_service { inet:host:port,
6 timeout=10s, default_action=DUNNO }
8 ...
Instead of a server endpoint, we now have a list enclosed in {}.
* Line 5: The first item in the list is the server endpoint. This supports
the exact same "inet" and "unix" syntax as described earlier.
* Line 6: The remainder of the list contains per-client settings. These
settings override global main.cf parameters, and have the same name as
those parameters, without the "smtpd_policy_service_" prefix.
Inside the list, syntax is similar to what we already know from main.cf: items
separated by space or comma. There is one difference: yyoouu mmuusstt eenncclloossee aa
sseettttiinngg iinn ppaarreenntthheesseess,, aass iinn ""{{ nnaammee == vvaalluuee }}"",, iiff yyoouu wwaanntt ttoo hhaavvee ssppaaccee oorr
ccoommmmaa wwiitthhiinn aa vvaalluuee oorr aarroouunndd ""=="". This comes in handy when different policy
servers require different default actions with different SMTP status codes or
text:
1 /etc/postfix/main.cf:
2 smtpd_recipient_restrictions =
3 ...
4 reject_unauth_destination
5 check_policy_service {
6 inet:host:port1,
7 { default_action = 451 4.3.5 See http://www.example.com/
support1 }
8 }
9 ...
EExxaammppllee:: ggrreeyylliisstt ppoolliiccyy sseerrvveerr
Greylisting is a defense against junk email that is described at http://
@ -307,6 +397,7 @@ socket that is accessible by Postfix processes only:
9 reject_unauth_destination
10 check_policy_service unix:private/greylist
11 ...
12 # smtpd_policy_service_request_limit = 1
Notes:
@ -338,6 +429,9 @@ Notes:
service name (in the above example, "greylist") and a built-in suffix
(in the above example: "_time_limit").
* Line 12: specify smtpd_policy_service_request_limit to avoid error-recovery
delays with policy servers that cannot maintain a persistent connection.
With Solaris < 9, or Postfix < 2.10 on any Solaris version, use inet: style
sockets instead of unix: style, as detailed in the "Policy client/server
configuration" section above.
@ -353,6 +447,7 @@ configuration" section above.
9 reject_unauth_destination
10 check_policy_service inet:127.0.0.1:9998
11 ...
12 # smtpd_policy_service_request_limit = 1
GGrreeyylliissttiinngg mmaaiill ffrroomm ffrreeqquueennttllyy ffoorrggeedd ddoommaaiinnss

View File

@ -102,8 +102,8 @@ From then on mail is processed as usual.
The content filter itself is not described here. You can use any filter that is
SMTP enabled. For non-SMTP capable content filtering software, Bennett Todd's
SMTP proxy implements a nice PERL/SMTP content filtering framework. See: http:/
/bent.latency.net/smtpprox/.
SMTP proxy implements a nice Perl-based framework. See: http://
bent.latency.net/smtpprox/ or https://github.com/jnorell/smtpprox.
Postfix
Postfix filter on SMTP server Postfix Postfix

View File

@ -0,0 +1,268 @@
PPoossttffiixx SSMMTTPPUUTTFF88 ssuuppppoorrtt
-------------------------------------------------------------------------------
OOvveerrvviieeww
This document describes Postfix support for Email Address Internationalization
(EAI) as defined in RFC 6531 (SMTPUTF8 extension), RFC 6532 (Internationalized
email headers) and RFC 6533 (Internationalized delivery status notifications).
Introduced with Postfix version 3.0, this fully supports UTF-8 email addresses
and UTF-8 message header values.
Topics covered in this document:
* Building with/without SMTPUTF8 support
* Enabling Postfix SMTPUTF8 support
* Using Postfix SMTPUTF8 support
* SMTPUTF8 autodetection
* Limitations of the current implementation
* Compatibility with pre-SMTPUTF8 environments
* Credits
BBuuiillddiinngg PPoossttffiixx wwiitthh//wwiitthhoouutt SSMMTTPPUUTTFF88 ssuuppppoorrtt
Postfix will build with SMTPUTF8 support if the ICU library and header files
are installed on the system. The package name varies with the OS distribution
(and version). The table shows package names for a number of platforms at the
time this text was written.
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
|OOSS DDiissttrriibbuuttiioonn |PPaacckkaaggee |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ |
|FreeBSD, NetBSD, etc.|icu |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ |
|Centos, Fedora, RHEL |libicu-devel|
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ |
|Debian, Ubuntu |libicu-dev |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ |
To force Postfix to build without SMTPUTF8, specify:
$ mmaakkee mmaakkeeffiilleess CCCCAARRGGSS==""--DDNNOO__EEAAII ......""
See the INSTALL document for more "make makefiles" options.
EEnnaabblliinngg PPoossttffiixx SSMMTTPPUUTTFF88 ssuuppppoorrtt
There is more to SMTPUTF8 than just Postfix itself. The rest of your email
infrastructure also needs to be able to handle UTF-8 email addresses and
message header values. This includes SMTPUTF8 protocol support in SMTP-based
content filters (Amavisd), LMTP servers (Dovecot), and down-stream SMTP
servers.
Postfix SMTPUTF8 support is enabled by default, but it may be disabled as part
of a backwards-compatibility safety net (see the COMPATIBILITY_README file).
SMTPUTF8 support is enabled by setting the smtputf8_enable parameter in
main.cf:
# ppoossttccoonnff ""ssmmttppuuttff88__eennaabbllee == yyeess""
# ppoossttffiixx rreellooaadd
With SMTPUTF8 support enabled, Postfix changes behavior with respect to earlier
Postfix releases:
* UTF-8 is permitted in the myorigin parameter value. However, the myhostname
and mydomain parameters must currently specify ASCII-only domain names.
This limitation may be removed later.
* UTF-8 is the only form of non-ASCII text that Postfix supports in access
tables, address rewriting tables, and other tables that are indexed with an
email address, hostname, or domain name.
* The header_checks-like and body_checks-like features are not UTF-8 enabled,
and therefore they do not enforce UTF-8 syntax rules on inputs and outputs.
The reason is that non-ASCII text may be sent in encodings other than UTF-
8, and that real email sometimes contains malformed headers. Instead of
skipping non-UTF-8 content, Postfix should be able to filter it. You may
try to enable UTF-8 processing by starting a PCRE pattern with the sequence
(*UTF8), but this is will result in "message not accepted, try again later"
errors when the PCRE pattern matcher encounters non-UTF-8 input. Other
features that are not UTF-8 enabled are smtpd_command_filter,
smtp_reply_filter, the *_delivery_status_filter features, and the
*_dns_reply_filter features (the latter because DNS is by definition an
ASCII protocol).
* The Postfix SMTP server announces SMTPUTF8 support in the EHLO response.
220 server.example.com ESMTP Postfix
EEHHLLOO cclliieenntt..eexxaammppllee..ccoomm
250-server.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
* The Postfix SMTP server accepts the SMTPUTF8 request in MAIL FROM and VRFY
commands.
MMAAIILL FFRROOMM::<<aaddddrreessss>> SSMMTTPPUUTTFF88 ......
VVRRFFYY aaddddrreessss SSMMTTPPUUTTFF88
* The Postfix SMTP client may issue the SMTPUTF8 request in MAIL FROM
commands.
* The Postfix SMTP server accepts UTF-8 in email address domains, but only
after the remote SMTP client issues the SMTPUTF8 request in MAIL FROM or
VRFY commands.
Postfix already permitted UTF-8 in message header values and in address
localparts. This does not change.
UUssiinngg PPoossttffiixx SSMMTTPPUUTTFF88 ssuuppppoorrtt
After Postfix SMTPUTF8 support is turned on, Postfix behavior will depend on 1)
whether a remote SMTP client requests SMTPUTF8 support, 2) the presence of UTF-
8 content in the message envelope and headers, and 3) whether a down-stream
SMTP (or LMTP) server announces SMTPUTF8 support.
* When the Postfix SMTP server receives a message WITHOUT the SMTPUTF8
request, Postfix handles the message as it has always done (at least that
is the default, see autodetection below). Specifically, the Postfix SMTP
server does not accept UTF-8 in the envelope sender domain name or envelope
recipient domain name, and the Postfix SMTP client does not issue the
SMTPUTF8 request when delivering that message to an SMTP or LMTP server
that announces SMTPUTF8 support (again, that is the default). Postfix will
accept UTF-8 in message header values and in the localpart of envelope
sender and recipient addresses, because it has always done that.
* When the Postfix SMTP server receives a message WITH the SMTPUTF8 request,
Postfix will issue the SMTPUTF8 request when delivering that message to an
SMTP or LMTP server that announces SMTPUTF8 support. This is not
configurable.
* When a message is received with the SMTPUTF8 request, Postfix will deliver
the message to a non-SMTPUTF8 SMTP or LMTP server ONLY if:
o No message header value contains UTF-8.
o The envelope sender address contains no UTF-8,
o No envelope recipient address for that specific SMTP/LMTP delivery
transaction contains UTF-8.
NOTE: Recipients in other email delivery transactions for that same
message may still contain UTF-8.
Otherwise, Postfix will return the recipient(s) for that email delivery
transaction as undeliverable. The delivery status notification message will
be an SMTPUTF8 message. It will therefore be subject to the same
restrictions as email that is received with the SMTPUTF8 request.
* When the Postfix SMTP server receives a message with the SMTPUTF8 request,
that request also applies after the message is forwarded via a virtual or
local alias, or $HOME/.forward file.
SSMMTTPPUUTTFF88 aauuttooddeetteeccttiioonn
This section applies only to systems that have SMTPUTF8 support turned on
(smtputf8_enable = yes).
For compatibility with pre-SMTPUTF8 environments, Postfix does not
automatically set the "SMTPUTF8 requested" flag on messages from non-SMTPUTF8
clients that contain an UTF-8 header value or UTF-8 address localpart. This
would make such messages undeliverable to non-SMTPUTF8 servers, and could be a
barrier to SMTPUTF8 adoption.
By default, Postfix sets the "SMTPUTF8 requested" flag only on address
verification probes and on Postfix sendmail submissions that contain UTF-8 in
the sender address, UTF-8 in a recipient address, or UTF-8 in a message header
value.
/etc/postfix/main.cf:
smtputf8_autodetect_classes = sendmail, verify
However, if you have a non-ASCII myorigin or mydomain setting, or if you have a
configuration that introduces UTF-8 addresses with virtual aliases, canonical
mappings, or BCC mappings, then you may have to apply SMTPUTF8 autodetection to
all email:
/etc/postfix/main.cf:
smtputf8_autodetect_classes = all
This will, of course, also flag email that was received without SMTPUTF8
request, but that contains UTF-8 in a sender address localpart, receiver
address localpart, or message header value. Such email was not standards-
compliant, but Postfix would have delivered it if SMTPUTF8 support was
disabled.
LLiimmiittaattiioonnss ooff tthhee ccuurrrreenntt iimmpplleemmeennttaattiioonn
The Postfix implementation is a work in progress; limitations are steadily
being removed. The text below describes the situation at one point in time.
NNoo aauuttoommaattiicc ccoonnvveerrssiioonnss bbeettwweeeenn AASSCCIIII aanndd UUTTFF--88 ddoommaaiinn nnaammeess..
Some background: According to RFC 6530 and related documents, an
internationalized domain name can appear in two forms: the UTF-8 form, and the
ASCII (xn--mumble) form. An internationalized address localpart must be encoded
in UTF-8; the RFCs do not define an ASCII alternative form.
Postfix currently does not convert internationalized domain names from UTF-
8 into ASCII (or from ASCII into UTF-8) before using domain names in SMTP
commands and responses, before looking up domain names in lists such as
mydestination, relay_domains or in lookup tables such as access tables, etc.,
before using domain names in a policy daemon or Milter request, or before
logging events.
Postfix does, however, casefold domain names and email addresses before
matching them against a Postfix configuration parameter or lookup table.
In order to use Postfix SMTPUTF8 support:
* The Postfix parameters myhostname and mydomain must be in ASCII form. One
is a substring of the other, and the myhostname value is used in SMTP
commands and responses that require ASCII. The parameter myorigin (added to
local addresses without domain) supports UTF-8.
* You need to configure both the ASCII and UTF-8 forms of an
Internationalized domain name in Postfix parameters such as mydestination
and relay_domains, as well as lookup table search keys.
* Milters, content filters, policy servers and logfile analysis tools need to
be able to handle both the ASCII and UTF-8 forms of Internationalized
domain names.
CCoommppaattiibbiilliittyy wwiitthh pprree--SSMMTTPPUUTTFF88 eennvviirroonnmmeennttss
MMaaiilliinngg lliissttss wwiitthh UUTTFF--88 aanndd nnoonn--UUTTFF--88 ssuubbssccrriibbeerrss
With Postfix, there is no need to split mailing lists into UTF-8 and non-UTF-
8 members. Postfix will try to deliver the non-UTF8 subscribers over
"traditional" non-SMTPUTF8 sessions, as long as the message has an ASCII
envelope sender address and all-ASCII header values. The mailing list manager
may have to apply RFC 2047 encoding to satisfy that last condition.
PPrree--eexxiissttiinngg nnoonn--AASSCCIIII eemmaaiill fflloowwss
With "smtputf8_enable = no", Postfix handles email with non-ASCII in address
localparts (and in headers) as before. The vast majority of email software is
perfectly capable of handling such email, even if pre-SMTPUTF8 standards do not
support such practice.
However, when you specify "smtputf8_enable = yes", Postfix requires that non-
ASCII address information is encoded in UTF-8 and will reject other encodings
such as ISO-8859. It is not practical for Postfix to support multiple encodings
at the same time. There is no problem with RFC 2047 encodings such as "=?ISO-
8859-1?Q?text?=", because those use only characters from the ASCII
characterset.
CCrreeddiittss
* May 15, 2014: Arnt Gulbrandsen posted his patch for Unicode email support.
This work was sponsored by CNNIC.
* July 15, 2014: Wietse integrated Arnt Gulbrandsen's code and released
Postfix with SMTPUTF8 support.
* January 2015: Wietse added UTF-8 support for casefolding in Postfix lookup
tables and caseless string comparison in Postfix list-based features.

View File

@ -169,6 +169,8 @@ username/password information.
/etc/postfix/main.cf:
smtp_sasl_auth_enable = yes
smtp_tls_security_level = encrypt
smtp_sasl_tls_security_options = noanonymous
relayhost = [mail.isp.example]
# Alternative form:
# relayhost = [mail.isp.example]:submission
@ -178,6 +180,10 @@ username/password information.
will configure the client's username and password information in the second
part of the example.
* The smtp_tls_security_level setting ensures that the connection to the
remote smtp server will be encrypted, and smtp_sasl_tls_security_options
removes the prohibition on plaintext passwords.
* The relayhost setting forces the Postfix SMTP to send all remote messages
to the specified mail server instead of trying to deliver them directly to
their destination.
@ -254,7 +260,7 @@ final resort.
/etc/postfix/sasl_passwd:
# Per-sender authentication; see also /etc/postfix/sender_relay.
user1@example.com username2:password2
user1@example.com username1:password1
user2@example.net username2:password2
# Login information for the default relayhost.
[mail.isp.example] username:password

View File

@ -24,7 +24,18 @@ For example:
make -f Makefile.init makefiles \
'CCARGS=-DHAS_SQLITE -I/usr/local/include' \
'AUXLIBS=-L/usr/local/lib -lsqlite3 -lpthread'
'AUXLIBS_SQLITE=-L/usr/local/lib -lsqlite3 -lpthread'
Postfix versions before 3.0 use AUXLIBS instead of AUXLIBS_SQLITE. With Postfix
3.0 and later, the old AUXLIBS variable still supports building a statically-
loaded SQLite database client, but only the new AUXLIBS_SQLITE variable
supports building a dynamically-loaded or statically-loaded SQLite database
client.
Failure to use the AUXLIBS_SQLITE variable will defeat the purpose of
dynamic database client loading. Every Postfix executable file will have
SQLITE database library dependencies. And that was exactly what dynamic
database client loading was meant to avoid.
Then, just run 'make'.

View File

@ -97,13 +97,16 @@ The "stress" parameter value is the key to making main.cf parameter settings
stress adaptive. The following settings are the default with Postfix 2.6 and
later.
1 smtpd_timeout = ${stress?10}${stress:300}s
2 smtpd_hard_error_limit = ${stress?1}${stress:20}
3 smtpd_junk_command_limit = ${stress?1}${stress:100}
1 smtpd_timeout = ${stress?{10}:{300}}s
2 smtpd_hard_error_limit = ${stress?{1}:{20}}
3 smtpd_junk_command_limit = ${stress?{1}:{100}}
4 # Parameters added after Postfix 2.6:
5 smtpd_per_record_deadline = ${stress?yes}${stress:no}
6 smtpd_starttls_timeout = ${stress?10}${stress:300}s
7 address_verify_poll_count = ${stress?1}${stress:3}
5 smtpd_per_record_deadline = ${stress?{yes}:{no}}
6 smtpd_starttls_timeout = ${stress?{10}:{300}}s
7 address_verify_poll_count = ${stress?{1}:{3}}
Postfix versions before 3.0 use the older form ${stress?x}${stress:y} instead
of the newer form ${stress?{x}:{y}}.
Translation:
@ -146,8 +149,8 @@ Translation:
$unverified_sender_tempfail_action. No mail should be lost, as long as this
measure is used only temporarily.
The syntax of ${name?value} and ${name:value} is explained at the beginning of
the postconf(5) manual page.
The syntax of ${name?{value}:{value}}, ${name?value} and ${name:value} is
explained at the beginning of the postconf(5) manual page.
NOTE: Please keep in mind that the stress-adaptive feature is a fairly
desperate measure to keep ssoommee legitimate mail flowing under overload

View File

@ -178,7 +178,7 @@ Their DSA counterparts:
smtpd_tls_dkey_file = $smtpd_tls_dcert_file
To verify a remote SMTP client certificate, the Postfix SMTP server needs to
trust the certificates of the issuing certification authorities. These
trust the certificates of the issuing Certification Authorities. These
certificates in "pem" format can be stored in a single $smtpd_tls_CAfile or in
multiple files, one CA per file in the $smtpd_tls_CApath directory. If you use
a directory, don't forget to create the necessary "hash" links with:
@ -565,7 +565,7 @@ Their DSA counterparts:
smtp_tls_dkey_file = $smtp_tls_dcert_file
To verify a remote SMTP server certificate, the Postfix SMTP client needs to
trust the certificates of the issuing certification authorities. These
trust the certificates of the issuing Certification Authorities. These
certificates in "pem" format can be stored in a single $smtp_tls_CAfile or in
multiple files, one CA per file in the $smtp_tls_CApath directory. If you use a
directory, don't forget to create the necessary "hash" links with:
@ -700,8 +700,8 @@ Despite the potential for eliminating "man-in-the-middle" and other attacks,
mandatory certificate/peername verification is not viable as a default Internet
mail delivery policy at this time. A significant fraction of TLS enabled MTAs
uses self-signed certificates, or certificates that are signed by a private
certificate authority. On a machine that delivers mail to the Internet, if you
set smtp_enforce_tls = yes, you should probably also set
Certification Authority. On a machine that delivers mail to the Internet, if
you set smtp_enforce_tls = yes, you should probably also set
smtp_tls_enforce_peername = no. You can use the per-site TLS policies (see
below) to enable full peer verification for specific destinations that are
known to have verifiable TLS server certificates.
@ -956,16 +956,16 @@ The following steps will get you started quickly. Because you sign your own
Postfix public key certificate, you get TLS encryption but no TLS
authentication. This is sufficient for testing, and for exchanging email with
sites that you have no trust relationship with. For real authentication, your
Postfix public key certificate needs to be signed by a recognized Certificate
Postfix public key certificate needs to be signed by a recognized Certification
Authority, and Postfix needs to be configured with a list of public key
certificates of Certificate Authorities, so that Postfix can verify the public
key certificates of remote hosts.
certificates of Certification Authorities, so that Postfix can verify the
public key certificates of remote hosts.
In the examples below, user input is shown in bboolldd font, and a "#" prompt
indicates a super-user shell.
* Become your own Certificate Authority, so that you can sign your own public
keys. This example uses the CA.pl script that ships with OpenSSL. By
* Become your own Certification Authority, so that you can sign your own
public keys. This example uses the CA.pl script that ships with OpenSSL. By
default, OpenSSL installs this as /usr/local/ssl/misc/CA.pl, but your
mileage may vary. The script creates a private key in ./demoCA/private/
cakey.pem and a public key in ./demoCA/cacert.pem.

View File

@ -173,6 +173,10 @@ the smtpd(8) server against abuse by out-of-control clients.
The maximum number of new TLS sessions (without using the TLS session
cache) that an SMTP client may negotiate in the time interval specified
with anvil_rate_time_unit (default: 60s).
smtpd_client_auth_rate_limit (default: no limit)
The maximum number of AUTH commands that an SMTP client may send in the
time interval specified with anvil_rate_time_unit (default: 60s).
Available in Postfix 3.1 and later.
smtpd_client_event_limit_exceptions (default: $mynetworks)
SMTP clients that are excluded from connection and rate limits
specified above.

View File

@ -80,7 +80,8 @@ Note 1: syntactically valid NAME and HELO attribute-value elements can be up to
255 characters long. The client must not send XCLIENT commands that exceed the
512 character limit for SMTP commands. To avoid exceeding the limit the client
should send the information in multiple XCLIENT commands; for example, send
NAME and ADDR first, then HELO and PROTO.
NAME and ADDR last, after HELO and PROTO. Once ADDR is sent, the client is
usually no longer authorized to send XCLIENT commands.
Note 2: [UNAVAILABLE], [TEMPUNAVAIL] and IPV6: may be specified in upper case,
lower case or mixed case.

View File

@ -1,26 +1,161 @@
The stable Postfix release is called postfix-2.11.x where 2=major
release number, 11=minor release number, x=patchlevel. The stable
This is the Postfix 3.1 (stable) release.
The stable Postfix release is called postfix-3.1.x where 3=major
release number, 1=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
New features are developed in snapshot releases. These are called
postfix-2.12-yyyymmdd where yyyymmdd is the release date (yyyy=year,
postfix-3.2-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). Patches are never issued for snapshot releases;
instead, a new snapshot is released.
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
If you upgrade from Postfix 2.9 or earlier, read RELEASE_NOTES-2.10
If you upgrade from Postfix 2.11 or earlier, read RELEASE_NOTES-3.0
before proceeding.
Incompatible change with Postfix 2.11.6
---------------------------------------
Workaround - UTF8 support in Postfix MySQL queries
--------------------------------------------------
As of the middle of 2015, all supported Postfix releases no longer
enable "export" grade ciphers for opportunistic TLS, and no longer
use the deprecated SSLv2 and SSLv3 protocols for mandatory or
opportunistic TLS.
Someone reported false "not found" errors with MySQL map queries
that contain UTF8-encoded text. To avoid such errors, specify
"option_group = client" in Postfix MySQL configuration files. This
will be the default setting with Postfix 3.2 and later.
Major changes - address verification safety
-------------------------------------------
[Feature 20151227] The new address_verify_pending_request_limit
parameter introduces a safety limit for the number of address
verification probes in the active queue. The default limit is 1/4
of the active queue maximum size. The queue manager enforces the
limit by tempfailing probe messages that exceed the limit. This
design avoids dependencies on global counters that get out of sync
after a process or system crash.
Tempfailing verify requests is not as bad as one might think. The
Postfix verify cache proactively updates active addresses weeks
before they expire. The address_verify_pending_request_limit affects
only unknown addresses, and inactive addresses that have expired
from the address verify cache (by default, after 31 days).
Major changes - json support
----------------------------
[Feature 20151129] Machine-readable, JSON-formatted queue listing
with "postqueue -j" (no "mailq" equivalent). The output is a stream
of JSON objects, one per queue file. To simplify parsing, each
JSON object is formatted as one text line followed by one newline
character. See the postqueue(1) manpage for a detailed description
of the output format.
Major changes - milter support
------------------------------
[Feature 20150523] The milter_macro_defaults feature provides an
optional list of macro name=value pairs. These specify default
values for Milter macros when no value is available from the SMTP
session context.
For example, with "milter_macro_defaults = auth_type=TLS", the
Postfix SMTP server will send an auth_type of "TLS" to a Milter,
unless the remote client authenticates with SASL.
This feature was originally implemented for a submission service
that may authenticate clients with a TLS certificate, without having
to make changes to the code that implements TLS support.
Major changes - output rate control
-----------------------------------
[Feature 20150710] Destination-independent delivery rate delay
Support to enforce a destination-independent delay between email
deliveries. The following example inserts 20 seconds of delay
between all deliveries with the SMTP transport, limiting the delivery
rate to at most three messages per minute.
/etc/postfix/main.cf:
smtp_transport_rate_delay = 20s
For details, see the description of default_transport_rate_delay
and transport_transport_rate_delay in the postconf(5) manpage.
Major changes - postscreen dnsbl
--------------------------------
[Feature 20150710] postscreen support for the TTL of DNSBL and DNSWL
lookup results
Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
that a "not found" result from a DNSBL server will be valid for one
hour. This may have been adequate five years ago when postscreen
was first implemented, but nowadays, that one hour can result in
missed opportunities to block new spambots.
To address this, postscreen now respects the TTL of DNSBL "not
found" replies, as well as the TTL of DNSWL replies (both "found"
and "not found"). The TTL for a "not found" reply is determined
according to RFC 2308 (the TTL of an SOA record in the reply).
Support for DNSBL or DNSWL reply TTL values is controlled by two
configuration parameters:
postscreen_dnsbl_min_ttl (default: 60 seconds).
This parameter specifies a minimum for the amount of time that
a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
This prevents an excessive number of postscreen cache updates
when a DNSBL or DNSWL server specifies a very small reply TTL.
postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour)
This parameter specifies a maximum for the amount of time that
a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
This prevents cache pollution when a DNSBL or DNSWL server
specifies a very large reply TTL.
The postscreen_dnsbl_ttl parameter is now obsolete, and has become
the default value for the new postscreen_dnsbl_max_ttl parameter.
Major changes - sasl auth safety
--------------------------------
[Feature 20151031] New "smtpd_client_auth_rate_limit" feature, to
enforce an optional rate limit on AUTH commands per SMTP client IP
address. Similar to other smtpd_client_*_rate_limit features, this
enforces a limit on the number of requests per $anvil_rate_time_unit.
Major changes - smtpd policy
----------------------------
[Feature 20150913] New SMTPD policy service attribute "policy_context",
with a corresponding "smtpd_policy_service_policy_context" configuration
parameter. Originally, this was implemented to share the same SMTPD
policy service endpoint among multiple check_policy_service clients.
Major changes - tls
-------------------
[Feature 20160207] A new "postfix tls" command to quickly enable
opportunistic TLS in the Postfix SMTP client or server, and to
manage SMTP server keys and certificates, including certificate
signing requests and TLSA DNS records for DANE. See the postfix-tls(1)
manpage for a detailed description.
[Feature 20160103] The Postfix SMTP client by default enables DANE
policies when an MX host has a (DNSSEC) secure TLSA DNS record,
even if the MX DNS record was obtained with insecure lookups. The
existence of a secure TLSA record implies that the host wants to
talk TLS and not plaintext. For details see the
smtp_tls_dane_insecure_mx_policy configuration parameter.
[Incompat 20150721] As of the middle of 2015, all supported Postfix
releases no longer enable "export" grade ciphers for opportunistic
TLS, and no longer use the deprecated SSLv2 and SSLv3 protocols for
mandatory or opportunistic TLS.
These changes are very unlikely to cause problems with server-to-server
communication over the Internet, but they may result in interoperability
@ -48,267 +183,12 @@ selective, use "-o name=value" parameter overrides on specific
services in master.cf. Execute the command "postfix reload" to make
the changes effective.
Major changes - tls
-------------------
[Incompat 20150719] The default Diffie-Hellman non-export prime was
updated from 1024 to 2048 bits, because SMTP clients are starting
to reject TLS handshakes with primes smaller than 2048 bits.
[Documentation 20131218] The new FORWARD_SECRECY_README document
conveniently presents all information about Postfix "perfect" forward
secrecy support in one place: what forward secrecy is, how to tweak
settings, and what you can expect to see when Postfix uses ciphers
with forward secrecy.
Historically, this prime size is not negotiable, and each site needs
to determine which prime size works best for the majority of its
clients. See FORWARD_SECRECY_README for some hints in the quick-start
section.
[Feature 20130602] Support for PKI-less TLS server certificate
verification, where the CA public key or the server certificate is
identified via DNSSEC lookup.
This feature introduces new TLS security levels called "dane" and
"dane-only" (DNS-based Authentication of Named Entities) that use
DNSSEC to look up CA or server certificate information. The details
of DANE core protocols are still evolving, as are the details of
how DANE should be used in the context of SMTP. Postfix implements
what appears to be a "rational" subset of the DANE profiles that
is suitable for SMTP.
The problem with conventional PKI is that there are literally
hundreds of organizations world-wide that can provide a certificate
in anyone's name. There have been widely-published incidents in
recent history where a certificate authority gave out an inappropriate
certificate (e.g., a certificate in the name of Microsoft to someone
who did not represent Microsoft), where a CA was compromised (e.g.,
DigiNotar, Comodo), or where a CA made operational mistakes (e.g.,
TURKTRUST). Another concern is that a legitimate CA might be coerced
to provide a certificate that allows its government to play
man-in-the-middle on TLS traffic and observe the plaintext.
Major changes - LMDB database support
-------------------------------------
LMDB is a memory-mapped database that was originally developed as
part of OpenLDAP. The Postfix LMDB driver was originally contributed
by Howard Chu, LMDB's creator.
LMDB can be used for all Postfix lookup tables and caches. It is
the first persistent Postfix database that can be shared among
multiple writers such as postscreen daemons (Postfix already supported
shared non-persistent memcached caches). See lmdb_table(5) and
LMDB_README for further information, including how to access Postfix
LMDB databases with non-Postfix programs.
Postfix currently requires LMDB version 0.9.11 or later. The minimum
version may change over time in the light of deployment experience.
Major changes - postscreen whitelisting
---------------------------------------
[Feature 20130512] Allow a remote SMTP client to skip postscreen(8)
tests based on its postscreen_dnsbl_sites score.
Specify a negative "postscreen_dnsbl_whitelist_threshold" value to
enable this feature. When a client passes the threshold value
without having failed other tests, all pending or disabled tests
are flagged as completed.
This feature can mitigate the email delays due to "after 220 greeting"
protocol tests, which otherwise require that a client reconnects
before it can deliver mail. Some providers such as Google don't
retry from the same IP address. This can result in large email
delivery delays.
Major changes - recipient_delimiter
-----------------------------------
[Feature 20130405] The recipient_delimiter parameter can now specify
a set of characters. A user name is now separated from its address
extension by the first character that matches the recipient_delimiter
set.
For example, specify "recipient_delimiter = +-" to support both the
Postfix-style "+" and the qmail-style "-" extension delimiter.
As before, this implementation recognizes one delimiter character
per email address, and one address extension per email address.
Major changes - smtpd access control
------------------------------------
[Feature 20131031] The check_sasl_access feature can be used to
block hijacked logins. Like other check_mumble_access features it
queries a lookup table (in this case with the SASL login name), and
it supports the same actions as any Postfix access(5) table.
[Feature 20130924] The reject_known_sender_login_mismatch feature
applies reject_sender_login_mismatch only to MAIL FROM addresses
that are known in $smtpd_sender_login_maps.
Major changes - MacOS X
-----------------------
[Feature 20130325] Full support for kqueue() event handling which
scales better with large numbers of file handles, plus a workaround
for timeout handling on file handles (such as /dev/urandom) that
still do not correctly support poll().
Major changes - master
----------------------
[Incompat 20131217] The master_service_disable parameter value
syntax has changed: use "service/type" instead of "service.type".
The new form is consistent with postconf(1) namespaces for master.cf.
The old form is still supported to avoid breaking existing
configurations.
Major changes - milter
----------------------
[Feature 20131126] Support for ESMTP parameters "NOTIFY" and "ORCPT"
in the SMFIR_ADDRCPT_PAR (add recipient with parameters) request.
Credits: Andrew Ayer.
Major changes - mysql
---------------------
[Feature 20131117] MySQL client support for option_file, option_group,
tls_cert_file, tls_key_file, tls_CAfile, tls_CApath, tls_verify_cert.
Credits: Gareth Palmer.
Major changes - postconf
------------------------
[Feature 20131217] Support for advanced master.cf query and update
operations. This was implemented primarily to support automated
system management tools.
The goal is to make all Postfix master.cf details accessible as
lists of "name=value" pairs, where the names are organized into
structured name spaces. This allows other programs to query
information or request updates, without having to worry about the
exact layout of master.cf files.
Managing master.cf service attributes
-------------------------------------
First, an example that shows the smtp/inet service in the traditional
form:
$ postconf -M smtp/inet
smtp inet n - n - - smtpd
Different variants of this command show different amounts of output.
For example, "postconf -M smtp" enumerates all services that have
a name "smtp" and any service type ("inet", "unix", etc.), and
"postconf -M" enumerates all master.cf services.
General rule: each name component that is not present becomes a "*"
wildcard.
Coming back to the above example, the postconf -F option can now
enumerate the smtp/inet service fields as follows:
$ postconf -F smtp/inet
smtp/inet/service = smtp
smtp/inet/type = inet
smtp/inet/private = n
smtp/inet/unprivileged = -
smtp/inet/chroot = n
smtp/inet/wakeup = -
smtp/inet/process_limit = -
smtp/inet/command = smtpd
This form makes it very easy to change one field in master.cf.
For example to turn on chroot on the smtp/inet service you use:
$ postconf -F smtp/inet/chroot=y
$ postfix reload
Moreover, with "-F" you can specify "*" for service name or service
type to get a wild-card match. For example, to turn off chroot on
all Postfix daemons, use this:
$ postconf -F '*/*/chroot=n'
$ postfix reload
Managing master.cf service "-o parameter=value" settings
--------------------------------------------------------
For a second example, let's look at the submission service. This
service typically has multiple "-o parameter=value" overrides. First
the traditional view:
$ postconf -Mf submission
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
...
The postconf -P option can now enumerate these parameters as follows:
$ postconf -P submission
submission/inet/smtpd_sasl_auth_enable = yes
submission/inet/smtpd_tls_security_level = encrypt
...
Again, this form makes it very easy to modify one parameter
setting. For example, to change the smtpd_tls_security_level setting
for the submission/inet service:
$ postconf -P 'submission/inet/smtpd_tls_security_level=may'
You can create or remove a parametername=parametervalue setting:
Create:
$ postconf -P 'submission/inet/parametername=parametervalue'
Remove:
$ postconf -PX submission/inet/parametername
Finally, always execute "postfix reload" after updating master.cf.
Managing master.cf service entries
----------------------------------
Finally, adding master.cf entries is possible, but currently this
does not yet have "advanced" support. It can only be done at the
level of the traditional master.cf file format.
Suppose that you need to configure a Postfix SMTP client that will
handle slow email deliveries. To implement this you need to clone
the smtp/unix service settings and create a new delay/unix service.
First, you would enumerate the smtp/unix service like this:
$ postconf -M smtp/unix
smtp unix - - n - - smtp
Then you would copy those fields (except the first field) by hand
to create the delay/unix service:
$ postconf -M delay/unix="delay unix - - n - - smtp"
To combine the above steps in one command:
$ postconf -M delay/unix="`postconf -M smtp/unix|awk '{$1 = "delay"}'`"
This is perhaps not super-convenient for manual cloning, but it
should be sufficient for programmatic configuration management.
Again, always execute "postfix reload" after updating master.cf.
Deleting or commenting out master.cf entries
--------------------------------------------
The -X (delete entry) and -# (comment out entry) options already
exist for main.cf, and they now also work work for entire master.cf
entries:
Remove main.cf or master.cf entry:
$ postconf -X parametername
$ postconf -MX delay/unix
Comment out main.cf or master.cf entry:
$ postconf -# parametername
$ postconf -M# delay/unix
As with main.cf, there is no support to "undo" master.cf changes
that are made with -X or -#.
Again, always execute "postfix reload" after updating master.cf.

View File

@ -0,0 +1,280 @@
The stable Postfix release is called postfix-2.11.x where 2=major
release number, 11=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
New features are developed in snapshot releases. These are called
postfix-2.12-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). Patches are never issued for snapshot releases;
instead, a new snapshot is released.
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
If you upgrade from Postfix 2.9 or earlier, read RELEASE_NOTES-2.10
before proceeding.
Major changes - tls
-------------------
[Documentation 20131218] The new FORWARD_SECRECY_README document
conveniently presents all information about Postfix "perfect" forward
secrecy support in one place: what forward secrecy is, how to tweak
settings, and what you can expect to see when Postfix uses ciphers
with forward secrecy.
[Feature 20130602] Support for PKI-less TLS server certificate
verification, where the CA public key or the server certificate is
identified via DNSSEC lookup.
This feature introduces new TLS security levels called "dane" and
"dane-only" (DNS-based Authentication of Named Entities) that use
DNSSEC to look up CA or server certificate information. The details
of DANE core protocols are still evolving, as are the details of
how DANE should be used in the context of SMTP. Postfix implements
what appears to be a "rational" subset of the DANE profiles that
is suitable for SMTP.
The problem with conventional PKI is that there are literally
hundreds of organizations world-wide that can provide a certificate
in anyone's name. There have been widely-published incidents in
recent history where a certificate authority gave out an inappropriate
certificate (e.g., a certificate in the name of Microsoft to someone
who did not represent Microsoft), where a CA was compromised (e.g.,
DigiNotar, Comodo), or where a CA made operational mistakes (e.g.,
TURKTRUST). Another concern is that a legitimate CA might be coerced
to provide a certificate that allows its government to play
man-in-the-middle on TLS traffic and observe the plaintext.
Major changes - LMDB database support
-------------------------------------
LMDB is a memory-mapped database that was originally developed as
part of OpenLDAP. The Postfix LMDB driver was originally contributed
by Howard Chu, LMDB's creator.
LMDB can be used for all Postfix lookup tables and caches. It is
the first persistent Postfix database that can be shared among
multiple writers such as postscreen daemons (Postfix already supported
shared non-persistent memcached caches). See lmdb_table(5) and
LMDB_README for further information, including how to access Postfix
LMDB databases with non-Postfix programs.
Postfix currently requires LMDB version 0.9.11 or later. The minimum
version may change over time in the light of deployment experience.
Major changes - postscreen whitelisting
---------------------------------------
[Feature 20130512] Allow a remote SMTP client to skip postscreen(8)
tests based on its postscreen_dnsbl_sites score.
Specify a negative "postscreen_dnsbl_whitelist_threshold" value to
enable this feature. When a client passes the threshold value
without having failed other tests, all pending or disabled tests
are flagged as completed.
This feature can mitigate the email delays due to "after 220 greeting"
protocol tests, which otherwise require that a client reconnects
before it can deliver mail. Some providers such as Google don't
retry from the same IP address. This can result in large email
delivery delays.
Major changes - recipient_delimiter
-----------------------------------
[Feature 20130405] The recipient_delimiter parameter can now specify
a set of characters. A user name is now separated from its address
extension by the first character that matches the recipient_delimiter
set.
For example, specify "recipient_delimiter = +-" to support both the
Postfix-style "+" and the qmail-style "-" extension delimiter.
As before, this implementation recognizes one delimiter character
per email address, and one address extension per email address.
Major changes - smtpd access control
------------------------------------
[Feature 20131031] The check_sasl_access feature can be used to
block hijacked logins. Like other check_mumble_access features it
queries a lookup table (in this case with the SASL login name), and
it supports the same actions as any Postfix access(5) table.
[Feature 20130924] The reject_known_sender_login_mismatch feature
applies reject_sender_login_mismatch only to MAIL FROM addresses
that are known in $smtpd_sender_login_maps.
Major changes - MacOS X
-----------------------
[Feature 20130325] Full support for kqueue() event handling which
scales better with large numbers of file handles, plus a workaround
for timeout handling on file handles (such as /dev/urandom) that
still do not correctly support poll().
Major changes - master
----------------------
[Incompat 20131217] The master_service_disable parameter value
syntax has changed: use "service/type" instead of "service.type".
The new form is consistent with postconf(1) namespaces for master.cf.
The old form is still supported to avoid breaking existing
configurations.
Major changes - milter
----------------------
[Feature 20131126] Support for ESMTP parameters "NOTIFY" and "ORCPT"
in the SMFIR_ADDRCPT_PAR (add recipient with parameters) request.
Credits: Andrew Ayer.
Major changes - mysql
---------------------
[Feature 20131117] MySQL client support for option_file, option_group,
tls_cert_file, tls_key_file, tls_CAfile, tls_CApath, tls_verify_cert.
Credits: Gareth Palmer.
Major changes - postconf
------------------------
[Feature 20131217] Support for advanced master.cf query and update
operations. This was implemented primarily to support automated
system management tools.
The goal is to make all Postfix master.cf details accessible as
lists of "name=value" pairs, where the names are organized into
structured name spaces. This allows other programs to query
information or request updates, without having to worry about the
exact layout of master.cf files.
Managing master.cf service attributes
-------------------------------------
First, an example that shows the smtp/inet service in the traditional
form:
$ postconf -M smtp/inet
smtp inet n - n - - smtpd
Different variants of this command show different amounts of output.
For example, "postconf -M smtp" enumerates all services that have
a name "smtp" and any service type ("inet", "unix", etc.), and
"postconf -M" enumerates all master.cf services.
General rule: each name component that is not present becomes a "*"
wildcard.
Coming back to the above example, the postconf -F option can now
enumerate the smtp/inet service fields as follows:
$ postconf -F smtp/inet
smtp/inet/service = smtp
smtp/inet/type = inet
smtp/inet/private = n
smtp/inet/unprivileged = -
smtp/inet/chroot = n
smtp/inet/wakeup = -
smtp/inet/process_limit = -
smtp/inet/command = smtpd
This form makes it very easy to change one field in master.cf.
For example to turn on chroot on the smtp/inet service you use:
$ postconf -F smtp/inet/chroot=y
$ postfix reload
Moreover, with "-F" you can specify "*" for service name or service
type to get a wild-card match. For example, to turn off chroot on
all Postfix daemons, use this:
$ postconf -F '*/*/chroot=n'
$ postfix reload
Managing master.cf service "-o parameter=value" settings
--------------------------------------------------------
For a second example, let's look at the submission service. This
service typically has multiple "-o parameter=value" overrides. First
the traditional view:
$ postconf -Mf submission
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
...
The postconf -P option can now enumerate these parameters as follows:
$ postconf -P submission
submission/inet/smtpd_sasl_auth_enable = yes
submission/inet/smtpd_tls_security_level = encrypt
...
Again, this form makes it very easy to modify one parameter
setting. For example, to change the smtpd_tls_security_level setting
for the submission/inet service:
$ postconf -P 'submission/inet/smtpd_tls_security_level=may'
You can create or remove a parametername=parametervalue setting:
Create:
$ postconf -P 'submission/inet/parametername=parametervalue'
Remove:
$ postconf -PX submission/inet/parametername
Finally, always execute "postfix reload" after updating master.cf.
Managing master.cf service entries
----------------------------------
Finally, adding master.cf entries is possible, but currently this
does not yet have "advanced" support. It can only be done at the
level of the traditional master.cf file format.
Suppose that you need to configure a Postfix SMTP client that will
handle slow email deliveries. To implement this you need to clone
the smtp/unix service settings and create a new delay/unix service.
First, you would enumerate the smtp/unix service like this:
$ postconf -M smtp/unix
smtp unix - - n - - smtp
Then you would copy those fields (except the first field) by hand
to create the delay/unix service:
$ postconf -M delay/unix="delay unix - - n - - smtp"
To combine the above steps in one command:
$ postconf -M delay/unix="`postconf -M smtp/unix|awk '{$1 = "delay"}'`"
This is perhaps not super-convenient for manual cloning, but it
should be sufficient for programmatic configuration management.
Again, always execute "postfix reload" after updating master.cf.
Deleting or commenting out master.cf entries
--------------------------------------------
The -X (delete entry) and -# (comment out entry) options already
exist for main.cf, and they now also work work for entire master.cf
entries:
Remove main.cf or master.cf entry:
$ postconf -X parametername
$ postconf -MX delay/unix
Comment out main.cf or master.cf entry:
$ postconf -# parametername
$ postconf -M# delay/unix
As with main.cf, there is no support to "undo" master.cf changes
that are made with -X or -#.
Again, always execute "postfix reload" after updating master.cf.

View File

@ -0,0 +1,628 @@
The stable Postfix release is called postfix-3.0.x where 3=major
release number, 0=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
New features are developed in snapshot releases. These are called
postfix-3.1-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). Patches are never issued for snapshot releases;
instead, a new snapshot is released.
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
If you upgrade from Postfix 2.10 or earlier, read RELEASE_NOTES-2.11
before proceeding.
Notes for distribution maintainers
----------------------------------
* New backwards-compatibility safety net.
With NEW Postfix installs, you MUST install a main.cf file with
the setting "compatibility_level = 2". See conf/main.cf for an
example.
With UPGRADES of existing Postfix systems, you MUST NOT change the
main.cf compatibility_level setting, nor add this setting if it
does not exist.
Several Postfix default settings have changed with Postfix 3.0. To
avoid massive frustration with existing Postfix installations,
Postfix 3.0 comes with a safety net that forces Postfix to keep
running with backwards-compatible main.cf and master.cf default
settings. This safety net depends on the main.cf compatibility_level
setting (default: 0). Details are in COMPATIBILITY_README.
* New Postfix build system.
The Postfix build/install procedure has changed to support Postfix
dynamically-linked libraries and database plugins. These must not
be "shared" with non-Postfix programs, and therefore must not be
installed in a public directory.
To avoid massive frustration due to broken patches, PLEASE BUILD
POSTFIX FIRST WITHOUT APPLYING ANY PATCHES. Follow the INSTALL
instructions (see "Building with Postfix dynamically-linked libraries
and database plugins"), and see how things work and what the
dynamically-linked libraries, database plugin, and configuration
files look like. Then, go ahead and perform your platform-specific
customizations. The INSTALL section "Tips for distribution maintainers"
has further suggestions.
Major changes - critical
------------------------
[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.
Major changes - default settings
--------------------------------
[Incompat 20141009] The default settings have changed for relay_domains
(new: empty, old: $mydestination) and mynetworks_style (new: host,
old: subnet). However the backwards-compatibility safety net will
prevent these changes from taking effect, giving the system
administrator the option to make an old default setting permanent
in main.cf or to adopt the new default setting, before turning off
backwards compatibility. See COMPATIBILITY_README for details.
[Incompat 20141001] A new backwards-compatibility safety net forces
Postfix to run with backwards-compatible main.cf and master.cf
default settings after an upgrade to a newer but incompatible Postfix
version. See COMPATIBILITY_README for details.
While the backwards-compatible default settings are in effect,
Postfix logs what services or what email would be affected by the
incompatible change. Based on this the administrator can make some
backwards-compatibility settings permanent in main.cf or master.cf,
before turning off backwards compatibility.
See postconf.5.html#compatibility_level for details.
[Incompat 20141001] The default settings
have changed for append_dot_mydomain (new: no. old: yes), master.cf
chroot (new: n, old: y), and smtputf8 (new: yes, old: no).
Major changes - access control
------------------------------
[Feature 20141119] Support for BCC actions in header/body_checks
and milter_header_checks. There is no limit on the number of BCC
actions that may be specified, other than the implicit limit due
to finite storage. BCC support will not be implemented in Postfix
delivery agent header/body_checks.
It works in the same way as always_bcc and sender/recipient_bcc_maps:
there can be only one address per action, recipients are added with
the NOTIFY=NONE delivery status notification option, and duplicate
recipients are ignored (with the same delivery status notification
options).
[Incompat 20141009] The default settings have changed for relay_domains
(new: empty, old: $mydestination) and mynetworks_style (new: host,
old: subnet). However the backwards-compatibility safety net will
prevent these changes from taking effect, giving the system
administrator the option to make an old default setting permanent
in main.cf or to adopt the new default setting, before turning off
backwards compatibility. See COMPATIBILITY_README for details.
[Feature 20140618] New INFO action in access(5) tables, for consistency
with header/body_checks.
[Feature 20140620] New check_xxx_a_access (for xxx in client,
reverse_client, helo, sender, recipient) implements access control
on all A and AAAA IP addresses for respectively the client hostname,
helo parameter, sender domain or recipient domain. This complements
the existing check_xxx_mx_access and check_xxx_ns_access features.
Major changes - address rewriting
---------------------------------
[Incompat 20141001] The default settings have changed for
append_dot_mydomain (new: no. old: yes), master.cf chroot (new:
n, old: y), and smtputf8 (new: yes, old: no).
Major changes - address verification
------------------------------------
[Feature 20141227] The new smtp_address_verify_target parameter
(default: rcpt) specifies what protocol stage decides if a recipient
is valid. Specify "data" for servers that reject invalid recipients
in response to the DATA command.
Major changes - database support
--------------------------------
[Feature 20140512] Support for Berkeley DB version 6.
[Feature 20140618] The "randmap" lookup table performs random
selection. This may be used to implement load balancing, for example:
/etc/postfix/transport:
# Deliver my own domain as usual.
example.com :
.example.com :
/etc/postfix/main.cf:
transport_maps =
# Deliver my own domain as usual.
hash:/etc/postfix/transport
# Deliver other domains via randomly-selected relayhosts
randmap:{smtp:smtp0.example.com, smtp:smtp1.example.com}
A variant of this can randomly select SMTP clients with different
smtp_bind_address settings.
To implement different weights, specify lookup results multiple
times. For example, to choose smtp:smtp1.example.com twice as often
as smtp:smtp0.example.com, specify smtp:smtp1.example.com twice.
A future version may support randmap:/path/to/file to load a list
of results from file.
[Feature 20140618] As the name suggests, the "pipemap" table
implements a pipeline of lookup tables. The name of the table
specifies the pipeline as a sequence of tables. For example, the
following prevents SMTP mail to system accounts that have "nologin"
as their login shell:
/etc/postfix/main.cf:
local_recipient_maps =
pipemap:{unix:passwd.byname, pcre:/etc/postfix/no-nologin.pcre}
alias_maps
/etc/postfix/no-nologin.pcre:
!/nologin/ whatever
Each "pipemap:" query is given to the first table. Each table
lookup result becomes the query for the next table in the pipeline,
and the last table produces the final result. When any table lookup
produces no result, the entire pipeline produces no result.
A future version may support pipemap:/path/to/file to load a list
of lookup tables from file.
[Feature 20140924] Support for unionmap, with the same syntax as
pipemap. This sends a query to all tables, and concatenates non-empty
results, separated by comma.
[Feature 20131121] The "static" lookup table now supports whitespace
when invoked as "static:{ text with whitespace }", so that it can
be used, for example, at the end of smtpd_mumble_restrictions as
"check_mumble_access static:{reject text...}".
[Feature 20141126] "inline:{key=value, { key = text with comma/space}}"
avoids the need to create a database for just a few entries.
Major changes - delivery status notifications
---------------------------------------------
[Feature 20140321] Delivery status filter support, to replace the
delivery status codes and explanatory text of successful or
unsuccessful deliveries by Postfix mail delivery agents.
This was originally implemented for sites that want to turn certain
soft delivery errors into hard delivery errors, but it can also be
used to censor out information from delivery confirmation reports.
This feature is implemented as a filter that replaces the three-number
enhanced status code and descriptive text in Postfix delivery agent
success, bounce, or defer messages. Note: this will not override
"soft_bounce=yes", and this will not change a successful delivery
status into an unsuccessful status or vice versa.
The first example turns specific soft TLS errors into hard
errors, by overriding the first number in the enhanced status code.
/etc/postfix/main.cf:
smtp_delivery_status_filter = pcre:/etc/postfix/smtp_dsn_filter
/etc/postfix/smtp_dsn_filter:
/^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/ 5$1
/^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/ 5$1
The second example removes the destination command name and file
name from local(8) successful delivery reports, so that they will
not be reported when a sender requests confirmation of delivery.
/etc/postfix/main.cf:
local_delivery_status_filter = pcre:/etc/postfix/local_dsn_filter
/etc/postfix/local_dsn_filter:
/^(2\S+ delivered to file).+/ $1
/^(2\S+ delivered to command).+/ $1
This feature is supported in the lmtp(8), local(8), pipe(8), smtp(8)
and virtual(8) delivery agents. That is, all delivery agents that
actually deliver mail. It will not be implemented in the error and
retry pseudo-delivery agents.
The new main.cf parameters and default values are:
default_delivery_status_filter =
lmtp_delivery_status_filter = $default_delivery_status_filter
local_delivery_status_filter = $default_delivery_status_filter
pipe_delivery_status_filter = $default_delivery_status_filter
smtp_delivery_status_filter = $default_delivery_status_filter
virtual_delivery_status_filter = $default_delivery_status_filter
See the postconf(5) manpage for more details.
[Incompat 20140618] The pipe(8) delivery agent will now log a limited
amount of command output upon successful delivery, and will report
that output in "SUCCESS" delivery status reports. This is another
good reason to disable inbound DSN requests at the Internet perimeter.
[Feature 20140907] With "confirm_delay_cleared = yes", Postfix
informs the sender when delayed mail leaves the queue (this is in
addition to the delay_warning_time feature that warns when mail is
still queued). This feature is disabled by default, because it can
result in a sudden burst of notifications when the queue drains at
the end of a prolonged network outage.
Major changes - dns
-------------------
[Feature 20141128] Support for DNS server reply filters in the
Postfix SMTP/LMTP client and SMTP server. This helps to work around
mail delivery problems with sites that have incorrect DNS information.
Note: this has no effect on the implicit DNS lookups that are made
by nsswitch.conf or equivalent mechanisms.
This feature renders each lookup result as one line of text in
standard zone-file format as shown below. The class field is always
"IN", the preference field exists only for MX records, the names
of hosts, domains, etc. end in ".", and those names are in ASCII
form (xn--mumble form for internationalized domain names).
name ttl class type preference value
---------------------------------------------------------
postfix.org. 86400 IN MX 10 mail.cloud9.net.
Typically, one would match this text with a regexp: or pcre: table.
When a match is found, the table lookup result specifies an action.
By default, the table query and the action name are case-insensitive.
Currently, only the IGNORE action is implemented.
For safety reasons, Postfix logs a warning or defers mail delivery
when a DNS reply filter removes all lookup results from a successful
query.
The Postfix SMTP/LMTP client uses the smtp_dns_reply_filter and
lmtp_dns_reply_filter features only for Postfix SMTP client lookups
of MX, A, and AAAAA records to locate a remote SMTP or LMTP server,
including lookups that implement the features reject_unverified_sender
and reject_unverified_recipient. The filters are not used for lookups
made through nsswitch.conf and similar mechanisms.
The Postfix SMTP server uses the smtpd_dns_reply_filter feature
only for Postfix SMTP server lookups of MX, A, AAAAA, and TXT records
to implement the features reject_unknown_helo_hostname,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
reject_rbl_*, and reject_rhsbl_*. The filter is not used for lookups
made through nsswitch.conf and similar mechanisms, such as lookups
of the remote SMTP client name.
[Feature 20141126] Nullmx support (MX records with a null hostname).
This change affects error messages only. The Postfix SMTP client
already bounced mail for such domains, and the Postfix SMTP server
already rejected such domains with reject_unknown_sender/recipient_domain.
This feature introduces a new SMTP server configuration parameter
nullmx_reject_code (default: 556).
Major changes - dynamic linking
-------------------------------
[Feature 20140530] Support to build Postfix with Postfix
dynamically-linked libraries, and with dynamically-loadable database
clients. These MUST NOT be used by non-Postfix programs. Postfix
dynamically-linked libraries introduce minor runtime overhead and
result in smaller Postfix executable files. Dynamically-loadable
database clients are useful when you distribute or install pre-compiled
packages. Postfix 3.0 supports dynamic loading for CDB, LDAP, LMDB,
MYSQL, PCRE, PGSQL, SDBM, and SQLITE database clients.
This implementation is based on Debian code by LaMont Jones, initially
ported by Viktor Dukhovni. Currently, support exists for recent
versions of Linux, FreeBSD, MacOS X, and for the ancient Solaris 9.
To support Postfix dynamically-linked libraries and dynamically-loadable
database clients, the Postfix build procedure had to be changed
(specifically, the files makedefs and Makefile.in, and the files
postfix-install and post-install that install or update Postfix).
[Incompat 20140530] The Postfix 3.0 build procedure expects that
you specify database library dependencies with variables named
AUXLIBS_CDB, AUXLIBS_LDAP, etc. With Postfix 3.0 and later, the
old AUXLIBS variable still supports building a statically-loaded
CDB etc. database client, but only the new AUXLIBS_CDB etc. variables
support building a dynamically-loaded or statically-loaded CDB etc.
database client. See CDB_README, LDAP_README, etc. for details.
Failure to follow this advice will defeat the purpose of dynamic
database client loading. Every Postfix executable file will have
database library dependencies. And that was exactly what dynamic
database client loading was meant to avoid.
Major changes - future proofing
-------------------------------
[Cleanup 20141224] The changes described here have no visible effect
on Postfix behavior, but they make Postfix code easier to maintain,
and therefore make new functionality easier to add.
* Compile-time argument typechecks of non-printf/scanf-like variadic
function argument lists.
* Deprecating the use of "char *" for non-text purposes such as
memory allocation and pointers to application context for call-back
functions. This dates from long-past days before void * became
universally available.
* Replace integer types for counters and sizes with size_t or ssize_t
equivalents. This eliminates some wasteful 64<->32bit conversions
on 64-bit systems.
Major changes - installation pathnames
--------------------------------------
[Incompat 20140625] For compliance with file system policies, some
non-executable files have been moved from $daemon_directory to the
directory specified with the new meta_directory configuration
parameter which has the same default value as the config_directory
parameter. This change affects non-executable files that are shared
between multiple Postfix instances such as postfix-files, dynamicmaps.cf,
and multi-instance template files.
For backwards compatibility with Postfix 2.6 .. 2.11, specify
"meta_directory = $daemon_directory" in main.cf before installing
or upgrading Postfix, or specify "meta_directory = /path/name" on
the "make makefiles", "make install" or "make upgrade" command line.
Major changes - milter
----------------------
[Feature 20140928] Support for per-Milter settings that override
main.cf parameters. For details see the section "Advanced policy
client configuration" in the SMTPD_POLICY_README document.
Here is an example that uses both old and new syntax:
smtpd_milters = { inet:127.0.0.1:port1, default_action=accept, ... },
inet:127.0.0.1:port2, ...
The supported attribute names are: command_timeout, connect_timeout,
content_timeout, default_action, and protocol. These have the same
names as the corresponding main.cf parameters, without the "milter_"
prefix.
The per-milter settings are specified as attribute=value pairs
separated by comma or space; specify { name = value } to allow
spaces around the "=" or within an attribute value.
[Feature 20141018] DMARC compatibility: when a Milter inserts a
header ABOVE Postfix's own Received: header, Postfix no longer
exposes its own Received: header to Milters (violating protocol)
and Postfix no longer hides the Milter-inserted header from Milters
(wtf).
Major changes - parameter syntax
--------------------------------
[Feature 20140921] In preparation for configurable mail headers and
logging, new main.cf support for if-then-else expressions:
${name?{text1}:{text2}}
and for logical expressions:
${{text1}=={text2}?{text3}:{text4}}
${{text1}!={text2}?{text3}:{text4}}
Whitespace before and after {text} is ignored. This can help to
make complex expressions more readable. See the postconf(5) manpage
for further details.
[Feature 20140928] Support for whitespace in daemon command-line
arguments. For details, see the "Command name + arguments" section
in the master(5) manpage. Example:
smtpd -o { parameter = value containing whitespace } ...
The { ... } form is also available for non-option command-line
arguments in master.cf, for example:
pipe ... argv=command { argument containing whitespace } ...
In both cases, whitespace immediately after "{" and before "}"
is ignored.
[Feature 20141005] Postfix import_environment and export_environment
now allow "{ name=value }" to protect whitespace in attribute values.
[Feature 20141006] The new message_drop_header parameter replaces
a hard-coded table that specifies what message headers the cleanup
daemon will remove. The list of supported header names covers RFC
5321, 5322, MIME RFCs, and some historical names.
Major changes - pipe daemon
---------------------------
[Incompat 20140618] The pipe(8) delivery agent will now log a limited
amount of command output upon successful delivery, and will report
that output in "SUCCESS" delivery status reports. This is another
good reason to disable inbound DSN requests at the Internet perimeter.
Major changes - policy client
-----------------------------
[Feature 20140703] This release introduces three new configuration
parameters that control error recovery for failed SMTPD policy
requests.
* smtpd_policy_service_default_action (default: 451 4.3.5 Server
configuration problem): The default action when an SMTPD policy
service request fails.
* smtpd_policy_service_try_limit (default: 2): The maximal number
of attempts to send an SMTPD policy service request before
giving up. This must be a number greater than zero.
* smtpd_policy_service_retry_delay (default: 1s): The delay between
attempts to resend a failed SMTPD policy service request. This
must be a number greater than zero.
See postconf(5) for details and limitations.
[Feature 20140928] Support for per-policy service settings that
override main.cf parameters. For details see the section "Different
settings for different Milter applications" in the MILTER_README
document.
Here is an example that uses both old and new syntax:
smtpd_recipient_restrictions = ...
check_policy_service { inet:127.0.0.1:port3, default_action=DUNNO }
check_policy_service inet:127.0.0.1:port4
...
The per-policy service settings are specified as attribute=value pairs
separated by comma or space; specify { name = value } to allow
spaces around the "=" or within an attribute value.
The supported attribute names are: default_action, max_idle, max_ttl,
request_limit, retry_delay, timeout, try_limit. These have the same
names as the corresponding main.cf parameters, without the
"smtpd_policy_service_" prefix.
[Feature 20140505] A client port attribute was added to the policy
delegation protocol.
[Feature 20140630] New smtpd_policy_service_request_limit feature to
limit the number of requests per Postfix SMTP server policy connection.
This is a workaround to avoid error-recovery delays with policy
servers that cannot maintain a persistent connection.
Major changes - position-independent executables
------------------------------------------------
[Feature 20150205] Preliminary support for building position-independent
executables (PIE), tested on Fedora Core 20, Ubuntu 14.04, FreeBSD
9 and 10, and NetBSD 6. Specify:
$ make makefiles pie=yes ...other arguments...
On some systems, PIE is used by the ASLR exploit mitigation technique
(ASLR = Address-Space Layout Randomization). Whether specifying
"pie=yes" has any effect at all depends on the compiler. Reportedly,
some compilers always produce PIE executables.
Major changes - postscreen
--------------------------
[Feature 20140501] Configurable time limit (postscreen_dnsbl_timeout)
for DNSBL or DNSWL lookups. This is separate from the timeouts in
the dnsblog(8) daemon which are controlled by system resolver(3)
routines.
Major changes - session fingerprint
-----------------------------------
[Feature 20140801] The Postfix SMTP server now logs at the end of
a session how many times an SMTP command was successfully invoked,
followed by the total number of invocations if some invocations
were unsuccessful.
This logging will enough to diagnose many problems without using
verbose logging or network sniffer.
Normal session, no TLS:
disconnect from name[addr] ehlo=1 mail=1 rcpt=1 data=1 quit=1
Normal session. with TLS:
disconnect from name[addr] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1
All recipients rejected, no ESMTP command pipelining:
disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 quit=1
All recipients rejected, with ESMTP command pipelining:
disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1
Password guessing bot, hangs up without QUIT:
disconnect from name[addr] ehlo=1 auth=0/1
Mis-configured client trying to use TLS wrappermode on port 587:
disconnect from name[addr] unknown=0/1
Logfile analyzers can trigger on the presence of "/". It indicates
that Postfix rejected at least one command.
[Feature 20150118] As a late addition, the SMTP server now also
logs the total number of commands (as "commands=x/y") even when the
client did not send any commands. This helps logfile analyzers to
recognize sessions without commands.
Major changes - smtp client
---------------------------
[Feature 20141227] The new smtp_address_verify_target parameter
(default: rcpt) determines what protocol stage decides if a recipient
is valid. Specify "data" for servers that reject recipients after
the DATA command.
Major changes - smtputf8
------------------------
[Incompat 20141001] The default settings have changed for
append_dot_mydomain (new: no, old: yes), master.cf chroot (new:
n, old: y), and smtputf8 (new: yes, old: no).
[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.
[Feature 20140715] Support for Email Address Internationalization
(EAI) as defined in RFC 6531..6533. This supports UTF-8 in SMTP/LMTP
sender addresses, recipient addresses, and message header values.
The implementation is based on initial work by Arnt Gulbrandsen
that was funded by CNNIC.
See SMTPUTF8_README for a description of Postfix SMTPUTF8 support.
[Feature 20150112] UTF-8 Casefolding support for Postfix lookup
tables and matchlists (mydestination, relay_domains, etc.). This
is enabled only with "smtpuf8 = yes".
[Feature 20150112] With smtputf8_enable=yes, SMTP commands with
UTF-8 syntax errors are rejected, table lookup results with invalid
UTF-8 syntax are handled as configuration errors, and UTF-8 syntax
errors in policy server replies result in execution of the policy
server's default action.
Major changes - tls support
---------------------------
(see "Major changes - delivery status notifications" above for
turning 4XX soft errors into 5XX bounces when a remote SMTP server
does not offer STARTTLS support).
[Feature 20140209] the Postfix SMTP client now also falls back to
plaintext when TLS fails AFTER the TLS protocol handshake.
[Feature 20140218] The Postfix SMTP client now requires that a queue
file is older than $minimal_backoff_time, before falling back from
failed TLS to plaintext (both during or after the TLS handshake).
[Feature 20141021] Per IETF TLS WG consensus, the tls_session_ticket_cipher
default setting was changed from aes-128-cbc to aes-256-cbc.
[Feature 20150116] TLS wrappermode support in the Postfix smtp(8)
client (new smtp_tls_wrappermode parameter) and in posttls-finger(1)
(new -w option). There still is life in that deprecated protocol,
and people should not have to jump hoops with stunnel.

View File

@ -29,12 +29,12 @@
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In
# those cases, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# or "TCP-BASED TABLES".
# Alternatively, the table can be provided as a regu-
# lar-expression map where patterns are given as regular
# expressions, or lookups can be directed to TCP-based
# server. In those cases, the lookups are done in a slightly
# different way as described below under "REGULAR EXPRESSION
# TABLES" or "TCP-BASED TABLES".
#
# CASE FOLDING
# The search string is folded to lowercase before database
@ -202,11 +202,11 @@
# 421 text (Postfix 2.3 and later)
#
# 521 text (Postfix 2.6 and later)
# After responding with the numerical three-
# digit code and text, disconnect immediately
# from the SMTP client. This frees up SMTP
# server resources so that they can be made
# available to another SMTP client.
# After responding with the numerical
# three-digit code and text, disconnect imme-
# diately from the SMTP client. This frees up
# SMTP server resources so that they can be
# made available to another SMTP client.
#
# Note: The "521" response should be used only
# with botnets and other malware where inter-
@ -265,8 +265,7 @@
# same SMTP MAIL transaction, only the last action
# will be used.
#
# This feature is not part of the stable Postfix
# release.
# This feature is available in Postfix 3.0 and later.
#
# DISCARD optional text...
# Claim successful delivery and silently discard the
@ -356,13 +355,22 @@
# REDIRECT user@domain
# After the message is queued, send the message to
# the specified address instead of the intended
# recipient(s).
# recipient(s). When multiple REDIRECT actions fire,
# only the last one takes effect.
#
# Note: this action overrides the FILTER action, and
# currently affects all recipients of the message.
# Note: this action overrides the FILTER action, and
# currently overrides all recipients of the message.
#
# This feature is available in Postfix 2.1 and later.
#
# INFO optional text...
# Log an informational record with the optional text,
# together with client information and if available,
# with helo, sender, recipient and protocol informa-
# tion.
#
# This feature is available in Postfix 3.0 and later.
#
# WARN optional text...
# Log a warning with the optional text, together with
# client information and if available, with helo,
@ -477,4 +485,9 @@
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# Wietse Venema
# Google, Inc.
# 111 8th Avenue
# New York, NY 10011, USA
#
# ACCESS(5)

View File

@ -60,11 +60,11 @@ decode: root
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions. In this case, the lookups are done in a slightly
# different way as described below under "REGULAR EXPRESSION
# TABLES".
# Alternatively, the table can be provided as a regu-
# lar-expression map where patterns are given as regular
# expressions. In this case, the lookups are done in a
# slightly different way as described below under "REGULAR
# EXPRESSION TABLES".
#
# Users can control delivery of their own mail by setting up
# .forward files in their home directory. Lines in per-user
@ -254,4 +254,9 @@ decode: root
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# Wietse Venema
# Google, Inc.
# 111 8th Avenue
# New York, NY 10011, USA
#
# ALIASES(5)

View File

@ -27,12 +27,12 @@
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In
# those cases, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# or "TCP-BASED TABLES".
# Alternatively, the table can be provided as a regu-
# lar-expression map where patterns are given as regular
# expressions, or lookups can be directed to TCP-based
# server. In those cases, the lookups are done in a slightly
# different way as described below under "REGULAR EXPRESSION
# TABLES" or "TCP-BASED TABLES".
#
# By default the canonical(5) mapping affects both message
# header addresses (i.e. addresses that appear inside mes-
@ -275,4 +275,9 @@
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# Wietse Venema
# Google, Inc.
# 111 8th Avenue
# New York, NY 10011, USA
#
# CANONICAL(5)

View File

@ -0,0 +1,11 @@
# $NetBSD: dynamicmaps.cf,v 1.1.1.1 2017/02/14 01:13:34 christos Exp $
#
# dict-type so-name (pathname) dict-function mkmap-function
cdb ${LIB_PREFIX}cdb${LIB_SUFFIX} dict_cdb_open mkmap_cdb_open
ldap ${LIB_PREFIX}ldap${LIB_SUFFIX} dict_ldap_open
lmdb ${LIB_PREFIX}lmdb${LIB_SUFFIX} dict_lmdb_open mkmap_lmdb_open
mysql ${LIB_PREFIX}mysql${LIB_SUFFIX} dict_mysql_open
pcre ${LIB_PREFIX}pcre${LIB_SUFFIX} dict_pcre_open
pgsql ${LIB_PREFIX}pgsql${LIB_SUFFIX} dict_pgsql_open
sdbm ${LIB_PREFIX}sdbm${LIB_SUFFIX} dict_sdbm_open mkmap_sdbm_open
sqlite ${LIB_PREFIX}sqlite${LIB_SUFFIX} dict_sqlite_open

View File

@ -40,12 +40,12 @@
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In
# those case, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# or "TCP-BASED TABLES".
# Alternatively, the table can be provided as a regu-
# lar-expression map where patterns are given as regular
# expressions, or lookups can be directed to TCP-based
# server. In those case, the lookups are done in a slightly
# different way as described below under "REGULAR EXPRESSION
# TABLES" or "TCP-BASED TABLES".
#
# CASE FOLDING
# The search string is folded to lowercase before database
@ -237,4 +237,9 @@
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# Wietse Venema
# Google, Inc.
# 111 8th Avenue
# New York, NY 10011, USA
#
# GENERIC(5)

View File

@ -130,18 +130,18 @@
#
# if /pattern/flags
#
# endif Match the input string against the patterns between
# if and endif, if and only if the same input string
# also matches /pattern/. The if..endif can nest.
# endif If the input string matches /pattern/, then match
# that input string against the patterns between if
# and endif. The if..endif can nest.
#
# Note: do not prepend whitespace to patterns inside
# if..endif.
#
# if !/pattern/flags
#
# endif Match the input string against the patterns between
# if and endif, if and only if the same input string
# does not match /pattern/. The if..endif can nest.
# endif If the input string does not match /pattern/, then
# match that input string against the patterns
# between if and endif. The if..endif can nest.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
@ -175,8 +175,30 @@
# Action names are case insensitive. They are shown in upper
# case for consistency with other Postfix documentation.
#
# BCC user@domain
# Add the specified address as a BCC recipient, and
# inspect the next input line. The address must have
# a local part and domain part. The number of BCC
# addresses that can be added is limited only by the
# amount of available storage space.
#
# Note 1: the BCC address is added as if it was spec-
# ified with NOTIFY=NONE. The sender will not be
# notified when the BCC address is undeliverable, as
# long as all down-stream software implements RFC
# 3461.
#
# Note 2: this ignores duplicate addresses (with the
# same delivery status notification options).
#
# This feature is available in Postfix 3.0 and later.
#
# This feature is not supported with smtp header/body
# checks.
#
# DISCARD optional text...
# Claim successful delivery and silently discard the
# Claim successful delivery and silently discard the
# message. Do not inspect the remainder of the input
# message. Log the optional text if specified, oth-
# erwise log a generic message.
#
@ -203,14 +225,16 @@
# This feature is available in Postfix 2.1 and later.
#
# FILTER transport:destination
# After the message is queued, send the entire mes-
# sage through the specified external content filter.
# The transport name specifies the first field of a
# mail delivery agent definition in master.cf; the
# syntax of the next-hop destination is described in
# the manual page of the corresponding delivery
# agent. More information about external content
# filters is in the Postfix FILTER_README file.
# Override the content_filter parameter setting, and
# inspect the next input line. After the message is
# queued, send the entire message through the speci-
# fied external content filter. The transport name
# specifies the first field of a mail delivery agent
# definition in master.cf; the syntax of the next-hop
# destination is described in the manual page of the
# corresponding delivery agent. More information
# about external content filters is in the Postfix
# FILTER_README file.
#
# Note 1: do not use $number regular expression sub-
# stitutions for transport or destination unless you
@ -293,8 +317,8 @@
# line, the prepended text must begin with a
# valid message header label.
#
# o This action cannot be used to prepend multi-
# line text.
# o This action cannot be used to prepend
# multi-line text.
#
# This feature is available in Postfix 2.1 and later.
#
@ -339,9 +363,10 @@
# headers.
#
# REJECT optional text...
# Reject the entire message. Reply with optional
# text... when the optional text is specified, other-
# wise reply with a generic error message.
# Reject the entire message. Do not inspect the
# remainder of the input message. Reply with
# optional text... when the optional text is speci-
# fied, otherwise reply with a generic error message.
#
# Note: this action disables further header or
# body_checks inspection of the current message and
@ -445,7 +470,7 @@
# header_checks = pcre:/etc/postfix/header_checks.pcre
#
# /etc/postfix/header_checks.pcre:
# /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(
# /^Content-(Disposition|Type).*name\s*=\s*"?([^;]*(\.|=2E)(
# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
# hlp|ht[at]|
# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
@ -493,4 +518,9 @@
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# Wietse Venema
# Google, Inc.
# 111 8th Avenue
# New York, NY 10011, USA
#
# HEADER_CHECKS(5)

View File

@ -1,5 +1,5 @@
#!/bin/sh
# $NetBSD: post-install,v 1.1.1.6 2014/07/06 19:27:40 tron Exp $
# $NetBSD: post-install,v 1.1.1.7 2017/02/14 01:13:34 christos Exp $
#
# To view the formatted manual page of this file, type:
@ -42,8 +42,8 @@
# Arguments
# .IP create-missing
# Create missing queue directories with ownerships and permissions
# according to the contents of $daemon_directory/postfix-files
# and optionally in $daemon_directory/postfix-files.d/*, using
# according to the contents of $meta_directory/postfix-files
# and optionally in $meta_directory/postfix-files.d/*, using
# the mail_owner and setgid_group parameter settings from the
# command line, process environment or from the installed
# main.cf file.
@ -51,8 +51,8 @@
# This is required at Postfix start-up time.
# .IP set-permissions
# Set all file/directory ownerships and permissions according to the
# contents of $daemon_directory/postfix-files and optionally
# in $daemon_directory/postfix-files.d/*, using the mail_owner
# contents of $meta_directory/postfix-files and optionally
# in $meta_directory/postfix-files.d/*, using the mail_owner
# and setgid_group parameter settings from the command line,
# process environment or from the installed main.cf file.
# Implies create-missing.
@ -62,8 +62,8 @@
# settings after Postfix is already installed.
# .IP upgrade-permissions
# Update ownership and permission of existing files/directories as
# specified in $daemon_directory/postfix-files and optionally
# in $daemon_directory/postfix-files.d/*, using the mail_owner
# specified in $meta_directory/postfix-files and optionally
# in $meta_directory/postfix-files.d/*, using the mail_owner
# and setgid_group parameter settings from the command line,
# process environment or from the installed main.cf file.
# Implies create-missing.
@ -177,12 +177,21 @@
# This feature is obsolete as of Postfix 2.1.
# .IP readme_directory
# The directory for the Postfix README files.
# .IP shlib_directory
# The directory for the Postfix shared-library files, and for
# the Postfix dabatase plugin files with a relative pathname
# in the file dynamicmaps.cf.
# .IP meta_directory
# The directory for non-executable files that are shared
# among multiple Postfix instances, such as postfix-files,
# dynamicmaps.cf, as well as the multi-instance template files
# main.cf.proto and master.cf.proto.
# SEE ALSO
# postfix-install(1) Postfix primary installation script.
# FILES
# $config_directory/main.cf, Postfix installation parameters.
# $daemon_directory/postfix-files, installation control file.
# $daemon_directory/postfix-files.d/*, optional control files.
# $meta_directory/postfix-files, installation control file.
# $meta_directory/postfix-files.d/*, optional control files.
# $config_directory/install.cf, obsolete configuration file.
# LICENSE
# .ad
@ -207,7 +216,7 @@ debug=:
MOST_PARAMETERS="command_directory daemon_directory data_directory
html_directory mail_owner mailq_path manpage_directory
newaliases_path queue_directory readme_directory sample_directory
sendmail_path setgid_group"
sendmail_path setgid_group shlib_directory meta_directory"
NON_SHARED="config_directory queue_directory data_directory"
USAGE="Usage: $0 [name=value] command
@ -227,6 +236,8 @@ obsolete=; keep_list=;
for arg
do
case $arg in
*[" "]*) echo $0: "Error: argument contains whitespace: '$arg'"
exit 1;;
*=*) IFS= eval $arg; IFS="$BACKUP_IFS";;
create-missing) create=1;;
set-perm*) create=1; set_perms=1;;
@ -289,8 +300,8 @@ do
esac
done
test -f $daemon_directory/postfix-files || {
echo $0: Error: $daemon_directory/postfix-files is not a file. 1>&2
test -f $meta_directory/postfix-files || {
echo $0: Error: $meta_directory/postfix-files is not a file. 1>&2
exit 1
}
@ -363,7 +374,8 @@ case $setgid_group in
esac
for path in "$daemon_directory" "$command_directory" "$queue_directory" \
"$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory"
"$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory" \
"$meta_directory"
do
case "$path" in
/*) ;;
@ -371,7 +383,7 @@ do
esac
done
for path in "$html_directory" "$readme_directory"
for path in "$html_directory" "$readme_directory" "$shlib_directory"
do
case "$path" in
/*) ;;
@ -416,10 +428,37 @@ POSTCONF="$command_directory/postconf"
# Save settings, allowing command line/environment override.
# Undo MAIL_VERSION expansion at the end of a parameter value. If
# someone really wants the expanded mail version in main.cf, then
# we're sorry.
# Confine side effects from mail_version unexpansion within a subshell.
(case "$mail_version" in
"") mail_version="`$POSTCONF -dhx mail_version`" || exit 1
esac
for name in $MOST_PARAMETERS
do
eval junk=\$$name
case "$junk" in
*"$mail_version"*)
case "$pattern" in
"") pattern=`echo "$mail_version" | sed 's/\./\\\\./g'` || exit 1
esac
val=`echo "$junk" | sed "s/$pattern"'$/${mail_version}/g'` || exit 1
eval ${name}='"$val"'
esac
done
# XXX Maybe update main.cf only with first install, upgrade, set
# permissions, and what else? Should there be a warning otherwise?
override=
for name in $MOST_PARAMETERS
do
eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || {
eval junk=\"\$$name\"
test "$junk" = "`$POSTCONF -c $config_directory -h $name`" || {
override=1
break
}
@ -440,14 +479,16 @@ test -n "$override" && {
"manpage_directory = $manpage_directory" \
"sample_directory = $sample_directory" \
"readme_directory = $readme_directory" \
"shlib_directory = $shlib_directory" \
"meta_directory = $meta_directory" \
|| exit 1
}
} || exit 0) || exit 1
# Use file/directory status information in $daemon_directory/postfix-files.
# Use file/directory status information in $meta_directory/postfix-files.
test -n "$create" && {
postfix_files_d=$daemon_directory/postfix-files.d
for postfix_file in $daemon_directory/postfix-files \
postfix_files_d=$meta_directory/postfix-files.d
for postfix_file in $meta_directory/postfix-files \
`test -d $postfix_files_d && { find $postfix_files_d -type f | sort; }`
do
exec <$postfix_file || exit 1

View File

@ -1,5 +1,5 @@
#!/bin/sh
# $NetBSD: postfix-script,v 1.1.1.3 2013/09/25 19:06:20 tron Exp $
# $NetBSD: postfix-script,v 1.1.1.4 2017/02/14 01:13:34 christos Exp $
#
#++
@ -66,6 +66,17 @@ cd $config_directory || {
$FATAL no Postfix configuration directory $config_directory!
exit 1
}
case $shlib_directory in
no) ;;
*) cd $shlib_directory || {
$FATAL no Postfix shared-library directory $shlib_directory!
exit 1
}
esac
cd $meta_directory || {
$FATAL no Postfix meta directory $meta_directory!
exit 1
}
cd $queue_directory || {
$FATAL no Postfix queue directory $queue_directory!
exit 1
@ -243,43 +254,55 @@ check-fatal)
check-warn)
# This command is NOT part of the public interface.
todo="$config_directory $queue_directory $queue_directory/pid"
test -n "$check_shared_files" && todo="$daemon_directory $todo"
# Check Postfix root-owned directory owner/permissions.
for dir in $todo
do
ls -lLd $dir | (grep " root " >/dev/null ||
$WARN not owned by root: $dir)
done
find $queue_directory/. $queue_directory/pid \
-prune ! -user root \
-exec $WARN not owned by root: {} \;
# Some people break Postfix's security model.
ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \
$WARN group or other writable: $queue_directory
find $queue_directory/. $queue_directory/pid \
-prune \( -perm -020 -o -perm -002 \) \
-exec $WARN group or other writable: {} \;
todo="$config_directory/*"
test -n "$check_shared_files" && todo="$daemon_directory/* $todo"
find $todo ! -user root \
-exec $WARN not owned by root: {} \;
# Check Postfix root-owned directory tree owner/permissions.
todo="$config_directory/."
test -n "$check_shared_files" && todo="$daemon_directory/. $todo"
test -n "$check_shared_files" && {
todo="$daemon_directory/. $meta_directory/. $todo"
test "$shlib_directory" = "no" ||
todo="$shlib_directory/. $todo"
}
todo=`echo "$todo" | tr ' ' '\12' | sort -u`
find $todo \
\( -perm -020 -o -perm -002 \) -type f \
-exec $WARN group or other writable: {} \;
find $todo ! -user root \
-exec $WARN not owned by root: {} \;
find $todo \( -perm -020 -o -perm -002 \) \
-exec $WARN group or other writable: {} \;
# Check Postfix mail_owner-owned directory tree owner/permissions.
find $data_directory/. ! -user $mail_owner \
-exec $WARN not owned by $mail_owner: {} \;
ls -lLd $data_directory | egrep '^.....(w|...w)' >/dev/null && \
$WARN group or other writable: $data_directory
find $data_directory/. \( -perm -020 -o -perm -002 \) \
-exec $WARN group or other writable: {} \;
# Check Postfix mail_owner-owned directory tree owner.
find `ls -d $queue_directory/* | \
egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
! \( -type p -o -type s \) ! -user $mail_owner \
-exec $WARN not owned by $mail_owner: {} \;
# WARNING: this should not descend into the maildrop directory.
# maildrop is the least trusted Postfix directory.
find $queue_directory/maildrop -prune ! -user $mail_owner \
-exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
# Check Postfix setgid_group-owned directory and file group/permissions.
todo="$queue_directory/public $queue_directory/maildrop"
test -n "$check_shared_files" &&
todo="$command_directory/postqueue $command_directory/postdrop $todo"
@ -293,33 +316,27 @@ check-warn)
-prune ! -perm -02111 \
-exec $WARN not set-gid or not owner+group+world executable: {} \;
for name in `ls -d $queue_directory/* | \
egrep '/(bin|etc|lib|usr)$'` ; \
do \
find $name ! -user root \
-exec $WARN not owned by root: {} \; ; \
done
# WARNING: this should not descend into the maildrop directory.
# maildrop is the least trusted Postfix directory.
find $queue_directory/maildrop/. -prune ! -user $mail_owner \
-exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
# Check non-Postfix root-owned directory tree owner/content.
for dir in bin etc lib sbin usr
do
test -d $dir && find $dir -type f -print | while read path
test -d $dir && {
find $dir ! -user root \
-exec $WARN not owned by root: $queue_directory/{} \;
find $dir -type f -print | while read path
do
test -f /$path && {
cmp -s $path /$path ||
$WARN $queue_directory/$path and /$path differ
}
test -f /$path && {
cmp -s $path /$path ||
$WARN $queue_directory/$path and /$path differ
}
done
}
done
find corrupt -type f -exec $WARN damaged message: {} \;
# XXX also: look for weird stuff, weird permissions, etc.
# Check for non-Postfix MTA remnants.
test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
-f /usr/lib/sendmail && {
@ -341,6 +358,11 @@ post-install)
$daemon_directory/post-install "$@"
;;
tls)
shift
$daemon_directory/postfix-tls-script "$@"
;;
/*)
# Currently not part of the public interface.
"$@"

File diff suppressed because it is too large Load Diff

View File

@ -1,5 +1,5 @@
#! /bin/sh
# $NetBSD: postmulti-script,v 1.1.1.2 2009/08/31 17:53:37 tron Exp $
# $NetBSD: postmulti-script,v 1.1.1.3 2017/02/14 01:13:34 christos Exp $
#
umask 022
@ -16,6 +16,8 @@ umask 022
# MAIL_CONFIG - config_directory of primary instance
# command_directory - From primary instance
# daemon_directory - From primary instance
# meta_directory - From primary instance
# shlib_directory - From primary instance
# config_directroy - config_directory of target instance
# queue_directory - queue_directory of target instance
# data_directory - data_directory of target instance
@ -32,6 +34,8 @@ umask 022
: ${MAIL_CONFIG:?"do not invoke this command directly"}
: ${command_directory:?"do not invoke this command directly"}
: ${daemon_directory:?"do not invoke this command directly"}
: ${meta_directory:?"do not invoke this command directly"}
: ${shlib_directory:?"do not invoke this command directly"}
USAGE="$0 -e create|destroy|import|deport|enable|disable|assign|init"
usage() { echo "$0: Error: Usage: $USAGE" >&2; exit 1; }
@ -111,6 +115,17 @@ init)
exit $? ;;
esac
# Backport note: "-x" requires 2.10 or later, and is not essential here.
#
wrapper=`postconf -hx multi_instance_wrapper` || exit 1
enable=`postconf -hx multi_instance_enable` || exit 1
test -n "$wrapper" ||
fatal "multi_instance_wrapper is empty, run 'postmulti -e init' first."
test "$enable" = "yes" ||
fatal "multi_instance_enable!=yes, run 'postmulti -e init' first."
: ${config_directory:?"Invalid empty target instance config_directory"}
case $action in
@ -129,6 +144,11 @@ create|import)
fatal "'$config_directory' lacks a master.cf file"
}
test -f $meta_directory/main.cf.proto ||
fatal "Missing main.cf prototype: $meta_directory/main.cf.proto"
test -f $meta_directory/master.cf.proto ||
fatal "Missing master.cf prototype: $meta_directory/master.cf.proto"
# Create instance-specific directories
#
test -d $config_directory ||
@ -140,7 +160,7 @@ create|import)
tmpdir=$config_directory/.tmp
(umask 077; mkdir -p $tmpdir) || exit 1
cp -p $daemon_directory/main.cf $tmpdir/main.cf || exit 1
cp -p $meta_directory/main.cf.proto $tmpdir/main.cf || exit 1
# Shared install parameters are cloned from user-specified values in
# the default instance, but only if explicitly set there. Otherwise,
@ -149,6 +169,7 @@ create|import)
SHARED_PARAMETERS="
command_directory
daemon_directory
meta_directory
mail_owner
setgid_group
sendmail_path
@ -158,6 +179,7 @@ create|import)
manpage_directory
sample_directory
readme_directory
shlib_directory
"
shift $# # Needed on SunOS where bare "set --" is NOP!
@ -185,7 +207,7 @@ create|import)
"$@" || exit 1
cp -p $daemon_directory/master.cf $tmpdir/master.cf || exit 1
cp -p $meta_directory/master.cf.proto $tmpdir/master.cf || exit 1
mv $tmpdir/main.cf $config_directory/main.cf || exit 1
mv $tmpdir/master.cf $config_directory/master.cf || exit 1
rmdir $tmpdir 2>/dev/null

View File

@ -22,12 +22,12 @@
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In
# those case, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# or "TCP-BASED TABLES".
# Alternatively, the table can be provided as a regu-
# lar-expression map where patterns are given as regular
# expressions, or lookups can be directed to TCP-based
# server. In those case, the lookups are done in a slightly
# different way as described below under "REGULAR EXPRESSION
# TABLES" or "TCP-BASED TABLES".
#
# Table lookups are case insensitive.
#
@ -168,4 +168,9 @@
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# Wietse Venema
# Google, Inc.
# 111 8th Avenue
# New York, NY 10011, USA
#
# RELOCATED(5)

View File

@ -12,11 +12,11 @@
#
# DESCRIPTION
# The optional transport(5) table specifies a mapping from
# email addresses to message delivery transports and next-
# hop destinations. Message delivery transports such as
# local or smtp are defined in the master.cf file, and next-
# hop destinations are typically hosts or domain names. The
# table is searched by the trivial-rewrite(8) daemon.
# email addresses to message delivery transports and
# next-hop destinations. Message delivery transports such
# as local or smtp are defined in the master.cf file, and
# next-hop destinations are typically hosts or domain names.
# The table is searched by the trivial-rewrite(8) daemon.
#
# This mapping overrides the default transport:nexthop
# selection that is built into Postfix:
@ -59,12 +59,12 @@
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In
# those case, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# or "TCP-BASED TABLES".
# Alternatively, the table can be provided as a regu-
# lar-expression map where patterns are given as regular
# expressions, or lookups can be directed to TCP-based
# server. In those case, the lookups are done in a slightly
# different way as described below under "REGULAR EXPRESSION
# TABLES" or "TCP-BASED TABLES".
#
# CASE FOLDING
# The search string is folded to lowercase before database
@ -291,4 +291,9 @@
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# Wietse Venema
# Google, Inc.
# 111 8th Avenue
# New York, NY 10011, USA
#
# TRANSPORT(5)

View File

@ -49,12 +49,12 @@
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In
# those case, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# or "TCP-BASED TABLES".
# Alternatively, the table can be provided as a regu-
# lar-expression map where patterns are given as regular
# expressions, or lookups can be directed to TCP-based
# server. In those case, the lookups are done in a slightly
# different way as described below under "REGULAR EXPRESSION
# TABLES" or "TCP-BASED TABLES".
#
# CASE FOLDING
# The search string is folded to lowercase before database
@ -163,10 +163,10 @@
# types.
#
# /etc/postfix/virtual:
# virtual-alias.domain anything (right-hand content does not matter)
# postmaster@virtual-alias.domain postmaster
# user1@virtual-alias.domain address1
# user2@virtual-alias.domain address2, address3
# virtual-alias.domain anything (right-hand content does not matter)
# postmaster@virtual-alias.domain postmaster
# user1@virtual-alias.domain address1
# user2@virtual-alias.domain address2, address3
#
# The virtual-alias.domain anything entry is required for a
# virtual alias domain. Without this entry, mail is rejected
@ -291,4 +291,9 @@
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# Wietse Venema
# Google, Inc.
# 111 8th Avenue
# New York, NY 10011, USA
#
# VIRTUAL(5)

View File

@ -254,9 +254,10 @@ hostnames of the machine, including $<a href="postconf.5.html#myhostname">myhost
<p> By default, Postfix will forward mail from clients in authorized
network blocks to any destination. Authorized networks are defined
with the <a href="postconf.5.html#mynetworks">mynetworks</a> configuration parameter. The default is to
authorize all clients in the IP subnetworks that the local machine
is attached to. </p>
with the <a href="postconf.5.html#mynetworks">mynetworks</a> configuration parameter. The current default is to
authorize the local machine only. Prior to Postfix 3.0, the default
was to authorize all clients in the IP subnetworks that the local
machine is attached to. </p>
<p> Postfix can also be configured to relay mail from "mobile"
clients that send mail from outside an authorized network block.

View File

@ -126,6 +126,8 @@ same message repeatedly. </p>
<li><a href="#remote_only">Configuring header/body checks for mail from outside users only</a>
<li><a href="#mx_submission">Configuring different header/body checks for MX service and submission service</a>
<li><a href="#domain_except">Configuring header/body checks for mail to some domains only</a>
</ul>
@ -209,7 +211,9 @@ header/body checks are requested by the source. Examples of how
to turn off header/body checks for mail received with <a href="smtpd.8.html">smtpd(8)</a>,
<a href="qmqpd.8.html">qmqpd(8)</a> or <a href="pickup.8.html">pickup(8)</a> are given below under "<a
href="#remote_only">Configuring header/body checks for mail from
outside users only</a>" and "<a href="#domain_except">Configuring
outside users only</a>", "<a href="#mx_submission">Configuring
different header/body checks for MX service and submission
service</a>", and "<a href="#domain_except">Configuring
header/body checks for mail to some domains only</a>". </p>
<h2><a name="limitations">Limitations of Postfix header/body checks </a></h2>
@ -393,6 +397,61 @@ header/body filtering turned on via <a href="postconf.5.html">main.cf</a>. </p>
</ul>
<h2><a name="mx_submission">Configuring different header/body checks for MX service and submission service</a></h2>
<p> If authorized user submissions require different header/body
checks than mail from remote MTAs, then this is possible as long
as you have separate mail streams for authorized users and for MX
service. </p>
<p> The example below assumes that authorized users connect to TCP
port 587 (submission) or 465 (smtps), and that remote MTAs connect
to TCP port 25 (smtp). </p>
<p> First, we define a few "user-defined" parameters that will
override settings for the submission and smtps services. </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
msa_cleanup_service_name = msa_cleanup
msa_header_checks = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/msa_header_checks
msa_body_checks = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/msa_body_checks
</pre>
</blockquote>
<p> Next, we define msa_cleanup as a dedicated cleanup service that
will be used only by the submission and smtps services. This service
uses the <a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a> overrides that were defined
above. </p>
<blockquote>
<pre>
/etc/postfix.<a href="master.5.html">master.cf</a>:
# =================================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
# =================================================================
smtp inet n - n - - smtpd
msa_cleanup unix n - n - 0 cleanup
-o <a href="postconf.5.html#header_checks">header_checks</a>=$msa_header_checks
-o <a href="postconf.5.html#body_checks">body_checks</a>=$msa_body_checks
submission inet n - n - - smtpd
-o <a href="postconf.5.html#cleanup_service_name">cleanup_service_name</a>=$msa_cleanup_service_name
-o <a href="postconf.5.html#syslog_name">syslog_name</a>=postfix/submission
<i>...[see sample <a href="master.5.html">master.cf</a> file for more]...</i>
smtps inet n - n - - smtpd
-o <a href="postconf.5.html#cleanup_service_name">cleanup_service_name</a>=$msa_cleanup_service_name
-o <a href="postconf.5.html#syslog_name">syslog_name</a>=postfix/smtps
-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes
<i>...[see sample <a href="master.5.html">master.cf</a> file for more]...</i>
</pre>
</blockquote>
<p> By keeping the "msa_xxx" parameter settings in <a href="postconf.5.html">main.cf</a>, you
keep your <a href="master.5.html">master.cf</a> file simple, and you minimize the amount
of duplication. </p>
<h2><a name="domain_except">Configuring header/body checks for mail to some domains only</a></h2>
<p> The following information applies to Postfix 2.1. Earlier

View File

@ -67,7 +67,7 @@ like: </p>
% make tidy
% CDB=../../../tinycdb-0.5
% make -f Makefile.init makefiles "CCARGS=-DHAS_CDB -I$CDB" \
"AUXLIBS=$CDB/libcdb.a"
"<a href="CDB_README.html">AUXLIBS_CDB</a>=$CDB/libcdb.a"
% make
</pre>
</blockquote>
@ -79,11 +79,26 @@ like: </p>
% make tidy
% CDB=../../../cdb-0.75
% make -f Makefile.init makefiles "CCARGS=-DHAS_CDB -I$CDB" \
"AUXLIBS=$CDB/cdb.a $CDB/alloc.a $CDB/buffer.a $CDB/unix.a $CDB/byte.a"
"<a href="CDB_README.html">AUXLIBS_CDB</a>=$CDB/cdb.a $CDB/alloc.a $CDB/buffer.a $CDB/unix.a $CDB/byte.a"
% make
</pre>
</blockquote>
<p> Postfix versions before 3.0 use AUXLIBS instead of <a href="CDB_README.html">AUXLIBS_CDB</a>.
With Postfix 3.0 and later, the old AUXLIBS variable still supports
building a statically-loaded CDB database client, but only the new
<a href="CDB_README.html">AUXLIBS_CDB</a> variable supports building a dynamically-loaded or
statically-loaded CDB database client. </p>
<blockquote>
<p> Failure to use the <a href="CDB_README.html">AUXLIBS_CDB</a> variable will defeat the purpose
of dynamic database client loading. Every Postfix executable file
will have CDB database library dependencies. And that was exactly
what dynamic database client loading was meant to avoid. </p>
</blockquote>
<p> After Postfix has been built with cdb support, you can use
"cdb" tables wherever you can use read-only "hash", "btree" or
"dbm" tables. However, the "<b>postmap -i</b>" (incremental record

View File

@ -0,0 +1,334 @@
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Postfix Backwards-Compatibility Safety Net</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body>
<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix
Backwards-Compatibility Safety Net</h1>
<hr>
<h2>Purpose of this document </h2>
<p> Postfix 3.0 introduces a safety net that runs Postfix programs
with backwards-compatible default settings after an upgrade. The
safety net will log a warning whenever a "new" default setting could
have an negative effect on your mail flow. </p>
<p>This document provides information on the following topics: </p>
<ul>
<li> <p> <a href="#overview">Detailed descriptions</a> of Postfix
backwards-compatibility warnings.
<li> <p> What backwards-compatible settings you may have to make
permanent in <a href="postconf.5.html">main.cf</a> or <a href="master.5.html">master.cf</a>. </p>
<li> <p> <a href="#turnoff">How to turn off</a> Postfix
backwards-compatibility warnings. </p>
</ul>
<h2> <a name="overview"> Overview </a> </h2>
<p> With backwards compatibility turned on, Postfix logs a message
whenever a backwards-compatible default setting may be required for
continuity of service. Based on this logging the system administrator
can decide if any backwards-compatible settings need to be made
permanent in main.cf or master.cf, before <a href="#turnoff">turning
off the backwards-compatibility safety net</a> as described at the
end of this document. </p>
<p> The following messages may be logged: </p>
<ul>
<li> <p> <a href="#append_dot_mydomain"> Using backwards-compatible
default setting append_dot_mydomain=yes </a> </p>
<li> <p> <a href="#chroot"> Using backwards-compatible default setting
chroot=y</a> </p>
<li> <p> <a href="#mynetworks_style"> Using backwards-compatible
default setting mynetworks_style=subnet </a> </p>
<li> <p> <a href="#relay_domains"> Using backwards-compatible default
setting relay_domains=$mydestination </a> </p>
<li> <p> <a href="#smtputf8_enable"> Using backwards-compatible
default setting smtputf8_enable=no</a> </p>
</ul>
<p> If such a message is logged in the context of a legitimate
request, the system administrator should make the backwards-compatible
setting permanent in <a href="postconf.5.html">main.cf</a> or <a href="master.5.html">master.cf</a>, as detailed in the
sections that follow. </p>
<p> When no more backwards-compatible settings need to be made
permanent, the system administrator should <a href="#turnoff">turn
off the backwards-compatibility safety net</a> as described at the
end of this document. </p>
<h2> <a name="append_dot_mydomain"> Using backwards-compatible default
setting append_dot_mydomain=yes</a> </h2>
<p> The <a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a> default value has changed from "yes"
to "no". As long as the <a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a> parameter is left at
its implicit default value, and the backwards-compatible default
setting is turned on, Postfix may log one of the following messages:</p>
<ul>
<li> <p> Messages about missing "localhost" in <a href="postconf.5.html#mydestination">mydestination</a> or
other address class: </p>
<blockquote>
<pre>
postfix/trivial-rewrite[14777]: using backwards-compatible
default setting <a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>=yes to rewrite
"localhost" to "localhost.example.com"; please add
"localhost" to <a href="postconf.5.html#mydestination">mydestination</a> or other address class
</pre>
</blockquote>
<p> If Postfix logs the above message, add "localhost" to
<a href="postconf.5.html#mydestination">mydestination</a> (or <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, <a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>,
or <a href="postconf.5.html#relay_domains">relay_domains</a>) and execute the command "<b>postfix reload</b>".
<li> <p> Messages about incomplete domains in email addresses: </p>
<blockquote>
<pre>
postfix/trivial-rewrite[25835]: using backwards-compatible
default setting <a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>=yes to rewrite "foo" to
"foo.example.com"
</pre>
</blockquote>
<p> If Postfix logs the above message for domains different from
"localhost", and the sender cannot be changed to use complete domain
names in email addresses, then the system administrator should make
the backwards-compatible setting "<a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a> = yes" permanent
in <a href="postconf.5.html">main.cf</a>: </p>
<blockquote>
<pre>
# <b>postconf <a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>=yes</b>
# <b>postfix reload</b>
</pre>
</blockquote>
</ul>
<h2> <a name="chroot"> Using backwards-compatible default
setting chroot=y</a> </h2>
<p> The <a href="master.5.html">master.cf</a> chroot default value has changed from "y" (yes)
to "n" (no). As long as a <a href="master.5.html">master.cf</a> chroot field is left at its
implicit default value, and the backwards-compatible default setting
is turned on, Postfix may log the following message while it
reads the <a href="master.5.html">master.cf</a> file: </p>
<blockquote>
<pre>
postfix/master[27664]: /etc/postfix/<a href="master.5.html">master.cf</a>: line 72: using
backwards-compatible default setting chroot=y
</pre>
</blockquote>
<p> If this service should remain chrooted, then the system
administrator should make the backwards-compatible setting "chroot
= y" permanent in <a href="master.5.html">master.cf</a>. For example, to update the chroot
setting for the "smtp inet" service: </p>
<blockquote>
<pre>
# <b>postconf -F smtp/inet/chroot=y</b>
# <b>postfix reload</b>
</pre>
</blockquote>
<h2> <a name="mynetworks_style"> Using backwards-compatible default
setting mynetworks_style=subnet</a> </h2>
<p> The <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> default value has changed from "subnet"
to "host". This parameter is used to implement the "<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>"
feature. As long as the <a href="postconf.5.html#mynetworks">mynetworks</a> and <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> parameters
are left at their implicit default values, and the backwards-compatible
default setting is turned on, the Postfix SMTP server may log one
of the following messages: </p>
<blockquote>
<pre>
postfix/smtpd[17375]: using backwards-compatible default setting
<a href="postconf.5.html#mynetworks_style">mynetworks_style</a>=subnet to permit request from client
"foo.example.com[10.1.1.1]"
</pre>
</blockquote>
<blockquote>
<pre>
postfix/postscreen[24982]: using backwards-compatible default
setting <a href="postconf.5.html#mynetworks_style">mynetworks_style</a>=subnet to permit request from client
"10.1.1.1"
</pre>
</blockquote>
<p> If the client request should not be rejected, then the system
administrator should make the backwards-compatible setting
"<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet" permanent in <a href="postconf.5.html">main.cf</a>: </p>
<blockquote>
<pre>
# <b>postconf <a href="postconf.5.html#mynetworks_style">mynetworks_style</a>=subnet</b>
# <b>postfix reload</b>
</pre>
</blockquote>
<h2><a name="relay_domains"> Using backwards-compatible default
setting relay_domains=$mydestination </a> </h2>
<p> The <a href="postconf.5.html#relay_domains">relay_domains</a> default value has changed from "$<a href="postconf.5.html#mydestination">mydestination</a>"
to the empty value. As long as the <a href="postconf.5.html#relay_domains">relay_domains</a> parameter is left
at its implicit default value, and the backwards-compatible default
setting is turned on, Postfix may log one of the following messages.
</p>
<ul>
<li> <p> Messages about accepting mail for a remote domain:</p>
<blockquote>
<pre>
postfix/smtpd[19052]: using backwards-compatible default setting
<a href="postconf.5.html#relay_domains">relay_domains</a>=$<a href="postconf.5.html#mydestination">mydestination</a> to accept mail for domain
"foo.example.com"
</pre>
</blockquote>
<blockquote>
<pre>
postfix/smtpd[19052]: using backwards-compatible default setting
<a href="postconf.5.html#relay_domains">relay_domains</a>=$<a href="postconf.5.html#mydestination">mydestination</a> to accept mail for address
"user@foo.example.com"
</pre>
</blockquote>
<li> <p> Messages about providing ETRN service for a remote domain:</p>
<blockquote>
<pre>
postfix/smtpd[19138]: using backwards-compatible default setting
<a href="postconf.5.html#relay_domains">relay_domains</a>=$<a href="postconf.5.html#mydestination">mydestination</a> to flush mail for domain
"bar.example.com"
</pre>
</blockquote>
<blockquote>
<pre>
postfix/smtp[13945]: using backwards-compatible default setting
<a href="postconf.5.html#relay_domains">relay_domains</a>=$<a href="postconf.5.html#mydestination">mydestination</a> to update fast-flush logfile for
domain "bar.example.com"
</pre>
</blockquote>
</ul>
<p> If Postfix should continue to accept mail for that domain or
continue to provide ETRN service for that domain, then the system
administrator should make the backwards-compatible setting
"<a href="postconf.5.html#relay_domains">relay_domains</a> = $<a href="postconf.5.html#mydestination">mydestination</a>" permanent in <a href="postconf.5.html">main.cf</a>: </p>
<blockquote>
<pre>
# <b>postconf '<a href="postconf.5.html#relay_domains">relay_domains</a>=$<a href="postconf.5.html#mydestination">mydestination</a>'</b>
# <b>postfix reload</b>
</pre>
</blockquote>
<p> Note: quotes are required as indicated above. </p>
<p> Instead of $<a href="postconf.5.html#mydestination">mydestination</a>, it may be better to specify an
explicit list of domain names. </p>
<h2> <a name="smtputf8_enable"> Using backwards-compatible default
setting smtputf8_enable=no</a> </h2>
<p> The <a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> default value has changed from "no" to "yes.
With the new "yes" setting, the Postfix SMTP server rejects non-ASCII
addresses from clients that don't request SMTPUTF8 support. With
the old "no" setting, Postfix will accept such addresses, even if
such addresses are not permitted by traditional SMTP standards. </p>
<p> As long as the <a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> parameter is left at its implicit
default value, and the backwards-compatible default setting is
turned on, Postfix logs a warning each time an SMTP command uses a
non-ASCII address localpart without requesting SMTPUTF8 support: </p>
<blockquote>
<pre>
postfix/smtpd[27560]: using backwards-compatible default setting
<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a>=no to accept non-ASCII sender address
"??@example.org" from localhost[127.0.0.1]
</pre>
</blockquote>
<blockquote>
<pre>
postfix/smtpd[27560]: using backwards-compatible default setting
<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a>=no to accept non-ASCII recipient address
"??@example.com" from localhost[127.0.0.1]
</pre>
</blockquote>
<p> If the address should not be rejected, and the client cannot
be updated to use SMTPUTF8, then the system administrator should
make the backwards-compatible setting "<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> = no" permanent
in <a href="postconf.5.html">main.cf</a>:
<blockquote>
<pre>
# <b>postconf <a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a>=no</b>
# <b>postfix reload</b>
</pre>
</blockquote>
<h2> <a name="turnoff">Turning off the backwards-compatibility safety net</a> </h2>
<p> Backwards compatibility is turned off by updating the
<a href="postconf.5.html#compatibility_level">compatibility_level</a> setting in <a href="postconf.5.html">main.cf</a>. </p>
<blockquote>
<pre>
# <b>postconf <a href="postconf.5.html#compatibility_level">compatibility_level</a>=<i>N</i></b>
# <b>postfix reload</b>
</pre>
</blockquote>
<p> For <i>N</i> specify the number that is logged in your <a href="postfix.1.html">postfix(1)</a>
warning message: </p>
<blockquote>
<pre>
warning: To disable backwards compatibility use "postconf <a href="postconf.5.html#compatibility_level">compatibility_level</a>=<i>N</i>" and "postfix reload"
</pre>
</blockquote>
<p> Sites that don't care about backwards compatibility may set
"<a href="postconf.5.html#compatibility_level">compatibility_level</a> = 9999" at their own risk. </p>
</body>
</html>

View File

@ -313,6 +313,15 @@ private databases are maintained by Postfix daemons. The database
name as used in "<a href="DATABASE_README.html#types">hash</a>:table" is the database file name without the
".db" suffix. </dd>
<dt> <b>inline</b> (read-only) </dt>
<dd> A non-shared, in-memory lookup table. Example: "<a href="DATABASE_README.html#types">inline</a>:{
<i>key=value</i>, { <i>key = text with whitespace or comma</i> }}".
Key-value pairs are separated by whitespace or comma; whitespace
after "{" and before "}" is ignored. Inline tables eliminate the
need to create a database file for just a few fixed elements. See
also the <a href="DATABASE_README.html#types">static</a>: map type. </dd>
<dt> <b>internal</b> </dt>
<dd> A non-shared, in-memory hash table. Its content are lost when
@ -362,6 +371,18 @@ The file format is described in <a href="pcre_table.5.html">pcre_table(5)</a>. T
name as used in "<a href="pcre_table.5.html">pcre</a>:table" is the name of the regular expression
file. </dd>
<dt> <b>pipemap</b> (read-only) </dt>
<dd> A pipeline of lookup tables. Example:
"<a href="DATABASE_README.html#types">pipemap</a>:{<i>type<sub>1</sub>:name<sub>1</sub>, ...,
type<sub>n</sub>:name<sub>n</sub></i>}". Each "<a href="DATABASE_README.html#types">pipemap</a>:" query is
given to the first table. Each lookup result becomes the query for
the next table in the pipeline, and the last table produces the
final result. When any table lookup produces no result, the pipeline
produces no result. The first and last characters of the "<a href="DATABASE_README.html#types">pipemap</a>:"
table name must be "{" and "}". Within these, individual maps are
separated with comma or whitespace. </dd>
<dt> <b>pgsql</b> (read-only) </dt>
<dd> PostgreSQL database client. Configuration details are given
@ -373,6 +394,15 @@ in <a href="pgsql_table.5.html">pgsql_table(5)</a>. </dd>
databases. The lookup table name syntax is "<a href="proxymap.8.html">proxy</a>:<a href="DATABASE_README.html">type:table</a>".
</dd>
<dt> <b>randmap</b> (read-only) </dt>
<dd> An in-memory table that performs random selection. Example:
"<a href="DATABASE_README.html#types">randmap</a>:{<i>result<sub>1</sub>. ..., result<sub>n</sub></i>}".
Each table query returns a random choice from the specified results.
The first and last characters of the "<a href="DATABASE_README.html#types">randmap</a>:" table name must be
"{" and "}". Within these, individual maps are separated with comma
or whitespace. </dd>
<dt> <b>regexp</b> (read-only) </dt>
<dd> A lookup table based on regular expressions. The file format
@ -404,7 +434,9 @@ server. See <a href="socketmap_table.5.html">socketmap_table(5)</a> for details.
<dd> A table that always returns its name as the lookup result.
For example, "<a href="DATABASE_README.html#types">static</a>:foobar" always returns the string "foobar" as
lookup result. </dd>
lookup result. Specify "<a href="DATABASE_README.html#types">static</a>:{ <i>text with whitespace</i> }"
when the result contains whitespace; this form ignores whitespace
after "{" and before "}". See also the <a href="DATABASE_README.html#types">inline</a>: map type. </dd>
<dt> <b>tcp</b> </dt>
@ -421,6 +453,12 @@ use the file, and that <a href="DATABASE_README.html#types">texthash</a>: does n
file is read. The lookup table name is "<a href="DATABASE_README.html#types">texthash</a>:filename", where
the file name is taken literally; no suffix is appended. </dd>
<dt> <b>unionmap</b> (read-only) </dt>
<dd> A table that sends each query to multiple lookup tables and
that concatenates all found results, separated by comma. The table
name syntax is the same as for pipemap tables. </dd>
<dt> <b>unix</b> (read-only) </dt>
<dd> A limited view of the UNIX authentication database. The following

View File

@ -554,8 +554,16 @@ by "A", each digit
by "D" so that the helpers can still recognize syntactical errors.
</p>
<li> <p> Output from "<b>postconf -n</b>". Please do not send your
<a href="postconf.5.html">main.cf</a> file, or 500+ lines of <b>postconf</b> output. </p>
<li> <p> Command output from:</p>
<ul>
<li> <p> "<b>postconf -n</b>". Please do not send your <a href="postconf.5.html">main.cf</a> file,
or 1000+ lines of <b>postconf</b> command output. </p>
<li> <p> "<b>postconf -Mf</b>" (Postfix 2.9 or later). </p>
</ul>
<li> <p> Better, provide output from the <b>postfinger</b> tool.
This can be found at <a href="http://ftp.wl0.org/SOURCES/postfinger">http://ftp.wl0.org/SOURCES/postfinger</a>. </p>

View File

@ -180,7 +180,8 @@ and is not recommended for now. </p>
with no additional configuration, but you may want to override the
default prime to be 2048 bits long, and you may want to regenerate
your primes periodically. See the <a href="#quick-start">quick-start</a>
section for details. </p>
section for details. With Postfix &ge; 3.1 the out of the box
(compiled-in) EDH prime size is 2048 bits. </p>
<p> With prime-field EDH, OpenSSL wants the server to provide
two explicitly-selected (prime, generator) combinations. One for
@ -195,7 +196,9 @@ compiled in, but also supports explicitly-configured overrides.
"export" ciphers. To use a non-default prime, generate a 512-bit
DH parameter file and set <a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a> to the filename
(see the <a href="#quick-start">quick-start</a> section for details).
</p>
With Postfix releases after the middle of 2015 the default opportunistic
TLS cipher grade (<a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a>) is "medium" or stronger, and
export ciphers are no longer used. </p>
<li> <p> The non-export EDH parameters are used for all other EDH
cipher suites. To use a non-default prime, generate a 1024-bit or
@ -207,10 +210,11 @@ parameter file and the prime need not actually be 1024 bits long
</ul>
<p> It turns out that (inadvisably-patched in some Debian releases)
Exim SMTP clients require a &ge; 2048-bit length for the non-export
prime. See the <a href="#quick-start">quick-start</a> section for
the recommended configuration to work around this issue. </p>
<p> As of mid-2015, SMTP clients are starting to reject TLS
handshakes with primes smaller than 2048 bits. Each site needs to
determine which prime size works best for the majority of its
clients. See the <a href="#quick-start">quick-start</a> section
for the recommended configuration to work around this issue. </p>
<h3> EECDH Server support </h3>
@ -253,9 +257,10 @@ more curves at the desired security level without any changes to
<h2> <a name="client_fs">Forward Secrecy in the Postfix SMTP Client</a> </h2>
<p> The Postfix &ge; 2.2 SMTP client supports forward secrecy in
its default configuration. No configuration changes are needed
besides turning on elliptic-curve support with Postfix 2.6 and 2.7
(see the <a href="#quick-start"> quick-start</a> section). If the
its default configuration. All supported OpenSSL releases support
EDH key exchange. OpenSSL releases &ge; 1.0.0 also support EECDH
key exchange (provided elliptic-curve support has not been disabled
by the vendor as in some versions of RedHat Linux). If the
remote SMTP server supports cipher suites with forward secrecy (and
does not override the SMTP client's cipher preference), then the
traffic between the server and client will resist decryption even
@ -265,23 +270,27 @@ compromised. </p>
<p> The default Postfix SMTP client cipher lists are correctly
ordered to prefer EECDH and EDH cipher suites ahead of similar
cipher suites that don't implement forward secrecy. Administrators
are strongly discouraged from changing the cipher list definitions.
It is likely safe to set "<a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> = medium" if you wish
to disable the obsolete "export" and "low" grade ciphers even with
opportunistic TLS. Setting a minimum strength does not change the
preference
order. Note that strengths higher than "medium" exclude Exchange
2003 and likely other widely used MTAs, thus "high" grade ciphers
should only be used on a case-by-case basis via the <a
href="TLS_README.html#client_tls_policy">TLS policy</a> table. </p>
are strongly discouraged from changing the cipher list definitions. </p>
<p> The default minimum cipher grade for opportunistic TLS is
"medium" for Postfix releases after the middle of 2015, "export"
for older releases. Changing the minimum cipher grade does not
change the cipher preference order. Note that cipher grades higher
than "medium" exclude Exchange 2003 and likely other MTAs, thus a
"high" cipher grade should be chosen only on a case-by-case basis
via the <a href="TLS_README.html#client_tls_policy">TLS policy</a>
table. </p>
<h2><a name="quick-start">Getting started, quick and dirty</a></h2>
<h3> EECDH Client and server support (Postfix &ge; 2.6 with OpenSSL
&ge; 1.0.0) </h3>
<h3> EECDH Client support (Postfix &ge; 2.2 with OpenSSL &ge; 1.0.0) </h3>
<p> This works "out of the box" without additional configuration. </p>
<h3> EECDH Server support (Postfix &ge; 2.6 with OpenSSL &ge; 1.0.0) </h3>
<p> With Postfix 2.6 and 2.7, enable elliptic-curve support in the
Postfix SMTP client and server. This is the default with Postfix
Postfix SMTP server. This is the default with Postfix
&ge; 2.8. Note, however, that elliptic-curve support may be disabled
by the vendor, as in some versions of RedHat Linux. </p>
@ -347,7 +356,10 @@ need to adjust the submission entry in <a href="master.5.html">master.cf</a> acc
/etc/postfix/<a href="master.5.html">master.cf</a>:
submission inet n - n - - smtpd
# Some submission clients may not yet do 2048-bit EDH, if such
# clients use your MSA, configure 1024-bit EDH instead:
# clients use your MSA, configure 1024-bit EDH instead. However,
# as of mid-2015, many submission clients no longer accept primes
# with less than 2048-bits. Each site needs to determine which
# type of client is more important to support.
-o <a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>=${<a href="postconf.5.html#config_directory">config_directory</a>}/dh1024.pem
-o <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a>=encrypt
-o <a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a>=yes
@ -547,8 +559,8 @@ signature. </p>
<p> <b> Postfix SMTP server:</b> The status is never "Verified",
because the Postfix SMTP server never verifies the remote SMTP
client name against the names in the client certificate, and because
the Postfix SMTP does not expect a specific fingerprint in the
client public key or certificate. </p>
the Postfix SMTP server does not expect a specific fingerprint in
the client public key or certificate. </p>
</dd>

View File

@ -92,10 +92,25 @@ your Postfix source tree should work: </p>
<pre>
% make tidy
% make makefiles CCARGS="-I/usr/local/include -DHAS_LDAP" \
AUXLIBS="-L/usr/local/lib -lldap -L/usr/local/lib -llber"
<a href="LDAP_README.html">AUXLIBS_LDAP</a>="-L/usr/local/lib -lldap -L/usr/local/lib -llber"
</pre>
</blockquote>
<p> Postfix versions before 3.0 use AUXLIBS instead of <a href="LDAP_README.html">AUXLIBS_LDAP</a>.
With Postfix 3.0 and later, the old AUXLIBS variable still supports
building a statically-loaded LDAP database client, but only the new
<a href="LDAP_README.html">AUXLIBS_LDAP</a> variable supports building a dynamically-loaded or
statically-loaded LDAP database client. </p>
<blockquote>
<p> Failure to use the <a href="LDAP_README.html">AUXLIBS_LDAP</a> variable will defeat the purpose
of dynamic database client loading. Every Postfix executable file
will have LDAP database library dependencies. And that was exactly
what dynamic database client loading was meant to avoid. </p>
</blockquote>
<p> On Solaris 2.x you may have to specify run-time link information,
otherwise ld.so will not find some of the shared libraries: </p>
@ -103,7 +118,7 @@ otherwise ld.so will not find some of the shared libraries: </p>
<pre>
% make tidy
% make makefiles CCARGS="-I/usr/local/include -DHAS_LDAP" \
AUXLIBS="-L/usr/local/lib -R/usr/local/lib -lldap \
<a href="LDAP_README.html">AUXLIBS_LDAP</a>="-L/usr/local/lib -R/usr/local/lib -lldap \
-L/usr/local/lib -R/usr/local/lib -llber"
</pre>
</blockquote>

View File

@ -50,17 +50,33 @@ build Postfix with LMDB support, use something like: </p>
<blockquote>
<pre>
% make makefiles CCARGS="-DHAS_LMDB -I/usr/local/include" \
AUXLIBS="-L/usr/local/lib -llmdb"
<a href="LMDB_README.html">AUXLIBS_LMDB</a>="-L/usr/local/lib -llmdb"
% make
</pre>
</blockquote>
<p> Postfix versions before 3.0 use AUXLIBS instead of <a href="LMDB_README.html">AUXLIBS_LMDB</a>.
With Postfix 3.0 and later, the old AUXLIBS variable still supports
building a statically-loaded LMDB database client, but only the new
<a href="LMDB_README.html">AUXLIBS_LMDB</a> variable supports building a dynamically-loaded or
statically-loaded LMDB database client. </p>
<blockquote>
<p> Failure to use the <a href="LMDB_README.html">AUXLIBS_LMDB</a> variable will defeat the purpose
of dynamic database client loading. Every Postfix executable file
will have LMDB database library dependencies. And that was exactly
what dynamic database client loading was meant to avoid. </p>
</blockquote>
<p> Solaris may need this: </p>
<blockquote>
<pre>
% make makefiles CCARGS="-DHAS_LMDB -I/usr/local/include" \
AUXLIBS="-R/usr/local/lib -L/usr/local/lib -llmdb"
<a href="LMDB_README.html">AUXLIBS_LMDB</a>="-R/usr/local/lib -L/usr/local/lib -llmdb"
% make
</pre>
</blockquote>
@ -81,7 +97,7 @@ undefined reference to `pthread_mutex_lock'
<blockquote>
<pre>
% make makefiles .... AUXLIBS="... -lpthread"
% make makefiles .... <a href="LMDB_README.html">AUXLIBS_LMDB</a>="... -lpthread"
</pre>
</blockquote>

View File

@ -28,16 +28,10 @@ SMTP commands (HELO, MAIL FROM, etc.) as well as mail content
<p> The reason for adding Milter support to Postfix is that there
exists a large collection of applications, not only to block unwanted
mail, but also to verify authenticity (examples: <a
href="http://www.opendkim.org/">OpenDKIM</a>, <a
href="http://sourceforge.net/projects/dkim-milter/">DomainKeys
Identified Mail (DKIM)</a>, <a
href="http://sourceforge.net/projects/sid-milter/">SenderID+SPF</a> and
<a href="http://sourceforge.net/projects/dk-milter/">DomainKeys</a>)
or to digitally sign mail (examples: <a
href="http://www.opendkim.org/">OpenDKIM</a>, <a
href="http://sourceforge.net/projects/dkim-milter/">DomainKeys
Identified Mail (DKIM)</a>, <a
href="http://sourceforge.net/projects/dk-milter/">DomainKeys</a>).
href="http://www.opendkim.org/">OpenDKIM</a> and <a
href="http://www.trusteddomain.org/opendmarc/">DMARC </a>)
or to digitally sign mail (example: <a
href="http://www.opendkim.org/">OpenDKIM</a>).
Having yet another Postfix-specific version of all that software
is a poor use of human and system resources. </p>
@ -206,17 +200,14 @@ an object library that implements the Sendmail 8 Milter protocol.
Postfix currently does not provide such a library, but Sendmail
does. </p>
<ul>
<li> <p> The first option is to use a pre-compiled library. Some
<p> Some
systems install the Sendmail libmilter library by default. With
other systems, libmilter may be provided by a package (called
"sendmail-devel" on some Linux systems). </p>
<p> Once libmilter is installed, applications such as <a
href="http://www.opendkim.org/">OpenDKIM</a>, <a
href="http://sourceforge.net/projects/dkim-milter/">dkim-milter</a> and
<a href="http://sourceforge.net/projects/sid-milter/">sid-milter</a>
href="http://www.opendkim.org/">OpenDKIM</a> and
<a href="http://www.trusteddomain.org/opendmarc/">OpenDMARC</a>
build out of the box without requiring any tinkering:</p>
<blockquote>
@ -230,44 +221,6 @@ $ <b>make install</b>
</pre>
</blockquote>
<blockquote>
<pre>
$ <b>gzcat dkim-milter-<i>x.y.z</i>.tar.gz | tar xf -</b>
$ <b>cd dkim-milter-<i>x.y.z</i></b>
$ <b>make</b>
[...<i>lots of output omitted</i>...]
</pre>
</blockquote>
<li> <p> The other option is to build the libmilter library from
Sendmail source code: </p>
<blockquote>
<pre>
$ <b>gzcat sendmail-<i>x.y.z</i>.tar.gz | tar xf -</b>
$ <b>cd sendmail-<i>x.y.z</i>/libmilter</b>
$ <b>make</b>
[...<i>lots of output omitted</i>...]
</pre>
</blockquote>
<p> After building your own libmilter library, follow the installation
instructions in the Milter application source distribution to specify
the location of the libmilter include files and object library.
Typically, these settings are configured in a file named
<tt>sid-filter/Makefile.m4</tt> or similar:
<blockquote>
<pre>
APPENDDEF(`confINCDIRS', `-I/some/where/sendmail-x.y.z/include')
APPENDDEF(`confLIBDIRS', `-L/some/where/sendmail-x.y.z/obj.<i>systemtype</i>/libmilter')
</pre>
</blockquote>
<p>Then build the Milter application. </p>
</ul>
<h2><a name="running">Running Milter applications</a></h2>
<p> To run a Milter application, see the documentation of the filter
@ -275,7 +228,7 @@ for options. A typical command looks like this:</p>
<blockquote>
<pre>
# <b>/some/where/dkim-filter -u <i>userid</i> -p inet:<i>portnumber</i>@localhost ...<i>other options</i>...</b>
# <b>/some/where/opendkim -l -u <i>userid</i> -p inet:<i>portnumber</i>@localhost ...<i>other options</i>...</b>
</pre>
</blockquote>
@ -285,9 +238,8 @@ applications (not "postfix", not "www", etc.). </p>
<h2><a name="config">Configuring Postfix</a></h2>
<p> Like Sendmail, Postfix has a lot of configuration options that
control how it talks to Milter applications. With the initial Postfix
Milter protocol implementation, many options are global, that is,
they apply to all Milter applications. Future Postfix versions may
control how it talks to Milter applications. Besides global options
that apply to all Milter applications, Postfix 3.0 and later
support per-Milter timeouts, per-Milter error handling, etc. </p>
<p> Information in this section: </p>
@ -304,8 +256,13 @@ support per-Milter timeouts, per-Milter error handling, etc. </p>
<li><a href="#timeouts">Milter protocol timeouts</a>
<li><a href="#per-milter">Different settings for different Milter
applications </a>
<li><a href="#macros">Sendmail macro emulation</a>
<li><a href="#send-macros">What macros will Postfix send to Milters?</a>
</ul>
<h3><a name="smtp-only-milters">SMTP-Only Milter applications</a></h3>
@ -316,11 +273,12 @@ unwanted mail, and to sign mail from authorized SMTP clients. Mail
that arrives via the Postfix <a href="smtpd.8.html">smtpd(8)</a> server is not filtered by the
non-SMTP filters that are described in the next section. </p>
<p> NOTE: Do not use the <a href="header_checks.5.html">header_checks(5)</a> IGNORE action to remove
<blockquote> NOTE for Postfix versions that have a <a href="postconf.5.html#mail_release_date">mail_release_date</a>
before 20141018: do not use the <a href="header_checks.5.html">header_checks(5)</a> IGNORE action to remove
Postfix's own Received: message header. This causes problems with
mail signing filters. Instead, keep Postfix's own Received: message
header and use the <a href="header_checks.5.html">header_checks(5)</a> REPLACE action to sanitize
information. </p>
information. </blockquote>
<p> You specify SMTP-only Milter applications (there can be more
than one) with the <a href="postconf.5.html#smtpd_milters">smtpd_milters</a> parameter. Each Milter application
@ -426,8 +384,28 @@ commands. When a <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters<
a recipient, Postfix will report a configuration error, and mail
will stay in the queue. </p>
<p> None of this is a problem for mail filters that digitally sign
mail. </p>
<h4> Signing internally-generated bounce messages </h4>
<p> Postfix normally does not apply content filters to mail
that is generated internally such as bounces or Postmaster
notifications. Filtering internally-generated bounces would result
in loss of mail when a filter rejects a message, as the resulting
double-bounce message would almost certainly also be blocked. </p>
<p> To sign Postfix's own bounce messages, enable filtering of
internally-generated bounces (line 2 below), and don't reject any
internally-generated bounces with <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a>
or <a href="postconf.5.html#body_checks">body_checks</a> (lines 3-5 below). </p>
<blockquote>
<pre>
1 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
2 <a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> = bounce
3 <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a> = <i>don't reject internally-generated bounces</i>
4 <a href="postconf.5.html#header_checks">header_checks</a> = <i>don't reject internally-generated bounces</i>
5 <a href="postconf.5.html#body_checks">body_checks</a> = <i>don't reject internally-generated bounces</i>
</pre>
</blockquote>
<h3><a name="errors">Milter error handling</a></h3>
@ -449,6 +427,9 @@ in the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a>, and is availabl
</pre>
</blockquote>
<p> See "<a href="#per-milter">Different settings for different
Milter applications</a>" for advanced configuration options. </p>
<h3><a name="version">Milter protocol version</a></h3>
<p> As Postfix is not built with the Sendmail libmilter library,
@ -499,6 +480,9 @@ number. Postfix 2.8 and later will automatically turn off protocol
features that the application's libmilter library does not expect.
</p>
<p> See "<a href="#per-milter">Different settings for different
Milter applications</a>" for advanced configuration options. </p>
<h3><a name="timeouts">Milter protocol timeouts</a></h3>
<p> Postfix uses different time limits at different Milter protocol
@ -532,6 +516,54 @@ too much, remote SMTP clients may hang up and mail may be delivered
multiple times. This is an inherent problem with before-queue
filtering. </p>
<p> See "<a href="#per-milter">Different settings for different
Milter applications</a>" for advanced configuration options. </p>
<h3><a name="per-milter">Different settings for different Milter
applications </a></h3>
<p> The previous sections list a number of Postfix <a href="postconf.5.html">main.cf</a> parameters
that control time limits and other settings for all Postfix Milter
clients. This is sufficient for simple configurations. With more
complex configurations it becomes desirable to have different
settings for different Milter clients. This is supported with Postfix
3.0 and later. </p>
<p> The following example shows a "non-critical" Milter client with
a short connect timeout, and with "accept" as default action when
the service is unvailable. </p>
<blockquote>
<pre>
1 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
2 <a href="postconf.5.html#smtpd_milters">smtpd_milters</a> = { inet:host:port,
3 connect_timeout=10s, default_action=accept }
</pre>
</blockquote>
<p> Instead of a server endpoint, we now have a list enclosed in {}. </p>
<ul>
<li> <p> Line 2: The first item in the list is the server endpoint.
This supports the exact same "inet" and "unix" syntax as described
earlier. </p>
<li> <p> Line 3: The remainder of the list contains per-Milter
settings. These settings override global <a href="postconf.5.html">main.cf</a> parameters, and
have the same name as those parameters, without the "milter_" prefix.
The per-Milter settings that are supported as of Postfix 3.0 are
command_timeout, connect_timeout, content_timeout, default_action,
and protocol. </p>
</ul>
<p> Inside the list, syntax is similar to what we already know from
<a href="postconf.5.html">main.cf</a>: items separated by space or comma. There is one difference:
<b>you must enclose a setting in parentheses, as in "{ name = value
}", if you want to have space or comma within a value or around
"="</b>. </p>
<h3><a name="macros">Sendmail macro emulation</a></h3>
<p> Postfix emulates a limited number of Sendmail macros, as shown
@ -632,9 +664,11 @@ With rejected recipient: "error" </td> </tr>
</blockquote>
<h3><a name="send-macros">What macros will Postfix send to Milters?</a></h3>
<p> Postfix sends specific sets of macros at different Milter protocol
stages. The sets are configured with the parameters as described
in the table (EOH = end of headers; EOM = end of message). The
stages. The sets are configured with the parameters as shown in the
table below (EOH = end of headers; EOM = end of message). The
protocol version is a number that Postfix sends at the beginning
of the Milter protocol handshake. </p>
@ -678,6 +712,17 @@ TO </td> </tr>
</blockquote>
<p> By default, Postfix will send only macros whose values have been
updated with information from <a href="postconf.5.html">main.cf</a> or <a href="master.5.html">master.cf</a>, from an SMTP session
(for example; SASL login, or TLS certificates) or from a Mail delivery
transaction (for example; queue ID, sender, or recipient). </p>
<p> To force a macro to be sent even when its value has not been updated,
you may specify macro default values with the <a href="postconf.5.html#milter_macro_defaults">milter_macro_defaults</a>
parameter. Specify zero or more <i>name=value</i> pairs separated by
comma or whitespace; you may even specify macro names that Postfix does
know about! </p>
<h2><a name="workarounds">Workarounds</a></h2>
<ul>
@ -831,12 +876,6 @@ TEMPFAIL simulated RCPT TO commands. When this rule is violated,
Postfix will report a configuration error, and mail will stay in
the queue. </p>
<li> <p> Postfix currently does not apply content filters to mail
that is forwarded or aliased internally, or to mail that is generated
internally such as bounces or Postmaster notifications. This may
be a problem when you want to apply a signing Milter to such mail.
</p>
<li> <p> When you use the before-queue content filter for incoming
SMTP mail (see <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a>), Milter applications have access
only to the SMTP command information; they have no access to the

View File

@ -52,23 +52,38 @@ which can be obtained from: </p>
<p> In order to build Postfix with mysql map support, you will need to add
-DHAS_MYSQL and -I for the directory containing the mysql headers, and
the mysqlclient library (and libm) to AUXLIBS, for example: </p>
the mysqlclient library (and libm) to <a href="MYSQL_README.html">AUXLIBS_MYSQL</a>, for example: </p>
<blockquote>
<pre>
make -f Makefile.init makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include' \
'AUXLIBS=-L/usr/local/mysql/lib -lmysqlclient -lz -lm'
'<a href="MYSQL_README.html">AUXLIBS_MYSQL</a>=-L/usr/local/mysql/lib -lmysqlclient -lz -lm'
</pre>
</blockquote>
<p> Postfix versions before 3.0 use AUXLIBS instead of <a href="MYSQL_README.html">AUXLIBS_MYSQL</a>.
With Postfix 3.0 and later, the old AUXLIBS variable still supports
building a statically-loaded MySQL database client, but only the new
<a href="MYSQL_README.html">AUXLIBS_MYSQL</a> variable supports building a dynamically-loaded or
statically-loaded MySQL database client. </p>
<blockquote>
<p> Failure to use the <a href="MYSQL_README.html">AUXLIBS_MYSQL</a> variable will defeat the purpose
of dynamic database client loading. Every Postfix executable file
will have MYSQL database library dependencies. And that was exactly
what dynamic database client loading was meant to avoid. </p>
</blockquote>
<p> On Solaris, use this instead: </p>
<blockquote>
<pre>
make -f Makefile.init makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include' \
'AUXLIBS=-L/usr/local/mysql/lib -R/usr/local/mysql/lib \
'<a href="MYSQL_README.html">AUXLIBS_MYSQL</a>=-L/usr/local/mysql/lib -R/usr/local/mysql/lib \
-lmysqlclient -lz -lm'
</pre>
</blockquote>
@ -115,10 +130,23 @@ table = mxaliases
where_field = alias
# Don't forget the leading "AND"!
additional_conditions = AND status = 'paid'
# This is necessary to make UTF8 queries work for Postfix 2.11 .. 3.1,
# and is the default setting as of Postfix 3.2,
option_group = client
</pre>
<h2>Additional notes</h2>
<p> Postfix 3.2 and later read <b>[client]</b> option group settings
by default. To disable this, specify no <b>option_file</b> and
specify "<b>option_group =</b>" (i.e. an empty value). </p>
<p> Postfix 3.1 and earlier don't read <b>[client]</b> option group
settings unless a non-empty <b>option_file</b> or <b>option_group</b>
value are specified. To enable this, specify, for example
"<b>option_group = client</b>". </p>
<p> The MySQL configuration interface setup allows for multiple
mysql databases: you can use one for a virtual table, one for an
access table, and one for an aliases table if you want. </p>

View File

@ -15,7 +15,7 @@ COMMANDS= mailq.1.html newaliases.1.html postalias.1.html postcat.1.html \
postqueue.1.html postsuper.1.html sendmail.1.html \
smtp-source.1.html smtp-sink.1.html posttls-finger.1.html \
qmqp-source.1.html qmqp-sink.1.html \
qshape.1.html
qshape.1.html postfix-tls.1.html
CONFIG = access.5.html aliases.5.html canonical.5.html relocated.5.html \
transport.5.html virtual.5.html pcre_table.5.html regexp_table.5.html \
cidr_table.5.html tcp_table.5.html header_checks.5.html \
@ -26,7 +26,7 @@ CONFIG = access.5.html aliases.5.html canonical.5.html relocated.5.html \
OTHER = postfix-manuals.html
AWK = awk '{ print; if (NR == 2) print ".pl 99999\n.ll 78" }'
MAN2HTML = man2html -t "Postfix manual - `IFS=.; set \`echo $@\`; echo \"$$1($$2)\"`"
NROFF = GROFF_NO_SGR=1 nroff
NROFF = LANG=C GROFF_NO_SGR=1 nroff
update: $(DAEMONS) $(COMMANDS) $(CONFIG) $(OTHER)
@ -177,6 +177,10 @@ postfix.1.html: ../src/postfix/postfix.c
PATH=../mantools:$$PATH; \
srctoman $? | $(AWK) | $(NROFF) -man | uniq | $(MAN2HTML) | postlink >$@
postfix-tls.1.html: ../conf/postfix-tls-script
PATH=../mantools:$$PATH; \
srctoman - $? | $(AWK) | $(NROFF) -man | uniq | $(MAN2HTML) | postlink >$@
postkick.1.html: ../src/postkick/postkick.c
PATH=../mantools:$$PATH; \
srctoman $? | $(AWK) | $(NROFF) -man | uniq | $(MAN2HTML) | postlink >$@

View File

@ -85,6 +85,13 @@ non-default installation parameters on the command line: </p>
script directly (<tt>% <b>sh post-install -non-interactive
install_root...</b></tt>). </p>
<p> With Postfix 3.0 and later, the command "make package name=value
..." will replace the string MAIL_VERSION in a configuration parameter
value with the Postfix release version. Do not try to specify
something like $<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces
inconsistent results with different versions of the make(1) command.
</p>
<h2>Begin Security Alert</h2>
<p> <b> When building an archive for distribution, be sure to

View File

@ -55,25 +55,30 @@ Expressions), which can be obtained from: </p>
<p> NOTE: pcre versions prior to 2.06 cannot be used. </p>
<p> In order to build Postfix with PCRE support you need to add
-DHAS_PCRE and a -I for the PCRE include file to CCARGS, and add
the path to the PCRE library to AUXLIBS, for example: </p>
-DHAS_PCRE and a -I option for the PCRE include file to CCARGS, and
add the path to the PCRE library to <a href="PCRE_README.html">AUXLIBS_PCRE</a>, for example: </p>
<blockquote>
<pre>
make -f Makefile.init makefiles \
"CCARGS=-DHAS_PCRE -I/usr/local/include" \
"AUXLIBS=-L/usr/local/lib -lpcre"
"CCARGS=-DHAS_PCRE `pcre-config --cflags`" \
"<a href="PCRE_README.html">AUXLIBS_PCRE</a>=`pcre-config --libs`"
</pre>
</blockquote>
<p> Solaris needs run-time path information too: </p>
<p> Postfix versions before 3.0 use AUXLIBS instead of <a href="PCRE_README.html">AUXLIBS_PCRE</a>.
With Postfix 3.0 and later, the old AUXLIBS variable still supports
building a statically-loaded PCRE database client, but only the new
<a href="PCRE_README.html">AUXLIBS_PCRE</a> variable supports building a dynamically-loaded or
statically-loaded PCRE database client. </p>
<blockquote>
<pre>
make -f Makefile.init makefiles \
"CCARGS=-DHAS_PCRE -I/usr/local/include" \
"AUXLIBS=-L/usr/local/lib -R/usr/local/lib -lpcre"
</pre>
<p> Failure to use the <a href="PCRE_README.html">AUXLIBS_PCRE</a> variable will defeat the purpose
of dynamic database client loading. Every Postfix executable file
will have PCRE library dependencies. And that was exactly
what dynamic database client loading was meant to avoid. </p>
</blockquote>
<h2>Things to know</h2>

View File

@ -53,10 +53,25 @@ the location of the libpq library file. </p>
% make tidy
% make -f Makefile.init makefiles \
'CCARGS=-DHAS_PGSQL -I/usr/local/include/pgsql' \
'AUXLIBS=-L/usr/local/lib -lpq'
'<a href="PGSQL_README.html">AUXLIBS_PGSQL</a>=-L/usr/local/lib -lpq'
</pre>
</blockquote>
<p> Postfix versions before 3.0 use AUXLIBS instead of <a href="PGSQL_README.html">AUXLIBS_PGSQL</a>.
With Postfix 3.0 and later, the old AUXLIBS variable still supports
building a statically-loaded PostgreSQL database client, but only
the new <a href="PGSQL_README.html">AUXLIBS_PGSQL</a> variable supports building a dynamically-loaded
or statically-loaded PostgreSQL database client. </p>
<blockquote>
<p> Failure to use the <a href="PGSQL_README.html">AUXLIBS_PGSQL</a> variable will defeat the purpose
of dynamic database client loading. Every Postfix executable file
will have PGSQL database library dependencies. And that was exactly
what dynamic database client loading was meant to avoid. </p>
</blockquote>
<p> Then just run 'make'. </p>
<h2>Configuring PostgreSQL lookup tables</h2>

View File

@ -872,8 +872,8 @@ For example: </p>
<pre>
/etc/postfix/dnsbl_reply:
# Secret DNSBL name Name in <a href="postscreen.8.html">postscreen(8)</a> replies
secret.zen.spamhaus.org zen.spamhaus.org
# Secret DNSBL name Name in <a href="postscreen.8.html">postscreen(8)</a> replies
secret.zen.dq.spamhaus.net zen.spamhaus.org
</pre>
<p> The <a href="DATABASE_README.html#types">texthash</a>: format is similar to <a href="DATABASE_README.html#types">hash</a>: except that there is
@ -982,16 +982,18 @@ helo/sender/recipient information, and waits for the client to
disconnect. </p>
<p> When the good client comes back in a later session, it is allowed
to talk directly to a Postfix SMTP server. See "after_220 <a
href="#after_220">Tests after the 220 SMTP server greeting</a> above
for limitations with AUTH and other features that clients may need.
</p>
to talk directly to a Postfix SMTP server. See "<a href="#after_220">Tests
after the 220 SMTP server greeting</a>" above for limitations with
AUTH and other features that clients may need. </p>
<p> An unexpected benefit from "<a href="#after_220">deep protocol
tests</a>" is that some "good" clients don't return after the 4XX
reply; these clients were not so good after all. Wietse enables
"<a href="#after_220">deep protocol tests</a>" on his own internet-facing
mail server. </p>
reply; these clients were not so good after all. </p>
<p> Unfortunately, some senders will retry requests from different
IP addresses, and may never get whitelisted. For this reason,
Wietse stopped using "<a href="#after_220">deep protocol tests</a>"
on his own internet-facing mail server. </p>
<li> <p> There is also support for permanent blacklisting and
whitelisting; see the description of the <a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a>

View File

@ -34,7 +34,7 @@ mail to remote destinations when the client's IP address is in the
<p> SMTP clients outside the SMTP server's network need a different
way to get "same network" privileges. To address this need, Postfix
supports SASL authentication (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>, formerly RFC 2554). With
supports SASL authentication (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>, formerly <a href="http://tools.ietf.org/html/rfc2554">RFC 2554</a>). With
this a remote SMTP client can authenticate to the Postfix SMTP
server, and the Postfix SMTP client can authenticate to a remote
SMTP server. Once a client is authenticated, a server can give it
@ -1564,7 +1564,7 @@ encoded authentication information: </p>
<p> The <strong>mmencode</strong> command is part of the metamail
software. </p>
<li> <p> Using Perl <b>MIME::Base64</b>: </p>
<li> <p> Using Perl <b>MIME::Base64</b> (from <a href="http://www.cpan.org/">http://www.cpan.org/</a>): </p>
<blockquote>
<pre>
@ -1573,7 +1573,7 @@ software. </p>
</pre>
</blockquote>
<p> MIME::Base64 is available from <a href="http://www.cpan.org/">http://www.cpan.org/</a>. </p>
<p> If the username or password contain "@", you must specify "\@". </p>
<li> <p> Using the <b>gen-auth</b> script: </p>
@ -1659,6 +1659,8 @@ second part sets up the username/password information. </p>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> = noanonymous
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.isp.example]
# Alternative form:
# <a href="postconf.5.html#relayhost">relayhost</a> = [mail.isp.example]:submission
@ -1673,6 +1675,11 @@ client-side authentication. We will configure the client's username
and password information in the second part of the example. </p>
</li>
<li> <p> The <code><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a></code> setting ensures
that the connection to the remote smtp server will be encrypted, and
<code><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a></code> removes the prohibition on
plaintext passwords. </p>
<li> <p> The <code><a href="postconf.5.html#relayhost">relayhost</a></code> setting forces the Postfix SMTP
to send all remote messages to the specified mail server instead
of trying to deliver them directly to their destination. </p> </li>
@ -1781,7 +1788,7 @@ resort. </p>
<pre>
/etc/postfix/sasl_passwd:
# Per-sender authentication; see also /etc/postfix/sender_relay.
user1@example.com username2:password2
user1@example.com username1:password1
user2@example.net username2:password2
# Login information for the default <a href="postconf.5.html#relayhost">relayhost</a>.
[mail.isp.example] username:password

View File

@ -202,6 +202,7 @@ described in the <a href="postconf.5.html">postconf(5)</a> manual page. </p>
# (available with Postfix 2.10 and later).
<a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
<a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> zen.spamhaus.org,
<a href="postconf.5.html#reject_rhsbl_reverse_client">reject_rhsbl_reverse_client</a> dbl.spamhaus.org,
<a href="postconf.5.html#reject_rhsbl_helo">reject_rhsbl_helo</a> dbl.spamhaus.org,
<a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> dbl.spamhaus.org
@ -214,7 +215,7 @@ described in the <a href="postconf.5.html">postconf(5)</a> manual page. </p>
<p> Each restriction list is evaluated from left to right until
some restriction produces a result of PERMIT, REJECT or DEFER (try
again later). The end of the list is equivalent to a PERMIT result.
again later). The end of each list is equivalent to a PERMIT result.
By placing a PERMIT restriction before a REJECT restriction you
can make exceptions for specific clients or users. This is called
whitelisting; the fourth example above allows mail from local

View File

@ -47,7 +47,9 @@ multiple times, for up to $<a href="postconf.5.html#max_use">max_use</a> incomin
<li><a href="#protocol">Policy protocol description</a>
<li><a href="#client_config">Policy client/server configuration</a>
<li><a href="#client_config">Simple policy client/server configuration</a>
<li><a href="#advanced">Advanced policy client configuration</a>
<li><a href="#greylist">Example: greylist policy server</a>
@ -104,6 +106,10 @@ etrn_domain=
stress=
<b>Postfix version 2.9 and later:</b>
ccert_pubkey_fingerprint=68:B3:29:DA:98:93:E3:40:99:C7:D8:AD:5C:B9:C9:40
<b>Postfix version 3.0 and later:</b>
client_port=1234
<b>Postfix version 3.1 and later:</b>
policy_context=submission
[empty line]
</pre>
</blockquote>
@ -191,6 +197,10 @@ ccert_pubkey_fingerprint=68:B3:29:DA:98:93:E3:40:99:C7:D8:AD:5C:B9:C9:40
<li> <p> The "stress" attribute is either empty or "yes". See
the <a href="STRESS_README.html">STRESS_README</a> document for further information. </p>
<li> <p> The "policy_context" attribute provides a way to pass
information that is not available via other attributes (Postfix
version 3.1 and later). </p>
</ul>
<p> The following is specific to SMTPD delegated policy requests:
@ -227,7 +237,7 @@ the request permanently. </p>
Instead the server must log a warning and disconnect. Postfix will
retry the request at some later time. </p>
<h2><a name="client_config">Policy client/server configuration</a></h2>
<h2><a name="client_config">Simple policy client/server configuration</a></h2>
<p> The Postfix delegated policy client can connect to a TCP socket
or to a UNIX-domain socket. Examples: </p>
@ -264,6 +274,7 @@ daemon, you would use something like this: </p>
9 <a href="postconf.5.html#check_policy_service">check_policy_service</a> unix:private/policy
10 ...
11 <a href="postconf.5.html#transport_time_limit">policy_time_limit</a> = 3600
12 # <a href="postconf.5.html#smtpd_policy_service_request_limit">smtpd_policy_service_request_limit</a> = 1
</pre>
</blockquote>
@ -303,6 +314,10 @@ of a <a href="master.5.html">master.cf</a> service name (in the above example, "
built-in suffix (in the above example: "_time_limit"). </p>
</blockquote>
<li> <p> Line 12: specify <a href="postconf.5.html#smtpd_policy_service_request_limit">smtpd_policy_service_request_limit</a> to
avoid error-recovery delays with policy servers that cannot
maintain a persistent connection. </p>
<li> <p> With Solaris &lt; 9, or Postfix &lt; 2.10 on any Solaris
version, use TCP sockets instead of UNIX-domain sockets: </p>
@ -321,14 +336,20 @@ version, use TCP sockets instead of UNIX-domain sockets: </p>
9 <a href="postconf.5.html#check_policy_service">check_policy_service</a> inet:127.0.0.1:9998
10 ...
11 127.0.0.1:9998_time_limit = 3600
12 # <a href="postconf.5.html#smtpd_policy_service_request_limit">smtpd_policy_service_request_limit</a> = 1
</pre>
</blockquote>
<p> Other configuration parameters that control the client side of
the policy delegation protocol: </p>
<p> Configuration parameters that control the client side of the
policy delegation protocol: </p>
<ul>
<li> <p> <a href="postconf.5.html#smtpd_policy_service_default_action">smtpd_policy_service_default_action</a> (default: 451 4.3.5
Server configuration problem): The default action when an SMTPD
policy service request fails. Available with Postfix 3.0 and
later. </p>
<li> <p> <a href="postconf.5.html#smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a> (default: 300s): The amount
of time before the Postfix SMTP server closes an unused policy
client connection. </p>
@ -337,11 +358,104 @@ client connection. </p>
of time before the Postfix SMTP server closes an active policy
client connection. </p>
<li> <p> <a href="postconf.5.html#smtpd_policy_service_request_limit">smtpd_policy_service_request_limit</a> (default: 0): The maximal
number of requests per policy connection, or zero (no limit).
Available with Postfix 3.0 and later. </p>
<li> <p> <a href="postconf.5.html#smtpd_policy_service_timeout">smtpd_policy_service_timeout</a> (default: 100s): The time
limit to connect to, send to or receive from a policy server. </p>
<li> <p> <a href="postconf.5.html#smtpd_policy_service_try_limit">smtpd_policy_service_try_limit</a> (default: 2): The maximal
number of attempts to send an SMTPD policy service request before
giving up. Available with Postfix 3.0 and later. </p>
<li> <p> <a href="postconf.5.html#smtpd_policy_service_retry_delay">smtpd_policy_service_retry_delay</a> (default: 1s): The delay
between attempts to resend a failed SMTPD policy service request.
Available with Postfix 3.0 and later. </p>
<li> <p> <a href="postconf.5.html#smtpd_policy_service_policy_context">smtpd_policy_service_policy_context</a> (default: empty):
Optional information that is passed in the "policy_context" attribute
of an SMTPD policy service request (originally, to share the same
SMTPD service endpoint among multiple <a href="postconf.5.html#check_policy_service">check_policy_service</a> clients).
Available with Postfix 3.1 and later. </p>
</ul>
<p> Configuration parameters that control the server side of the
policy delegation protocol: </p>
<ul>
<li> <p> <a href="postconf.5.html#transport_time_limit"><i>transport</i>_time_limit</a> ($<a href="postconf.5.html#command_time_limit">command_time_limit</a>): The
maximal amount of time the policy daemon is allowed to run before
it is terminated. The <i>transport</i> is the service name of the
<a href="master.5.html">master.cf</a> entry for the policy daemon service. In the above
examples, the service name is "policy" or "127.0.0.1:9998". </p>
</ul>
<h2><a name="advanced">Advanced policy client configuration</a></h2>
<p> The previous section lists a number of Postfix <a href="postconf.5.html">main.cf</a> parameters
that control time limits and other settings for all policy clients.
This is sufficient for simple configurations. With more complex
configurations it becomes desirable to have different settings per
policy client. This is supported with Postfix 3.0 and later. </p>
<p> The following example shows a "non-critical" policy service
with a short timeout, and with "DUNNO" as default action when the
service is unvailable. The "DUNNO" action causes Postfix to ignore
the result. </p>
<blockquote>
<pre>
1 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
2 <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> =
3 ...
4 <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
5 <a href="postconf.5.html#check_policy_service">check_policy_service</a> { inet:host:port,
6 timeout=10s, default_action=DUNNO }
8 ...
</pre>
</blockquote>
<p> Instead of a server endpoint, we now have a list enclosed in {}. </p>
<ul>
<li> <p> Line 5: The first item in the list is the server endpoint.
This supports the exact same "inet" and "unix" syntax as described
earlier. </p>
<li> <p> Line 6: The remainder of the list contains per-client
settings. These settings override global <a href="postconf.5.html">main.cf</a> parameters,
and have the same name as those parameters, without the
"smtpd_policy_service_" prefix. </p>
</ul>
<p> Inside the list, syntax is similar to what we already know from
<a href="postconf.5.html">main.cf</a>: items separated by space or comma. There is one difference:
<b>you must enclose a setting in parentheses, as in "{ name = value
}", if you want to have space or comma within a value or around
"="</b>. This comes in handy when different policy servers require
different default actions with different SMTP status codes or text:
</p>
<blockquote>
<pre>
1 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
2 <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> =
3 ...
4 <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
5 <a href="postconf.5.html#check_policy_service">check_policy_service</a> {
6 inet:host:port1,
7 { default_action = 451 4.3.5 See <a href="http://www.example.com/support1">http://www.example.com/support1</a> }
8 }
9 ...
</pre>
</blockquote>
<h2><a name="greylist">Example: greylist policy server</a></h2>
<p> Greylisting is a defense against junk email that is described at
@ -413,6 +527,7 @@ processes only: </p>
9 <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
10 <a href="postconf.5.html#check_policy_service">check_policy_service</a> unix:private/greylist
11 ...
12 # <a href="postconf.5.html#smtpd_policy_service_request_limit">smtpd_policy_service_request_limit</a> = 1
</pre>
</blockquote>
@ -451,6 +566,10 @@ of a <a href="master.5.html">master.cf</a> service name (in the above example, "
a built-in suffix (in the above example: "_time_limit"). </p>
</blockquote>
<li> <p> Line 12: specify <a href="postconf.5.html#smtpd_policy_service_request_limit">smtpd_policy_service_request_limit</a> to
avoid error-recovery delays with policy servers that cannot
maintain a persistent connection. </p>
</ul>
<p> With Solaris &lt; 9, or Postfix &lt; 2.10 on any Solaris
@ -471,6 +590,7 @@ client/server configuration</a>" section above. </p>
9 <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
10 <a href="postconf.5.html#check_policy_service">check_policy_service</a> inet:127.0.0.1:9998
11 ...
12 # <a href="postconf.5.html#smtpd_policy_service_request_limit">smtpd_policy_service_request_limit</a> = 1
</pre>
</blockquote>

View File

@ -199,8 +199,8 @@ usual. </p>
<p> The content filter itself is not described here. You can use
any filter that is SMTP enabled. For non-SMTP capable content
filtering software, Bennett Todd's SMTP proxy implements a nice
PERL/SMTP content filtering framework. See:
<a href="http://bent.latency.net/smtpprox/">http://bent.latency.net/smtpprox/</a>. </p>
Perl-based framework. See: <a href="http://bent.latency.net/smtpprox/">http://bent.latency.net/smtpprox/</a> or
https://github.com/jnorell/smtpprox.</p>
<blockquote>

View File

@ -0,0 +1,369 @@
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Postfix SMTPUTF8 support</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body>
<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">
Postfix SMTPUTF8 support
</h1>
<hr>
<h2> Overview </h2>
<p> This document describes Postfix support for Email Address
Internationalization (EAI) as defined in <a href="http://tools.ietf.org/html/rfc6531">RFC 6531</a> (SMTPUTF8 extension),
<a href="http://tools.ietf.org/html/rfc6532">RFC 6532</a> (Internationalized email headers) and <a href="http://tools.ietf.org/html/rfc6533">RFC 6533</a> (Internationalized
delivery status notifications). Introduced with Postfix version
3.0, this fully supports UTF-8 email addresses and UTF-8 message
header values. </p>
<p> Topics covered in this document: </p>
<ul>
<li><a href="#building">Building with/without SMTPUTF8 support</a>
<li><a href="#enabling">Enabling Postfix SMTPUTF8 support</a>
<li><a href="#using">Using Postfix SMTPUTF8 support</a>
<li><a href="#detecting">SMTPUTF8 autodetection</a>
<li><a href="#limitations">Limitations of the current implementation</a>
<li><a href="#compatibility">Compatibility with pre-SMTPUTF8 environments</a>
<li><a href="#credits">Credits</a>
</ul>
<h2> <a name="building">Building Postfix with/without SMTPUTF8 support</a> </h2>
<p> Postfix will build with SMTPUTF8 support if the ICU library and
header files are installed on the system. The package name varies
with the OS distribution (and version). The table shows package
names for a number of platforms at the time this text was written.
</p>
<blockquote>
<table border="1">
<tr> <th> OS Distribution </th> <th> Package </th> </tr>
<tr> <td> FreeBSD, NetBSD, etc. </td> <td> icu </td> </tr>
<tr> <td> Centos, Fedora, RHEL </td> <td> libicu-devel </td> </tr>
<tr> <td> Debian, Ubuntu </td> <td> libicu-dev </td> </tr>
</table>
</blockquote>
<p> To force Postfix to build without SMTPUTF8, specify: </p>
<blockquote>
<pre>
$ <b>make makefiles CCARGS="-DNO_EAI ..."</b>
</pre>
</blockquote>
<p> See the <a href="INSTALL.html">INSTALL</a> document for more "make makefiles" options. </p>
<h2> <a name="enabling">Enabling Postfix SMTPUTF8 support</a> </h2>
<p> There is more to SMTPUTF8 than just Postfix itself. The rest
of your email infrastructure also needs to be able to handle UTF-8
email addresses and message header values. This includes SMTPUTF8
protocol support in SMTP-based content filters (Amavisd), LMTP
servers (Dovecot), and down-stream SMTP servers. </p>
<p> Postfix SMTPUTF8 support is enabled by default, but it may be
disabled as part of a backwards-compatibility safety net (see the
<a href="COMPATIBILITY_README.html">COMPATIBILITY_README</a> file). </p>
<p> SMTPUTF8 support is enabled by setting the <a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a>
parameter in <a href="postconf.5.html">main.cf</a>:</p>
<blockquote>
<pre>
# <b>postconf "<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> = yes"</b>
# <b>postfix reload</b>
</pre>
</blockquote>
<p> With SMTPUTF8 support enabled, Postfix changes behavior with
respect to earlier Postfix releases: </p>
<ul>
<li> <p> UTF-8 is permitted in the <a href="postconf.5.html#myorigin">myorigin</a> parameter value. However,
the <a href="postconf.5.html#myhostname">myhostname</a> and <a href="postconf.5.html#mydomain">mydomain</a> parameters must currently specify
ASCII-only domain names. This limitation may be removed later. </p>
<li> <p> UTF-8 is the only form of non-ASCII text that Postfix
supports in access tables, address rewriting tables, and other
tables that are indexed with an email address, hostname, or domain
name. </p>
<li> <p> The <a href="postconf.5.html#header_checks">header_checks</a>-like and <a href="postconf.5.html#body_checks">body_checks</a>-like features are
not UTF-8 enabled, and therefore they do not enforce UTF-8 syntax
rules on inputs and outputs. The reason is that non-ASCII text may
be sent in encodings other than UTF-8, and that real email sometimes
contains malformed headers. Instead of skipping non-UTF-8 content,
Postfix should be able to filter it. You may try to enable UTF-8
processing by starting a PCRE pattern with the sequence (*UTF8),
but this is will result in "message not accepted, try again later"
errors when the PCRE pattern matcher encounters non-UTF-8 input.
Other features that are not UTF-8 enabled are <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a>,
<a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a>, the *_delivery_status_filter features, and the
*_dns_reply_filter features (the latter because DNS is by definition
an ASCII protocol). </p>
<li> <p> The Postfix SMTP server announces SMTPUTF8 support in the
EHLO response. </p>
<pre>
220 server.example.com ESMTP Postfix
<b>EHLO client.example.com</b>
250-server.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
</pre>
<li> <p> The Postfix SMTP server accepts the SMTPUTF8 request in
MAIL FROM and VRFY commands. </p>
<pre>
<b>MAIL FROM:&lt;address&gt; SMTPUTF8 ...</b>
<b>VRFY address SMTPUTF8</b>
</pre>
<li> <p> The Postfix SMTP client may issue the SMTPUTF8 request in
MAIL FROM commands. </p>
<li> <p> The Postfix SMTP server accepts UTF-8 in email address
domains, but only after the remote SMTP client issues the
SMTPUTF8 request in MAIL FROM or VRFY commands. </p>
</ul>
<p> Postfix already permitted UTF-8 in message header values
and in address localparts. This does not change. </p>
<h2> <a name="using">Using Postfix SMTPUTF8 support</a> </h2>
<p> After Postfix SMTPUTF8 support is turned on, Postfix behavior
will depend on 1) whether a remote SMTP client requests SMTPUTF8
support, 2) the presence of UTF-8 content in the message envelope
and headers, and 3) whether a down-stream SMTP (or LMTP) server
announces SMTPUTF8 support. </p>
<ul>
<li> <p> When the Postfix SMTP server receives a message WITHOUT
the SMTPUTF8 request, Postfix handles the message as it has always
done (at least that is the default, see autodetection below).
Specifically, the Postfix SMTP server does not accept UTF-8 in the
envelope sender domain name or envelope recipient domain name, and
the Postfix SMTP client does not issue the SMTPUTF8 request when
delivering that message to an SMTP or LMTP server that announces
SMTPUTF8 support (again, that is the default). Postfix will accept
UTF-8 in message header values and in the localpart of envelope
sender and recipient addresses, because it has always done that.
</p>
<li> <p> When the Postfix SMTP server receives a message WITH the
SMTPUTF8 request, Postfix will issue the SMTPUTF8 request when
delivering that message to an SMTP or LMTP server that announces
SMTPUTF8 support. This is not configurable. </p>
<li> <p> When a message is received with the SMTPUTF8 request,
Postfix will deliver the message to a non-SMTPUTF8 SMTP or LMTP
server ONLY if: </p>
<ul>
<li> <p> No message header value contains UTF-8. </p>
<li> <p> The envelope sender address contains no UTF-8, </p>
<li> <p> No envelope recipient address for that specific
SMTP/LMTP delivery transaction contains UTF-8. </p>
<blockquote> <p> NOTE: Recipients in other email delivery
transactions for that same message may still contain UTF-8.
</p> </blockquote>
</ul>
<p> Otherwise, Postfix will return the recipient(s) for that
email delivery transaction as undeliverable. The delivery status
notification message will be an SMTPUTF8 message. It will therefore
be subject to the same restrictions as email that is received
with the SMTPUTF8 request. </p>
<li> <p> When the Postfix SMTP server receives a message with the
SMTPUTF8 request, that request also applies after the message is
forwarded via a virtual or local alias, or $HOME/.forward file.
</p>
</ul>
<h2> <a name="detecting">SMTPUTF8 autodetection</a> </h2>
<p> This section applies only to systems that have SMTPUTF8 support
turned on (<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> = yes). </p>
<p> For compatibility with pre-SMTPUTF8 environments, Postfix does
not automatically set the "SMTPUTF8 requested" flag on messages
from non-SMTPUTF8 clients that contain an UTF-8 header value or
UTF-8 address localpart. This would make such messages undeliverable
to non-SMTPUTF8 servers, and could be a barrier to SMTPUTF8 adoption.
</p>
<p> By default, Postfix sets the "SMTPUTF8 requested" flag only on
address verification probes and on Postfix sendmail submissions
that contain UTF-8 in the sender address, UTF-8 in a recipient
address, or UTF-8 in a message header value. </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> = sendmail, verify
</pre>
</blockquote>
<p> However, if you have a non-ASCII <a href="postconf.5.html#myorigin">myorigin</a> or <a href="postconf.5.html#mydomain">mydomain</a> setting,
or if you have a configuration that introduces UTF-8 addresses with
virtual aliases, canonical mappings, or BCC mappings, then you may
have to apply SMTPUTF8 autodetection to all email: </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> = all
</pre>
</blockquote>
<p> This will, of course, also flag email that was received without
SMTPUTF8 request, but that contains UTF-8 in a sender address
localpart, receiver address localpart, or message header value.
Such email was not standards-compliant, but Postfix would have
delivered it if SMTPUTF8 support was disabled. </p>
<h2> <a name="limitations">Limitations of the current implementation</a>
</h2>
<p> The Postfix implementation is a work in progress; limitations
are steadily being removed. The text below describes the situation
at one point in time. </p>
<h3> No automatic conversions between ASCII and UTF-8 domain names. </h3>
<p> Some background: According to <a href="http://tools.ietf.org/html/rfc6530">RFC 6530</a> and related documents,
an internationalized domain name can appear in two forms: the UTF-8
form, and the ASCII (xn--mumble) form. An internationalized address
localpart must be encoded in UTF-8; the RFCs do not define an ASCII
alternative form. </p>
<p> Postfix currently does not convert internationalized domain
names from UTF-8 into ASCII (or from ASCII into UTF-8) before using
domain names in SMTP commands and responses, before looking up
domain names in lists such as <a href="postconf.5.html#mydestination">mydestination</a>, <a href="postconf.5.html#relay_domains">relay_domains</a> or in
lookup tables such as access tables, etc., before using domain names
in a policy daemon or Milter request, or before logging events.
</p>
<p> Postfix does, however, casefold domain names and email addresses
before matching them against a Postfix configuration parameter or
lookup table. </p>
<p> In order to use Postfix SMTPUTF8 support: </p>
<ul>
<li> <p> The Postfix parameters <a href="postconf.5.html#myhostname">myhostname</a> and <a href="postconf.5.html#mydomain">mydomain</a> must be in
ASCII form. One is a substring of the other, and the <a href="postconf.5.html#myhostname">myhostname</a>
value is used in SMTP commands and responses that require ASCII.
The parameter <a href="postconf.5.html#myorigin">myorigin</a> (added to local addresses without domain)
supports UTF-8. </p>
<li> <p> You need to configure both the ASCII and UTF-8 forms of
an Internationalized domain name in Postfix parameters such as
<a href="postconf.5.html#mydestination">mydestination</a> and <a href="postconf.5.html#relay_domains">relay_domains</a>, as well as lookup table search
keys. </p>
<li> <p> Milters, content filters, policy servers and logfile
analysis tools need to be able to handle both the ASCII and UTF-8
forms of Internationalized domain names. </p>
</ul>
<h2> <a name="compatibility">Compatibility with pre-SMTPUTF8
environments</a> </h2>
<h3> Mailing lists with UTF-8 and non-UTF-8 subscribers </h3>
<p> With Postfix, there is no need to split mailing lists into UTF-8 and
non-UTF-8 members. Postfix will try to deliver the non-UTF8 subscribers
over "traditional" non-SMTPUTF8 sessions, as long as the message
has an ASCII envelope sender address and all-ASCII header values.
The mailing list manager may have to apply <a href="http://tools.ietf.org/html/rfc2047">RFC 2047</a> encoding to
satisfy that last condition. </p>
<h3> Pre-existing non-ASCII email flows </h3>
<p> With "<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> = no", Postfix handles email with non-ASCII
in address localparts (and in headers) as before. The vast majority
of email software is perfectly capable of handling such email, even
if pre-SMTPUTF8 standards do not support such practice. </p>
<p> However, when you specify "<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> = yes", Postfix
requires that non-ASCII address information is encoded in UTF-8 and
will reject other encodings such as ISO-8859. It is not practical
for Postfix to support multiple encodings at the same time. There
is no problem with <a href="http://tools.ietf.org/html/rfc2047">RFC 2047</a> encodings such as "=?ISO-8859-1?Q?text?=",
because those use only characters from the ASCII characterset. </p>
<h2> <a name="credits">Credits</a> </h2>
<ul>
<li> <p> May 15, 2014: Arnt Gulbrandsen posted his patch for Unicode
email support. This work was sponsored by CNNIC. </p>
<li> <p> July 15, 2014: Wietse integrated Arnt Gulbrandsen's code
and released Postfix with SMTPUTF8 support. </p>
<li> <p> January 2015: Wietse added UTF-8 support for casefolding
in Postfix lookup tables and caseless string comparison in Postfix
list-based features. </p>
</ul>
</body>
</html>

View File

@ -248,6 +248,8 @@ second part sets up the username/password information. </p>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> = noanonymous
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.isp.example]
# Alternative form:
# <a href="postconf.5.html#relayhost">relayhost</a> = [mail.isp.example]:submission
@ -262,6 +264,11 @@ client-side authentication. We will configure the client's username
and password information in the second part of the example. </p>
</li>
<li> <p> The <code><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a></code> setting ensures
that the connection to the remote smtp server will be encrypted, and
<code><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a></code> removes the prohibition on
plaintext passwords. </p>
<li> <p> The <code><a href="postconf.5.html#relayhost">relayhost</a></code> setting forces the Postfix SMTP
to send all remote messages to the specified mail server instead
of trying to deliver them directly to their destination. </p> </li>
@ -370,7 +377,7 @@ resort. </p>
<pre>
/etc/postfix/sasl_passwd:
# Per-sender authentication; see also /etc/postfix/sender_relay.
user1@example.com username2:password2
user1@example.com username1:password1
user2@example.net username2:password2
# Login information for the default <a href="postconf.5.html#relayhost">relayhost</a>.
[mail.isp.example] username:password

View File

@ -44,10 +44,25 @@ name of the standard POSIX thread library (pthread). For example:
<pre>
make -f Makefile.init makefiles \
'CCARGS=-DHAS_SQLITE -I/usr/local/include' \
'AUXLIBS=-L/usr/local/lib -lsqlite3 -lpthread'
'<a href="SQLITE_README.html">AUXLIBS_SQLITE</a>=-L/usr/local/lib -lsqlite3 -lpthread'
</pre>
</blockquote>
<p> Postfix versions before 3.0 use AUXLIBS instead of <a href="SQLITE_README.html">AUXLIBS_SQLITE</a>.
With Postfix 3.0 and later, the old AUXLIBS variable still supports
building a statically-loaded SQLite database client, but only the new
<a href="SQLITE_README.html">AUXLIBS_SQLITE</a> variable supports building a dynamically-loaded or
statically-loaded SQLite database client. </p>
<blockquote>
<p> Failure to use the <a href="SQLITE_README.html">AUXLIBS_SQLITE</a> variable will defeat the purpose
of dynamic database client loading. Every Postfix executable file
will have SQLITE database library dependencies. And that was exactly
what dynamic database client loading was meant to avoid. </p>
</blockquote>
<p> Then, just run 'make'.</p>
<h2>Using SQLite tables</h2>

View File

@ -158,16 +158,19 @@ default with Postfix 2.6 and later. </p>
<blockquote>
<pre>
1 <a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> = ${stress?10}${stress:300}s
2 <a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> = ${stress?1}${stress:20}
3 <a href="postconf.5.html#smtpd_junk_command_limit">smtpd_junk_command_limit</a> = ${stress?1}${stress:100}
1 <a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> = ${stress?{10}:{300}}s
2 <a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> = ${stress?{1}:{20}}
3 <a href="postconf.5.html#smtpd_junk_command_limit">smtpd_junk_command_limit</a> = ${stress?{1}:{100}}
4 # Parameters added after Postfix 2.6:
5 <a href="postconf.5.html#smtpd_per_record_deadline">smtpd_per_record_deadline</a> = ${stress?yes}${stress:no}
6 <a href="postconf.5.html#smtpd_starttls_timeout">smtpd_starttls_timeout</a> = ${stress?10}${stress:300}s
7 <a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> = ${stress?1}${stress:3}
5 <a href="postconf.5.html#smtpd_per_record_deadline">smtpd_per_record_deadline</a> = ${stress?{yes}:{no}}
6 <a href="postconf.5.html#smtpd_starttls_timeout">smtpd_starttls_timeout</a> = ${stress?{10}:{300}}s
7 <a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> = ${stress?{1}:{3}}
</pre>
</blockquote>
<p> Postfix versions before 3.0 use the older form ${stress?x}${stress:y}
instead of the newer form ${stress?{x}:{y}}. </p>
<p> Translation: <p>
<ul>
@ -216,8 +219,9 @@ as this measure is used only temporarily. </p>
</ul>
<p> The syntax of ${name?value} and ${name:value} is explained at
the beginning of the <a href="postconf.5.html">postconf(5)</a> manual page. </p>
<p> The syntax of ${name?{value}:{value}}, ${name?value} and
${name:value} is explained at the beginning of the <a href="postconf.5.html">postconf(5)</a>
manual page. </p>
<p> NOTE: Please keep in mind that the stress-adaptive feature is
a fairly desperate measure to keep <b>some</b> legitimate mail

View File

@ -294,8 +294,8 @@ is correctly configured to supply its intermediate CA certificate). </p>
</blockquote>
<p> To verify a remote SMTP client certificate, the Postfix SMTP
server needs to trust the certificates of the issuing certification
authorities. These certificates in "pem" format can be stored in a
server needs to trust the certificates of the issuing Certification
Authorities. These certificates in "pem" format can be stored in a
single $<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> or in multiple files, one CA per file in
the $<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> directory. If you use a directory, don't forget
to create the necessary "hash" links with: </p>
@ -839,8 +839,8 @@ is correctly configured to supply its intermediate CA certificate). </p>
</blockquote>
<p> To verify a remote SMTP server certificate, the Postfix SMTP
client needs to trust the certificates of the issuing certification
authorities. These certificates in "pem" format can be stored in a
client needs to trust the certificates of the issuing Certification
Authorities. These certificates in "pem" format can be stored in a
single $<a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> or in multiple files, one CA per file in
the $<a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> directory. If you use a directory, don't forget
to create the necessary "hash" links with: </p>
@ -1032,7 +1032,7 @@ the certificate. </p>
other attacks, mandatory certificate/peername verification is not
viable as a default Internet mail delivery policy at this time. A
significant fraction of TLS enabled MTAs uses self-signed certificates,
or certificates that are signed by a private certificate authority.
or certificates that are signed by a private Certification Authority.
On a machine that delivers mail to the Internet, if you set
<a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> = yes, you should probably also set
<a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> = no. You can use the per-site TLS
@ -1395,9 +1395,9 @@ sign your own Postfix public key certificate, you get TLS encryption
but no TLS authentication. This is sufficient for testing, and
for exchanging email with sites that you have no trust relationship
with. For real authentication, your Postfix public key certificate
needs to be signed by a recognized Certificate Authority, and
needs to be signed by a recognized Certification Authority, and
Postfix needs to be configured with a list of public key certificates
of Certificate Authorities, so that Postfix can verify the public key
of Certification Authorities, so that Postfix can verify the public key
certificates of remote hosts. </p>
<p> In the examples below, user input is shown in <b><tt>bold</tt></b>
@ -1405,7 +1405,7 @@ font, and a "<tt>#</tt>" prompt indicates a super-user shell. </p>
<ul>
<li> <p> Become your own Certificate Authority, so that you can
<li> <p> Become your own Certification Authority, so that you can
sign your own public keys. This example uses the CA.pl script that
ships with OpenSSL. By default, OpenSSL installs this as
<tt>/usr/local/ssl/misc/CA.pl</tt>, but your mileage may vary.

View File

@ -267,6 +267,11 @@ the TLS session cache) that an SMTP client may negotiate in the
time interval specified with <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> (default: 60s).
</dd>
<dt> <a href="postconf.5.html#smtpd_client_auth_rate_limit">smtpd_client_auth_rate_limit</a> (default: no limit) </dt> <dd>
The maximum number of AUTH commands that an SMTP client may send
in the time interval specified with <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> (default:
60s). Available in Postfix 3.1 and later. </dd>
<dt> <a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> (default: $<a href="postconf.5.html#mynetworks">mynetworks</a>)
</dt> <dd> SMTP clients that are excluded from connection and rate
limits specified above. </dd>

View File

@ -124,7 +124,8 @@ elements can be up to 255 characters long. The client must not send
XCLIENT commands that exceed the 512 character limit for SMTP
commands. To avoid exceeding the limit the client should send the
information in multiple XCLIENT commands; for example, send NAME
and ADDR first, then HELO and PROTO. </p>
and ADDR last, after HELO and PROTO. Once ADDR is sent, the client
is usually no longer authorized to send XCLIENT commands. </p>
<p> Note 2: [UNAVAILABLE], [TEMPUNAVAIL] and IPV6: may be specified
in upper case, lower case or mixed case. </p>

View File

@ -163,8 +163,8 @@ ACCESS(5) ACCESS(5)
<i>all-numerical</i>
An all-numerical result is treated as OK. This format is gener-
ated by address-based relay authorization schemes such as pop-
before-smtp.
ated by address-based relay authorization schemes such as
pop-before-smtp.
For other accept actions, see "OTHER ACTIONS" below.
@ -246,7 +246,7 @@ ACCESS(5) ACCESS(5)
If multiple BCC actions are specified within the same SMTP MAIL
transaction, only the last action will be used.
This feature is not part of the stable Postfix release.
This feature is available in Postfix 3.0 and later.
<b>DISCARD</b> <i>optional text...</i>
Claim successful delivery and silently discard the message. Log
@ -326,76 +326,84 @@ ACCESS(5) ACCESS(5)
<b>REDIRECT</b> <i>user@domain</i>
After the message is queued, send the message to the specified
address instead of the intended recipient(s).
address instead of the intended recipient(s). When multiple <b>RE-</b>
<b>DIRECT</b> actions fire, only the last one takes effect.
Note: this action overrides the FILTER action, and currently
affects all recipients of the message.
Note: this action overrides the FILTER action, and currently
overrides all recipients of the message.
This feature is available in Postfix 2.1 and later.
<b>INFO</b> <i>optional text...</i>
Log an informational record with the optional text, together
with client information and if available, with helo, sender,
recipient and protocol information.
This feature is available in Postfix 3.0 and later.
<b>WARN</b> <i>optional text...</i>
Log a warning with the optional text, together with client
information and if available, with helo, sender, recipient and
Log a warning with the optional text, together with client
information and if available, with helo, sender, recipient and
protocol information.
This feature is available in Postfix 2.1 and later.
<b>ENHANCED STATUS CODES</b>
Postfix version 2.3 and later support enhanced status codes as defined
in <a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a>. When an enhanced status code is specified in an access
Postfix version 2.3 and later support enhanced status codes as defined
in <a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a>. When an enhanced status code is specified in an access
table, it is subject to modification. The following transformations are
needed when the same access table is used for client, helo, sender, or
recipient access restrictions; they happen regardless of whether Post-
needed when the same access table is used for client, helo, sender, or
recipient access restrictions; they happen regardless of whether Post-
fix replies to a MAIL FROM, RCPT TO or other SMTP command.
<b>o</b> When a sender address matches a REJECT action, the Postfix SMTP
<b>o</b> When a sender address matches a REJECT action, the Postfix SMTP
server will transform a recipient DSN status (e.g., 4.1.1-4.1.6)
into the corresponding sender DSN status, and vice versa.
<b>o</b> When non-address information matches a REJECT action (such as
the HELO command argument or the client hostname/address), the
Postfix SMTP server will transform a sender or recipient DSN
<b>o</b> When non-address information matches a REJECT action (such as
the HELO command argument or the client hostname/address), the
Postfix SMTP server will transform a sender or recipient DSN
status into a generic non-address DSN status (e.g., 4.0.0).
<b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when the table is
given in the form of regular expressions. For a description of regular
This section describes how the table lookups change when the table is
given in the form of regular expressions. For a description of regular
expression lookup table syntax, see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to the entire
Each pattern is a regular expression that is applied to the entire
string being looked up. Depending on the application, that string is an
entire client hostname, an entire client IP address, or an entire mail
address. Thus, no parent domain or parent network search is done,
<i>user@domain</i> mail addresses are not broken up into their <i>user@</i> and
<i>domain</i> constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
entire client hostname, an entire client IP address, or an entire mail
address. Thus, no parent domain or parent network search is done,
<i>user@domain</i> mail addresses are not broken up into their <i>user@</i> and
<i>domain</i> constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Patterns are applied in the order as specified in the table, until a
Patterns are applied in the order as specified in the table, until a
pattern is found that matches the search string.
Actions are the same as with indexed file lookups, with the additional
feature that parenthesized substrings from the pattern can be interpo-
Actions are the same as with indexed file lookups, with the additional
feature that parenthesized substrings from the pattern can be interpo-
lated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when lookups are
directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not
This section describes how the table lookups change when lookups are
directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not
available up to and including Postfix version 2.4.
Each lookup operation uses the entire query string once. Depending on
the application, that string is an entire client hostname, an entire
client IP address, or an entire mail address. Thus, no parent domain
or parent network search is done, <i>user@domain</i> mail addresses are not
broken up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
Each lookup operation uses the entire query string once. Depending on
the application, that string is an entire client hostname, an entire
client IP address, or an entire mail address. Thus, no parent domain
or parent network search is done, <i>user@domain</i> mail addresses are not
broken up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
<i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Actions are the same as with indexed file lookups.
<b>EXAMPLE</b>
The following example uses an indexed file, so that the order of table
entries does not matter. The example permits access by the client at
The following example uses an indexed file, so that the order of table
entries does not matter. The example permits access by the client at
address 1.2.3.4 but rejects all other clients in 1.2.3.0/24. Instead of
<b>hash</b> lookup tables, some systems use <b>dbm</b>. Use the command "<b>postconf</b>
<b>hash</b> lookup tables, some systems use <b>dbm</b>. Use the command "<b>postconf</b>
<b>-m</b>" to find out what lookup tables Postfix supports on your system.
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
@ -406,7 +414,7 @@ ACCESS(5) ACCESS(5)
1.2.3 REJECT
1.2.3.4 OK
Execute the command "<b>postmap /etc/postfix/access</b>" after editing the
Execute the command "<b>postmap /etc/postfix/access</b>" after editing the
file.
<b>BUGS</b>
@ -431,5 +439,10 @@ ACCESS(5) ACCESS(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
ACCESS(5)
</pre> </body> </html>

View File

@ -194,5 +194,10 @@ ALIASES(5) ALIASES(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
ALIASES(5)
</pre> </body> </html>

View File

@ -106,6 +106,19 @@ ANVIL(8) ANVIL(8)
<b>status=0</b>
<b>rate=</b><i>number</i>
<b>AUTH RATE CONTROL</b>
To register an AUTH request send the following request to the <a href="anvil.8.html"><b>anvil</b>(8)</a>
server:
<b>request=auth</b>
<b>ident=</b><i>string</i>
The <a href="anvil.8.html"><b>anvil</b>(8)</a> server answers with the number of auth requests per unit
time for the (service, client) combination specified with <b>ident</b>:
<b>status=0</b>
<b>rate=</b><i>number</i>
<b>SECURITY</b>
The <a href="anvil.8.html"><b>anvil</b>(8)</a> server does not talk to the network or to local users, and
can run chrooted at fixed low privilege.
@ -216,5 +229,10 @@ ANVIL(8) ANVIL(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
ANVIL(8)
</pre> </body> </html>

View File

@ -153,6 +153,20 @@ BOUNCE(5) BOUNCE(5)
expressed in the time unit specified by <i>suffix</i>. See above under
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a></b> for possible <i>suffix</i> values.
<b><a href="postconf.5.html#mydomain">mydomain</a></b>
Expands into the value of the <b><a href="postconf.5.html#mydomain">mydomain</a></b> parameter. With "smt-
putf8_enable = yes", this replaces ACE labels (xn--mumble) with
their UTF-8 equivalent.
This feature is available in Postfix 3.0.
<b><a href="postconf.5.html#myhostname">myhostname</a></b>
Expands into the value of the <b><a href="postconf.5.html#myhostname">myhostname</a></b> parameter. With "smt-
putf8_enable = yes", this replaces ACE labels (xn--mumble) with
their UTF-8 equivalent.
This feature is available in Postfix 3.0.
The usage and specification of template message text is subject to the
following restrictions:
@ -182,5 +196,10 @@ BOUNCE(5) BOUNCE(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
BOUNCE(5)
</pre> </body> </html>

View File

@ -33,10 +33,10 @@ BOUNCE(8) BOUNCE(8)
tion is sent even when the log file or the original message cannot be
read.
Optionally, a bounce (defer, trace) client can request that the per-
message log file be deleted when the requested operation fails. This
is used by clients that cannot retry transactions by themselves, and
that depend on retry logic in their own client.
Optionally, a bounce (defer, trace) client can request that the
per-message log file be deleted when the requested operation fails.
This is used by clients that cannot retry transactions by themselves,
and that depend on retry logic in their own client.
<b>STANDARDS</b>
<a href="http://tools.ietf.org/html/rfc822">RFC 822</a> (ARPA Internet Text Messages)
@ -46,6 +46,9 @@ BOUNCE(8) BOUNCE(8)
<a href="http://tools.ietf.org/html/rfc3464">RFC 3464</a> (Delivery Status Notifications)
<a href="http://tools.ietf.org/html/rfc3834">RFC 3834</a> (Auto-Submitted: message header)
<a href="http://tools.ietf.org/html/rfc5322">RFC 5322</a> (Internet Message Format)
<a href="http://tools.ietf.org/html/rfc6531">RFC 6531</a> (Internationalized SMTP)
<a href="http://tools.ietf.org/html/rfc6532">RFC 6532</a> (Internationalized Message Format)
<a href="http://tools.ietf.org/html/rfc6533">RFC 6533</a> (Internationalized Delivery Status Notifications)
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
@ -104,9 +107,9 @@ BOUNCE(8) BOUNCE(8)
internal communication channel.
<b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
What categories of Postfix-generated mail are subject to before-
queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a> and
<a href="postconf.5.html#body_checks">body_checks</a>.
What categories of Postfix-generated mail are subject to
before-queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
<a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
<b><a href="postconf.5.html#mail_name">mail_name</a> (Postfix)</b>
The mail system name that is displayed in Received: headers, in
@ -140,6 +143,12 @@ BOUNCE(8) BOUNCE(8)
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
Available in Postfix 3.0 and later:
<b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
Detect that a message requires SMTPUTF8 support for the speci-
fied mail origin classes.
<b>FILES</b>
/var/spool/postfix/bounce/* non-delivery records
/var/spool/postfix/defer/* non-delivery records
@ -162,5 +171,10 @@ BOUNCE(8) BOUNCE(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
BOUNCE(8)
</pre> </body> </html>

View File

@ -253,5 +253,10 @@ CANONICAL(5) CANONICAL(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
CANONICAL(5)
</pre> </body> </html>

View File

@ -101,5 +101,10 @@ CIDR_TABLE(5) CIDR_TABLE(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
CIDR_TABLE(5)
</pre> </body> </html>

View File

@ -18,8 +18,8 @@ CLEANUP(8) CLEANUP(8)
The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon always performs the following transformations:
<b>o</b> Insert missing message headers: (<b>Resent-</b>) <b>From:</b>, <b>To:</b>, <b>Message-</b>
<b>Id:</b>, and <b>Date:</b>.
<b>o</b> Insert missing message headers: (<b>Resent-</b>) <b>From:</b>, <b>To:</b>, <b>Mes-</b>
<b>sage-Id:</b>, and <b>Date:</b>.
<b>o</b> Transform envelope and header addresses to the standard
<i>user@fully-qualified-domain</i> form that is expected by other Post-
@ -28,23 +28,26 @@ CLEANUP(8) CLEANUP(8)
<b>o</b> Eliminate duplicate envelope recipient addresses.
<b>o</b> Remove message headers: <b>Bcc</b>, <b>Content-Length</b>, <b>Resent-Bcc</b>,
<b>Return-Path</b>.
The following address transformations are optional:
<b>o</b> Optionally, rewrite all envelope and header addresses according
<b>o</b> Optionally, rewrite all envelope and header addresses according
to the mappings specified in the <a href="canonical.5.html"><b>canonical</b>(5)</a> lookup tables.
<b>o</b> Optionally, masquerade envelope sender addresses and message
header addresses (i.e. strip host or domain information below
all domains listed in the <b><a href="postconf.5.html#masquerade_domains">masquerade_domains</a></b> parameter, except
for user names listed in <b><a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a></b>). By default,
<b>o</b> Optionally, masquerade envelope sender addresses and message
header addresses (i.e. strip host or domain information below
all domains listed in the <b><a href="postconf.5.html#masquerade_domains">masquerade_domains</a></b> parameter, except
for user names listed in <b><a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a></b>). By default,
address masquerading does not affect envelope recipients.
<b>o</b> Optionally, expand envelope recipients according to information
<b>o</b> Optionally, expand envelope recipients according to information
found in the <a href="virtual.5.html"><b>virtual</b>(5)</a> lookup tables.
The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon performs sanity checks on the content of each
message. When it finds a problem, by default it returns a diagnostic
status to the client, and leaves it up to the client to deal with the
The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon performs sanity checks on the content of each
message. When it finds a problem, by default it returns a diagnostic
status to the client, and leaves it up to the client to deal with the
problem. Alternatively, the client can request the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon to
bounce the message back to the sender in case of trouble.
@ -61,7 +64,7 @@ CLEANUP(8) CLEANUP(8)
Problems and transactions are logged to <b>syslogd</b>(8).
<b>BUGS</b>
Table-driven rewriting rules make it hard to express <b>if then else</b> and
Table-driven rewriting rules make it hard to express <b>if then else</b> and
other logical relationships.
<b>CONFIGURATION PARAMETERS</b>
@ -69,7 +72,7 @@ CLEANUP(8) CLEANUP(8)
run for only a limited amount of time. Use the command "<b>postfix reload</b>"
to speed up a change.
The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
more details including examples.
<b>COMPATIBILITY CONTROLS</b>
@ -80,16 +83,16 @@ CLEANUP(8) CLEANUP(8)
Available in Postfix version 2.1 only:
<b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
Report mail delivery errors to the address specified with the
non-standard Errors-To: message header, instead of the envelope
sender address (this feature is removed with Postfix version
2.2, is turned off by default with Postfix version 2.1, and is
Report mail delivery errors to the address specified with the
non-standard Errors-To: message header, instead of the envelope
sender address (this feature is removed with Postfix version
2.2, is turned off by default with Postfix version 2.1, and is
always turned on with older Postfix versions).
Available in Postfix version 2.6 and later:
<b><a href="postconf.5.html#always_add_missing_headers">always_add_missing_headers</a> (no)</b>
Always add (Resent-) From:, To:, Date: or Message-ID: headers
Always add (Resent-) From:, To:, Date: or Message-ID: headers
when not present.
Available in Postfix version 2.9 and later:
@ -97,39 +100,46 @@ CLEANUP(8) CLEANUP(8)
<b><a href="postconf.5.html#enable_long_queue_ids">enable_long_queue_ids</a> (no)</b>
Enable long, non-repeating, queue IDs (queue file names).
Available in Postfix version 3.0 and later:
<b><a href="postconf.5.html#message_drop_headers">message_drop_headers</a> (bcc, content-length, resent-bcc, return-path)</b>
Names of message headers that the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will remove
after applying <a href="header_checks.5.html"><b>header_checks</b>(5)</a> and before invoking Milter
applications.
<b>BUILT-IN CONTENT FILTERING CONTROLS</b>
Postfix built-in content filtering is meant to stop a flood of worms or
viruses. It is not a general content filter.
<b><a href="postconf.5.html#body_checks">body_checks</a> (empty)</b>
Optional lookup tables for content inspection as specified in
Optional lookup tables for content inspection as specified in
the <a href="header_checks.5.html"><b>body_checks</b>(5)</a> manual page.
<b><a href="postconf.5.html#header_checks">header_checks</a> (empty)</b>
Optional lookup tables for content inspection of primary non-
MIME message headers, as specified in the <a href="header_checks.5.html"><b>header_checks</b>(5)</a> man-
ual page.
Optional lookup tables for content inspection of primary
non-MIME message headers, as specified in the <a href="header_checks.5.html"><b>header_checks</b>(5)</a>
manual page.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#body_checks_size_limit">body_checks_size_limit</a> (51200)</b>
How much text in a message body segment (or attachment, if you
How much text in a message body segment (or attachment, if you
prefer to use that term) is subjected to <a href="postconf.5.html#body_checks">body_checks</a> inspection.
<b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b>
Optional lookup tables for content inspection of MIME related
message headers, as described in the <a href="header_checks.5.html"><b>header_checks</b>(5)</a> manual
Optional lookup tables for content inspection of MIME related
message headers, as described in the <a href="header_checks.5.html"><b>header_checks</b>(5)</a> manual
page.
<b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b>
Optional lookup tables for content inspection of non-MIME mes-
sage headers in attached messages, as described in the
Optional lookup tables for content inspection of non-MIME mes-
sage headers in attached messages, as described in the
<a href="header_checks.5.html"><b>header_checks</b>(5)</a> manual page.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#message_reject_characters">message_reject_characters</a> (empty)</b>
The set of characters that Postfix will reject in message con-
The set of characters that Postfix will reject in message con-
tent.
<b><a href="postconf.5.html#message_strip_characters">message_strip_characters</a> (empty)</b>
@ -138,25 +148,25 @@ CLEANUP(8) CLEANUP(8)
<b>BEFORE QUEUE MILTER CONTROLS</b>
As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
filter) protocol. When mail is not received via the <a href="smtpd.8.html">smtpd(8)</a> server,
filter) protocol. When mail is not received via the <a href="smtpd.8.html">smtpd(8)</a> server,
the <a href="cleanup.8.html">cleanup(8)</a> server will simulate SMTP events to the extent that this
is possible. For details see the <a href="MILTER_README.html">MILTER_README</a> document.
<b><a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a> (empty)</b>
A list of Milter (mail filter) applications for new mail that
A list of Milter (mail filter) applications for new mail that
does not arrive via the Postfix <a href="smtpd.8.html"><b>smtpd</b>(8)</a> server.
<b><a href="postconf.5.html#milter_protocol">milter_protocol</a> (6)</b>
The mail filter protocol version and optional protocol exten-
sions for communication with a Milter application; prior to
The mail filter protocol version and optional protocol exten-
sions for communication with a Milter application; prior to
Postfix 2.6 the default protocol is 2.
<b><a href="postconf.5.html#milter_default_action">milter_default_action</a> (tempfail)</b>
The default action when a Milter (mail filter) application is
The default action when a Milter (mail filter) application is
unavailable or mis-configured.
<b><a href="postconf.5.html#milter_macro_daemon_name">milter_macro_daemon_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The {daemon_name} macro value for Milter (mail filter) applica-
The {daemon_name} macro value for Milter (mail filter) applica-
tions.
<b><a href="postconf.5.html#milter_macro_v">milter_macro_v</a> ($<a href="postconf.5.html#mail_name">mail_name</a> $<a href="postconf.5.html#mail_version">mail_version</a>)</b>
@ -167,45 +177,45 @@ CLEANUP(8) CLEANUP(8)
tion, and for negotiating protocol options.
<b><a href="postconf.5.html#milter_command_timeout">milter_command_timeout</a> (30s)</b>
The time limit for sending an SMTP command to a Milter (mail
The time limit for sending an SMTP command to a Milter (mail
filter) application, and for receiving the response.
<b><a href="postconf.5.html#milter_content_timeout">milter_content_timeout</a> (300s)</b>
The time limit for sending message content to a Milter (mail
The time limit for sending message content to a Milter (mail
filter) application, and for receiving the response.
<b><a href="postconf.5.html#milter_connect_macros">milter_connect_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after completion of an SMTP connection.
<b><a href="postconf.5.html#milter_helo_macros">milter_helo_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the SMTP HELO or EHLO command.
<b><a href="postconf.5.html#milter_mail_macros">milter_mail_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the SMTP MAIL FROM command.
<b><a href="postconf.5.html#milter_rcpt_macros">milter_rcpt_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the SMTP RCPT TO command.
<b><a href="postconf.5.html#milter_data_macros">milter_data_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to version 4 or higher Milter (mail
The macros that are sent to version 4 or higher Milter (mail
filter) applications after the SMTP DATA command.
<b><a href="postconf.5.html#milter_unknown_command_macros">milter_unknown_command_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to version 3 or higher Milter (mail
The macros that are sent to version 3 or higher Milter (mail
filter) applications after an unknown SMTP command.
<b><a href="postconf.5.html#milter_end_of_data_macros">milter_end_of_data_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the message end-of-data.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#milter_end_of_header_macros">milter_end_of_header_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the end of the message header.
Available in Postfix version 2.7 and later:
@ -214,6 +224,13 @@ CLEANUP(8) CLEANUP(8)
Optional lookup tables for content inspection of message headers
that are produced by Milter applications.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#milter_macro_defaults">milter_macro_defaults</a> (empty)</b>
Optional list of <i>name=value</i> pairs that specify default values
for arbitrary macros that Postfix may send to Milter applica-
tions.
<b>MIME PROCESSING CONTROLS</b>
Available in Postfix version 2.0 and later:
@ -237,91 +254,91 @@ CLEANUP(8) CLEANUP(8)
ing information.
<b><a href="postconf.5.html#strict_mime_encoding_domain">strict_mime_encoding_domain</a> (no)</b>
Reject mail with invalid Content-Transfer-Encoding: information
Reject mail with invalid Content-Transfer-Encoding: information
for the message/* or multipart/* MIME content types.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#detect_8bit_encoding_header">detect_8bit_encoding_header</a> (yes)</b>
Automatically detect 8BITMIME body content by looking at Con-
tent-Transfer-Encoding: message headers; historically, this
Automatically detect 8BITMIME body content by looking at Con-
tent-Transfer-Encoding: message headers; historically, this
behavior was hard-coded to be "always on".
<b>AUTOMATIC BCC RECIPIENT CONTROLS</b>
Postfix can automatically add BCC (blind carbon copy) when mail enters
Postfix can automatically add BCC (blind carbon copy) when mail enters
the mail system:
<b><a href="postconf.5.html#always_bcc">always_bcc</a> (empty)</b>
Optional address that receives a "blind carbon copy" of each
Optional address that receives a "blind carbon copy" of each
message that is received by the Postfix mail system.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#sender_bcc_maps">sender_bcc_maps</a> (empty)</b>
Optional BCC (blind carbon-copy) address lookup tables, indexed
Optional BCC (blind carbon-copy) address lookup tables, indexed
by sender address.
<b><a href="postconf.5.html#recipient_bcc_maps">recipient_bcc_maps</a> (empty)</b>
Optional BCC (blind carbon-copy) address lookup tables, indexed
Optional BCC (blind carbon-copy) address lookup tables, indexed
by recipient address.
<b>ADDRESS TRANSFORMATION CONTROLS</b>
Address rewriting is delegated to the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a> daemon. The
Address rewriting is delegated to the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a> daemon. The
<a href="cleanup.8.html"><b>cleanup</b>(8)</a> server implements table driven address mapping.
<b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a> (MAILER-DAEMON)</b>
The recipient of mail addressed to the null address.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for message headers and
Optional address mapping lookup tables for message headers and
envelopes.
<b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for envelope and header
Optional address mapping lookup tables for envelope and header
recipient addresses.
<b><a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for envelope and header
Optional address mapping lookup tables for envelope and header
sender addresses.
<b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a> (envelope_sender, header_sender, header_recipient)</b>
What addresses are subject to address masquerading.
<b><a href="postconf.5.html#masquerade_domains">masquerade_domains</a> (empty)</b>
Optional list of domains whose subdomain structure will be
Optional list of domains whose subdomain structure will be
stripped off in email addresses.
<b><a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a> (empty)</b>
Optional list of user names that are not subjected to address
masquerading, even when their address matches $<a href="postconf.5.html#masquerade_domains">masquer</a>-
Optional list of user names that are not subjected to address
masquerading, even when their address matches $<a href="postconf.5.html#masquerade_domains">masquer</a>-
<a href="postconf.5.html#masquerade_domains">ade_domains</a>.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> (canonical, virtual)</b>
What address lookup tables copy an address extension from the
What address lookup tables copy an address extension from the
lookup key to the lookup result.
Available before Postfix version 2.0:
<b><a href="postconf.5.html#virtual_maps">virtual_maps</a> (empty)</b>
Optional lookup tables with a) names of domains for which all
addresses are aliased to addresses in other local or remote
Optional lookup tables with a) names of domains for which all
addresses are aliased to addresses in other local or remote
domains, and b) addresses that are aliased to addresses in other
local or remote domains.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
Optional lookup tables that alias specific mail addresses or
Optional lookup tables that alias specific mail addresses or
domains to other local or remote address.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#canonical_classes">canonical_classes</a> (envelope_sender, envelope_recipient, header_sender,</b>
<b><a href="postconf.5.html#canonical_classes">canonical_classes</a> (envelope_sender, envelope_recipient, header_sender,</b>
<b>header_recipient)</b>
What addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a> address mapping.
<b><a href="postconf.5.html#recipient_canonical_classes">recipient_canonical_classes</a> (envelope_recipient, header_recipient)</b>
What addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address
What addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address
mapping.
<b><a href="postconf.5.html#sender_canonical_classes">sender_canonical_classes</a> (envelope_sender, header_sender)</b>
@ -329,8 +346,8 @@ CLEANUP(8) CLEANUP(8)
ping.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
Don't rewrite message headers from remote clients at all when
this parameter is empty; otherwise, rewrite message headers and
Don't rewrite message headers from remote clients at all when
this parameter is empty; otherwise, rewrite message headers and
append the specified domain name to incomplete addresses.
<b>RESOURCE AND RATE CONTROLS</b>
@ -340,7 +357,7 @@ CLEANUP(8) CLEANUP(8)
<a href="showq.8.html"><b>showq</b>(8)</a> queue displays.
<b><a href="postconf.5.html#header_size_limit">header_size_limit</a> (102400)</b>
The maximal amount of memory in bytes for storing a message
The maximal amount of memory in bytes for storing a message
header.
<b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
@ -348,17 +365,17 @@ CLEANUP(8) CLEANUP(8)
in the primary message headers.
<b><a href="postconf.5.html#in_flow_delay">in_flow_delay</a> (1s)</b>
Time to pause before accepting a new message, when the message
Time to pause before accepting a new message, when the message
arrival rate exceeds the message delivery rate.
<b><a href="postconf.5.html#message_size_limit">message_size_limit</a> (10240000)</b>
The maximal size in bytes of a message, including envelope
The maximal size in bytes of a message, including envelope
information.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#header_address_token_limit">header_address_token_limit</a> (10240)</b>
The maximal number of address tokens are allowed in an address
The maximal number of address tokens are allowed in an address
message header.
<b><a href="postconf.5.html#mime_boundary_length_limit">mime_boundary_length_limit</a> (2048)</b>
@ -374,12 +391,29 @@ CLEANUP(8) CLEANUP(8)
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#virtual_alias_expansion_limit">virtual_alias_expansion_limit</a> (1000)</b>
The maximal number of addresses that virtual alias expansion
The maximal number of addresses that virtual alias expansion
produces from each original recipient.
<b><a href="postconf.5.html#virtual_alias_recursion_limit">virtual_alias_recursion_limit</a> (1000)</b>
The maximal nesting depth of virtual alias expansion.
Available in Postfix version 3.0 and later:
<b><a href="postconf.5.html#virtual_alias_address_length_limit">virtual_alias_address_length_limit</a> (1000)</b>
The maximal length of an email address after virtual alias
expansion.
<b>SMTPUTF8 CONTROLS</b>
Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
<b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
Enable preliminary SMTPUTF8 support for the protocols described
in <a href="http://tools.ietf.org/html/rfc6531">RFC 6531</a>..6533.
<b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
Detect that a message requires SMTPUTF8 support for the speci-
fied mail origin classes.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
@ -471,5 +505,10 @@ CLEANUP(8) CLEANUP(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
CLEANUP(8)
</pre> </body> </html>

View File

@ -33,10 +33,10 @@ BOUNCE(8) BOUNCE(8)
tion is sent even when the log file or the original message cannot be
read.
Optionally, a bounce (defer, trace) client can request that the per-
message log file be deleted when the requested operation fails. This
is used by clients that cannot retry transactions by themselves, and
that depend on retry logic in their own client.
Optionally, a bounce (defer, trace) client can request that the
per-message log file be deleted when the requested operation fails.
This is used by clients that cannot retry transactions by themselves,
and that depend on retry logic in their own client.
<b>STANDARDS</b>
<a href="http://tools.ietf.org/html/rfc822">RFC 822</a> (ARPA Internet Text Messages)
@ -46,6 +46,9 @@ BOUNCE(8) BOUNCE(8)
<a href="http://tools.ietf.org/html/rfc3464">RFC 3464</a> (Delivery Status Notifications)
<a href="http://tools.ietf.org/html/rfc3834">RFC 3834</a> (Auto-Submitted: message header)
<a href="http://tools.ietf.org/html/rfc5322">RFC 5322</a> (Internet Message Format)
<a href="http://tools.ietf.org/html/rfc6531">RFC 6531</a> (Internationalized SMTP)
<a href="http://tools.ietf.org/html/rfc6532">RFC 6532</a> (Internationalized Message Format)
<a href="http://tools.ietf.org/html/rfc6533">RFC 6533</a> (Internationalized Delivery Status Notifications)
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
@ -104,9 +107,9 @@ BOUNCE(8) BOUNCE(8)
internal communication channel.
<b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
What categories of Postfix-generated mail are subject to before-
queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a> and
<a href="postconf.5.html#body_checks">body_checks</a>.
What categories of Postfix-generated mail are subject to
before-queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
<a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
<b><a href="postconf.5.html#mail_name">mail_name</a> (Postfix)</b>
The mail system name that is displayed in Received: headers, in
@ -140,6 +143,12 @@ BOUNCE(8) BOUNCE(8)
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
Available in Postfix 3.0 and later:
<b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
Detect that a message requires SMTPUTF8 support for the speci-
fied mail origin classes.
<b>FILES</b>
/var/spool/postfix/bounce/* non-delivery records
/var/spool/postfix/defer/* non-delivery records
@ -162,5 +171,10 @@ BOUNCE(8) BOUNCE(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
BOUNCE(8)
</pre> </body> </html>

View File

@ -119,5 +119,10 @@ DISCARD(8) DISCARD(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
DISCARD(8)
</pre> </body> </html>

View File

@ -19,12 +19,13 @@ DNSBLOG(8) DNSBLOG(8)
<b>PROTOCOL</b>
With each connection, the <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a> server receives a DNS white/black-
list domain name, IP address, and an ID. If the address is listed
under the DNS white/blacklist, the <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a> server logs the match and
replies with the query arguments plus an address list with the result-
ing IP addresses separated by whitespace. Otherwise it replies with
the query arguments plus an empty address list. Finally, The <a href="dnsblog.8.html"><b>dns-</b></a>
<a href="dnsblog.8.html"><b>blog</b>(8)</a> server closes the connection.
list domain name, an IP address, and an ID. If the IP address is
listed under the DNS white/blacklist, the <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a> server logs the
match and replies with the query arguments plus an address list with
the resulting IP addresses, separated by whitespace, and the reply TTL.
Otherwise it replies with the query arguments plus an empty address
list and the reply TTL (-1 if unavailable). Finally, The <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a>
server closes the connection.
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
@ -34,15 +35,15 @@ DNSBLOG(8) DNSBLOG(8)
run for only a limited amount of time. Use the command "<b>postfix reload</b>"
to speed up a change.
The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to handle a
How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
<b><a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> (empty)</b>
@ -50,7 +51,7 @@ DNSBLOG(8) DNSBLOG(8)
factors.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
The time limit for sending or receiving information over an
The time limit for sending or receiving information over an
internal communication channel.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
@ -66,8 +67,8 @@ DNSBLOG(8) DNSBLOG(8)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
<b>SEE ALSO</b>
@ -87,5 +88,10 @@ DNSBLOG(8) DNSBLOG(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
DNSBLOG(8)
</pre> </body> </html>

View File

@ -125,5 +125,10 @@ ERROR(8) ERROR(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
ERROR(8)
</pre> </body> </html>

View File

@ -118,8 +118,9 @@ FLUSH(8) FLUSH(8)
process will service before terminating voluntarily.
<b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf -d' output)</b>
What Postfix features match subdomains of "domain.tld" automati-
cally, instead of requiring an explicit ".domain.tld" pattern.
A list of Postfix features where the pattern "example.com" also
matches subdomains of example.com, instead of requiring an
explicit ".example.com" pattern.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
The process ID of a Postfix command or daemon process.
@ -134,8 +135,8 @@ FLUSH(8) FLUSH(8)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
<b>FILES</b>
@ -164,5 +165,10 @@ FLUSH(8) FLUSH(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
FLUSH(8)
</pre> </body> </html>

View File

@ -219,5 +219,10 @@ GENERIC(5) GENERIC(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
GENERIC(5)
</pre> </body> </html>

View File

@ -124,17 +124,17 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
<b>if /</b><i>pattern</i><b>/</b><i>flags</i>
<b>endif</b> Match the input string against the patterns between <b>if</b> and
<b>endif</b>, if and only if the same input string also matches /<i>pat-</i>
<i>tern</i>/. The <b>if</b>..<b>endif</b> can nest.
<b>endif</b> If the input string matches /<i>pattern</i>/, then match that input
string against the patterns between <b>if</b> and <b>endif</b>. The <b>if</b>..<b>endif</b>
can nest.
Note: do not prepend whitespace to patterns inside <b>if</b>..<b>endif</b>.
<b>if !/</b><i>pattern</i><b>/</b><i>flags</i>
<b>endif</b> Match the input string against the patterns between <b>if</b> and
<b>endif</b>, if and only if the same input string does <b>not</b> match /<i>pat-</i>
<i>tern</i>/. The <b>if</b>..<b>endif</b> can nest.
<b>endif</b> If the input string does not match /<i>pattern</i>/, then match that
input string against the patterns between <b>if</b> and <b>endif</b>. The
<b>if</b>..<b>endif</b> can nest.
blank lines and comments
Empty lines and whitespace-only lines are ignored, as are lines
@ -164,13 +164,32 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
Action names are case insensitive. They are shown in upper case for
consistency with other Postfix documentation.
<b>BCC</b> <i>user@domain</i>
Add the specified address as a BCC recipient, and inspect the
next input line. The address must have a local part and domain
part. The number of BCC addresses that can be added is limited
only by the amount of available storage space.
Note 1: the BCC address is added as if it was specified with
NOTIFY=NONE. The sender will not be notified when the BCC
address is undeliverable, as long as all down-stream software
implements <a href="http://tools.ietf.org/html/rfc3461">RFC 3461</a>.
Note 2: this ignores duplicate addresses (with the same delivery
status notification options).
This feature is available in Postfix 3.0 and later.
This feature is not supported with smtp header/body checks.
<b>DISCARD</b> <i>optional text...</i>
Claim successful delivery and silently discard the message. Log
the optional text if specified, otherwise log a generic message.
Claim successful delivery and silently discard the message. Do
not inspect the remainder of the input message. Log the
optional text if specified, otherwise log a generic message.
Note: this action disables further header or <a href="postconf.5.html#body_checks">body_checks</a> inspec-
tion of the current message and affects all recipients. To dis-
card only one recipient without discarding the entire message,
card only one recipient without discarding the entire message,
use the <a href="transport.5.html">transport(5)</a> table to direct mail to the <a href="discard.8.html">discard(8)</a> ser-
vice.
@ -178,8 +197,8 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is not supported with smtp header/body checks.
<b>DUNNO</b> Pretend that the input line did not match any pattern, and
inspect the next input line. This action can be used to shorten
<b>DUNNO</b> Pretend that the input line did not match any pattern, and
inspect the next input line. This action can be used to shorten
the table search.
For backwards compatibility reasons, Postfix also accepts <b>OK</b> but
@ -188,13 +207,14 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is available in Postfix 2.1 and later.
<b>FILTER</b> <i>transport:destination</i>
After the message is queued, send the entire message through the
specified external content filter. The <i>transport</i> name specifies
the first field of a mail delivery agent definition in <a href="master.5.html">mas-
ter.cf</a>; the syntax of the next-hop <i>destination</i> is described in
the manual page of the corresponding delivery agent. More
information about external content filters is in the Postfix
<a href="FILTER_README.html">FILTER_README</a> file.
Override the <a href="postconf.5.html#content_filter">content_filter</a> parameter setting, and inspect the
next input line. After the message is queued, send the entire
message through the specified external content filter. The
<i>transport</i> name specifies the first field of a mail delivery
agent definition in <a href="master.5.html">master.cf</a>; the syntax of the next-hop <i>desti-</i>
<i>nation</i> is described in the manual page of the corresponding
delivery agent. More information about external content filters
is in the Postfix <a href="FILTER_README.html">FILTER_README</a> file.
Note 1: do not use $<i>number</i> regular expression substitutions for
<i>transport</i> or <i>destination</i> unless you know that the information
@ -306,55 +326,55 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
headers.
<b>REJECT</b> <i>optional text...</i>
Reject the entire message. Reply with <i>optional text...</i> when the
optional text is specified, otherwise reply with a generic error
message.
Reject the entire message. Do not inspect the remainder of the
input message. Reply with <i>optional text...</i> when the optional
text is specified, otherwise reply with a generic error message.
Note: this action disables further header or <a href="postconf.5.html#body_checks">body_checks</a> inspec-
tion of the current message and affects all recipients.
Postfix version 2.3 and later support enhanced status codes.
When no code is specified at the beginning of <i>optional text...</i>,
Postfix version 2.3 and later support enhanced status codes.
When no code is specified at the beginning of <i>optional text...</i>,
Postfix inserts a default enhanced status code of "5.7.1".
This feature is not supported with smtp header/body checks.
<b>WARN</b> <i>optional text...</i>
Log a "warning:" record with the <i>optional text...</i> (or log a
generic text), and inspect the next input line. This action is
useful for debugging and for testing a pattern before applying
Log a "warning:" record with the <i>optional text...</i> (or log a
generic text), and inspect the next input line. This action is
useful for debugging and for testing a pattern before applying
more drastic actions.
<b>BUGS</b>
Empty lines never match, because some map types mis-behave when given a
zero-length search string. This limitation may be removed for regular
zero-length search string. This limitation may be removed for regular
expression tables in a future release.
Many people overlook the main limitations of header and <a href="postconf.5.html#body_checks">body_checks</a>
Many people overlook the main limitations of header and <a href="postconf.5.html#body_checks">body_checks</a>
rules.
<b>o</b> These rules operate on one logical message header or one body
<b>o</b> These rules operate on one logical message header or one body
line at a time. A decision made for one line is not carried over
to the next line.
<b>o</b> If text in the message body is encoded (<a href="http://tools.ietf.org/html/rfc2045">RFC 2045</a>) then the rules
need to be specified for the encoded form.
<b>o</b> Likewise, when message headers are encoded (<a href="http://tools.ietf.org/html/rfc2047">RFC 2047</a>) then the
<b>o</b> Likewise, when message headers are encoded (<a href="http://tools.ietf.org/html/rfc2047">RFC 2047</a>) then the
rules need to be specified for the encoded form.
Message headers added by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon itself are excluded from
inspection. Examples of such message headers are <b>From:</b>, <b>To:</b>, <b>Message-</b>
<b>ID:</b>, <b>Date:</b>.
inspection. Examples of such message headers are <b>From:</b>, <b>To:</b>, <b>Mes-</b>
<b>sage-ID:</b>, <b>Date:</b>.
Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be examined
before they are deleted. Examples are: <b>Bcc:</b>, <b>Content-Length:</b>, <b>Return-</b>
<b>Path:</b>.
Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be examined
before they are deleted. Examples are: <b>Bcc:</b>, <b>Content-Length:</b>,
<b>Return-Path:</b>.
<b>CONFIGURATION PARAMETERS</b>
<b><a href="postconf.5.html#body_checks">body_checks</a></b>
Lookup tables with content filter rules for message body lines.
These filters see one physical line at a time, in chunks of at
Lookup tables with content filter rules for message body lines.
These filters see one physical line at a time, in chunks of at
most <b>$<a href="postconf.5.html#line_length_limit">line_length_limit</a></b> bytes.
<b><a href="postconf.5.html#body_checks_size_limit">body_checks_size_limit</a></b>
@ -366,38 +386,38 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
<b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>)
<b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>)
Lookup tables with content filter rules for message header
lines: respectively, these are applied to the initial message
headers (not including MIME headers), to the MIME headers any-
where in the message, and to the initial headers of attached
Lookup tables with content filter rules for message header
lines: respectively, these are applied to the initial message
headers (not including MIME headers), to the MIME headers any-
where in the message, and to the initial headers of attached
messages.
Note: these filters see one logical message header at a time,
Note: these filters see one logical message header at a time,
even when a message header spans multiple lines. Message headers
that are longer than <b>$<a href="postconf.5.html#header_size_limit">header_size_limit</a></b> characters are trun-
that are longer than <b>$<a href="postconf.5.html#header_size_limit">header_size_limit</a></b> characters are trun-
cated.
<b><a href="postconf.5.html#disable_mime_input_processing">disable_mime_input_processing</a></b>
While receiving mail, give no special treatment to MIME related
message headers; all text after the initial message headers is
considered to be part of the message body. This means that
While receiving mail, give no special treatment to MIME related
message headers; all text after the initial message headers is
considered to be part of the message body. This means that
<b><a href="postconf.5.html#header_checks">header_checks</a></b> is applied to all the initial message headers, and
that <b><a href="postconf.5.html#body_checks">body_checks</a></b> is applied to the remainder of the message.
Note: when used in this manner, <b><a href="postconf.5.html#body_checks">body_checks</a></b> will process a
Note: when used in this manner, <b><a href="postconf.5.html#body_checks">body_checks</a></b> will process a
multi-line message header one line at a time.
<b>EXAMPLES</b>
Header pattern to block attachments with bad file name extensions. For
convenience, the PCRE /x flag is specified, so that there is no need to
collapse the pattern into a single line of text. The purpose of the
collapse the pattern into a single line of text. The purpose of the
[[:xdigit:]] sub-expressions is to recognize Windows CLSID strings.
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks.pcre
/etc/postfix/header_checks.<a href="pcre_table.5.html">pcre</a>:
/^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(
/^Content-(Disposition|Type).*name\s*=\s*"?([^;]*(\.|=2E)(
ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
hlp|ht[at]|
inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
@ -441,5 +461,10 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
HEADER_CHECKS(5)
</pre> </body> </html>

View File

@ -46,7 +46,11 @@ configuration examples </a>
<li> <a href="IPV6_README.html"> IP Version 6 Support </a>
<li> <a href="MULTI_INSTANCE_README.html"> Multiple-instance management </a>
<li> <a href="IPV6_README.html"> IP Version 6 Support </a>
<li> <a href="SMTPUTF8_README.html"> SMTPUTF8 Support </a>
<li> <a href="COMPATIBILITY_README.html"> Backwards-Compatibility Safety Net</a>
<li> <a href="INSTALL.html"> Installation from source code </a>

View File

@ -187,11 +187,11 @@ LDAP_TABLE(5) LDAP_TABLE(5)
returns no results.
<b>%[SUD]</b> The upper-case equivalents of the above expansions behave
in the <b>query_filter</b> parameter identically to their lower-
case counter-parts. With the <b>result_format</b> parameter
(previously called <b>result_filter</b> see the COMPATIBILITY
section and below), they expand to the corresponding com-
ponents of input key rather than the result value.
in the <b>query_filter</b> parameter identically to their
lower-case counter-parts. With the <b>result_format</b> parame-
ter (previously called <b>result_filter</b> see the COMPATIBIL-
ITY section and below), they expand to the corresponding
components of input key rather than the result value.
The above %S, %U and %D expansions are available with
Postfix 2.2 and later.
@ -269,11 +269,11 @@ LDAP_TABLE(5) LDAP_TABLE(5)
<b>domain (default: no domain list)</b>
This is a list of domain names, paths to files, or dictionaries.
When specified, only fully qualified search keys with a *non-
empty* localpart and a matching domain are eligible for lookup:
'user' lookups, bare domain lookups and "@domain" lookups are
not performed. This can significantly reduce the query load on
the LDAP server.
When specified, only fully qualified search keys with a
*non-empty* localpart and a matching domain are eligible for
lookup: 'user' lookups, bare domain lookups and "@domain"
lookups are not performed. This can significantly reduce the
query load on the LDAP server.
domain = postfix.org, <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/searchdomains
@ -320,9 +320,9 @@ LDAP_TABLE(5) LDAP_TABLE(5)
Postfix table.
If an LDAP URL attribute-descriptor or the corresponding Postfix
LDAP table result attribute (but not both) uses <a href="http://tools.ietf.org/html/rfc2255">RFC 2255</a> sub-
type options ("attr;option"), the attribute requested from the
LDAP server will include the sub-type option. In all other
LDAP table result attribute (but not both) uses <a href="http://tools.ietf.org/html/rfc2255">RFC 2255</a>
sub-type options ("attr;option"), the attribute requested from
the LDAP server will include the sub-type option. In all other
cases, the URL attribute and the table attribute must match
exactly. Attributes with options in both the URL and the Postfix
table are requested only when the options are identical. LDAP
@ -350,8 +350,8 @@ LDAP_TABLE(5) LDAP_TABLE(5)
This feature is available with Postfix 2.4 or later.
<b>leaf_result_attribute (default: empty)</b>
When one or more special result attributes are found in a non-
terminal (see above) LDAP entry, leaf result attributes are
When one or more special result attributes are found in a
non-terminal (see above) LDAP entry, leaf result attributes are
excluded from the expansion of that entry. This is useful when
expanding groups and the desired mail address attribute(s) of
the member objects obtained via DN or URI recursion are also
@ -565,10 +565,10 @@ LDAP_TABLE(5) LDAP_TABLE(5)
cally when the TCP connection is opened).
<b>tls_ca_cert_dir (No default; set either this or tls_ca_cert_file)</b>
Directory containing X509 Certificate Authority certificates in
PEM format which are to be recognized by the client in SSL/TLS
connections. The files each contain one CA certificate. The
files are looked up by the CA subject name hash value, which
Directory containing X509 Certification Authority certificates
in PEM format which are to be recognized by the client in
SSL/TLS connections. The files each contain one CA certificate.
The files are looked up by the CA subject name hash value, which
must hence be available. If more than one CA certificate with
the same name hash value exist, the extension must be different
(e.g. 9d66eef0.0, 9d66eef0.1 etc). The search is performed in
@ -577,7 +577,7 @@ LDAP_TABLE(5) LDAP_TABLE(5)
OpenSSL distribution) to create the necessary links.
<b>tls_ca_cert_file (No default; set either this or tls_ca_cert_dir)</b>
File containing the X509 Certificate Authority certificates in
File containing the X509 Certification Authority certificates in
PEM format which are to be recognized by the client in SSL/TLS
connections. This setting takes precedence over tls_ca_cert_dir.

View File

@ -20,9 +20,9 @@ LMDB_TABLE(5) LMDB_TABLE(5)
<b>postmap -q - <a href="lmdb_table.5.html">lmdb</a>:/etc/postfix/</b><i>filename</i> &lt;<i>inputfile</i>
<b>DESCRIPTION</b>
The Postfix LMDB adapter provides access to a persistent, memory-
mapped, key-value store. The database size is limited only by the size
of the memory address space (typically 31 or 47 bits on 32-bit or
The Postfix LMDB adapter provides access to a persistent, mem-
ory-mapped, key-value store. The database size is limited only by the
size of the memory address space (typically 31 or 47 bits on 32-bit or
64-bit CPUs, respectively) and by the available file system space.
<b>REQUESTS</b>
@ -48,7 +48,7 @@ LMDB_TABLE(5) LMDB_TABLE(5)
LMDB's copy-on-write architecture provides safe updates, at the cost of
using more space than some other flat-file databases. Read operations
are memory-mapped for speed. Write operations are not memory-mapped to
avoid silent curruption due to stray pointer bugs.
avoid silent corruption due to stray pointer bugs.
Multiple processes can safely update an LMDB database without serializ-
ing requests through the <a href="proxymap.8.html">proxymap(8)</a> service. This makes LMDB suitable
@ -64,17 +64,16 @@ LMDB_TABLE(5) LMDB_TABLE(5)
Every Postfix LMDB database read or write transaction must be protected
from start to end with a shared or exclusive fcntl(2) lock. A writer
may atomically downgrade an exclusive lock to a shared lock, but it
must acquire an exclusive lock between updating the database and start-
ing another write transaction.
must hold an exclusive lock while opening another write transaction.
Note that fcntl(2) locks do not protect transactions within the same
process against each other. If a program cannot avoid making simulta-
neous database requests, then it must protect its transactions with in-
process locks, in addition to the per-process fcntl(2) locks.
Note that fcntl(2) locks do not protect transactions within the same
process against each other. If a program cannot avoid making simulta-
neous database requests, then it must protect its transactions with
in-process locks, in addition to the per-process fcntl(2) locks.
<b>CONFIGURATION PARAMETERS</b>
Short-lived programs automatically pick up changes to <a href="postconf.5.html">main.cf</a>. With
long-running daemon programs, Use the command "<b>postfix reload</b>" after a
Short-lived programs automatically pick up changes to <a href="postconf.5.html">main.cf</a>. With
long-running daemon programs, Use the command "<b>postfix reload</b>" after a
configuration change.
<b><a href="postconf.5.html#lmdb_map_size">lmdb_map_size</a> (default: 16777216)</b>
@ -104,5 +103,10 @@ LMDB_TABLE(5) LMDB_TABLE(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
LMDB_TABLE(5)
</pre> </body> </html>

View File

@ -107,6 +107,9 @@ SMTP(8) SMTP(8)
<a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a> (Enhanced Status Codes)
<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH command)
<a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a> (SMTP protocol)
<a href="http://tools.ietf.org/html/rfc6531">RFC 6531</a> (Internationalized SMTP)
<a href="http://tools.ietf.org/html/rfc6533">RFC 6533</a> (Internationalized Delivery Status Notifications)
<a href="http://tools.ietf.org/html/rfc7672">RFC 7672</a> (SMTP security via opportunistic DANE TLS)
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8). Corrupted message
@ -219,42 +222,43 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.2.9 and later:
<b><a href="postconf.5.html#smtp_cname_overrides_servername">smtp_cname_overrides_servername</a> (version dependent)</b>
Allow DNS CNAME records to override the servername that the
Postfix SMTP client uses for logging, SASL password lookup, TLS
policy decisions, or TLS certificate verification.
When the remote SMTP servername is a DNS CNAME, replace the
servername with the result from CNAME expansion for the purpose
of logging, SASL password lookup, TLS policy decisions, or TLS
certificate verification.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#lmtp_discard_lhlo_keyword_address_maps">lmtp_discard_lhlo_keyword_address_maps</a> (empty)</b>
Lookup tables, indexed by the remote LMTP server address, with
case insensitive lists of LHLO keywords (pipelining, starttls,
Lookup tables, indexed by the remote LMTP server address, with
case insensitive lists of LHLO keywords (pipelining, starttls,
auth, etc.) that the Postfix LMTP client will ignore in the LHLO
response from a remote LMTP server.
<b><a href="postconf.5.html#lmtp_discard_lhlo_keywords">lmtp_discard_lhlo_keywords</a> (empty)</b>
A case insensitive list of LHLO keywords (pipelining, starttls,
A case insensitive list of LHLO keywords (pipelining, starttls,
auth, etc.) that the Postfix LMTP client will ignore in the LHLO
response from a remote LMTP server.
Available in Postfix version 2.4.4 and later:
<b><a href="postconf.5.html#send_cyrus_sasl_authzid">send_cyrus_sasl_authzid</a> (no)</b>
When authenticating to a remote SMTP or LMTP server with the
default setting "no", send no SASL authoriZation ID (authzid);
send only the SASL authentiCation ID (authcid) plus the auth-
When authenticating to a remote SMTP or LMTP server with the
default setting "no", send no SASL authoriZation ID (authzid);
send only the SASL authentiCation ID (authcid) plus the auth-
cid's password.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#smtp_header_checks">smtp_header_checks</a> (empty)</b>
Restricted <a href="header_checks.5.html"><b>header_checks</b>(5)</a> tables for the Postfix SMTP client.
Restricted <a href="header_checks.5.html"><b>header_checks</b>(5)</a> tables for the Postfix SMTP client.
<b><a href="postconf.5.html#smtp_mime_header_checks">smtp_mime_header_checks</a> (empty)</b>
Restricted <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b>(5) tables for the Postfix SMTP
Restricted <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b>(5) tables for the Postfix SMTP
client.
<b><a href="postconf.5.html#smtp_nested_header_checks">smtp_nested_header_checks</a> (empty)</b>
Restricted <b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b>(5) tables for the Postfix SMTP
Restricted <b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b>(5) tables for the Postfix SMTP
client.
<b><a href="postconf.5.html#smtp_body_checks">smtp_body_checks</a> (empty)</b>
@ -263,7 +267,7 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.6 and later:
<b><a href="postconf.5.html#tcp_windowsize">tcp_windowsize</a> (0)</b>
An optional workaround for routers that break TCP window scal-
An optional workaround for routers that break TCP window scal-
ing.
Available in Postfix version 2.8 and later:
@ -274,14 +278,14 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.9 and later:
<b><a href="postconf.5.html#smtp_per_record_deadline">smtp_per_record_deadline</a> (no)</b>
Change the behavior of the smtp_*_timeout time limits, from a
time limit per read or write system call, to a time limit to
send or receive a complete record (an SMTP command line, SMTP
response line, SMTP message content line, or TLS protocol mes-
Change the behavior of the smtp_*_timeout time limits, from a
time limit per read or write system call, to a time limit to
send or receive a complete record (an SMTP command line, SMTP
response line, SMTP message content line, or TLS protocol mes-
sage).
<b><a href="postconf.5.html#smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a> (no)</b>
Whether or not to append the "AUTH=&lt;&gt;" option to the MAIL FROM
Whether or not to append the "AUTH=&lt;&gt;" option to the MAIL FROM
command in SASL-authenticated SMTP sessions.
Available in Postfix version 2.11 and later:
@ -289,6 +293,16 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_dns_support_level">smtp_dns_support_level</a> (empty)</b>
Level of DNS support in the Postfix SMTP client.
Available in Postfix version 3.0 and later:
<b><a href="postconf.5.html#smtp_delivery_status_filter">smtp_delivery_status_filter</a> ($<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b>
Optional filter for the <a href="smtp.8.html"><b>smtp</b>(8)</a> delivery agent to change the
delivery status code or explanatory text of successful or unsuc-
cessful deliveries.
<b><a href="postconf.5.html#smtp_dns_reply_filter">smtp_dns_reply_filter</a> (empty)</b>
Optional filter for Postfix SMTP client DNS lookup results.
<b>MIME PROCESSING CONTROLS</b>
Available in Postfix version 2.0 and later:
@ -305,7 +319,7 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a> (no)</b>
Send the non-standard XFORWARD command when the Postfix SMTP
Send the non-standard XFORWARD command when the Postfix SMTP
server EHLO response announces XFORWARD support.
<b>SASL AUTHENTICATION CONTROLS</b>
@ -313,62 +327,62 @@ SMTP(8) SMTP(8)
Enable SASL authentication in the Postfix SMTP client.
<b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b>
Optional Postfix SMTP client lookup tables with one user-
name:password entry per remote hostname or domain, or sender
address when sender-dependent authentication is enabled.
Optional Postfix SMTP client lookup tables with one user-
name:password entry per sender, remote hostname or next-hop
domain.
<b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b>
Postfix SMTP client SASL security options; as of Postfix 2.3 the
list of available features depends on the SASL client implemen-
list of available features depends on the SASL client implemen-
tation that is selected with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> (empty)</b>
If non-empty, a Postfix SMTP client filter for the remote SMTP
If non-empty, a Postfix SMTP client filter for the remote SMTP
server's list of offered SASL mechanisms.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> (no)</b>
Enable sender-dependent authentication in the Postfix SMTP
client; this is available only with SASL authentication, and
disables SMTP connection caching to ensure that mail from dif-
client; this is available only with SASL authentication, and
disables SMTP connection caching to ensure that mail from dif-
ferent senders will use the appropriate credentials.
<b><a href="postconf.5.html#smtp_sasl_path">smtp_sasl_path</a> (empty)</b>
Implementation-specific information that the Postfix SMTP client
passes through to the SASL plug-in implementation that is
passes through to the SASL plug-in implementation that is
selected with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.
<b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a> (cyrus)</b>
The SASL plug-in type that the Postfix SMTP client should use
The SASL plug-in type that the Postfix SMTP client should use
for authentication.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> (empty)</b>
An optional table to prevent repeated SASL authentication fail-
ures with the same remote SMTP server hostname, username and
An optional table to prevent repeated SASL authentication fail-
ures with the same remote SMTP server hostname, username and
password.
<b><a href="postconf.5.html#smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a> (90d)</b>
The maximal age of an <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> entry before it
The maximal age of an <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> entry before it
is removed.
<b><a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> (yes)</b>
When a remote SMTP server rejects a SASL authentication request
with a 535 reply code, defer mail delivery instead of returning
When a remote SMTP server rejects a SASL authentication request
with a 535 reply code, defer mail delivery instead of returning
mail as undeliverable.
Available in Postfix version 2.9 and later:
<b><a href="postconf.5.html#smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a> (no)</b>
Whether or not to append the "AUTH=&lt;&gt;" option to the MAIL FROM
Whether or not to append the "AUTH=&lt;&gt;" option to the MAIL FROM
command in SASL-authenticated SMTP sessions.
<b>STARTTLS SUPPORT CONTROLS</b>
Detailed information about STARTTLS configuration may be found in the
Detailed information about STARTTLS configuration may be found in the
<a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
@ -378,20 +392,20 @@ SMTP(8) SMTP(8)
<a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b>
The SASL authentication security options that the Postfix SMTP
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions.
<b><a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> (300s)</b>
Time limit for Postfix SMTP client write and read operations
Time limit for Postfix SMTP client write and read operations
during TLS startup and shutdown handshake procedures.
<b><a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> (empty)</b>
A file containing CA certificates of root CAs trusted to sign
either remote SMTP server certificates or intermediate CA cer-
A file containing CA certificates of root CAs trusted to sign
either remote SMTP server certificates or intermediate CA cer-
tificates.
<b><a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> (empty)</b>
Directory with PEM format certificate authority certificates
Directory with PEM format Certification Authority certificates
that the Postfix SMTP client uses to verify a remote SMTP server
certificate.
@ -399,7 +413,7 @@ SMTP(8) SMTP(8)
File with the Postfix SMTP client RSA certificate in PEM format.
<b><a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> (medium)</b>
The minimum TLS cipher grade that the Postfix SMTP client will
The minimum TLS cipher grade that the Postfix SMTP client will
use with mandatory TLS encryption.
<b><a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> (empty)</b>
@ -407,8 +421,8 @@ SMTP(8) SMTP(8)
client cipher list at all TLS security levels.
<b><a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> (empty)</b>
Additional list of ciphers or cipher types to exclude from the
Postfix SMTP client cipher list at mandatory TLS security lev-
Additional list of ciphers or cipher types to exclude from the
Postfix SMTP client cipher list at mandatory TLS security lev-
els.
<b><a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> (empty)</b>
@ -424,7 +438,7 @@ SMTP(8) SMTP(8)
Enable additional Postfix SMTP client logging of TLS activity.
<b><a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a> (no)</b>
Log the hostname of a remote SMTP server that offers STARTTLS,
Log the hostname of a remote SMTP server that offers STARTTLS,
when TLS is not already enabled for that server.
<b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> (empty)</b>
@ -433,14 +447,14 @@ SMTP(8) SMTP(8)
fied, this overrides the obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.
<b><a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> (!SSLv2, !SSLv3)</b>
List of SSL/TLS protocols that the Postfix SMTP client will use
List of SSL/TLS protocols that the Postfix SMTP client will use
with mandatory TLS encryption.
<b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (9)</b>
The verification depth for remote SMTP server certificates.
<b><a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> (nexthop, dot-nexthop)</b>
How the Postfix SMTP client verifies the server certificate
How the Postfix SMTP client verifies the server certificate
peername for the "secure" TLS security level.
<b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
@ -448,77 +462,77 @@ SMTP(8) SMTP(8)
session cache.
<b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b>
The expiration time of Postfix SMTP client TLS session cache
The expiration time of Postfix SMTP client TLS session cache
information.
<b><a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> (hostname)</b>
How the Postfix SMTP client verifies the server certificate
How the Postfix SMTP client verifies the server certificate
peername for the "verify" TLS security level.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> server in order to seed its
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> server in order to seed its
internal pseudo random number generator (PRNG).
<b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "HIGH" grade ciphers.
<b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> (see 'postconf -d' output)</b>
The OpenSSL cipherlist for "high" grade ciphers.
<b><a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers.
<b><a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> (see 'postconf -d' output)</b>
The OpenSSL cipherlist for "medium" or higher grade ciphers.
<b><a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> (ALL:!EXPORT:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "LOW" or higher grade ciphers.
<b><a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> (see 'postconf -d' output)</b>
The OpenSSL cipherlist for "low" or higher grade ciphers.
<b><a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> (ALL:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.
<b><a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> (see 'postconf -d' output)</b>
The OpenSSL cipherlist for "export" or higher grade ciphers.
<b><a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> (eNULL:!aNULL)</b>
The OpenSSL cipherlist for "NULL" grade ciphers that provide
The OpenSSL cipherlist for "NULL" grade ciphers that provide
authentication without encryption.
Available in Postfix version 2.4 and later:
<b><a href="postconf.5.html#smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a> ($<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_secu</a>-</b>
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">rity_options</a>)</b>
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions with a verified
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions with a verified
server certificate.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a> (empty)</b>
List of acceptable remote SMTP server certificate fingerprints
for the "fingerprint" TLS security level (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_secu</a>-</b>
List of acceptable remote SMTP server certificate fingerprints
for the "fingerprint" TLS security level (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_secu</a>-</b>
<b><a href="postconf.5.html#smtp_tls_security_level">rity_level</a></b> = fingerprint).
<b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> (md5)</b>
The message digest algorithm used to construct remote SMTP
The message digest algorithm used to construct remote SMTP
server certificate fingerprints.
Available in Postfix version 2.6 and later:
<b><a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> (!SSLv2, !SSLv3)</b>
List of TLS protocols that the Postfix SMTP client will exclude
List of TLS protocols that the Postfix SMTP client will exclude
or include with opportunistic TLS encryption.
<b><a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> (medium)</b>
The minimum TLS cipher grade that the Postfix SMTP client will
The minimum TLS cipher grade that the Postfix SMTP client will
use with opportunistic TLS encryption.
<b><a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a> (empty)</b>
File with the Postfix SMTP client ECDSA certificate in PEM for-
File with the Postfix SMTP client ECDSA certificate in PEM for-
mat.
<b><a href="postconf.5.html#smtp_tls_eckey_file">smtp_tls_eckey_file</a> ($<a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a>)</b>
File with the Postfix SMTP client ECDSA private key in PEM for-
File with the Postfix SMTP client ECDSA private key in PEM for-
mat.
Available in Postfix version 2.7 and later:
<b><a href="postconf.5.html#smtp_tls_block_early_mail_reply">smtp_tls_block_early_mail_reply</a> (no)</b>
Try to detect a mail hijacking attack based on a TLS protocol
vulnerability (CVE-2009-3555), where an attacker prepends mali-
cious HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client
Try to detect a mail hijacking attack based on a TLS protocol
vulnerability (CVE-2009-3555), where an attacker prepends mali-
cious HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client
TLS session.
Available in Postfix version 2.8 and later:
@ -529,11 +543,11 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.11 and later:
<b><a href="postconf.5.html#smtp_tls_trust_anchor_file">smtp_tls_trust_anchor_file</a> (empty)</b>
Zero or more PEM-format files with trust-anchor certificates
Zero or more PEM-format files with trust-anchor certificates
and/or public keys.
<b><a href="postconf.5.html#smtp_tls_force_insecure_host_tlsa_lookup">smtp_tls_force_insecure_host_tlsa_lookup</a> (no)</b>
Lookup the associated DANE TLSA RRset even when a hostname is
Lookup the associated DANE TLSA RRset even when a hostname is
not an alias and its address records lie in an unsigned zone.
<b><a href="postconf.5.html#tls_dane_trust_anchor_digest_enable">tls_dane_trust_anchor_digest_enable</a> (yes)</b>
@ -542,6 +556,19 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#tlsmgr_service_name">tlsmgr_service_name</a> (tlsmgr)</b>
The name of the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> service entry in <a href="master.5.html">master.cf</a>.
Available in Postfix version 3.0 and later:
<b><a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> (no)</b>
Request that the Postfix SMTP client connects using the legacy
SMTPS protocol instead of using the STARTTLS command.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (dane)</b>
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX record
was found via an "insecure" MX lookup.
<b>OBSOLETE STARTTLS CONTROLS</b>
The following configuration parameters exist for compatibility with
Postfix versions before 2.3. Support for these will be removed in a
@ -682,6 +709,17 @@ SMTP(8) SMTP(8)
that an SMTP session may be reused before it is closed, or zero
(no limit).
<b>SMTPUTF8 CONTROLS</b>
Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
<b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
Enable preliminary SMTPUTF8 support for the protocols described
in <a href="http://tools.ietf.org/html/rfc6531">RFC 6531</a>..6533.
<b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
Detect that a message requires SMTPUTF8 support for the speci-
fied mail origin classes.
<b>TROUBLE SHOOTING CONTROLS</b>
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a remote client or
@ -698,9 +736,9 @@ SMTP(8) SMTP(8)
col errors.
<b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
What categories of Postfix-generated mail are subject to before-
queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a> and
<a href="postconf.5.html#body_checks">body_checks</a>.
What categories of Postfix-generated mail are subject to
before-queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
<a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
The list of error classes that are reported to the postmaster.
@ -777,7 +815,7 @@ SMTP(8) SMTP(8)
client should bind to when making an IPv6 connection.
<b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The hostname to send in the SMTP EHLO or HELO command.
The hostname to send in the SMTP HELO or EHLO command.
<b><a href="postconf.5.html#lmtp_lhlo_name">lmtp_lhlo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The hostname to send in the LMTP LHLO command.
@ -809,6 +847,18 @@ SMTP(8) SMTP(8)
Optional list of relay hosts for SMTP destinations that can't be
found or that are unreachable.
Available with Postfix 3.0 and later:
<b><a href="postconf.5.html#smtp_address_verify_target">smtp_address_verify_target</a> (rcpt)</b>
In the context of email address verification, the SMTP protocol
stage that determines whether an email address is deliverable.
Available with Postfix 3.1 and later:
<b><a href="postconf.5.html#lmtp_fallback_relay">lmtp_fallback_relay</a> (empty)</b>
Optional list of relay hosts for LMTP destinations that can't be
found or that are unreachable.
<b>SEE ALSO</b>
<a href="generic.5.html">generic(5)</a>, output address rewriting
<a href="header_checks.5.html">header_checks(5)</a>, message header content inspection
@ -835,6 +885,11 @@ SMTP(8) SMTP(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
Command pipelining in cooperation with:
Jon Ribbens
Oaktree Internet Solutions Ltd.,

View File

@ -30,10 +30,10 @@ LOCAL(8) LOCAL(8)
EXTENSION below for a few exceptions.
<b>SYSTEM-WIDE AND USER-LEVEL ALIASING</b>
The system administrator can set up one or more system-wide <b>sendmail</b>-
style alias databases. Users can have <b>sendmail</b>-style ~/.<b>forward</b> files.
Mail for <i>name</i> is delivered to the alias <i>name</i>, to destinations in
~<i>name</i>/.<b>forward</b>, to the mailbox owned by the user <i>name</i>, or it is sent
The system administrator can set up one or more system-wide <b>send-</b>
<b>mail</b>-style alias databases. Users can have <b>sendmail</b>-style ~/.<b>forward</b>
files. Mail for <i>name</i> is delivered to the alias <i>name</i>, to destinations
in ~<i>name</i>/.<b>forward</b>, to the mailbox owned by the user <i>name</i>, or it is sent
back as undeliverable.
The system administrator can specify a comma/space separated list of
@ -258,8 +258,8 @@ LOCAL(8) LOCAL(8)
In the case of <b>maildir</b> delivery, the local daemon prepends an optional
<b>Delivered-To:</b> header with the final envelope recipient address, and
prepends an <b>X-Original-To:</b> header with the recipient address as given
to Postfix. The envelope sender address is available in the <b>Return-</b>
<b>Path:</b> header.
to Postfix. The envelope sender address is available in the
<b>Return-Path:</b> header.
<b>ADDRESS EXTENSION</b>
The optional <b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a></b> configuration parameter specifies how
@ -327,9 +327,9 @@ LOCAL(8) LOCAL(8)
Whether or not to use the local <a href="postconf.5.html#biff">biff</a> service.
<b><a href="postconf.5.html#expand_owner_alias">expand_owner_alias</a> (no)</b>
When delivering to an alias "aliasname" that has an "owner-
aliasname" companion alias, set the envelope sender address to
the expansion of the "owner-aliasname" alias.
When delivering to an alias "aliasname" that has an
"owner-aliasname" companion alias, set the envelope sender
address to the expansion of the "owner-aliasname" alias.
<b><a href="postconf.5.html#owner_request_special">owner_request_special</a> (yes)</b>
Give special treatment to owner-listname and listname-request
@ -358,6 +358,13 @@ LOCAL(8) LOCAL(8)
attribute, when delivering mail to a child alias that does not
have its own owner alias.
Available in Postfix version 3.0 and later:
<b><a href="postconf.5.html#local_delivery_status_filter">local_delivery_status_filter</a> ($<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b>
Optional filter for the <a href="local.8.html"><b>local</b>(8)</a> delivery agent to change the
status code or explanatory text of successful or unsuccessful
deliveries.
<b>DELIVERY METHOD CONTROLS</b>
The precedence of <a href="local.8.html"><b>local</b>(8)</a> delivery methods from high to low is:
aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
@ -587,5 +594,10 @@ LOCAL(8) LOCAL(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
LOCAL(8)
</pre> </body> </html>

View File

@ -156,11 +156,11 @@ SENDMAIL(1) SENDMAIL(1)
Backwards compatibility.
<b>-N</b> <i>dsn</i> (default: 'delay, failure')
Delivery status notification control. Specify either a comma-
separated list with one or more of <b>failure</b> (send notification
when delivery fails), <b>delay</b> (send notification when delivery is
delayed), or <b>success</b> (send notification when the message is
delivered); or specify <b>never</b> (don't send any notifications at
Delivery status notification control. Specify either a
comma-separated list with one or more of <b>failure</b> (send notifica-
tion when delivery fails), <b>delay</b> (send notification when deliv-
ery is delayed), or <b>success</b> (send notification when the message
is delivered); or specify <b>never</b> (don't send any notifications at
all).
This feature is available in Postfix 2.3 and later.
@ -255,10 +255,10 @@ SENDMAIL(1) SENDMAIL(1)
of the form <i>owner-listname</i>@<i>origin</i>, each recipient <i>user</i>@<i>domain</i>
receives mail with a personalized envelope sender address.
By default, the personalized envelope sender address is <i>owner-</i>
<i>listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The default <b>+</b> and <b>=</b> characters are
configurable with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
parameter.
By default, the personalized envelope sender address is
<i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The default <b>+</b> and <b>=</b> charac-
ters are configurable with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configu-
ration parameter.
<b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter characters,
@ -400,13 +400,6 @@ SENDMAIL(1) SENDMAIL(1)
The time after which the sender receives a copy of the message
headers of mail that is still queued.
<b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
Report mail delivery errors to the address specified with the
non-standard Errors-To: message header, instead of the envelope
sender address (this feature is removed with Postfix version
2.2, is turned off by default with Postfix version 2.1, and is
always turned on with older Postfix versions).
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
The UNIX system account that owns the Postfix queue and most
Postfix daemon processes.
@ -459,5 +452,10 @@ SENDMAIL(1) SENDMAIL(1)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
SENDMAIL(1)
</pre> </body> </html>

View File

@ -124,7 +124,7 @@ MASTER(5) MASTER(5)
The <a href="local.8.html"><b>local</b>(8)</a>, <a href="pipe.8.html"><b>pipe</b>(8)</a>, <a href="spawn.8.html"><b>spawn</b>(8)</a>, and <a href="virtual.8.html"><b>virtual</b>(8)</a> daemons require
privileges.
<b>Chroot (default: y)</b>
<b>Chroot (default: Postfix</b> &gt;<b>= 3.0: n, Postfix</b> &lt;<b>3.0: y)</b>
Whether or not the service runs chrooted to the mail queue
directory (pathname is controlled by the <b><a href="postconf.5.html#queue_directory">queue_directory</a></b> config-
uration variable in the <a href="postconf.5.html">main.cf</a> file).
@ -154,49 +154,57 @@ MASTER(5) MASTER(5)
The maximum number of processes that may execute this service
simultaneously. Specify 0 for no process count limit.
NOTE: Some Postfix services must be configured as a single-
process service (for example, <a href="qmgr.8.html"><b>qmgr</b>(8)</a>) and some services must be
configured with no process limit (for example, <a href="cleanup.8.html"><b>cleanup</b>(8)</a>).
These limits must not be changed.
NOTE: Some Postfix services must be configured as a sin-
gle-process service (for example, <a href="qmgr.8.html"><b>qmgr</b>(8)</a>) and some services
must be configured with no process limit (for example,
<a href="cleanup.8.html"><b>cleanup</b>(8)</a>). These limits must not be changed.
<b>Command name + arguments</b>
The command to be executed. Characters that are special to the
shell such as "&gt;" or "|" have no special meaning here, and
quotes cannot be used to protect arguments containing white-
space.
space. To protect whitespace, use "{" and "}" as described
below.
The command name is relative to the Postfix daemon directory
(pathname is controlled by the <b><a href="postconf.5.html#daemon_directory">daemon_directory</a></b> configuration
The command name is relative to the Postfix daemon directory
(pathname is controlled by the <b><a href="postconf.5.html#daemon_directory">daemon_directory</a></b> configuration
variable).
The command argument syntax for specific commands is specified
The command argument syntax for specific commands is specified
in the respective daemon manual page.
The following command-line options have the same effect for all
The following command-line options have the same effect for all
daemon programs:
<b>-D</b> Run the daemon under control by the command specified
<b>-D</b> Run the daemon under control by the command specified
with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> variable in the <a href="postconf.5.html">main.cf</a> config-
uration file. See <a href="DEBUG_README.html">DEBUG_README</a> for hints and tips.
<b>-o</b> <i>name</i>=<i>value</i>
Override the named <a href="postconf.5.html">main.cf</a> configuration parameter. The
parameter value can refer to other parameters as <i>$name</i>
etc., just like in <a href="postconf.5.html">main.cf</a>. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for syntax.
<b>-o {</b> <i>name</i> = <i>value</i> <b>}</b> (long form, Postfix &gt;= 3.0)
NOTE 1: do not specify whitespace around the "=" or in
parameter values. To specify a parameter value that con-
tains whitespace, use commas instead of spaces, or spec-
ify the value in <a href="postconf.5.html">main.cf</a>. Example:
<b>-o</b> <i>name</i>=<i>value</i> (short form)
Override the named <a href="postconf.5.html">main.cf</a> configuration parameter. The
parameter value can refer to other parameters as <i>$name</i>
etc., just like in <a href="postconf.5.html">main.cf</a>. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for syntax.
NOTE 1: With the "long form" shown above, whitespace
after "{", around "=", and before "}" is ignored, and
whitespace within the parameter value is preserved.
NOTE 2: with the "short form" shown above, do not specify
whitespace around the "=" or in parameter values. To
specify a parameter value that contains whitespace, use
the long form described above, or use commas instead of
spaces, or specify the value in <a href="postconf.5.html">main.cf</a>. Example:
/etc/postfix/<a href="master.5.html">master.cf</a>:
submission inet .... smtpd
-o smtpd_mumble=$submission_mumble
-o smtpd_xxx_yyy=$submission_xxx_yyy
/etc/postfix/<a href="postconf.5.html">main.cf</a>
submission_mumble = text with whitespace...
submission_xxx_yyy = text with whitespace...
NOTE 2: Over-zealous use of parameter overrides makes the
NOTE 3: Over-zealous use of parameter overrides makes the
Postfix configuration hard to understand and maintain.
At a certain point, it might be easier to configure mul-
tiple instances of Postfix, instead of configuring multi-
@ -206,6 +214,11 @@ MASTER(5) MASTER(5)
options to make a Postfix daemon process increasingly
verbose.
Other command-line arguments
Specify "{" and "}" around command arguments that contain
whitespace (Postfix 3.0 and later). Whitespace after "{"
and before "}" is ignored.
<b>SEE ALSO</b>
<a href="master.8.html">master(8)</a>, process manager
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
@ -228,5 +241,10 @@ MASTER(5) MASTER(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
MASTER(5)
</pre> </body> </html>

View File

@ -192,5 +192,10 @@ MASTER(8) MASTER(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
MASTER(8)
</pre> </body> </html>

View File

@ -137,8 +137,8 @@ MEMCACHE_TABLE(5) MEMCACHE_TABLE(5)
results (an update is skipped with a warning).
<b>%[SUD]</b> The upper-case equivalents of the above expansions behave
in the <b>key_format</b> parameter identically to their lower-
case counter-parts.
in the <b>key_format</b> parameter identically to their
lower-case counter-parts.
<b>%[1-9]</b> The patterns %1, %2, ... %9 are replaced by the corre-
sponding most significant component of the input key's
@ -214,5 +214,10 @@ MEMCACHE_TABLE(5) MEMCACHE_TABLE(5)
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
MEMCACHE_TABLE(5)
</pre> </body> </html>

Some files were not shown because too many files have changed in this diff Show More