308 lines
11 KiB
Groff
308 lines
11 KiB
Groff
.TH NQMGR 8
|
|
.ad
|
|
.fi
|
|
.SH NAME
|
|
nqmgr
|
|
\-
|
|
Postfix queue manager
|
|
.SH SYNOPSIS
|
|
.na
|
|
.nf
|
|
\fBnqmgr\fR [generic Postfix daemon options]
|
|
.SH DESCRIPTION
|
|
.ad
|
|
.fi
|
|
The \fBnqmgr\fR daemon awaits the arrival of incoming mail
|
|
and arranges for its delivery via Postfix delivery processes.
|
|
The actual mail routing strategy is delegated to the
|
|
\fBtrivial-rewrite\fR(8) daemon.
|
|
This program expects to be run from the \fBmaster\fR(8) process
|
|
manager.
|
|
|
|
Mail addressed to the local \fBdouble-bounce\fR address is silently
|
|
discarded. This stops potential loops caused by undeliverable
|
|
bounce notifications.
|
|
|
|
Mail addressed to a user listed in the optional \fBrelocated\fR
|
|
database is bounced with a "user has moved to \fInew_location\fR"
|
|
message. See \fBrelocated\fR(5) for a precise description.
|
|
.SH MAIL QUEUES
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
The \fBnqmgr\fR daemon maintains the following queues:
|
|
.IP \fBincoming\fR
|
|
Inbound mail from the network, or mail picked up by the
|
|
local \fBpickup\fR agent from the \fBmaildrop\fR directory.
|
|
.IP \fBactive\fR
|
|
Messages that the queue manager has opened for delivery. Only
|
|
a limited number of messages is allowed to enter the \fBactive\fR
|
|
queue (leaky bucket strategy, for a fixed delivery rate).
|
|
.IP \fBdeferred\fR
|
|
Mail that could not be delivered upon the first attempt. The queue
|
|
manager implements exponential backoff by doubling the time between
|
|
delivery attempts.
|
|
.IP \fBcorrupt\fR
|
|
Unreadable or damaged queue files are moved here for inspection.
|
|
.SH DELIVERY STATUS REPORTS
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
The \fBnqmgr\fR daemon keeps an eye on per-message delivery status
|
|
reports in the following directories. Each status report file has
|
|
the same name as the corresponding message file:
|
|
.IP \fBbounce\fR
|
|
Per-recipient status information about why mail is bounced.
|
|
These files are maintained by the \fBbounce\fR(8) daemon.
|
|
.IP \fBdefer\fR
|
|
Per-recipient status information about why mail is delayed.
|
|
These files are maintained by the \fBdefer\fR(8) daemon.
|
|
.PP
|
|
The \fBnqmgr\fR daemon is responsible for asking the
|
|
\fBbounce\fR(8) or \fBdefer\fR(8) daemons to send non-delivery
|
|
reports.
|
|
.SH STRATEGIES
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
The queue manager implements a variety of strategies for
|
|
either opening queue files (input) or for message delivery (output).
|
|
.IP "\fBleaky bucket\fR"
|
|
This strategy limits the number of messages in the \fBactive\fR queue
|
|
and prevents the queue manager from running out of memory under
|
|
heavy load.
|
|
.IP \fBfairness\fR
|
|
When the \fBactive\fR queue has room, the queue manager takes one
|
|
message from the \fBincoming\fR queue and one from the \fBdeferred\fR
|
|
queue. This prevents a large mail backlog from blocking the delivery
|
|
of new mail.
|
|
.IP "\fBslow start\fR"
|
|
This strategy eliminates "thundering herd" problems by slowly
|
|
adjusting the number of parallel deliveries to the same destination.
|
|
.IP "\fBround robin\fR
|
|
The queue manager sorts delivery requests by destination.
|
|
Round-robin selection prevents one destination from dominating
|
|
deliveries to other destinations.
|
|
.IP "\fBexponential backoff\fR"
|
|
Mail that cannot be delivered upon the first attempt is deferred.
|
|
The time interval between delivery attempts is doubled after each
|
|
attempt.
|
|
.IP "\fBdestination status cache\fR"
|
|
The queue manager avoids unnecessary delivery attempts by
|
|
maintaining a short-term, in-memory list of unreachable destinations.
|
|
.IP "\fBpreemptive message scheduling\fR"
|
|
The queue manager attempts to minimize the average per-recipient delay
|
|
while still preserving the correct per-message delays, using
|
|
a sophisticated preemptive message scheduling.
|
|
.SH TRIGGERS
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
On an idle system, the queue manager waits for the arrival of
|
|
trigger events, or it waits for a timer to go off. A trigger
|
|
is a one-byte message.
|
|
Depending on the message received, the queue manager performs
|
|
one of the following actions (the message is followed by the
|
|
symbolic constant used internally by the software):
|
|
.IP "\fBD (QMGR_REQ_SCAN_DEFERRED)\fR"
|
|
Start a deferred queue scan. If a deferred queue scan is already
|
|
in progress, that scan will be restarted as soon as it finishes.
|
|
.IP "\fBI (QMGR_REQ_SCAN_INCOMING)\fR"
|
|
Start an incoming queue scan. If an incoming queue scan is already
|
|
in progress, that scan will be restarted as soon as it finishes.
|
|
.IP "\fBA (QMGR_REQ_SCAN_ALL)\fR"
|
|
Ignore deferred queue file time stamps. The request affects
|
|
the next deferred queue scan.
|
|
.IP "\fBF (QMGR_REQ_FLUSH_DEAD)\fR"
|
|
Purge all information about dead transports and destinations.
|
|
.IP "\fBW (TRIGGER_REQ_WAKEUP)\fR"
|
|
Wakeup call, This is used by the master server to instantiate
|
|
servers that should not go away forever. The action is to start
|
|
an incoming queue scan.
|
|
.PP
|
|
The \fBnqmgr\fR daemon reads an entire buffer worth of triggers.
|
|
Multiple identical trigger requests are collapsed into one, and
|
|
trigger requests are sorted so that \fBA\fR and \fBF\fR precede
|
|
\fBD\fR and \fBI\fR. Thus, in order to force a deferred queue run,
|
|
one would request \fBA F D\fR; in order to notify the queue manager
|
|
of the arrival of new mail one would request \fBI\fR.
|
|
.SH STANDARDS
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
None. The \fBnqmgr\fR daemon does not interact with the outside world.
|
|
.SH SECURITY
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
The \fBnqmgr\fR daemon is not security sensitive. It reads
|
|
single-character messages from untrusted local users, and thus may
|
|
be susceptible to denial of service attacks. The \fBnqmgr\fR daemon
|
|
does not talk to the outside world, and it can be run at fixed low
|
|
privilege in a chrooted environment.
|
|
.SH DIAGNOSTICS
|
|
.ad
|
|
.fi
|
|
Problems and transactions are logged to the syslog daemon.
|
|
Corrupted message files are saved to the \fBcorrupt\fR queue
|
|
for further inspection.
|
|
|
|
Depending on the setting of the \fBnotify_classes\fR parameter,
|
|
the postmaster is notified of bounces and of other trouble.
|
|
.SH BUGS
|
|
.ad
|
|
.fi
|
|
A single queue manager process has to compete for disk access with
|
|
multiple front-end processes such as \fBsmtpd\fR. A sudden burst of
|
|
inbound mail can negatively impact outbound delivery rates.
|
|
.SH CONFIGURATION PARAMETERS
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
The following \fBmain.cf\fR parameters are especially relevant to
|
|
this program. See the Postfix \fBmain.cf\fR file for syntax details
|
|
and for default values. Use the \fBpostfix reload\fR command after
|
|
a configuration change.
|
|
.SH Miscellaneous
|
|
.ad
|
|
.fi
|
|
.IP \fBallow_min_user\fR
|
|
Do not bounce recipient addresses that begin with '-'.
|
|
.IP \fBrelocated_maps\fR
|
|
Tables with contact information for users, hosts or domains
|
|
that no longer exist. See \fBrelocated\fR(5).
|
|
.IP \fBqueue_directory\fR
|
|
Top-level directory of the Postfix queue.
|
|
.SH "Active queue controls"
|
|
.ad
|
|
.fi
|
|
In the text below, \fItransport\fR is the first field in a
|
|
\fBmaster.cf\fR entry.
|
|
.IP \fBqmgr_message_active_limit\fR
|
|
Limit the number of messages in the active queue.
|
|
.IP \fBqmgr_message_recipient_limit\fR
|
|
Limit the number of in-memory recipients.
|
|
.sp
|
|
This parameter also limits the size of the short-term, in-memory
|
|
destination cache.
|
|
.IP \fBqmgr_message_recipient_minimum\fR
|
|
Per message minimum of in-memory recipients.
|
|
.IP \fBdefault_recipient_limit\fR
|
|
Default limit on the number of in-memory recipients per transport.
|
|
.IP \fItransport\fB_recipient_limit\fR
|
|
Limit on the number of in-memory recipients, for the named
|
|
message \fItransport\fR.
|
|
.IP \fBdefault_extra_recipient_limit\fR
|
|
Default limit on the total number of per transport in-memory
|
|
recipients that the preempting messages can have.
|
|
.IP \fItransport\fB_extra_recipient_limit\fR
|
|
Limit on the number of in-memory recipients which all preempting
|
|
messages delivered by the transport \fItransport\fR can have.
|
|
.SH "Timing controls"
|
|
.ad
|
|
.fi
|
|
.IP \fBmin_backoff\fR
|
|
Minimal time in seconds between delivery attempts
|
|
of a deferred message.
|
|
.sp
|
|
This parameter also limits the time an unreachable destination
|
|
is kept in the short-term, in-memory destination status cache.
|
|
.IP \fBmax_backoff\fR
|
|
Maximal time in seconds between delivery attempts
|
|
of a deferred message.
|
|
.IP \fBmaximal_queue_lifetime\fR
|
|
Maximal time in days a message is queued
|
|
before it is sent back as undeliverable.
|
|
.IP \fBqueue_run_delay\fR
|
|
Time in seconds between deferred queue scans. Queue scans do
|
|
not overlap.
|
|
.IP \fBtransport_retry_time\fR
|
|
Time in seconds between attempts to contact a broken
|
|
delivery transport.
|
|
.SH "Concurrency controls"
|
|
.ad
|
|
.fi
|
|
.IP \fBinitial_destination_concurrency\fR
|
|
Initial per-destination concurrency level for parallel delivery
|
|
to the same destination.
|
|
.IP \fBdefault_destination_concurrency_limit\fR
|
|
Default limit on the number of parallel deliveries to the same
|
|
destination.
|
|
.IP \fItransport\fB_destination_concurrency_limit\fR
|
|
Limit on the number of parallel deliveries to the same destination,
|
|
for delivery via the named message \fItransport\fR.
|
|
.SH "Recipient controls"
|
|
.ad
|
|
.fi
|
|
.IP \fBdefault_destination_recipient_limit\fR
|
|
Default limit on the number of recipients per message transfer.
|
|
.IP \fItransport\fB_destination_recipient_limit\fR
|
|
Limit on the number of recipients per message transfer, for the
|
|
named message \fItransport\fR.
|
|
.SH "Message scheduling"
|
|
.ad
|
|
.fi
|
|
.IP "\fItransport\fB_delivery_slot_cost\fR (valid range: 0,2,3...)
|
|
This parameter basically controls how often a message
|
|
delivered by \fItransport\fR can be preempted by another
|
|
message.
|
|
An internal per-message/transport counter is incremented by one
|
|
for each \fItransport\fB_delivery_slot_cost\fR
|
|
deliveries handled by \fItransport\fR. This counter represents
|
|
the number of "available delivery slots" for use by other messages.
|
|
Current message can be preempted by another message when that
|
|
other message can be delivered using less \fItransport\fR agents
|
|
than the value of the "available delivery slots" counter.
|
|
.sp
|
|
Value equal to 0 disables the message preemption for \fItransport\fR.
|
|
.IP \fItransport\fB_minimum_delivery_slots\fR
|
|
Message preemption is not attempted at all whenever a message
|
|
that can't ever accumulate at least \fItransport\fB_minimum_delivery_slots\fR
|
|
available delivery slots is being delivered by \fItransport\fR.
|
|
.IP "\fItransport\fB_delivery_slot_discount\fR (valid range: 0..100)"
|
|
.IP \fItransport\fB_delivery_slot_loan\fR
|
|
These parameters speed up the moment when a message preemption can happen.
|
|
Instead of waiting until the full amount of delivery slots
|
|
required is available, the preemption can happen when
|
|
\fItransport\fB_delivery_slot_discount\fR percent of the required
|
|
amount plus \fItransport\fB_delivery_slot_loan\fR still remains to
|
|
be accumulated. Note that the full amount will still have to be
|
|
accumulated before another preemption can take place later.
|
|
.IP \fBdefault_delivery_slot_cost\fR
|
|
.IP \fBdefault_minimum_delivery_slots\fR
|
|
.IP \fBdefault_delivery_slot_discount\fR
|
|
.IP \fBdefault_delivery_slot_loan\fR
|
|
Default values for the transport specific parameters described above.
|
|
.SH SEE ALSO
|
|
.na
|
|
.nf
|
|
master(8), process manager
|
|
relocated(5), format of the "user has moved" table
|
|
syslogd(8) system logging
|
|
trivial-rewrite(8), address routing
|
|
.SH LICENSE
|
|
.na
|
|
.nf
|
|
.ad
|
|
.fi
|
|
The Secure Mailer license must be distributed with this software.
|
|
.SH AUTHOR(S)
|
|
.na
|
|
.nf
|
|
Wietse Venema
|
|
IBM T.J. Watson Research
|
|
P.O. Box 704
|
|
Yorktown Heights, NY 10598, USA
|
|
|
|
Scheduler enhancements:
|
|
Patrik Rak
|
|
Modra 6
|
|
155 00, Prague, Czech Republic
|