"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "man/man5/postconf.5" between
postfix-3.5.8.tar.gz and postfix-3.5.9.tar.gz

About: Postfix is a mail system (an alternative to sendmail).

postconf.5  (postfix-3.5.8):postconf.5  (postfix-3.5.9)
skipping to change at line 1501 skipping to change at line 1501
dnsblog_reply_delay (default: 0s) dnsblog_reply_delay (default: 0s)
A debugging aid to artificially delay DNS responses. A debugging aid to artificially delay DNS responses.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
dnsblog_service_name (default: dnsblog) dnsblog_service_name (default: dnsblog)
The name of the dnsblog(8) service entry in master.cf. This service perfo rms DNS white/blacklist lookups. The name of the dnsblog(8) service entry in master.cf. This service perfo rms DNS white/blacklist lookups.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
dnssec_probe (default: ns:.)
The DNS query type (default: "ns") and DNS query name (default: ".")
that Postfix may use to determine
whether DNSSEC validation is available.
Background: DNSSEC validation is needed for Postfix DANE support; this en
sures that Postfix receives TLSA
records with secure TLS server certificate info. When DNSSEC validatio
n is unavailable, mail deliveries
using opportunistic DANE will not be protected by server certificate info
in TLSA records, and mail deliv-
eries using mandatory DANE will not be made at all.
By default, a Postfix process will send a DNSSEC probe after 1)
the process made a DNS query that
requested DNSSEC validation, 2) the process did not receive a DNSSEC vali
dated response to this query or
to an earlier query, and 3) the process did not already send a DNSSEC pro
be.
When the DNSSEC probe has no response, or when the response is not DNSSE
C validated, Postfix logs a warn-
ing that DNSSEC validation may be unavailable.
Example:
warning: DNSSEC validation may be unavailable
warning: reason: dnssec_probe 'ns:.' received a response that is not DNSS
EC validated
warning: reason: dnssec_probe 'ns:.' received no response: Server failure
Possible reasons why DNSSEC validation may be unavailable:
· The local /etc/resolv.conf file specifies a DNS resolver that does
not validate DNSSEC signatures
(that's $queue_directory/etc/resolv.conf when a Postfix daemon run
s in a chroot jail).
· The local system library does not pass on the "DNSSEC validated
" bit to Postfix, or Postfix does
not know how to ask the library to do that.
By default, the DNSSEC probe asks for the DNS root zone NS records, becau
se resolvers should always have
that information cached. If Postfix runs on a network where the DNS root
zone is not reachable, specify a
different probe, or specify an empty dnssec_probe value to disable the fe
ature.
This feature was backported from Postfix 3.6 to Postfix versions 3.5.9, 3
.4.19, 3.3.16. 3.2.21.
dont_remove (default: 0) dont_remove (default: 0)
Don't remove queue files and save them to the "saved" mail queue. Thi s is a debugging aid. To inspect Don't remove queue files and save them to the "saved" mail queue. This i s a debugging aid. To inspect
the envelope information and content of a Postfix queue file, use the pos tcat(1) command. the envelope information and content of a Postfix queue file, use the pos tcat(1) command.
double_bounce_sender (default: double-bounce) double_bounce_sender (default: double-bounce)
The sender address of postmaster notifications that are generated by the mail system. All mail to this The sender address of postmaster notifications that are generated by the mail system. All mail to this
address is silently discarded, in order to terminate mail bounce loops. address is silently discarded, in order to terminate mail bounce loops.
duplicate_filter_limit (default: 1000) duplicate_filter_limit (default: 1000)
The maximal number of addresses remembered by the address duplicate fi lter for aliases(5) or virtual(5) The maximal number of addresses remembered by the address duplicate filte r for aliases(5) or virtual(5)
alias expansion, or for showq(8) queue displays. alias expansion, or for showq(8) queue displays.
empty_address_default_transport_maps_lookup_key (default: <>) empty_address_default_transport_maps_lookup_key (default: <>)
The sender_dependent_default_transport_maps search string that will be us ed instead of the null sender The sender_dependent_default_transport_maps search string that will b e used instead of the null sender
address. address.
This feature is available in Postfix 2.7 and later. This feature is available in Postfix 2.7 and later.
empty_address_recipient (default: MAILER-DAEMON) empty_address_recipient (default: MAILER-DAEMON)
The recipient of mail addressed to the null address. Postfix does not a ccept such addresses in SMTP com- The recipient of mail addressed to the null address. Postfix does not ac cept such addresses in SMTP com-
mands, but they may still be created locally as the result of configurati on or software error. mands, but they may still be created locally as the result of configurati on or software error.
empty_address_relayhost_maps_lookup_key (default: <>) empty_address_relayhost_maps_lookup_key (default: <>)
The sender_dependent_relayhost_maps search string that will be used inste ad of the null sender address. The sender_dependent_relayhost_maps search string that will be used inste ad of the null sender address.
This feature is available in Postfix 2.5 and later. With earlier versions , sender_dependent_relayhost_maps This feature is available in Postfix 2.5 and later. With earlier versions , sender_dependent_relayhost_maps
lookups were skipped for the null sender address. lookups were skipped for the null sender address.
enable_errors_to (default: no) enable_errors_to (default: no)
Report mail delivery errors to the address specified with the non-st andard Errors-To: message header, Report mail delivery errors to the address specified with the non-stand ard Errors-To: message header,
instead of the envelope sender address (this feature is removed with Post fix version 2.2, is turned off by instead of the envelope sender address (this feature is removed with Post fix version 2.2, is turned off by
default with Postfix version 2.1, and is always turned on with older Post fix versions). default with Postfix version 2.1, and is always turned on with older Post fix versions).
enable_idna2003_compatibility (default: no) enable_idna2003_compatibility (default: no)
Enable 'transitional' compatibility between IDNA2003 and IDNA2008, w Enable 'transitional' compatibility between IDNA2003 and IDNA2008, when
hen converting UTF-8 domain names converting UTF-8 domain names
to/from the ASCII form that is used for DNS lookups. Specify "yes" for co to/from the ASCII form that is used for DNS lookups. Specify "yes" for
mpatibility with Postfix <= 3.1 compatibility with Postfix <= 3.1
(not recommended). This affects the conversion of domain names that cont (not recommended). This affects the conversion of domain names that conta
ain for example the German sz and in for example the German sz and
the Greek zeta. See http://unicode.org/cldr/utility/idna.jsp for more ex amples. the Greek zeta. See http://unicode.org/cldr/utility/idna.jsp for more ex amples.
This feature is available in Postfix 3.2 and later. This feature is available in Postfix 3.2 and later.
enable_long_queue_ids (default: no) enable_long_queue_ids (default: no)
Enable long, non-repeating, queue IDs (queue file names). The benefit of Enable long, non-repeating, queue IDs (queue file names). The benefit
non-repeating names is simpler of non-repeating names is simpler
logfile analysis and easier queue migration (there is no need to run logfile analysis and easier queue migration (there is no need to run "po
"postsuper" to change queue file stsuper" to change queue file
names that don't match their message file inode number). names that don't match their message file inode number).
Note: see below for how to convert long queue file names to Postfix <= 2. 8. Note: see below for how to convert long queue file names to Postfix <= 2. 8.
Changing the parameter value to "yes" has the following effects: Changing the parameter value to "yes" has the following effects:
· Existing queue file names are not affected. · Existing queue file names are not affected.
· New queue files are created with names such as 3Pt2mN2VXxznjll. T hese are encoded in a 52-charac- · New queue files are created with names such as 3Pt2mN2VXxznjll. These are encoded in a 52-charac-
ter alphabet that contains digits (0-9), upper-case letters (B-Z) and lower-case letters (b-z). For ter alphabet that contains digits (0-9), upper-case letters (B-Z) and lower-case letters (b-z). For
safety reasons the vowels (AEIOUaeiou) are excluded from the alpha safety reasons the vowels (AEIOUaeiou) are excluded from the al
bet. The name format is: 6 or phabet. The name format is: 6 or
more characters for the time in seconds, 4 characters for the t more characters for the time in seconds, 4 characters for the time
ime in microseconds, the 'z'; the in microseconds, the 'z'; the
remainder is the file inode number encoded in the first 51 charact ers of the 52-character alphabet. remainder is the file inode number encoded in the first 51 charact ers of the 52-character alphabet.
· New messages have a Message-ID header with queueID@myhostname. · New messages have a Message-ID header with queueID@myhostname.
· The mailq (postqueue -p) output has a wider Queue ID column. The number of whitespace-separated · The mailq (postqueue -p) output has a wider Queue ID column. T he number of whitespace-separated
fields is not changed. fields is not changed.
· The hash_queue_depth algorithm uses the first characters of · The hash_queue_depth algorithm uses the first characters of the
the queue file creation time in queue file creation time in
microseconds, after conversion into hexadecimal representation. Th microseconds, after conversion into hexadecimal representation. T
is produces the same queue hash- his produces the same queue hash-
ing behavior as if the queue file name was created with "enable_lo ng_queue_ids = no". ing behavior as if the queue file name was created with "enable_lo ng_queue_ids = no".
Changing the parameter value to "no" has the following effects: Changing the parameter value to "no" has the following effects:
· Existing long queue file names are renamed to the short form ( while running "postfix reload" or · Existing long queue file names are renamed to the short form (whil e running "postfix reload" or
"postsuper"). "postsuper").
· New queue files are created with names such as C3CD21F3E90 from a · New queue files are created with names such as C3CD21F3E90 from
hexadecimal alphabet that con- a hexadecimal alphabet that con-
tains digits (0-9) and upper-case letters (A-F). The name format tains digits (0-9) and upper-case letters (A-F). The name format i
is: 5 characters for the time in s: 5 characters for the time in
microseconds; the remainder is the file inode number. microseconds; the remainder is the file inode number.
· New messages have a Message-ID header with YYYYMMDDHHMMSS.queueid@ myhostname, where YYYYMMDDHHMMSS · New messages have a Message-ID header with YYYYMMDDHHMMSS.queueid @myhostname, where YYYYMMDDHHMMSS
are the year, month, day, hour, minute and second. are the year, month, day, hour, minute and second.
· The mailq (postqueue -p) output has the same format as with Postfi x <= 2.8. · The mailq (postqueue -p) output has the same format as with Postfi x <= 2.8.
· The hash_queue_depth algorithm uses the first characters of the qu eue file name, with the hexadeci- · The hash_queue_depth algorithm uses the first characters of the qu eue file name, with the hexadeci-
mal representation of the file creation time in microseconds. mal representation of the file creation time in microseconds.
Before migration to Postfix <= 2.8, the following commands are required t o convert long queue file names Before migration to Postfix <= 2.8, the following commands are required to convert long queue file names
into short names: into short names:
# postfix stop # postfix stop
# postconf enable_long_queue_ids=no # postconf enable_long_queue_ids=no
# postsuper # postsuper
Repeat the postsuper command until it reports no more queue file name cha nges. Repeat the postsuper command until it reports no more queue file name cha nges.
This feature is available in Postfix 2.9 and later. This feature is available in Postfix 2.9 and later.
enable_original_recipient (default: yes) enable_original_recipient (default: yes)
Enable support for the original recipient address after an address is rewritten to a different address Enable support for the original recipient address after an address is rew ritten to a different address
(for example with aliasing or with canonical mapping). (for example with aliasing or with canonical mapping).
The original recipient address is used as follows: The original recipient address is used as follows:
Final delivery Final delivery
With "enable_original_recipient = yes", the original recipient add With "enable_original_recipient = yes", the original recipient
ress is stored in the X-Origi- address is stored in the X-Origi-
nal-To message header. This header may be used to distinguish nal-To message header. This header may be used to distinguish bet
between different recipients that ween different recipients that
share the same mailbox. share the same mailbox.
Recipient deduplication Recipient deduplication
With "enable_original_recipient = yes", the cleanup(8) daemon perf orms duplicate recipient elimina- With "enable_original_recipient = yes", the cleanup(8) daemon perf orms duplicate recipient elimina-
tion based on the content of (original recipient, maybe-rewritten recipient) pairs. Otherwise, the tion based on the content of (original recipient, maybe-rewritten recipient) pairs. Otherwise, the
cleanup(8) daemon performs duplicate recipient elimination based o nly on the maybe-rewritten recip- cleanup(8) daemon performs duplicate recipient elimination based o nly on the maybe-rewritten recip-
ient address. ient address.
Note: with Postfix <= 3.2 the "setting enable_original_recipient = no Note: with Postfix <= 3.2 the "setting enable_original_recipient = no" b
" breaks address verification for reaks address verification for
addresses that are aliased or otherwise rewritten (Postfix is unable to addresses that are aliased or otherwise rewritten (Postfix is unable
store the address verification to store the address verification
result under the original probe destination address; instead, it ca result under the original probe destination address; instead, it can sto
n store the result only under the re the result only under the
rewritten address). rewritten address).
This feature is available in Postfix 2.1 and later. Postfix version 2.0 b ehaves as if this parameter is This feature is available in Postfix 2.1 and later. Postfix version 2. 0 behaves as if this parameter is
always set to yes. Postfix versions before 2.0 have no support for the o riginal recipient address. always set to yes. Postfix versions before 2.0 have no support for the o riginal recipient address.
error_notice_recipient (default: postmaster) error_notice_recipient (default: postmaster)
The recipient of postmaster notifications about mail delivery pro blems that are caused by policy, The recipient of postmaster notifications about mail delivery problem s that are caused by policy,
resource, software or protocol errors. These notifications are enabled w ith the notify_classes parameter. resource, software or protocol errors. These notifications are enabled w ith the notify_classes parameter.
error_service_name (default: error) error_service_name (default: error)
The name of the error(8) pseudo delivery agent. This service always retur ns mail as undeliverable. The name of the error(8) pseudo delivery agent. This service always retur ns mail as undeliverable.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
execution_directory_expansion_filter (default: see postconf -d output) execution_directory_expansion_filter (default: see postconf -d output)
Restrict the characters that the local(8) delivery agent allows in $name expansions of $command_execu- Restrict the characters that the local(8) delivery agent allows in $n ame expansions of $command_execu-
tion_directory. Characters outside the allowed set are replaced by under scores. tion_directory. Characters outside the allowed set are replaced by under scores.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
expand_owner_alias (default: no) expand_owner_alias (default: no)
When delivering to an alias "aliasname" that has an "owner-aliasname" When delivering to an alias "aliasname" that has an "owner-aliasname" com
companion alias, set the envelope panion alias, set the envelope
sender address to the expansion of the "owner-aliasname" alias. Normal sender address to the expansion of the "owner-aliasname" alias. No
ly, Postfix sets the envelope rmally, Postfix sets the envelope
sender address to the name of the "owner-aliasname" alias. sender address to the name of the "owner-aliasname" alias.
export_environment (default: see postconf -d output) export_environment (default: see postconf -d output)
The list of environment variables that a Postfix process will export to non-Postfix processes. The TZ The list of environment variables that a Postfix process will export to non-Postfix processes. The TZ
variable is needed for sane time keeping on System-V-ish systems. variable is needed for sane time keeping on System-V-ish systems.
Specify a list of names and/or name=value pairs, separated by whitespace Specify a list of names and/or name=value pairs, separated by whitespac
or comma. Specify "{ name=value e or comma. Specify "{ name=value
}" to protect whitespace or comma in parameter values (whitespace aft }" to protect whitespace or comma in parameter values (whitespace after t
er the opening "{" and before the he opening "{" and before the
closing "}" is ignored). The form name=value is supported with Postfix ve closing "}" is ignored). The form name=value is supported with Postfix
rsion 2.1 and later; the use of version 2.1 and later; the use of
{} is supported with Postfix 3.0 and later. {} is supported with Postfix 3.0 and later.
Example: Example:
export_environment = TZ PATH=/bin:/usr/bin export_environment = TZ PATH=/bin:/usr/bin
extract_recipient_limit (default: 10240) extract_recipient_limit (default: 10240)
The maximal number of recipient addresses that Postfix will extract from message headers when mail is sub- The maximal number of recipient addresses that Postfix will extract from message headers when mail is sub-
mitted with "sendmail -t". mitted with "sendmail -t".
This feature was removed in Postfix version 2.1. This feature was removed in Postfix version 2.1.
fallback_relay (default: empty) fallback_relay (default: empty)
Optional list of relay hosts for SMTP destinations that can't be found or that are unreachable. With Post- Optional list of relay hosts for SMTP destinations that can't be found or that are unreachable. With Post-
fix 2.3 this parameter is renamed to smtp_fallback_relay. fix 2.3 this parameter is renamed to smtp_fallback_relay.
By default, mail is returned to the sender when a destination is not fou nd, and delivery is deferred when By default, mail is returned to the sender when a destination is not foun d, and delivery is deferred when
a destination is unreachable. a destination is unreachable.
The fallback relays must be SMTP destinations. Specify a domain, host, ho st:port, [host]:port, [address] The fallback relays must be SMTP destinations. Specify a domain, host, host:port, [host]:port, [address]
or [address]:port; the form [host] turns off MX lookups. If you specify multiple SMTP destinations, Post- or [address]:port; the form [host] turns off MX lookups. If you specify multiple SMTP destinations, Post-
fix will try them in the specified order. fix will try them in the specified order.
Note: before Postfix 2.2, do not use the fallback_relay feature when rela ying mail for a backup or primary Note: before Postfix 2.2, do not use the fallback_relay feature when rela ying mail for a backup or primary
MX domain. Mail would loop between the Postfix MX host and the fallback_r elay host when the final destina- MX domain. Mail would loop between the Postfix MX host and the fallback_r elay host when the final destina-
tion is unavailable. tion is unavailable.
· In main.cf specify "relay_transport = relay", · In main.cf specify "relay_transport = relay",
· In master.cf specify "-o fallback_relay =" (i.e., empty) at the en d of the relay entry. · In master.cf specify "-o fallback_relay =" (i.e., empty) at the en d of the relay entry.
· In transport maps, specify "relay:nexthop..." as the right-hand s ide for backup or primary MX · In transport maps, specify "relay:nexthop..." as the right-h and side for backup or primary MX
domain entries. domain entries.
Postfix version 2.2 and later will not use the fallback_relay feature fo r destinations that it is MX host Postfix version 2.2 and later will not use the fallback_relay feature for destinations that it is MX host
for. for.
fallback_transport (default: empty) fallback_transport (default: empty)
Optional message delivery transport that the local(8) delivery agent shou ld use for names that are not Optional message delivery transport that the local(8) delivery agent should use for names that are not
found in the aliases(5) or UNIX password database. found in the aliases(5) or UNIX password database.
The precedence of local(8) delivery features from high to low is: aliase The precedence of local(8) delivery features from high to low is: aliases
s, .forward files, mailbox_trans- , .forward files, mailbox_trans-
port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, hom port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, ho
e_mailbox, mail_spool_directory, me_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay. fallback_transport_maps, fallback_transport and luser_relay.
fallback_transport_maps (default: empty) fallback_transport_maps (default: empty)
Optional lookup tables with per-recipient message delivery transports for recipients that the local(8) Optional lookup tables with per-recipient message delivery transports for recipients that the local(8)
delivery agent could not find in the aliases(5) or UNIX password database . delivery agent could not find in the aliases(5) or UNIX password database .
The precedence of local(8) delivery features from high to low is: aliases The precedence of local(8) delivery features from high to low is: aliase
, .forward files, mailbox_trans- s, .forward files, mailbox_trans-
port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, ho port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, hom
me_mailbox, mail_spool_directory, e_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay. fallback_transport_maps, fallback_transport and luser_relay.
For safety reasons, this feature does not allow $number substitutions in regular expression maps. For safety reasons, this feature does not allow $number substitutions in regular expression maps.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
fast_flush_domains (default: $relay_domains) fast_flush_domains (default: $relay_domains)
Optional list of destinations that are eligible for per-destination logfi les with mail that is queued to Optional list of destinations that are eligible for per-destination log files with mail that is queued to
those destinations. those destinations.
By default, Postfix maintains "fast flush" logfiles only for destination By default, Postfix maintains "fast flush" logfiles only for destinations
s that the Postfix SMTP server is that the Postfix SMTP server is
willing to relay to (i.e. the default is: "fast_flush_domains = $relay_d willing to relay to (i.e. the default is: "fast_flush_domains = $rela
omains"; see the relay_domains y_domains"; see the relay_domains
parameter in the postconf(5) manual). parameter in the postconf(5) manual).
Specify a list of hosts or domains, "/file/name" patterns or "type:table" lookup tables, separated by com- Specify a list of hosts or domains, "/file/name" patterns or "type:table" lookup tables, separated by com-
mas and/or whitespace. Continue long lines by starting the next line wit h whitespace. A "/file/name" pat- mas and/or whitespace. Continue long lines by starting the next line wit h whitespace. A "/file/name" pat-
tern is replaced by its contents; a "type:table" lookup table is matc hed when the domain or its parent tern is replaced by its contents; a "type:table" lookup table is matched when the domain or its parent
domain appears as lookup key. domain appears as lookup key.
Pattern matching of domain names is controlled by the presence or absence of "fast_flush_domains" in the Pattern matching of domain names is controlled by the presence or absen ce of "fast_flush_domains" in the
parent_domain_matches_subdomains parameter value. parent_domain_matches_subdomains parameter value.
Specify "fast_flush_domains =" (i.e., empty) to disable the feature altog ether. Specify "fast_flush_domains =" (i.e., empty) to disable the feature altog ether.
fast_flush_purge_time (default: 7d) fast_flush_purge_time (default: 7d)
The time after which an empty per-destination "fast flush" logfile is del eted. The time after which an empty per-destination "fast flush" logfile is del eted.
You can specify the time as a number, or as a number followed by a let ter that indicates the time unit: You can specify the time as a number, or as a number followed by a letter that indicates the time unit:
s=seconds, m=minutes, h=hours, d=days, w=weeks. The default time unit is days. s=seconds, m=minutes, h=hours, d=days, w=weeks. The default time unit is days.
fast_flush_refresh_time (default: 12h) fast_flush_refresh_time (default: 12h)
The time after which a non-empty but unread per-destination "fast flush" logfile needs to be refreshed. The time after which a non-empty but unread per-destination "fast flus h" logfile needs to be refreshed.
The contents of a logfile are refreshed by requesting delivery of all mes sages listed in the logfile. The contents of a logfile are refreshed by requesting delivery of all mes sages listed in the logfile.
You can specify the time as a number, or as a number followed by a let ter that indicates the time unit: You can specify the time as a number, or as a number followed by a letter that indicates the time unit:
s=seconds, m=minutes, h=hours, d=days, w=weeks. The default time unit is hours. s=seconds, m=minutes, h=hours, d=days, w=weeks. The default time unit is hours.
fault_injection_code (default: 0) fault_injection_code (default: 0)
Force specific internal tests to fail, to test the handling of errors tha t are difficult to reproduce oth- Force specific internal tests to fail, to test the handling of errors tha t are difficult to reproduce oth-
erwise. erwise.
flush_service_name (default: flush) flush_service_name (default: flush)
The name of the flush(8) service. This service maintains per-destina tion logfiles with the queue file The name of the flush(8) service. This service maintains per-destination logfiles with the queue file
names of mail that is queued for those destinations. names of mail that is queued for those destinations.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
fork_attempts (default: 5) fork_attempts (default: 5)
The maximal number of attempts to fork() a child process. The maximal number of attempts to fork() a child process.
fork_delay (default: 1s) fork_delay (default: 1s)
The delay between attempts to fork() a child process. The delay between attempts to fork() a child process.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
forward_expansion_filter (default: see postconf -d output) forward_expansion_filter (default: see postconf -d output)
Restrict the characters that the local(8) delivery agent allows in $ name expansions of $forward_path. Restrict the characters that the local(8) delivery agent allows in $nam e expansions of $forward_path.
Characters outside the allowed set are replaced by underscores. Characters outside the allowed set are replaced by underscores.
forward_path (default: see postconf -d output) forward_path (default: see postconf -d output)
The local(8) delivery agent search list for finding a .forward file with user-specified delivery methods. The local(8) delivery agent search list for finding a .forward file with user-specified delivery methods.
The first file that is found is used. The first file that is found is used.
The forward_path value is not subject to Postfix configuration parame The forward_path value is not subject to Postfix configuration parameter
ter $name expansion. Instead, the $name expansion. Instead, the
following $name expansions are done on forward_path before the search act following $name expansions are done on forward_path before the search
ually happens. The result of actually happens. The result of
$name expansion is filtered with the character set that is specified $name expansion is filtered with the character set that is specified wi
with the forward_expansion_filter th the forward_expansion_filter
parameter. parameter.
$user The recipient's username. $user The recipient's username.
$shell The recipient's login shell pathname. $shell The recipient's login shell pathname.
$home The recipient's home directory. $home The recipient's home directory.
$recipient $recipient
The full recipient address. The full recipient address.
$extension $extension
The optional recipient address extension. The optional recipient address extension.
$domain $domain
The recipient domain. The recipient domain.
$local The entire recipient localpart. $local The entire recipient localpart.
$recipient_delimiter $recipient_delimiter
The address extension delimiter that was found in the recipient ad dress (Postfix 2.11 and later), The address extension delimiter that was found in the recipient address (Postfix 2.11 and later),
or the system-wide recipient address extension delimiter (Postfix 2.10 and earlier). or the system-wide recipient address extension delimiter (Postfix 2.10 and earlier).
${name?value} ${name?value}
Expands to value when $name is non-empty. Expands to value when $name is non-empty.
${name:value} ${name:value}
Expands to value when $name is empty. Expands to value when $name is empty.
Instead of $name you can also specify ${name} or $(name). Instead of $name you can also specify ${name} or $(name).
Examples: Examples:
forward_path = /var/forward/$user forward_path = /var/forward/$user
forward_path = forward_path =
/var/forward/$user/.forward$recipient_delimiter$extension, /var/forward/$user/.forward$recipient_delimiter$extension,
/var/forward/$user/.forward /var/forward/$user/.forward
frozen_delivered_to (default: yes) frozen_delivered_to (default: yes)
Update the local(8) delivery agent's idea of the Delivered-To: address (s ee prepend_delivered_header) only Update the local(8) delivery agent's idea of the Delivered-To: address (s ee prepend_delivered_header) only
once, at the start of a delivery attempt; do not update the Delivered-To: address while expanding aliases once, at the start of a delivery attempt; do not update the Delivered-To : address while expanding aliases
or .forward files. or .forward files.
This feature is available in Postfix 2.3 and later. With older Postfi This feature is available in Postfix 2.3 and later. With older Postfix re
x releases, the behavior is as if leases, the behavior is as if
this parameter is set to "no". The old setting can be expensive with deep this parameter is set to "no". The old setting can be expensive with
ly nested aliases or .forward deeply nested aliases or .forward
files. When an alias or .forward file changes the Delivered-To: address, it ties up one queue file and one files. When an alias or .forward file changes the Delivered-To: address, it ties up one queue file and one
cleanup process instance while mail is being forwarded. cleanup process instance while mail is being forwarded.
hash_queue_depth (default: 1) hash_queue_depth (default: 1)
The number of subdirectory levels for queue directories listed with the h The number of subdirectory levels for queue directories listed with the
ash_queue_names parameter. Queue hash_queue_names parameter. Queue
hashing is implemented by creating one or more levels of directories hashing is implemented by creating one or more levels of directories wit
with one-character names. Origi- h one-character names. Origi-
nally, these directory names were equal to the first characters of the qu eue file name, with the hexadeci- nally, these directory names were equal to the first characters of the qu eue file name, with the hexadeci-
mal representation of the file creation time in microseconds. mal representation of the file creation time in microseconds.
With long queue file names, queue hashing produces the same results as wi th short names. The file creation With long queue file names, queue hashing produces the same results as wi th short names. The file creation
time in microseconds is converted into hexadecimal form before the result time in microseconds is converted into hexadecimal form before the resul
is used for queue hashing. The t is used for queue hashing. The
base 16 encoding gives finer control over the number of subdirectories base 16 encoding gives finer control over the number of subdirectories th
than is possible with the base 52 an is possible with the base 52
encoding of long queue file names. encoding of long queue file names.
After changing the hash_queue_names or hash_queue_depth parameter, execut e the command "postfix reload". After changing the hash_queue_names or hash_queue_depth parameter, execut e the command "postfix reload".
hash_queue_names (default: deferred, defer) hash_queue_names (default: deferred, defer)
The names of queue directories that are split across multiple subdirector y levels. The names of queue directories that are split across multiple subdirector y levels.
Before Postfix version 2.2, the default list of hashed queues was sign ificantly larger. Claims about Before Postfix version 2.2, the default list of hashed queues was s ignificantly larger. Claims about
improvements in file system technology suggest that hashing of the incomi ng and active queues is no longer improvements in file system technology suggest that hashing of the incomi ng and active queues is no longer
needed. Fewer hashed directories speed up the time needed to restart Post fix. needed. Fewer hashed directories speed up the time needed to restart Post fix.
After changing the hash_queue_names or hash_queue_depth parameter, execut e the command "postfix reload". After changing the hash_queue_names or hash_queue_depth parameter, execut e the command "postfix reload".
header_address_token_limit (default: 10240) header_address_token_limit (default: 10240)
The maximal number of address tokens are allowed in an address message he ader. Information that exceeds The maximal number of address tokens are allowed in an address message header. Information that exceeds
the limit is discarded. The limit is enforced by the cleanup(8) server. the limit is discarded. The limit is enforced by the cleanup(8) server.
header_checks (default: empty) header_checks (default: empty)
Optional lookup tables for content inspection of primary non-MIME mes sage headers, as specified in the Optional lookup tables for content inspection of primary non-MIME message headers, as specified in the
header_checks(5) manual page. header_checks(5) manual page.
header_from_format (default: standard) header_from_format (default: standard)
The format of the Postfix-generated From: header. This setting affects The format of the Postfix-generated From: header. This setting affe
the appearance of 'full name' cts the appearance of 'full name'
information when a local program such as /bin/mail submits a message information when a local program such as /bin/mail submits a message wit
without From: header through the hout From: header through the
Postfix sendmail(1) command. Postfix sendmail(1) command.
Specify one of the following: Specify one of the following:
standard (default) standard (default)
Produce a header formatted as "From: name <address>". This is the default as of Postfix 3.3. Produce a header formatted as "From: name <address>". This is the default as of Postfix 3.3.
obsolete obsolete
Produce a header formatted as "From: address (name)". This is the behavior prior to Postfix 3.3. Produce a header formatted as "From: address (name)". This is the behavior prior to Postfix 3.3.
Notes: Notes:
· Postfix generates the format "From: address" when name information is unavailable or the envelope · Postfix generates the format "From: address" when name informati on is unavailable or the envelope
sender address is empty. This is the same behavior as prior to Pos tfix 3.3. sender address is empty. This is the same behavior as prior to Pos tfix 3.3.
· In the standard form, the name will be quoted if it contains sp ecials as defined in RFC 5322, or · In the standard form, the name will be quoted if it contains speci als as defined in RFC 5322, or
the "!%" address operators. the "!%" address operators.
· The Postfix sendmail(1) command gets name information from the -F command-line option, from the · The Postfix sendmail(1) command gets name information from the -F command-line option, from the
NAME environment variable, or from the UNIX password file. NAME environment variable, or from the UNIX password file.
This feature is available in Postfix 3.3 and later. This feature is available in Postfix 3.3 and later.
header_size_limit (default: 102400) header_size_limit (default: 102400)
The maximal amount of memory in bytes for storing a message header. If a header is larger, the excess is The maximal amount of memory in bytes for storing a message header. If a header is larger, the excess is
discarded. The limit is enforced by the cleanup(8) server. discarded. The limit is enforced by the cleanup(8) server.
helpful_warnings (default: yes) helpful_warnings (default: yes)
Log warnings about problematic configuration settings, and provide helpfu l suggestions. Log warnings about problematic configuration settings, and provide helpfu l suggestions.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
home_mailbox (default: empty) home_mailbox (default: empty)
Optional pathname of a mailbox file relative to a local(8) user's home di rectory. Optional pathname of a mailbox file relative to a local(8) user's home di rectory.
Specify a pathname ending in "/" for qmail-style delivery. Specify a pathname ending in "/" for qmail-style delivery.
The precedence of local(8) delivery features from high to low is: aliases The precedence of local(8) delivery features from high to low is: aliase
, .forward files, mailbox_trans- s, .forward files, mailbox_trans-
port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, ho port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, hom
me_mailbox, mail_spool_directory, e_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay. fallback_transport_maps, fallback_transport and luser_relay.
Examples: Examples:
home_mailbox = Mailbox home_mailbox = Mailbox
home_mailbox = Maildir/ home_mailbox = Maildir/
hopcount_limit (default: 50) hopcount_limit (default: 50)
The maximal number of Received: message headers that is allowed in the p rimary message headers. A message The maximal number of Received: message headers that is allowed in the p rimary message headers. A message
that exceeds the limit is bounced, in order to stop a mailer loop. that exceeds the limit is bounced, in order to stop a mailer loop.
html_directory (default: see postconf -d output) html_directory (default: see postconf -d output)
The location of Postfix HTML files that describe how to build, config ure or operate a specific Postfix The location of Postfix HTML files that describe how to build, configure or operate a specific Postfix
subsystem or feature. subsystem or feature.
ignore_mx_lookup_error (default: no) ignore_mx_lookup_error (default: no)
Ignore DNS MX lookups that produce no response. By default, the Postfix SMTP client defers delivery and Ignore DNS MX lookups that produce no response. By default, the Postfi x SMTP client defers delivery and
tries again after some delay. This behavior is required by the SMTP stan dard. tries again after some delay. This behavior is required by the SMTP stan dard.
Specify "ignore_mx_lookup_error = yes" to force a DNS A record looku p instead. This violates the SMTP Specify "ignore_mx_lookup_error = yes" to force a DNS A record lookup in stead. This violates the SMTP
standard and can result in mis-delivery of mail. standard and can result in mis-delivery of mail.
import_environment (default: see postconf -d output) import_environment (default: see postconf -d output)
The list of environment parameters that a privileged Postfix process will import from a non-Postfix parent The list of environment parameters that a privileged Postfix process will import from a non-Postfix parent
process, or name=value environment overrides. Unprivileged utilities will enforce the name=value over- process, or name=value environment overrides. Unprivileged utilities wil l enforce the name=value over-
rides, but otherwise will not change their process environment. Examples of relevant parameters: rides, but otherwise will not change their process environment. Examples of relevant parameters:
TZ May be needed for sane time keeping on most System-V-ish systems. TZ May be needed for sane time keeping on most System-V-ish systems.
DISPLAY DISPLAY
Needed for debugging Postfix daemons with an X-windows debugger. Needed for debugging Postfix daemons with an X-windows debugger.
XAUTHORITY XAUTHORITY
Needed for debugging Postfix daemons with an X-windows debugger. Needed for debugging Postfix daemons with an X-windows debugger.
MAIL_CONFIG MAIL_CONFIG
Needed to make "postfix -c" work. Needed to make "postfix -c" work.
Specify a list of names and/or name=value pairs, separated by whitespace Specify a list of names and/or name=value pairs, separated by whitespac
or comma. Specify "{ name=value e or comma. Specify "{ name=value
}" to protect whitespace or comma in parameter values (whitespace aft }" to protect whitespace or comma in parameter values (whitespace after t
er the opening "{" and before the he opening "{" and before the
closing "}" is ignored). The form name=value is supported with Postfix ve closing "}" is ignored). The form name=value is supported with Postfix
rsion 2.1 and later; the use of version 2.1 and later; the use of
{} is supported with Postfix 3.0 and later. {} is supported with Postfix 3.0 and later.
in_flow_delay (default: 1s) in_flow_delay (default: 1s)
Time to pause before accepting a new message, when the message arrival rate exceeds the message delivery Time to pause before accepting a new message, when the message arrival ra te exceeds the message delivery
rate. This feature is turned on by default (it's disabled on SCO UNIX due to an SCO bug). rate. This feature is turned on by default (it's disabled on SCO UNIX due to an SCO bug).
With the default 100 Postfix SMTP server process limit, "in_flow_delay = 1s" limits the mail inflow to 100 With the default 100 Postfix SMTP server process limit, "in_flow_delay = 1s" limits the mail inflow to 100
messages per second above the number of messages delivered per second. messages per second above the number of messages delivered per second.
Specify 0 to disable the feature. Valid delays are 0..10. Specify 0 to disable the feature. Valid delays are 0..10.
inet_interfaces (default: all) inet_interfaces (default: all)
The network interface addresses that this mail system receives mail on. The network interface addresses that this mail system receives mail on. S
Specify "all" to receive mail on pecify "all" to receive mail on
all network interfaces (default), and "loopback-only" to receive mail on all network interfaces (default), and "loopback-only" to receive mail on
loopback network interfaces only loopback network interfaces only
(Postfix version 2.2 and later). The parameter also controls delivery of mail to user@[ip.address]. (Postfix version 2.2 and later). The parameter also controls delivery of mail to user@[ip.address].
Note 1: you need to stop and start Postfix when this parameter changes. Note 1: you need to stop and start Postfix when this parameter changes.
Note 2: address information may be enclosed inside [], but this form is n ot required here. Note 2: address information may be enclosed inside [], but this form is n ot required here.
When inet_interfaces specifies just one IPv4 and/or IPv6 address that is not a loopback address, the Post- When inet_interfaces specifies just one IPv4 and/or IPv6 address that is not a loopback address, the Post-
fix SMTP client will use this address as the IP source address for outbou nd mail. Support for IPv6 is fix SMTP client will use this address as the IP source address for o utbound mail. Support for IPv6 is
available in Postfix version 2.2 and later. available in Postfix version 2.2 and later.
On a multi-homed firewall with separate Postfix instances listening on On a multi-homed firewall with separate Postfix instances listening on th
the "inside" and "outside" inter- e "inside" and "outside" inter-
faces, this can prevent each instance from being able to reach remote SMT faces, this can prevent each instance from being able to reach remote SM
P servers on the "other side" of TP servers on the "other side" of
the firewall. Setting smtp_bind_address to 0.0.0.0 avoids the potent the firewall. Setting smtp_bind_address to 0.0.0.0 avoids the potential
ial problem for IPv4, and setting problem for IPv4, and setting
smtp_bind_address6 to :: solves the problem for IPv6. smtp_bind_address6 to :: solves the problem for IPv6.
A better solution for multi-homed firewalls is to leave inet_interfaces a A better solution for multi-homed firewalls is to leave inet_interfaces
t the default value and instead at the default value and instead
use explicit IP addresses in the master.cf SMTP server definitions. use explicit IP addresses in the master.cf SMTP server definitions. Th
This preserves the Postfix SMTP is preserves the Postfix SMTP
client's loop detection, by ensuring that each side of the firewall knows client's loop detection, by ensuring that each side of the firewall k
that the other IP address is nows that the other IP address is
still the same host. Setting $inet_interfaces to a single IPv4 and/or still the same host. Setting $inet_interfaces to a single IPv4 and/or IPV
IPV6 address is primarily useful 6 address is primarily useful
with virtual hosting of domains on secondary IP addresses, when each IP a with virtual hosting of domains on secondary IP addresses, when each IP
ddress serves a different domain address serves a different domain
(and has a different $myhostname setting). (and has a different $myhostname setting).
See also the proxy_interfaces parameter, for network addresses that are forwarded to Postfix by way of a See also the proxy_interfaces parameter, for network addresses that are f orwarded to Postfix by way of a
proxy or address translator. proxy or address translator.
Examples: Examples:
inet_interfaces = all (DEFAULT) inet_interfaces = all (DEFAULT)
inet_interfaces = loopback-only (Postfix version 2.2 and later) inet_interfaces = loopback-only (Postfix version 2.2 and later)
inet_interfaces = 127.0.0.1 inet_interfaces = 127.0.0.1
inet_interfaces = 127.0.0.1, [::1] (Postfix version 2.2 and later) inet_interfaces = 127.0.0.1, [::1] (Postfix version 2.2 and later)
inet_interfaces = 192.168.1.2, 127.0.0.1 inet_interfaces = 192.168.1.2, 127.0.0.1
inet_protocols (default: all) inet_protocols (default: all)
The Internet protocols Postfix will attempt to use when making or accepti The Internet protocols Postfix will attempt to use when making or acce
ng connections. Specify one or pting connections. Specify one or
more of "ipv4" or "ipv6", separated by whitespace or commas. The form "a more of "ipv4" or "ipv6", separated by whitespace or commas. The form "al
ll" is equivalent to "ipv4, ipv6" l" is equivalent to "ipv4, ipv6"
or "ipv4", depending on whether the operating system implements IPv6. or "ipv4", depending on whether the operating system implements IPv6.
With Postfix 2.8 and earlier the default is "ipv4". For backwards compati With Postfix 2.8 and earlier the default is "ipv4". For backwards compa
bility with these releases, the tibility with these releases, the
Postfix 2.9 and later upgrade procedure appends an explicit "inet_pro Postfix 2.9 and later upgrade procedure appends an explicit "inet_protoco
tocols = ipv4" setting to main.cf ls = ipv4" setting to main.cf
when no explicit setting is present. This compatibility workaround will b when no explicit setting is present. This compatibility workaround will
e phased out as IPv6 deployment be phased out as IPv6 deployment
becomes more common. becomes more common.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
Note: you MUST stop and start Postfix after changing this parameter. Note: you MUST stop and start Postfix after changing this parameter.
On systems that pre-date IPV6_V6ONLY support (RFC 3493), an IPv6 server w ill also accept IPv4 connections, On systems that pre-date IPV6_V6ONLY support (RFC 3493), an IPv6 server w ill also accept IPv4 connections,
even when IPv4 is turned off with the inet_protocols parameter. On sys even when IPv4 is turned off with the inet_protocols parameter. On
tems with IPV6_V6ONLY support, systems with IPV6_V6ONLY support,
Postfix will use separate server sockets for IPv6 and IPv4, and each wil Postfix will use separate server sockets for IPv6 and IPv4, and each will
l accept only connections for the accept only connections for the
corresponding protocol. corresponding protocol.
When IPv4 support is enabled via the inet_protocols parameter, Postfix wi When IPv4 support is enabled via the inet_protocols parameter, Postfix
ll look up DNS type A records, will look up DNS type A records,
and will convert IPv4-in-IPv6 client IP addresses (::ffff:1.2.3.4) to th and will convert IPv4-in-IPv6 client IP addresses (::ffff:1.2.3.4) to the
eir original IPv4 form (1.2.3.4). ir original IPv4 form (1.2.3.4).
The latter is needed on hosts that pre-date IPV6_V6ONLY support (RFC 3493 ). The latter is needed on hosts that pre-date IPV6_V6ONLY support (RFC 3493 ).
When IPv6 support is enabled via the inet_protocols parameter, Postfix will do DNS type AAAA record When IPv6 support is enabled via the inet_protocols parameter, Pos tfix will do DNS type AAAA record
lookups. lookups.
When both IPv4 and IPv6 support are enabled, the Postfix SMTP client will choose the protocol as specified When both IPv4 and IPv6 support are enabled, the Postfix SMTP client will choose the protocol as specified
with the smtp_address_preference parameter. Postfix versions before 2.8 a ttempt to connect via IPv6 before with the smtp_address_preference parameter. Postfix versions before 2.8 a ttempt to connect via IPv6 before
attempting to use IPv4. attempting to use IPv4.
Examples: Examples:
inet_protocols = ipv4 inet_protocols = ipv4
inet_protocols = all (DEFAULT) inet_protocols = all (DEFAULT)
inet_protocols = ipv6 inet_protocols = ipv6
inet_protocols = ipv4, ipv6 inet_protocols = ipv4, ipv6
info_log_address_format (default: external) info_log_address_format (default: external)
The email address form that will be used in non-debug logging (info, The email address form that will be used in non-debug logging (info, warn
warning, etc.). As of Postfix 3.5 ing, etc.). As of Postfix 3.5
when an address localpart contains spaces or other special characters, th when an address localpart contains spaces or other special characters,
e localpart will be quoted, for the localpart will be quoted, for
example: example:
from=<"name with spaces"@example.com> from=<"name with spaces"@example.com>
Older Postfix versions would log the internal (unquoted) form: Older Postfix versions would log the internal (unquoted) form:
from=<name with spaces@example.com> from=<name with spaces@example.com>
The external and internal forms are identical for the vast majority o f email addresses that contain no The external and internal forms are identical for the vast majority of em ail addresses that contain no
spaces or other special characters in the localpart. spaces or other special characters in the localpart.
The logging in external form is consistent with the address form that Pos tfix 3.2 and later prefer for The logging in external form is consistent with the address form that Postfix 3.2 and later prefer for
most table lookups. This is therefore the more useful form for non-debug logging. most table lookups. This is therefore the more useful form for non-debug logging.
Specify "info_log_address_format = internal" for backwards compatibility. Specify "info_log_address_format = internal" for backwards compatibility.
Postfix uses the unquoted form internally, because an attacker can spec Postfix uses the unquoted form internally, because an attacker can specif
ify an email address in different y an email address in different
forms by playing games with quotes and backslashes. An attacker should no forms by playing games with quotes and backslashes. An attacker should
t be able to use such games to not be able to use such games to
circumvent Postfix access policies. circumvent Postfix access policies.
This feature is available in Postfix 3.5 and later. This feature is available in Postfix 3.5 and later.
initial_destination_concurrency (default: 5) initial_destination_concurrency (default: 5)
The initial per-destination concurrency level for parallel deliver y to the same destination. With The initial per-destination concurrency level for parallel delivery t o the same destination. With
per-destination recipient limit > 1, a destination is a domain, otherwise it is a recipient. per-destination recipient limit > 1, a destination is a domain, otherwise it is a recipient.
Use transport_initial_destination_concurrency to specify a transport-spec ific override, where transport is Use transport_initial_destination_concurrency to specify a transport-spec ific override, where transport is
the master.cf name of the message delivery transport (Postfix 2.5 and lat er). the master.cf name of the message delivery transport (Postfix 2.5 and lat er).
Warning: with concurrency of 1, one bad message can be enough to block al l mail to a site. Warning: with concurrency of 1, one bad message can be enough to block al l mail to a site.
internal_mail_filter_classes (default: empty) internal_mail_filter_classes (default: empty)
What categories of Postfix-generated mail are subject to before-queue con tent inspection by non_smtpd_mil- What categories of Postfix-generated mail are subject to before-queue con tent inspection by non_smtpd_mil-
ters, header_checks and body_checks. Specify zero or more of the followi ng, separated by whitespace or ters, header_checks and body_checks. Specify zero or more of the foll owing, separated by whitespace or
comma. comma.
bounce Inspect the content of delivery status notifications. bounce Inspect the content of delivery status notifications.
notify Inspect the content of postmaster notifications by the smtp(8) and smtpd(8) processes. notify Inspect the content of postmaster notifications by the smtp(8) and smtpd(8) processes.
NOTE: It's generally not safe to enable content inspection of Postfix-g enerated email messages. The user NOTE: It's generally not safe to enable content inspection of Postfix-gen erated email messages. The user
is warned. is warned.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
invalid_hostname_reject_code (default: 501) invalid_hostname_reject_code (default: 501)
The numerical Postfix SMTP server response code when the client HELO or E HLO command parameter is rejected The numerical Postfix SMTP server response code when the client HELO or E HLO command parameter is rejected
by the reject_invalid_helo_hostname restriction. by the reject_invalid_helo_hostname restriction.
Do not change this unless you have a complete understanding of RFC 5321. Do not change this unless you have a complete understanding of RFC 5321.
ipc_idle (default: version dependent) ipc_idle (default: version dependent)
The time after which a client closes an idle internal communication The time after which a client closes an idle internal communication chann
channel. The purpose is to allow el. The purpose is to allow
Postfix daemon processes to terminate voluntarily after they become idle. Postfix daemon processes to terminate voluntarily after they become id
This is used, for example, by le. This is used, for example, by
the Postfix address resolving and rewriting clients. the Postfix address resolving and rewriting clients.
With Postfix 2.4 the default value was reduced from 100s to 5s. With Postfix 2.4 the default value was reduced from 100s to 5s.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
ipc_timeout (default: 3600s) ipc_timeout (default: 3600s)
The time limit for sending or receiving information over an internal comm The time limit for sending or receiving information over an internal co
unication channel. The purpose mmunication channel. The purpose
is to break out of deadlock situations. If the time limit is exceeded is to break out of deadlock situations. If the time limit is exceeded the
the software aborts with a fatal software aborts with a fatal
error. error.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
ipc_ttl (default: 1000s) ipc_ttl (default: 1000s)
The time after which a client closes an active internal communication The time after which a client closes an active internal communication cha
channel. The purpose is to allow nnel. The purpose is to allow
Postfix daemon processes to terminate voluntarily after reaching their cl Postfix daemon processes to terminate voluntarily after reaching their
ient limit. This is used, for client limit. This is used, for
example, by the Postfix address resolving and rewriting clients. example, by the Postfix address resolving and rewriting clients.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
line_length_limit (default: 2048) line_length_limit (default: 2048)
Upon input, long lines are chopped up into pieces of at most this length; upon delivery, long lines are Upon input, long lines are chopped up into pieces of at most this leng th; upon delivery, long lines are
reconstructed. reconstructed.
lmdb_map_size (default: 16777216) lmdb_map_size (default: 16777216)
The initial OpenLDAP LMDB database size limit in bytes. Each time a data base becomes full, its size limit The initial OpenLDAP LMDB database size limit in bytes. Each time a data base becomes full, its size limit
is doubled. is doubled.
This feature is available in Postfix 2.11 and later. This feature is available in Postfix 2.11 and later.
lmtp_address_preference (default: ipv6) lmtp_address_preference (default: ipv6)
The LMTP-specific version of the smtp_address_preference configuration pa rameter. See there for details. The LMTP-specific version of the smtp_address_preference configuration pa rameter. See there for details.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
lmtp_address_verify_target (default: rcpt) lmtp_address_verify_target (default: rcpt)
The LMTP-specific version of the smtp_address_verify_target configurat ion parameter. See there for The LMTP-specific version of the smtp_address_verify_target configu ration parameter. See there for
details. details.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
lmtp_assume_final (default: no) lmtp_assume_final (default: no)
When a remote LMTP server announces no DSN support, assume that the se rver performs final delivery, and When a remote LMTP server announces no DSN support, assume that the serve r performs final delivery, and
send "delivered" delivery status notifications instead of "relayed". The default setting is backwards com- send "delivered" delivery status notifications instead of "relayed". The default setting is backwards com-
patible to avoid the infinitesimal possibility of breaking existing LMTP- based content filters. patible to avoid the infinitesimal possibility of breaking existing LMTP- based content filters.
lmtp_balance_inet_protocols (default: yes) lmtp_balance_inet_protocols (default: yes)
The LMTP-specific version of the smtp_balance_inet_protocols config uration parameter. See there for The LMTP-specific version of the smtp_balance_inet_protocols configura tion parameter. See there for
details. details.
This feature is available in Postfix 3.3 and later. This feature is available in Postfix 3.3 and later.
lmtp_bind_address (default: empty) lmtp_bind_address (default: empty)
The LMTP-specific version of the smtp_bind_address configuration paramete r. See there for details. The LMTP-specific version of the smtp_bind_address configuration paramete r. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_bind_address6 (default: empty) lmtp_bind_address6 (default: empty)
The LMTP-specific version of the smtp_bind_address6 configuration paramet er. See there for details. The LMTP-specific version of the smtp_bind_address6 configuration paramet er. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_body_checks (default: empty) lmtp_body_checks (default: empty)
The LMTP-specific version of the smtp_body_checks configuration parameter . See there for details. The LMTP-specific version of the smtp_body_checks configuration parameter . See there for details.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
lmtp_cache_connection (default: yes) lmtp_cache_connection (default: yes)
Keep Postfix LMTP client connections open for up to $max_idle seconds. Wh en the LMTP client receives a Keep Postfix LMTP client connections open for up to $max_idle seconds . When the LMTP client receives a
request for the same connection the connection is reused. request for the same connection the connection is reused.
This parameter is available in Postfix version 2.2 and earlier. With P ostfix version 2.3 and later, see This parameter is available in Postfix version 2.2 and earlier. With Pos tfix version 2.3 and later, see
lmtp_connection_cache_on_demand, lmtp_connection_cache_destinations, or l mtp_connection_reuse_time_limit. lmtp_connection_cache_on_demand, lmtp_connection_cache_destinations, or l mtp_connection_reuse_time_limit.
The effectiveness of cached connections will be determined by the number The effectiveness of cached connections will be determined by the numb
of remote LMTP servers in use, er of remote LMTP servers in use,
and the concurrency limit specified for the Postfix LMTP client. Cached and the concurrency limit specified for the Postfix LMTP client. Cached c
connections are closed under any onnections are closed under any
of the following conditions: of the following conditions:
· The Postfix LMTP client idle time limit is reached. This limit is specified with the Postfix · The Postfix LMTP client idle time limit is reached. This li mit is specified with the Postfix
max_idle configuration parameter. max_idle configuration parameter.
· A delivery request specifies a different destination than the one currently cached. · A delivery request specifies a different destination than the one currently cached.
· The per-process limit on the number of delivery requests is reach ed. This limit is specified with · The per-process limit on the number of delivery requests is reache d. This limit is specified with
the Postfix max_use configuration parameter. the Postfix max_use configuration parameter.
· Upon the onset of another delivery request, the remote LMTP server associated with the current ses- · Upon the onset of another delivery request, the remote LMTP server associated with the current ses-
sion does not respond to the RSET command. sion does not respond to the RSET command.
Most of these limitations have been with the Postfix a connection cache t hat is shared among multiple LMTP Most of these limitations have been with the Postfix a connection cache t hat is shared among multiple LMTP
client programs. client programs.
lmtp_cname_overrides_servername (default: yes) lmtp_cname_overrides_servername (default: yes)
The LMTP-specific version of the smtp_cname_overrides_servername configur ation parameter. See there for The LMTP-specific version of the smtp_cname_overrides_servername config uration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_connect_timeout (default: 0s) lmtp_connect_timeout (default: 0s)
The Postfix LMTP client time limit for completing a TCP connection, The Postfix LMTP client time limit for completing a TCP connection, or z
or zero (use the operating system ero (use the operating system
built-in time limit). When no connection can be made within the deadline built-in time limit). When no connection can be made within the deadlin
, the LMTP client tries the next e, the LMTP client tries the next
address on the mail exchanger list. address on the mail exchanger list.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
Example: Example:
lmtp_connect_timeout = 30s lmtp_connect_timeout = 30s
lmtp_connection_cache_destinations (default: empty) lmtp_connection_cache_destinations (default: empty)
The LMTP-specific version of the smtp_connection_cache_destinations confi guration parameter. See there The LMTP-specific version of the smtp_connection_cache_destinations co nfiguration parameter. See there
for details. for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_connection_cache_on_demand (default: yes) lmtp_connection_cache_on_demand (default: yes)
The LMTP-specific version of the smtp_connection_cache_on_demand config uration parameter. See there for The LMTP-specific version of the smtp_connection_cache_on_demand configur ation parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_connection_cache_time_limit (default: 2s) lmtp_connection_cache_time_limit (default: 2s)
The LMTP-specific version of the smtp_connection_cache_time_limit configu ration parameter. See there for The LMTP-specific version of the smtp_connection_cache_time_limit config uration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_connection_reuse_count_limit (default: 0) lmtp_connection_reuse_count_limit (default: 0)
The LMTP-specific version of the smtp_connection_reuse_count_limit config uration parameter. See there for The LMTP-specific version of the smtp_connection_reuse_count_limit config uration parameter. See there for
details. details.
This feature is available in Postfix 2.11 and later. This feature is available in Postfix 2.11 and later.
lmtp_connection_reuse_time_limit (default: 300s) lmtp_connection_reuse_time_limit (default: 300s)
The LMTP-specific version of the smtp_connection_reuse_time_limit configu ration parameter. See there for The LMTP-specific version of the smtp_connection_reuse_time_limit config uration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_data_done_timeout (default: 600s) lmtp_data_done_timeout (default: 600s)
The Postfix LMTP client time limit for sending the LMTP ".", and for The Postfix LMTP client time limit for sending the LMTP ".", and for rec
receiving the remote LMTP server eiving the remote LMTP server
response. When no response is received within the deadline, a warning is response. When no response is received within the deadline, a warni
logged that the mail may be ng is logged that the mail may be
delivered multiple times. delivered multiple times.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
lmtp_data_init_timeout (default: 120s) lmtp_data_init_timeout (default: 120s)
The Postfix LMTP client time limit for sending the LMTP DATA command, and for receiving the remote LMTP The Postfix LMTP client time limit for sending the LMTP DATA command, and for receiving the remote LMTP
server response. server response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
lmtp_data_xfer_timeout (default: 180s) lmtp_data_xfer_timeout (default: 180s)
The Postfix LMTP client time limit for sending the LMTP message content. When the connection stalls for The Postfix LMTP client time limit for sending the LMTP message content . When the connection stalls for
more than $lmtp_data_xfer_timeout the LMTP client terminates the transfer . more than $lmtp_data_xfer_timeout the LMTP client terminates the transfer .
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
lmtp_defer_if_no_mx_address_found (default: no) lmtp_defer_if_no_mx_address_found (default: no)
The LMTP-specific version of the smtp_defer_if_no_mx_address_found config uration parameter. See there for The LMTP-specific version of the smtp_defer_if_no_mx_address_found config uration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_delivery_status_filter (default: empty) lmtp_delivery_status_filter (default: empty)
The LMTP-specific version of the smtp_delivery_status_filter config uration parameter. See there for The LMTP-specific version of the smtp_delivery_status_filter configurat ion parameter. See there for
details. details.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
lmtp_destination_concurrency_limit (default: $default_destination_concurrency_li mit) lmtp_destination_concurrency_limit (default: $default_destination_concurrency_li mit)
The maximal number of parallel deliveries to the same destination via the lmtp message delivery transport. The maximal number of parallel deliveries to the same destination via the lmtp message delivery transport.
This limit is enforced by the queue manager. The message delivery transpo rt name is the first field in the This limit is enforced by the queue manager. The message delivery transpo rt name is the first field in the
entry in the master.cf file. entry in the master.cf file.
lmtp_destination_recipient_limit (default: $default_destination_recipient_limit) lmtp_destination_recipient_limit (default: $default_destination_recipient_limit)
The maximal number of recipients per message for the lmtp message deli The maximal number of recipients per message for the lmtp message
very transport. This limit is delivery transport. This limit is
enforced by the queue manager. The message delivery transport name is th enforced by the queue manager. The message delivery transport name is the
e first field in the entry in the first field in the entry in the
master.cf file. master.cf file.
Setting this parameter to a value of 1 changes the meaning of lmtp_destin ation_concurrency_limit from con- Setting this parameter to a value of 1 changes the meaning of lmtp_destin ation_concurrency_limit from con-
currency per domain into concurrency per recipient. currency per domain into concurrency per recipient.
lmtp_discard_lhlo_keyword_address_maps (default: empty) lmtp_discard_lhlo_keyword_address_maps (default: empty)
Lookup tables, indexed by the remote LMTP server address, with case i Lookup tables, indexed by the remote LMTP server address, with case insen
nsensitive lists of LHLO keywords sitive lists of LHLO keywords
(pipelining, starttls, auth, etc.) that the Postfix LMTP client will igno (pipelining, starttls, auth, etc.) that the Postfix LMTP client will i
re in the LHLO response from a gnore in the LHLO response from a
remote LMTP server. See lmtp_discard_lhlo_keywords for details. The tab remote LMTP server. See lmtp_discard_lhlo_keywords for details. The table
le is not indexed by hostname for is not indexed by hostname for
consistency with smtpd_discard_ehlo_keyword_address_maps. consistency with smtpd_discard_ehlo_keyword_address_maps.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_discard_lhlo_keywords (default: empty) lmtp_discard_lhlo_keywords (default: empty)
A case insensitive list of LHLO keywords (pipelining, starttls, auth, etc .) that the Postfix LMTP client A case insensitive list of LHLO keywords (pipelining, starttls, auth, e tc.) that the Postfix LMTP client
will ignore in the LHLO response from a remote LMTP server. will ignore in the LHLO response from a remote LMTP server.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
Notes: Notes:
· Specify the silent-discard pseudo keyword to prevent this action f rom being logged. · Specify the silent-discard pseudo keyword to prevent this action f rom being logged.
· Use the lmtp_discard_lhlo_keyword_address_maps feature to discard LHLO keywords selectively. · Use the lmtp_discard_lhlo_keyword_address_maps feature to discard LHLO keywords selectively.
lmtp_dns_reply_filter (default: empty) lmtp_dns_reply_filter (default: empty)
Optional filter for Postfix LMTP client DNS lookup results. See smtp_dns _reply_filter for details includ- Optional filter for Postfix LMTP client DNS lookup results. See smtp_dns _reply_filter for details includ-
ing an example. ing an example.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
lmtp_dns_resolver_options (default: empty) lmtp_dns_resolver_options (default: empty)
The LMTP-specific version of the smtp_dns_resolver_options configurat ion parameter. See there for The LMTP-specific version of the smtp_dns_resolver_options configur ation parameter. See there for
details. details.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
lmtp_dns_support_level (default: empty) lmtp_dns_support_level (default: empty)
The LMTP-specific version of the smtp_dns_support_level configuration par ameter. See there for details. The LMTP-specific version of the smtp_dns_support_level configuration par ameter. See there for details.
This feature is available in Postfix 2.11 and later. This feature is available in Postfix 2.11 and later.
lmtp_enforce_tls (default: no) lmtp_enforce_tls (default: no)
The LMTP-specific version of the smtp_enforce_tls configuration parameter . See there for details. The LMTP-specific version of the smtp_enforce_tls configuration parameter . See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_fallback_relay (default: empty) lmtp_fallback_relay (default: empty)
Optional list of relay hosts for LMTP destinations that can't be f ound or that are unreachable. In Optional list of relay hosts for LMTP destinations that can't be found or that are unreachable. In
main.cf elements are separated by whitespace or commas. main.cf elements are separated by whitespace or commas.
By default, mail is returned to the sender when a destination is not foun d, and delivery is deferred when By default, mail is returned to the sender when a destination is not fou nd, and delivery is deferred when
a destination is unreachable. a destination is unreachable.
The fallback relays must be TCP destinations, specified without a leadin The fallback relays must be TCP destinations, specified without a leading
g "inet:" prefix. Specify a host "inet:" prefix. Specify a host
or host:port. Since MX lookups do not apply with LMTP, there is no or host:port. Since MX lookups do not apply with LMTP, there
need to use the "[host]" or is no need to use the "[host]" or
"[host]:port" forms. If you specify multiple LMTP destinations, Postf "[host]:port" forms. If you specify multiple LMTP destinations, Postfix
ix will try them in the specified will try them in the specified
order. order.
This feature is available in Postfix 3.1 and later. This feature is available in Postfix 3.1 and later.
lmtp_generic_maps (default: empty) lmtp_generic_maps (default: empty)
The LMTP-specific version of the smtp_generic_maps configuration paramete r. See there for details. The LMTP-specific version of the smtp_generic_maps configuration paramete r. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_header_checks (default: empty) lmtp_header_checks (default: empty)
skipping to change at line 2336 skipping to change at line 2372
lmtp_host_lookup (default: dns) lmtp_host_lookup (default: dns)
The LMTP-specific version of the smtp_host_lookup configuration parameter . See there for details. The LMTP-specific version of the smtp_host_lookup configuration parameter . See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_lhlo_name (default: $myhostname) lmtp_lhlo_name (default: $myhostname)
The hostname to send in the LMTP LHLO command. The hostname to send in the LMTP LHLO command.
The default value is the machine hostname. Specify a hostname or [ip.add .re.ss]. The default value is the machine hostname. Specify a hostname or [ip.add .re.ss].
This information can be specified in the main.cf file for all LMTP client s, or it can be specified in the This information can be specified in the main.cf file for all LMTP clien ts, or it can be specified in the
master.cf file for a specific client, for example: master.cf file for a specific client, for example:
/etc/postfix/master.cf: /etc/postfix/master.cf:
mylmtp ... lmtp -o lmtp_lhlo_name=foo.bar.com mylmtp ... lmtp -o lmtp_lhlo_name=foo.bar.com
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_lhlo_timeout (default: 300s) lmtp_lhlo_timeout (default: 300s)
The Postfix LMTP client time limit for sending the LHLO command, and for receiving the initial remote LMTP The Postfix LMTP client time limit for sending the LHLO command, and for receiving the initial remote LMTP
server response. server response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
lmtp_line_length_limit (default: 990) lmtp_line_length_limit (default: 990)
The LMTP-specific version of the smtp_line_length_limit configuration par ameter. See there for details. The LMTP-specific version of the smtp_line_length_limit configuration par ameter. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_mail_timeout (default: 300s) lmtp_mail_timeout (default: 300s)
The Postfix LMTP client time limit for sending the MAIL FROM command, and for receiving the remote LMTP The Postfix LMTP client time limit for sending the MAIL FROM command, and for receiving the remote LMTP
server response. server response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
lmtp_mime_header_checks (default: empty) lmtp_mime_header_checks (default: empty)
The LMTP-specific version of the smtp_mime_header_checks configuration pa rameter. See there for details. The LMTP-specific version of the smtp_mime_header_checks configuration pa rameter. See there for details.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
lmtp_mx_address_limit (default: 5) lmtp_mx_address_limit (default: 5)
The LMTP-specific version of the smtp_mx_address_limit configuration para meter. See there for details. The LMTP-specific version of the smtp_mx_address_limit configuration para meter. See there for details.
skipping to change at line 2389 skipping to change at line 2425
The LMTP-specific version of the smtp_nested_header_checks configuration parameter. See there for details. The LMTP-specific version of the smtp_nested_header_checks configuration parameter. See there for details.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
lmtp_per_record_deadline (default: no) lmtp_per_record_deadline (default: no)
The LMTP-specific version of the smtp_per_record_deadline configuration p arameter. See there for details. The LMTP-specific version of the smtp_per_record_deadline configuration p arameter. See there for details.
This feature is available in Postfix 2.9 and later. This feature is available in Postfix 2.9 and later.
lmtp_pix_workaround_delay_time (default: 10s) lmtp_pix_workaround_delay_time (default: 10s)
The LMTP-specific version of the smtp_pix_workaround_delay_time config uration parameter. See there for The LMTP-specific version of the smtp_pix_workaround_delay_time configura tion parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_pix_workaround_maps (default: empty) lmtp_pix_workaround_maps (default: empty)
The LMTP-specific version of the smtp_pix_workaround_maps configuration p arameter. See there for details. The LMTP-specific version of the smtp_pix_workaround_maps configuration p arameter. See there for details.
This feature is available in Postfix 2.4 and later. This feature is available in Postfix 2.4 and later.
lmtp_pix_workaround_threshold_time (default: 500s) lmtp_pix_workaround_threshold_time (default: 500s)
The LMTP-specific version of the smtp_pix_workaround_threshold_time confi guration parameter. See there The LMTP-specific version of the smtp_pix_workaround_threshold_time co nfiguration parameter. See there
for details. for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_pix_workarounds (default: empty) lmtp_pix_workarounds (default: empty)
The LMTP-specific version of the smtp_pix_workaround configuration parame ter. See there for details. The LMTP-specific version of the smtp_pix_workaround configuration parame ter. See there for details.
This feature is available in Postfix 2.4 and later. This feature is available in Postfix 2.4 and later.
lmtp_quit_timeout (default: 300s) lmtp_quit_timeout (default: 300s)
The Postfix LMTP client time limit for sending the QUIT command, and for receiving the remote LMTP server The Postfix LMTP client time limit for sending the QUIT command, and for receiving the remote LMTP server
response. response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
lmtp_quote_rfc821_envelope (default: yes) lmtp_quote_rfc821_envelope (default: yes)
The LMTP-specific version of the smtp_quote_rfc821_envelope configu ration parameter. See there for The LMTP-specific version of the smtp_quote_rfc821_envelope configurat ion parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_randomize_addresses (default: yes) lmtp_randomize_addresses (default: yes)
The LMTP-specific version of the smtp_randomize_addresses configuration p arameter. See there for details. The LMTP-specific version of the smtp_randomize_addresses configuration p arameter. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_rcpt_timeout (default: 300s) lmtp_rcpt_timeout (default: 300s)
The Postfix LMTP client time limit for sending the RCPT TO command, and for receiving the remote LMTP The Postfix LMTP client time limit for sending the RCPT TO command, and for receiving the remote LMTP
server response. server response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
lmtp_reply_filter (default: empty) lmtp_reply_filter (default: empty)
The LMTP-specific version of the smtp_reply_filter configuration paramete r. See there for details. The LMTP-specific version of the smtp_reply_filter configuration paramete r. See there for details.
This feature is available in Postfix 2.7 and later. This feature is available in Postfix 2.7 and later.
lmtp_rset_timeout (default: 20s) lmtp_rset_timeout (default: 20s)
The Postfix LMTP client time limit for sending the RSET command, and for The Postfix LMTP client time limit for sending the RSET command, and for
receiving the remote LMTP server receiving the remote LMTP server
response. The LMTP client sends RSET in order to finish a recipient a response. The LMTP client sends RSET in order to finish a recipient addre
ddress probe, or to verify that a ss probe, or to verify that a
cached connection is still alive. cached connection is still alive.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
lmtp_sasl_auth_cache_name (default: empty) lmtp_sasl_auth_cache_name (default: empty)
The LMTP-specific version of the smtp_sasl_auth_cache_name configur ation parameter. See there for The LMTP-specific version of the smtp_sasl_auth_cache_name configurat ion parameter. See there for
details. details.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
lmtp_sasl_auth_cache_time (default: 90d) lmtp_sasl_auth_cache_time (default: 90d)
The LMTP-specific version of the smtp_sasl_auth_cache_time configurat ion parameter. See there for The LMTP-specific version of the smtp_sasl_auth_cache_time configur ation parameter. See there for
details. details.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
lmtp_sasl_auth_enable (default: no) lmtp_sasl_auth_enable (default: no)
Enable SASL authentication in the Postfix LMTP client. Enable SASL authentication in the Postfix LMTP client.
lmtp_sasl_auth_soft_bounce (default: yes) lmtp_sasl_auth_soft_bounce (default: yes)
The LMTP-specific version of the smtp_sasl_auth_soft_bounce configu ration parameter. See there for The LMTP-specific version of the smtp_sasl_auth_soft_bounce configurat ion parameter. See there for
details. details.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
lmtp_sasl_mechanism_filter (default: empty) lmtp_sasl_mechanism_filter (default: empty)
The LMTP-specific version of the smtp_sasl_mechanism_filter configurat ion parameter. See there for The LMTP-specific version of the smtp_sasl_mechanism_filter configu ration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_sasl_password_maps (default: empty) lmtp_sasl_password_maps (default: empty)
Optional Postfix LMTP client lookup tables with one username:passwor Optional Postfix LMTP client lookup tables with one username:password ent
d entry per host or domain. If a ry per host or domain. If a
remote host or domain has no username:password entry, then the Postfix LM remote host or domain has no username:password entry, then the Postfi
TP client will not attempt to x LMTP client will not attempt to
authenticate to the remote host. authenticate to the remote host.
lmtp_sasl_path (default: empty) lmtp_sasl_path (default: empty)
Implementation-specific information that is passed through to the SA Implementation-specific information that is passed through to the SASL
SL plug-in implementation that is plug-in implementation that is
selected with lmtp_sasl_type. Typically this specifies the name of a co selected with lmtp_sasl_type. Typically this specifies the name of a
nfiguration file or rendezvous configuration file or rendezvous
point. point.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_sasl_security_options (default: noplaintext, noanonymous) lmtp_sasl_security_options (default: noplaintext, noanonymous)
SASL security options; as of Postfix 2.3 the list of available features depends on the SASL client imple- SASL security options; as of Postfix 2.3 the list of available features d epends on the SASL client imple-
mentation that is selected with lmtp_sasl_type. mentation that is selected with lmtp_sasl_type.
The following security features are defined for the cyrus client SASL imp lementation: The following security features are defined for the cyrus client SASL imp lementation:
noplaintext noplaintext
Disallow authentication methods that use plaintext passwords. Disallow authentication methods that use plaintext passwords.
noactive noactive
Disallow authentication methods that are vulnerable to non-diction ary active attacks. Disallow authentication methods that are vulnerable to non-diction ary active attacks.
skipping to change at line 2510 skipping to change at line 2546
Disallow authentication methods that are vulnerable to passive dic tionary attack. Disallow authentication methods that are vulnerable to passive dic tionary attack.
noanonymous noanonymous
Disallow anonymous logins. Disallow anonymous logins.
Example: Example:
lmtp_sasl_security_options = noplaintext lmtp_sasl_security_options = noplaintext
lmtp_sasl_tls_security_options (default: $lmtp_sasl_security_options) lmtp_sasl_tls_security_options (default: $lmtp_sasl_security_options)
The LMTP-specific version of the smtp_sasl_tls_security_options configura tion parameter. See there for The LMTP-specific version of the smtp_sasl_tls_security_options config uration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_sasl_tls_verified_security_options (default: $lmtp_sasl_tls_security_option s) lmtp_sasl_tls_verified_security_options (default: $lmtp_sasl_tls_security_option s)
The LMTP-specific version of the smtp_sasl_tls_verified_security_opti ons configuration parameter. See The LMTP-specific version of the smtp_sasl_tls_verified_security_options configuration parameter. See
there for details. there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_sasl_type (default: cyrus) lmtp_sasl_type (default: cyrus)
The SASL plug-in type that the Postfix LMTP client should use for authent ication. The available types are The SASL plug-in type that the Postfix LMTP client should use for authent ication. The available types are
listed with the "postconf -A" command. listed with the "postconf -A" command.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_send_dummy_mail_auth (default: no) lmtp_send_dummy_mail_auth (default: no)
The LMTP-specific version of the smtp_send_dummy_mail_auth configur ation parameter. See there for The LMTP-specific version of the smtp_send_dummy_mail_auth configurat ion parameter. See there for
details. details.
This feature is available in Postfix 2.9 and later. This feature is available in Postfix 2.9 and later.
lmtp_send_xforward_command (default: no) lmtp_send_xforward_command (default: no)
Send an XFORWARD command to the remote LMTP server when the LMTP LHLO ser ver response announces XFORWARD Send an XFORWARD command to the remote LMTP server when the LMTP LHLO s erver response announces XFORWARD
support. This allows an lmtp(8) delivery agent, used for content filter message injection, to forward the support. This allows an lmtp(8) delivery agent, used for content filter message injection, to forward the
name, address, protocol and HELO name of the original client to the conte name, address, protocol and HELO name of the original client to the cont
nt filter and downstream queuing ent filter and downstream queuing
LMTP server. Before you change the value to yes, it is best to make s LMTP server. Before you change the value to yes, it is best to make sure
ure that your content filter sup- that your content filter sup-
ports this command. ports this command.
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
lmtp_sender_dependent_authentication (default: no) lmtp_sender_dependent_authentication (default: no)
The LMTP-specific version of the smtp_sender_dependent_authentication con figuration parameter. See there The LMTP-specific version of the smtp_sender_dependent_authentication co nfiguration parameter. See there
for details. for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_skip_5xx_greeting (default: yes) lmtp_skip_5xx_greeting (default: yes)
The LMTP-specific version of the smtp_skip_5xx_greeting configuration par ameter. See there for details. The LMTP-specific version of the smtp_skip_5xx_greeting configuration par ameter. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_skip_quit_response (default: no) lmtp_skip_quit_response (default: no)
Wait for the response to the LMTP QUIT command. Wait for the response to the LMTP QUIT command.
lmtp_starttls_timeout (default: 300s) lmtp_starttls_timeout (default: 300s)
The LMTP-specific version of the smtp_starttls_timeout configuration para meter. See there for details. The LMTP-specific version of the smtp_starttls_timeout configuration para meter. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tcp_port (default: 24) lmtp_tcp_port (default: 24)
The default TCP port that the Postfix LMTP client connects to. Specify a symbolic name (see services(5)) The default TCP port that the Postfix LMTP client connects to. Specify a symbolic name (see services(5))
or a numeric port. or a numeric port.
lmtp_tls_CAfile (default: empty) lmtp_tls_CAfile (default: empty)
The LMTP-specific version of the smtp_tls_CAfile configuration parameter. See there for details. The LMTP-specific version of the smtp_tls_CAfile configuration parameter. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_CApath (default: empty) lmtp_tls_CApath (default: empty)
The LMTP-specific version of the smtp_tls_CApath configuration parameter. See there for details. The LMTP-specific version of the smtp_tls_CApath configuration parameter. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_block_early_mail_reply (default: empty) lmtp_tls_block_early_mail_reply (default: empty)
The LMTP-specific version of the smtp_tls_block_early_mail_reply configur ation parameter. See there for The LMTP-specific version of the smtp_tls_block_early_mail_reply config uration parameter. See there for
details. details.
This feature is available in Postfix 2.7 and later. This feature is available in Postfix 2.7 and later.
lmtp_tls_cert_file (default: empty) lmtp_tls_cert_file (default: empty)
The LMTP-specific version of the smtp_tls_cert_file configuration paramet er. See there for details. The LMTP-specific version of the smtp_tls_cert_file configuration paramet er. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_chain_files (default: empty) lmtp_tls_chain_files (default: empty)
skipping to change at line 2624 skipping to change at line 2660
This feature is available in Postfix 2.6 and later, when Postfix is compi led and linked with OpenSSL 1.0.0 This feature is available in Postfix 2.6 and later, when Postfix is compi led and linked with OpenSSL 1.0.0
or later. or later.
lmtp_tls_eckey_file (default: empty) lmtp_tls_eckey_file (default: empty)
The LMTP-specific version of the smtp_tls_eckey_file configuration parame ter. See there for details. The LMTP-specific version of the smtp_tls_eckey_file configuration parame ter. See there for details.
This feature is available in Postfix 2.6 and later, when Postfix is compi led and linked with OpenSSL 1.0.0 This feature is available in Postfix 2.6 and later, when Postfix is compi led and linked with OpenSSL 1.0.0
or later. or later.
lmtp_tls_enforce_peername (default: yes) lmtp_tls_enforce_peername (default: yes)
The LMTP-specific version of the smtp_tls_enforce_peername configur ation parameter. See there for The LMTP-specific version of the smtp_tls_enforce_peername configurat ion parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_exclude_ciphers (default: empty) lmtp_tls_exclude_ciphers (default: empty)
The LMTP-specific version of the smtp_tls_exclude_ciphers configuration p arameter. See there for details. The LMTP-specific version of the smtp_tls_exclude_ciphers configuration p arameter. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_fingerprint_cert_match (default: empty) lmtp_tls_fingerprint_cert_match (default: empty)
The LMTP-specific version of the smtp_tls_fingerprint_cert_match configur ation parameter. See there for The LMTP-specific version of the smtp_tls_fingerprint_cert_match config uration parameter. See there for
details. details.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
lmtp_tls_fingerprint_digest (default: md5) lmtp_tls_fingerprint_digest (default: md5)
The LMTP-specific version of the smtp_tls_fingerprint_digest config uration parameter. See there for The LMTP-specific version of the smtp_tls_fingerprint_digest configurat ion parameter. See there for
details. details.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
lmtp_tls_force_insecure_host_tlsa_lookup (default: no) lmtp_tls_force_insecure_host_tlsa_lookup (default: no)
The LMTP-specific version of the smtp_tls_force_insecure_host_tlsa_lookup configuration parameter. See The LMTP-specific version of the smtp_tls_force_insecure_host_tlsa_loo kup configuration parameter. See
there for details. there for details.
This feature is available in Postfix 2.11 and later. This feature is available in Postfix 2.11 and later.
lmtp_tls_key_file (default: $lmtp_tls_cert_file) lmtp_tls_key_file (default: $lmtp_tls_cert_file)
The LMTP-specific version of the smtp_tls_key_file configuration paramete r. See there for details. The LMTP-specific version of the smtp_tls_key_file configuration paramete r. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_loglevel (default: 0) lmtp_tls_loglevel (default: 0)
The LMTP-specific version of the smtp_tls_loglevel configuration paramete r. See there for details. The LMTP-specific version of the smtp_tls_loglevel configuration paramete r. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_mandatory_ciphers (default: medium) lmtp_tls_mandatory_ciphers (default: medium)
The LMTP-specific version of the smtp_tls_mandatory_ciphers configu ration parameter. See there for The LMTP-specific version of the smtp_tls_mandatory_ciphers configurat ion parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_mandatory_exclude_ciphers (default: empty) lmtp_tls_mandatory_exclude_ciphers (default: empty)
The LMTP-specific version of the smtp_tls_mandatory_exclude_ciphers confi guration parameter. See there The LMTP-specific version of the smtp_tls_mandatory_exclude_ciphers co nfiguration parameter. See there
for details. for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_mandatory_protocols (default: !SSLv2, !SSLv3) lmtp_tls_mandatory_protocols (default: !SSLv2, !SSLv3)
The LMTP-specific version of the smtp_tls_mandatory_protocols confi guration parameter. See there for The LMTP-specific version of the smtp_tls_mandatory_protocols configura tion parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_note_starttls_offer (default: no) lmtp_tls_note_starttls_offer (default: no)
The LMTP-specific version of the smtp_tls_note_starttls_offer configurat ion parameter. See there for The LMTP-specific version of the smtp_tls_note_starttls_offer config uration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_per_site (default: empty) lmtp_tls_per_site (default: empty)
The LMTP-specific version of the smtp_tls_per_site configuration paramete r. See there for details. The LMTP-specific version of the smtp_tls_per_site configuration paramete r. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_policy_maps (default: empty) lmtp_tls_policy_maps (default: empty)
The LMTP-specific version of the smtp_tls_policy_maps configuration param eter. See there for details. The LMTP-specific version of the smtp_tls_policy_maps configuration param eter. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_protocols (default: !SSLv2, !SSLv3) lmtp_tls_protocols (default: !SSLv2, !SSLv3)
The LMTP-specific version of the smtp_tls_protocols configuration paramet er. See there for details. The LMTP-specific version of the smtp_tls_protocols configuration paramet er. See there for details.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
lmtp_tls_scert_verifydepth (default: 9) lmtp_tls_scert_verifydepth (default: 9)
The LMTP-specific version of the smtp_tls_scert_verifydepth configu ration parameter. See there for The LMTP-specific version of the smtp_tls_scert_verifydepth configurat ion parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_secure_cert_match (default: nexthop) lmtp_tls_secure_cert_match (default: nexthop)
The LMTP-specific version of the smtp_tls_secure_cert_match configura tion parameter. See there for The LMTP-specific version of the smtp_tls_secure_cert_match configu ration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_security_level (default: empty) lmtp_tls_security_level (default: empty)
The LMTP-specific version of the smtp_tls_security_level configuration pa rameter. See there for details. The LMTP-specific version of the smtp_tls_security_level configuration pa rameter. See there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_servername (default: empty) lmtp_tls_servername (default: empty)
The LMTP-specific version of the smtp_tls_servername configuration parame ter. See there for details. The LMTP-specific version of the smtp_tls_servername configuration parame ter. See there for details.
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
lmtp_tls_session_cache_database (default: empty) lmtp_tls_session_cache_database (default: empty)
The LMTP-specific version of the smtp_tls_session_cache_database confi guration parameter. See there for The LMTP-specific version of the smtp_tls_session_cache_database configur ation parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_session_cache_timeout (default: 3600s) lmtp_tls_session_cache_timeout (default: 3600s)
The LMTP-specific version of the smtp_tls_session_cache_timeout configura tion parameter. See there for The LMTP-specific version of the smtp_tls_session_cache_timeout config uration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_tls_trust_anchor_file (default: empty) lmtp_tls_trust_anchor_file (default: empty)
The LMTP-specific version of the smtp_tls_trust_anchor_file configu ration parameter. See there for The LMTP-specific version of the smtp_tls_trust_anchor_file configurat ion parameter. See there for
details. details.
This feature is available in Postfix 2.11 and later. This feature is available in Postfix 2.11 and later.
lmtp_tls_verify_cert_match (default: hostname) lmtp_tls_verify_cert_match (default: hostname)
The LMTP-specific version of the smtp_tls_verify_cert_match configura tion parameter. See there for The LMTP-specific version of the smtp_tls_verify_cert_match configu ration parameter. See there for
details. details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_use_tls (default: no) lmtp_use_tls (default: no)
The LMTP-specific version of the smtp_use_tls configuration parameter. S ee there for details. The LMTP-specific version of the smtp_use_tls configuration parameter. S ee there for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
lmtp_xforward_timeout (default: 300s) lmtp_xforward_timeout (default: 300s)
The Postfix LMTP client time limit for sending the XFORWARD command, and for receiving the remote LMTP The Postfix LMTP client time limit for sending the XFORWARD command, and for receiving the remote LMTP
server response. server response.
In case of problems the client does NOT try the next address on the mail exchanger list. In case of problems the client does NOT try the next address on the mail exchanger list.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
local_command_shell (default: empty) local_command_shell (default: empty)
Optional shell program for local(8) delivery to non-Postfix command. By default, non-Postfix commands are Optional shell program for local(8) delivery to non-Postfix command. By default, non-Postfix commands are
executed directly; commands are given to given to the default shell (typi cally, /bin/sh) only when they executed directly; commands are given to given to the default shell (t ypically, /bin/sh) only when they
contain shell meta characters or shell built-in commands. contain shell meta characters or shell built-in commands.
"sendmail's restricted shell" (smrsh) is what most people will use in or der to restrict what programs can "sendmail's restricted shell" (smrsh) is what most people will use in ord er to restrict what programs can
be run from e.g. .forward files (smrsh is part of the Sendmail distributi on). be run from e.g. .forward files (smrsh is part of the Sendmail distributi on).
Note: when a shell program is specified, it is invoked even when the comm and contains no shell built-in Note: when a shell program is specified, it is invoked even when the c ommand contains no shell built-in
commands or meta characters. commands or meta characters.
Example: Example:
local_command_shell = /some/where/smrsh -c local_command_shell = /some/where/smrsh -c
local_command_shell = /bin/bash -c local_command_shell = /bin/bash -c
local_delivery_status_filter (default: $default_delivery_status_filter) local_delivery_status_filter (default: $default_delivery_status_filter)
Optional filter for the local(8) delivery agent to change the status cod e or explanatory text of success- Optional filter for the local(8) delivery agent to change the status code or explanatory text of success-
ful or unsuccessful deliveries. See default_delivery_status_filter for d etails. ful or unsuccessful deliveries. See default_delivery_status_filter for d etails.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
local_destination_concurrency_limit (default: 2) local_destination_concurrency_limit (default: 2)
The maximal number of parallel deliveries via the local mail delivery tr The maximal number of parallel deliveries via the local mail deliver
ansport to the same recipient y transport to the same recipient
(when "local_destination_recipient_limit = 1") or the maximal number o (when "local_destination_recipient_limit = 1") or the maximal number of p
f parallel deliveries to the same arallel deliveries to the same
local domain (when "local_destination_recipient_limit > 1"). This limit i local domain (when "local_destination_recipient_limit > 1"). This limit
s enforced by the queue manager. is enforced by the queue manager.
The message delivery transport name is the first field in the entry in th e master.cf file. The message delivery transport name is the first field in the entry in th e master.cf file.
A low limit of 2 is recommended, just in case someone has an expensive sh ell command in a .forward file or A low limit of 2 is recommended, just in case someone has an expensive sh ell command in a .forward file or
in an alias (e.g., a mailing list manager). You don't want to run lots o f those at the same time. in an alias (e.g., a mailing list manager). You don't want to run lots o f those at the same time.
local_destination_recipient_limit (default: 1) local_destination_recipient_limit (default: 1)
The maximal number of recipients per message delivery via the local mail delivery transport. This limit is The maximal number of recipients per message delivery via the local mail delivery transport. This limit is
enforced by the queue manager. The message delivery transport name is th e first field in the entry in the enforced by the queue manager. The message delivery transport name is the first field in the entry in the
master.cf file. master.cf file.
Setting this parameter to a value > 1 changes the meaning of local_destin ation_concurrency_limit from con- Setting this parameter to a value > 1 changes the meaning of local_destin ation_concurrency_limit from con-
currency per recipient into concurrency per domain. currency per recipient into concurrency per domain.
local_header_rewrite_clients (default: permit_inet_interfaces) local_header_rewrite_clients (default: permit_inet_interfaces)
Rewrite message header addresses in mail from these clients and upd Rewrite message header addresses in mail from these clients and update
ate incomplete addresses with the incomplete addresses with the
domain name in $myorigin or $mydomain; either don't rewrite message heade domain name in $myorigin or $mydomain; either don't rewrite message head
rs from other clients at all, or ers from other clients at all, or
rewrite message headers and update incomplete addresses with the domain s pecified in the remote_header_re- rewrite message headers and update incomplete addresses with the domain s pecified in the remote_header_re-
write_domain parameter. write_domain parameter.
See the append_at_myorigin and append_dot_mydomain parameters for details of how domain names are appended See the append_at_myorigin and append_dot_mydomain parameters for details of how domain names are appended
to incomplete addresses. to incomplete addresses.
Specify a list of zero or more of the following: Specify a list of zero or more of the following:
permit_inet_interfaces permit_inet_interfaces
Append the domain name in $myorigin or $mydomain when the clien t IP address matches $inet_inter- Append the domain name in $myorigin or $mydomain when the client I P address matches $inet_inter-
faces. This is enabled by default. faces. This is enabled by default.
permit_mynetworks permit_mynetworks
Append the domain name in $myorigin or $mydomain when the client I Append the domain name in $myorigin or $mydomain when the client
P address matches any network or IP address matches any network or
network address listed in $mynetworks. This setting will not p network address listed in $mynetworks. This setting will not preve
revent remote mail header address nt remote mail header address
rewriting when mail from a remote client is forwarded by a neighbo ring system. rewriting when mail from a remote client is forwarded by a neighbo ring system.
permit_sasl_authenticated permit_sasl_authenticated
Append the domain name in $myorigin or $mydomain when the client i s successfully authenticated via Append the domain name in $myorigin or $mydomain when the client is successfully authenticated via
the RFC 4954 (AUTH) protocol. the RFC 4954 (AUTH) protocol.
permit_tls_clientcerts permit_tls_clientcerts
Append the domain name in $myorigin or $mydomain when the remote Append the domain name in $myorigin or $mydomain when the remote S
SMTP client TLS certificate fin- MTP client TLS certificate fin-
gerprint or public key fingerprint (Postfix 2.9 and later) is list gerprint or public key fingerprint (Postfix 2.9 and later) is l
ed in $relay_clientcerts. The isted in $relay_clientcerts. The
fingerprint digest algorithm is configurable via the smtpd_ tls_fingerprint_digest parameter fingerprint digest algorithm is configurable via the smtpd_ tls_fingerprint_digest parameter
(hard-coded as md5 prior to Postfix version 2.5). (hard-coded as md5 prior to Postfix version 2.5).
permit_tls_all_clientcerts permit_tls_all_clientcerts
Append the domain name in $myorigin or $mydomain when the remote S MTP client TLS certificate is Append the domain name in $myorigin or $mydomain when the remo te SMTP client TLS certificate is
successfully verified, regardless of whether it is listed on the s erver, and regardless of the cer- successfully verified, regardless of whether it is listed on the s erver, and regardless of the cer-
tifying authority. tifying authority.
check_address_map type:table check_address_map type:table
type:table type:table
Append the domain name in $myorigin or $mydomain when the client I Append the domain name in $myorigin or $mydomain when the client
P address matches the specified IP address matches the specified
lookup table. The lookup result is ignored, and no subnet look lookup table. The lookup result is ignored, and no subnet lookup
up is done. This is suitable for, is done. This is suitable for,
e.g., pop-before-smtp lookup tables. e.g., pop-before-smtp lookup tables.
Examples: Examples:
The Postfix < 2.2 backwards compatible setting: always rewrite message he aders, and always append my own The Postfix < 2.2 backwards compatible setting: always rewrite message headers, and always append my own
domain to incomplete header addresses. domain to incomplete header addresses.
local_header_rewrite_clients = static:all local_header_rewrite_clients = static:all
The purist (and default) setting: rewrite headers only in mail from Postf ix sendmail and in SMTP mail from The purist (and default) setting: rewrite headers only in mail from Postf ix sendmail and in SMTP mail from
this machine. this machine.
local_header_rewrite_clients = permit_inet_interfaces local_header_rewrite_clients = permit_inet_interfaces
The intermediate setting: rewrite header addresses and append $myorigin o r $mydomain information only with The intermediate setting: rewrite header addresses and append $myorigin o r $mydomain information only with
mail from Postfix sendmail, from local clients, or from authorized SMTP c lients. mail from Postfix sendmail, from local clients, or from authorized SMTP c lients.
Note: this setting will not prevent remote mail header address rewriting when mail from a remote client is Note: this setting will not prevent remote mail header address rewriting when mail from a remote client is
forwarded by a neighboring system. forwarded by a neighboring system.
local_header_rewrite_clients = permit_mynetworks, local_header_rewrite_clients = permit_mynetworks,
permit_sasl_authenticated permit_tls_clientcerts permit_sasl_authenticated permit_tls_clientcerts
check_address_map hash:/etc/postfix/pop-before-smtp check_address_map hash:/etc/postfix/pop-before-smtp
local_recipient_maps (default: proxy:unix:passwd.byname $alias_maps) local_recipient_maps (default: proxy:unix:passwd.byname $alias_maps)
Lookup tables with all names or addresses of local recipients: a recipie Lookup tables with all names or addresses of local recipients: a re
nt address is local when its cipient address is local when its
domain matches $mydestination, $inet_interfaces or $proxy_interfaces. S domain matches $mydestination, $inet_interfaces or $proxy_interfaces. Sp
pecify @domain as a wild-card for ecify @domain as a wild-card for
domains that do not have a valid recipient list. Technically, tables li domains that do not have a valid recipient list. Technically, tables
sted with $local_recipient_maps listed with $local_recipient_maps
are used as lists: Postfix needs to know only if a lookup string is foun are used as lists: Postfix needs to know only if a lookup string is found
d or not, but it does not use the or not, but it does not use the
result from table lookup. result from table lookup.
Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
If this parameter is non-empty (the default), then the Postfix SMTP se rver will reject mail for unknown If this parameter is non-empty (the default), then the Postfix SMTP serve r will reject mail for unknown
local users. local users.
To turn off local recipient checking in the Postfix SMTP server, specify "local_recipient_maps =" (i.e. To turn off local recipient checking in the Postfix SMTP server, speci fy "local_recipient_maps =" (i.e.
empty). empty).
The default setting assumes that you use the default Postfix local deliv ery agent for local delivery. You The default setting assumes that you use the default Postfix local delive ry agent for local delivery. You
need to update the local_recipient_maps setting if: need to update the local_recipient_maps setting if:
· You redefine the local delivery agent in master.cf. · You redefine the local delivery agent in master.cf.
· You redefine the "local_transport" setting in main.cf. · You redefine the "local_transport" setting in main.cf.
· You use the "luser_relay", "mailbox_transport", or "fallback_tran sport" feature of the Postfix · You use the "luser_relay", "mailbox_transport", or "fallback_ transport" feature of the Postfix
local(8) delivery agent. local(8) delivery agent.
Details are described in the LOCAL_RECIPIENT_README file. Details are described in the LOCAL_RECIPIENT_README file.
Beware: if the Postfix SMTP server runs chrooted, you need to access th Beware: if the Postfix SMTP server runs chrooted, you need to access the
e passwd file via the proxymap(8) passwd file via the proxymap(8)
service, in order to overcome chroot access restrictions. The alternative service, in order to overcome chroot access restrictions. The alternativ
, maintaining a copy of the sys- e, maintaining a copy of the sys-
tem password file in the chroot jail is not practical. tem password file in the chroot jail is not practical.
Examples: Examples:
local_recipient_maps = local_recipient_maps =
local_transport (default: local:$myhostname) local_transport (default: local:$myhostname)
The default mail delivery transport and next-hop destination for fina The default mail delivery transport and next-hop destination for final de
l delivery to domains listed with livery to domains listed with
mydestination, and for [ipaddress] destinations that match $inet_interfac mydestination, and for [ipaddress] destinations that match $inet_inter
es or $proxy_interfaces. This faces or $proxy_interfaces. This
information can be overruled with the transport(5) table. information can be overruled with the transport(5) table.
By default, local mail is delivered to the transport called "local", wh ich is just the name of a service By default, local mail is delivered to the transport called "local", whic h is just the name of a service
that is defined the master.cf file. that is defined the master.cf file.
Specify a string of the form transport:nexthop, where transport is the na Specify a string of the form transport:nexthop, where transport is the
me of a mail delivery transport name of a mail delivery transport
defined in master.cf. The :nexthop destination is optional; its syntax defined in master.cf. The :nexthop destination is optional; its syntax i
is documented in the manual page s documented in the manual page
of the corresponding delivery agent. of the corresponding delivery agent.
Beware: if you override the default local delivery agent then you nee d to review the LOCAL_RECIPI- Beware: if you override the default local delivery agent then you need to review the LOCAL_RECIPI-
ENT_README document, otherwise the SMTP server may reject mail for local recipients. ENT_README document, otherwise the SMTP server may reject mail for local recipients.
luser_relay (default: empty) luser_relay (default: empty)
Optional catch-all destination for unknown local(8) recipients. By def ault, mail for unknown recipients Optional catch-all destination for unknown local(8) recipients. By defau lt, mail for unknown recipients
in domains that match $mydestination, $inet_interfaces or $proxy_interfac es is returned as undeliverable. in domains that match $mydestination, $inet_interfaces or $proxy_interfac es is returned as undeliverable.
The luser_relay value is not subject to Postfix configuration parameter $ name expansion. Instead, the fol- The luser_relay value is not subject to Postfix configuration parameter $ name expansion. Instead, the fol-
lowing $name expansions are done: lowing $name expansions are done:
$domain $domain
The recipient domain. The recipient domain.
$extension $extension
The recipient address extension. The recipient address extension.
$home The recipient's home directory. $home The recipient's home directory.
$local The entire recipient address localpart. $local The entire recipient address localpart.
$recipient $recipient
The full recipient address. The full recipient address.
$recipient_delimiter $recipient_delimiter
The address extension delimiter that was found in the recipient address (Postfix 2.11 and later), The address extension delimiter that was found in the recipient ad dress (Postfix 2.11 and later),
or the system-wide recipient address extension delimiter (Postfix 2.10 and earlier). or the system-wide recipient address extension delimiter (Postfix 2.10 and earlier).
$shell The recipient's login shell. $shell The recipient's login shell.
$user The recipient username. $user The recipient username.
${name?value} ${name?value}
Expands to value when $name has a non-empty value. Expands to value when $name has a non-empty value.
${name:value} ${name:value}
Expands to value when $name has an empty value. Expands to value when $name has an empty value.
Instead of $name you can also specify ${name} or $(name). Instead of $name you can also specify ${name} or $(name).
Note: luser_relay works only for the Postfix local(8) delivery agent. Note: luser_relay works only for the Postfix local(8) delivery agent.
Note: if you use this feature for accounts not in the UNIX password Note: if you use this feature for accounts not in the UNIX pas
file, then you must specify sword file, then you must specify
"local_recipient_maps =" (i.e. empty) in the main.cf file, otherwise th "local_recipient_maps =" (i.e. empty) in the main.cf file, otherwise the
e Postfix SMTP server will reject Postfix SMTP server will reject
mail for non-UNIX accounts with "User unknown in local recipient table". mail for non-UNIX accounts with "User unknown in local recipient table".
Examples: Examples:
luser_relay = $user@other.host luser_relay = $user@other.host
luser_relay = $local@other.host luser_relay = $local@other.host
luser_relay = admin+$local luser_relay = admin+$local
mail_name (default: Postfix) mail_name (default: Postfix)
The mail system name that is displayed in Received: headers, in the SMTP greeting banner, and in bounced The mail system name that is displayed in Received: headers, in the SMT P greeting banner, and in bounced
mail. mail.
mail_owner (default: postfix) mail_owner (default: postfix)
The UNIX system account that owns the Postfix queue and most Postfix da The UNIX system account that owns the Postfix queue and most Postfix daem
emon processes. Specify the name on processes. Specify the name
of an unprivileged user account that does not share a user or group ID wi of an unprivileged user account that does not share a user or group ID w
th other accounts, and that owns ith other accounts, and that owns
no other files or processes on the system. In particular, don't specif no other files or processes on the system. In particular, don't specify
y nobody or daemon. PLEASE USE A nobody or daemon. PLEASE USE A
DEDICATED USER ID AND GROUP ID. DEDICATED USER ID AND GROUP ID.
When this parameter value is changed you need to re-run "postfix set-perm issions" (with Postfix version When this parameter value is changed you need to re-run "postfix set-p ermissions" (with Postfix version
2.0 and earlier: "/etc/postfix/post-install set-permissions". 2.0 and earlier: "/etc/postfix/post-install set-permissions".
mail_release_date (default: see postconf -d output) mail_release_date (default: see postconf -d output)
The Postfix release date, in "YYYYMMDD" format. The Postfix release date, in "YYYYMMDD" format.
mail_spool_directory (default: see postconf -d output) mail_spool_directory (default: see postconf -d output)
The directory where local(8) UNIX-style mailboxes are kept. The defa ult setting depends on the system The directory where local(8) UNIX-style mailboxes are kept. The default setting depends on the system
type. Specify a name ending in / for maildir-style delivery. type. Specify a name ending in / for maildir-style delivery.
Note: maildir delivery is done with the privileges of the recipient. If you use the mail_spool_directory Note: maildir delivery is done with the privileges of the recipient. If you use the mail_spool_directory
setting for maildir style delivery, then you must create the top-level ma ildir directory in advance. Post- setting for maildir style delivery, then you must create the top-level ma ildir directory in advance. Post-
fix will not create it. fix will not create it.
Examples: Examples:
mail_spool_directory = /var/mail mail_spool_directory = /var/mail
mail_spool_directory = /var/spool/mail mail_spool_directory = /var/spool/mail
mail_version (default: see postconf -d output) mail_version (default: see postconf -d output)
The version of the mail system. Stable releases are named major.minor.pa tchlevel. Experimental releases The version of the mail system. Stable releases are named major.minor. patchlevel. Experimental releases
also include the release date. The version string can be used in, for exa mple, the SMTP greeting banner. also include the release date. The version string can be used in, for exa mple, the SMTP greeting banner.
mailbox_command (default: empty) mailbox_command (default: empty)
Optional external command that the local(8) delivery agent should use f or mailbox delivery. The command Optional external command that the local(8) delivery agent should use for mailbox delivery. The command
is run with the user ID and the primary group ID privileges of the recipi ent. Exception: command delivery is run with the user ID and the primary group ID privileges of the recipi ent. Exception: command delivery
for root executes with $default_privs privileges. This is not a problem , because 1) mail for root should for root executes with $default_privs privileges. This is not a problem, because 1) mail for root should
always be aliased to a real user and 2) don't log in as root, use "su" in stead. always be aliased to a real user and 2) don't log in as root, use "su" in stead.
The following environment variables are exported to the command: The following environment variables are exported to the command:
CLIENT_ADDRESS CLIENT_ADDRESS
Remote client network address. Available in Postfix version 2.2 an d later. Remote client network address. Available in Postfix version 2.2 an d later.
CLIENT_HELO CLIENT_HELO
Remote client EHLO command parameter. Available in Postfix version 2.2 and later. Remote client EHLO command parameter. Available in Postfix version 2.2 and later.
skipping to change at line 3037 skipping to change at line 3073
LOGNAME LOGNAME
The recipient's username. The recipient's username.
ORIGINAL_RECIPIENT ORIGINAL_RECIPIENT
The entire recipient address, before any address rewriting or alia sing. The entire recipient address, before any address rewriting or alia sing.
RECIPIENT RECIPIENT
The full recipient address. The full recipient address.
SASL_METHOD SASL_METHOD
SASL authentication method specified in the remote client AUTH com mand. Available in Postfix ver- SASL authentication method specified in the remote client AUTH c ommand. Available in Postfix ver-
sion 2.2 and later. sion 2.2 and later.
SASL_SENDER SASL_SENDER
SASL sender address specified in the remote client MAIL FROM comm and. Available in Postfix version SASL sender address specified in the remote client MAIL FROM comma nd. Available in Postfix version
2.2 and later. 2.2 and later.
SASL_USER SASL_USER
SASL username specified in the remote client AUTH command. Availa ble in Postfix version 2.2 and SASL username specified in the remote client AUTH command. Ava ilable in Postfix version 2.2 and
later. later.
SENDER The full sender address. SENDER The full sender address.
SHELL The recipient's login shell. SHELL The recipient's login shell.
USER The recipient username. USER The recipient username.
Unlike other Postfix configuration parameters, the mailbox_command pa rameter is not subjected to $name Unlike other Postfix configuration parameters, the mailbox_command parame ter is not subjected to $name
substitutions. This is to make it easier to specify shell syntax (see exa mple below). substitutions. This is to make it easier to specify shell syntax (see exa mple below).
If you can, avoid shell meta characters because they will force Postfix t o run an expensive shell process. If you can, avoid shell meta characters because they will force Postfix t o run an expensive shell process.
If you're delivering via "procmail" then running a shell won't make a n oticeable difference in the total If you're delivering via "procmail" then running a shell won't make a not iceable difference in the total
cost. cost.
Note: if you use the mailbox_command feature to deliver mail system-wide, you must set up an alias that Note: if you use the mailbox_command feature to deliver mail system-wi de, you must set up an alias that
forwards mail for root to a real user. forwards mail for root to a real user.
The precedence of local(8) delivery features from high to low is: aliase The precedence of local(8) delivery features from high to low is: aliases
s, .forward files, mailbox_trans- , .forward files, mailbox_trans-
port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, hom port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, ho
e_mailbox, mail_spool_directory, me_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay. fallback_transport_maps, fallback_transport and luser_relay.
Examples: Examples:
mailbox_command = /some/where/procmail mailbox_command = /some/where/procmail
mailbox_command = /some/where/procmail -a "$EXTENSION" mailbox_command = /some/where/procmail -a "$EXTENSION"
mailbox_command = /some/where/maildrop -d "$USER" mailbox_command = /some/where/maildrop -d "$USER"
-f "$SENDER" "$EXTENSION" -f "$SENDER" "$EXTENSION"
mailbox_command_maps (default: empty) mailbox_command_maps (default: empty)
Optional lookup tables with per-recipient external commands to use for l ocal(8) mailbox delivery. Behav- Optional lookup tables with per-recipient external commands to use for lo cal(8) mailbox delivery. Behav-
ior is as with mailbox_command. ior is as with mailbox_command.
The precedence of local(8) delivery features from high to low is: aliases The precedence of local(8) delivery features from high to low is: aliase
, .forward files, mailbox_trans- s, .forward files, mailbox_trans-
port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, ho port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, hom
me_mailbox, mail_spool_directory, e_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay. fallback_transport_maps, fallback_transport and luser_relay.
Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
mailbox_delivery_lock (default: see postconf -d output) mailbox_delivery_lock (default: see postconf -d output)
How to lock a UNIX-style local(8) mailbox before attempting delivery. F or a list of available file lock- How to lock a UNIX-style local(8) mailbox before attempting delivery. Fo r a list of available file lock-
ing methods, use the "postconf -l" command. ing methods, use the "postconf -l" command.
This setting is ignored with maildir style delivery, because such deliver ies are safe without explicit This setting is ignored with maildir style delivery, because such del iveries are safe without explicit
locks. locks.
Note: The dotlock method requires that the recipient UID or GID has wri te access to the parent directory Note: The dotlock method requires that the recipient UID or GID has write access to the parent directory
of the mailbox file. of the mailbox file.
Note: the default setting of this parameter is system dependent. Note: the default setting of this parameter is system dependent.
mailbox_size_limit (default: 51200000) mailbox_size_limit (default: 51200000)
The maximal size of any local(8) individual mailbox or maildir file, or z The maximal size of any local(8) individual mailbox or maildir file, o
ero (no limit). In fact, this r zero (no limit). In fact, this
limits the size of any file that is written to upon local delivery, in limits the size of any file that is written to upon local delivery, inclu
cluding files written by external ding files written by external
commands that are executed by the local(8) delivery agent. commands that are executed by the local(8) delivery agent.
This limit must not be smaller than the message size limit. This limit must not be smaller than the message size limit.
mailbox_transport (default: empty) mailbox_transport (default: empty)
Optional message delivery transport that the local(8) delivery agent shou ld use for mailbox delivery to Optional message delivery transport that the local(8) delivery agent s hould use for mailbox delivery to
all local recipients, whether or not they are found in the UNIX passwd da tabase. all local recipients, whether or not they are found in the UNIX passwd da tabase.
The precedence of local(8) delivery features from high to low is: aliase The precedence of local(8) delivery features from high to low is: aliases
s, .forward files, mailbox_trans- , .forward files, mailbox_trans-
port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, hom port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, ho
e_mailbox, mail_spool_directory, me_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay. fallback_transport_maps, fallback_transport and luser_relay.
mailbox_transport_maps (default: empty) mailbox_transport_maps (default: empty)
Optional lookup tables with per-recipient message delivery transports t o use for local(8) mailbox deliv- Optional lookup tables with per-recipient message delivery transports to use for local(8) mailbox deliv-
ery, whether or not the recipients are found in the UNIX passwd database. ery, whether or not the recipients are found in the UNIX passwd database.
The precedence of local(8) delivery features from high to low is: aliases The precedence of local(8) delivery features from high to low is: aliase
, .forward files, mailbox_trans- s, .forward files, mailbox_trans-
port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, ho port_maps, mailbox_transport, mailbox_command_maps, mailbox_command, hom
me_mailbox, mail_spool_directory, e_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay. fallback_transport_maps, fallback_transport and luser_relay.
Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
For safety reasons, this feature does not allow $number substitutions in regular expression maps. For safety reasons, this feature does not allow $number substitutions in regular expression maps.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
maillog_file (default: empty) maillog_file (default: empty)
The name of an optional logfile that is written by the Postfix postlogd(8 ) service. An empty value selects The name of an optional logfile that is written by the Postfix postlogd(8 ) service. An empty value selects
logging to syslogd(8). Specify "/dev/stdout" to select logging to s tandard output. Stdout logging logging to syslogd(8). Specify "/dev/stdout" to select logging t o standard output. Stdout logging
requires that Postfix is started with "postfix start-fg". requires that Postfix is started with "postfix start-fg".
Note 1: The maillog_file parameter value must contain a prefix that is specified with the mail- Note 1: The maillog_file parameter value must contain a prefix that is specified with the mail-
log_file_prefixes parameter. log_file_prefixes parameter.
Note 2: Some Postfix non-daemon programs may still log information to sys logd(8), before they have pro- Note 2: Some Postfix non-daemon programs may still log information to syslogd(8), before they have pro-
cessed their configuration parameters and command-line options. cessed their configuration parameters and command-line options.
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
maillog_file_compressor (default: gzip) maillog_file_compressor (default: gzip)
The program to run after rotating $maillog_file with "postfix logrot ate". The command is run with the The program to run after rotating $maillog_file with "postfix logrotate". The command is run with the
rotated logfile name as its first argument. rotated logfile name as its first argument.
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
maillog_file_prefixes (default: /var, /dev/stdout) maillog_file_prefixes (default: /var, /dev/stdout)
A list of allowed prefixes for a maillog_file value. This is a safety fea ture to contain the damage from a A list of allowed prefixes for a maillog_file value. This is a safety fea ture to contain the damage from a
single configuration mistake. Specify one or more prefix strings, separat ed by comma or whitespace. single configuration mistake. Specify one or more prefix strings, separat ed by comma or whitespace.
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
maillog_file_rotate_suffix (default: %Y%m%d-%H%M%S) maillog_file_rotate_suffix (default: %Y%m%d-%H%M%S)
The format of the suffix to append to $maillog_file while rotating the f ile with "postfix logrotate". See The format of the suffix to append to $maillog_file while rotating the fi le with "postfix logrotate". See
strftime(3) for syntax. The default suffix, YYYYMMDD-HHMMSS, allows logs to be rotated frequently. strftime(3) for syntax. The default suffix, YYYYMMDD-HHMMSS, allows logs to be rotated frequently.
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
mailq_path (default: see postconf -d output) mailq_path (default: see postconf -d output)
Sendmail compatibility feature that specifies where the Postfix mailq(1) command is installed. This com- Sendmail compatibility feature that specifies where the Postfix mailq(1 ) command is installed. This com-
mand can be used to list the Postfix mail queue. mand can be used to list the Postfix mail queue.
manpage_directory (default: see postconf -d output) manpage_directory (default: see postconf -d output)
Where the Postfix manual pages are installed. Where the Postfix manual pages are installed.
maps_rbl_domains (default: empty) maps_rbl_domains (default: empty)
Obsolete feature: use the reject_rbl_client feature instead. Obsolete feature: use the reject_rbl_client feature instead.
maps_rbl_reject_code (default: 554) maps_rbl_reject_code (default: 554)
The numerical Postfix SMTP server response code when a remote SMTP The numerical Postfix SMTP server response code when a remote SMTP clie
client request is blocked by the nt request is blocked by the
reject_rbl_client, reject_rhsbl_client, reject_rhsbl_reverse_clien reject_rbl_client, reject_rhsbl_client, reject_rhsbl_reverse_clie
t, reject_rhsbl_sender or nt, reject_rhsbl_sender or
reject_rhsbl_recipient restriction. reject_rhsbl_recipient restriction.
Do not change this unless you have a complete understanding of RFC 5321. Do not change this unless you have a complete understanding of RFC 5321.
masquerade_classes (default: envelope_sender, header_sender, header_recipient) masquerade_classes (default: envelope_sender, header_sender, header_recipient)
What addresses are subject to address masquerading. What addresses are subject to address masquerading.
By default, address masquerading is limited to envelope sender addresses , and to header sender and header By default, address masquerading is limited to envelope sender addresses, and to header sender and header
recipient addresses. This allows you to use address masquerading on a ma il gateway while still being able recipient addresses. This allows you to use address masquerading on a ma il gateway while still being able
to forward mail to users on individual machines. to forward mail to users on individual machines.
Specify zero or more of: envelope_sender, envelope_recipient, header_send er, header_recipient Specify zero or more of: envelope_sender, envelope_recipient, header_send er, header_recipient
masquerade_domains (default: empty) masquerade_domains (default: empty)
Optional list of domains whose subdomain structure will be stripped off i n email addresses. Optional list of domains whose subdomain structure will be stripped off i n email addresses.
The list is processed left to right, and processing stops at the first ma tch. Thus, The list is processed left to right, and processing stops at the first ma tch. Thus,
masquerade_domains = foo.example.com example.com masquerade_domains = foo.example.com example.com
strips "user@any.thing.foo.example.com" to "user@foo.example.com", but strips "user@any.thing.else.exam- strips "user@any.thing.foo.example.com" to "user@foo.example.com", but s trips "user@any.thing.else.exam-
ple.com" to "user@example.com". ple.com" to "user@example.com".
A domain name prefixed with ! means do not masquerade this domain or its subdomains. Thus, A domain name prefixed with ! means do not masquerade this domain or its subdomains. Thus,
masquerade_domains = !foo.example.com example.com masquerade_domains = !foo.example.com example.com
does not change "user@any.thing.foo.example.com" or "user@f oo.example.com", but strips does not change "user@any.thing.foo.example.com" or "user@ foo.example.com", but strips
"user@any.thing.else.example.com" to "user@example.com". "user@any.thing.else.example.com" to "user@example.com".
Note: with Postfix version 2.2, message header address masquerading happens only when message header Note: with Postfix version 2.2, message header address masquerading hap pens only when message header
address rewriting is enabled: address rewriting is enabled:
· The message is received with the Postfix sendmail(1) command, · The message is received with the Postfix sendmail(1) command,
· The message is received from a network client that matches $local_ header_rewrite_clients, · The message is received from a network client that matches $local_ header_rewrite_clients,
· The message is received from the network, and the remote_header_re write_domain parameter specifies · The message is received from the network, and the remote_header_r ewrite_domain parameter specifies
a non-empty value. a non-empty value.
To get the behavior before Postfix version 2.2, specify "local_header_rew rite_clients = static:all". To get the behavior before Postfix version 2.2, specify "local_header_rew rite_clients = static:all".
Example: Example:
masquerade_domains = $mydomain masquerade_domains = $mydomain
masquerade_exceptions (default: empty) masquerade_exceptions (default: empty)
Optional list of user names that are not subjected to address masque rading, even when their addresses Optional list of user names that are not subjected to address masqueradi ng, even when their addresses
match $masquerade_domains. match $masquerade_domains.
By default, address masquerading makes no exceptions. By default, address masquerading makes no exceptions.
Specify a list of user names, "/file/name" or "type:table" patterns, sepa Specify a list of user names, "/file/name" or "type:table" patterns,
rated by commas and/or white- separated by commas and/or white-
space. The list is matched left to right, and the search stops on the fi space. The list is matched left to right, and the search stops on the fir
rst match. A "/file/name" pattern st match. A "/file/name" pattern
is replaced by its contents; a "type:table" lookup table is matched when is replaced by its contents; a "type:table" lookup table is matched when
a name matches a lookup key (the a name matches a lookup key (the
lookup result is ignored). Continue long lines by starting the next lin lookup result is ignored). Continue long lines by starting the next line
e with whitespace. Specify "!pat- with whitespace. Specify "!pat-
tern" to exclude a name from the list. The form "!/file/name" is supporte d only in Postfix version 2.4 and tern" to exclude a name from the list. The form "!/file/name" is supporte d only in Postfix version 2.4 and
later. later.
Examples: Examples:
masquerade_exceptions = root, mailer-daemon masquerade_exceptions = root, mailer-daemon
masquerade_exceptions = root masquerade_exceptions = root
master_service_disable (default: empty) master_service_disable (default: empty)
Selectively disable master(8) listener ports by service type or by servi Selectively disable master(8) listener ports by service type or by servic
ce name and type. Specify a list e name and type. Specify a list
of service types ("inet", "unix", "fifo", or "pass") or "name/type" tuple of service types ("inet", "unix", "fifo", or "pass") or "name/type"
s, where "name" is the first tuples, where "name" is the first
field of a master.cf entry and "type" is a service type. As with other P field of a master.cf entry and "type" is a service type. As with other Po
ostfix matchlists, a search stops stfix matchlists, a search stops
at the first match. Specify "!pattern" to exclude a service from the lis t. By default, all master(8) lis- at the first match. Specify "!pattern" to exclude a service from the lis t. By default, all master(8) lis-
tener ports are enabled. tener ports are enabled.
Note: this feature does not support "/file/name" or "type:table" patter ns, nor does it support wildcards Note: this feature does not support "/file/name" or "type:table" patterns , nor does it support wildcards
such as "*" or "all". This is intentional. such as "*" or "all". This is intentional.
Examples: Examples:
# With Postfix 2.6..2.10 use '.' instead of '/'. # With Postfix 2.6..2.10 use '.' instead of '/'.
# Turn on all master(8) listener ports (the default). # Turn on all master(8) listener ports (the default).
master_service_disable = master_service_disable =
# Turn off only the main SMTP listener port. # Turn off only the main SMTP listener port.
master_service_disable = smtp/inet master_service_disable = smtp/inet
# Turn off all TCP/IP listener ports. # Turn off all TCP/IP listener ports.
master_service_disable = inet master_service_disable = inet
# Turn off all TCP/IP listener ports except "foo". # Turn off all TCP/IP listener ports except "foo".
master_service_disable = !foo/inet, inet master_service_disable = !foo/inet, inet
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
max_idle (default: 100s) max_idle (default: 100s)
The maximum amount of time that an idle Postfix daemon process waits for The maximum amount of time that an idle Postfix daemon process waits
an incoming connection before for an incoming connection before
terminating voluntarily. This parameter is ignored by the Postfix queu terminating voluntarily. This parameter is ignored by the Postfix queue
e manager and by other long-lived manager and by other long-lived
Postfix daemon processes. Postfix daemon processes.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
max_use (default: 100) max_use (default: 100)
The maximal number of incoming connections that a Postfix daemon proces The maximal number of incoming connections that a Postfix daemon process
s will service before terminating will service before terminating
voluntarily. This parameter is ignored by the Postfix queue manager and voluntarily. This parameter is ignored by the Postfix queue manager and
by other long-lived Postfix dae- by other long-lived Postfix dae-
mon processes. mon processes.
maximal_backoff_time (default: 4000s) maximal_backoff_time (default: 4000s)
The maximal time between attempts to deliver a deferred message. The maximal time between attempts to deliver a deferred message.
This parameter should be set to a value greater than or equal t o $minimal_backoff_time. See also This parameter should be set to a value greater than or equal to $minimal_backoff_time. See also
$queue_run_delay. $queue_run_delay.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
maximal_queue_lifetime (default: 5d) maximal_queue_lifetime (default: 5d)
Consider a message as undeliverable, when delivery fails with a temporary error, and the time in the queue Consider a message as undeliverable, when delivery fails with a temporary error, and the time in the queue
has reached the maximal_queue_lifetime limit. has reached the maximal_queue_lifetime limit.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is d (days). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is d (days).
Specify 0 when mail delivery should be tried only once. Specify 0 when mail delivery should be tried only once.
message_drop_headers (default: bcc, content-length, resent-bcc, return-path) message_drop_headers (default: bcc, content-length, resent-bcc, return-path)
Names of message headers that the cleanup(8) daemon will remove after app lying header_checks(5) and before Names of message headers that the cleanup(8) daemon will remove after app lying header_checks(5) and before
invoking Milter applications. The default setting is compatible with Pos tfix < 3.0. invoking Milter applications. The default setting is compatible with Pos tfix < 3.0.
Specify a list of header names, separated by comma or space. Names are m atched in a case-insensitive man- Specify a list of header names, separated by comma or space. Names are m atched in a case-insensitive man-
ner. The list of supported header names is limited only by available mem ory. ner. The list of supported header names is limited only by available mem ory.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
message_reject_characters (default: empty) message_reject_characters (default: empty)
The set of characters that Postfix will reject in message content. The u sual C-like escape sequences are The set of characters that Postfix will reject in message content. The usual C-like escape sequences are
recognized: \a \b \f \n \r \t \v \ddd (up to three octal digits) and \\. recognized: \a \b \f \n \r \t \v \ddd (up to three octal digits) and \\.
Note 1: this feature does not recognize text that requires MIME decoding. It inspects raw message content, Note 1: this feature does not recognize text that requires MIME decoding. It inspects raw message content,
just like header_checks and body_checks. just like header_checks and body_checks.
Note 2: this feature is disabled with "receive_override_options = no_head er_body_checks". Note 2: this feature is disabled with "receive_override_options = no_head er_body_checks".
Example: Example:
message_reject_characters = \0 message_reject_characters = \0
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
message_size_limit (default: 10240000) message_size_limit (default: 10240000)
The maximal size in bytes of a message, including envelope information. The maximal size in bytes of a message, including envelope information.
Note: be careful when making changes. Excessively small values will resu lt in the loss of non-delivery Note: be careful when making changes. Excessively small values will r esult in the loss of non-delivery
notifications, when a bounce message size exceeds the local or remote MTA 's message size limit. notifications, when a bounce message size exceeds the local or remote MTA 's message size limit.
message_strip_characters (default: empty) message_strip_characters (default: empty)
The set of characters that Postfix will remove from message content. The usual C-like escape sequences The set of characters that Postfix will remove from message content. The usual C-like escape sequences
are recognized: \a \b \f \n \r \t \v \ddd (up to three octal digits) and \\. are recognized: \a \b \f \n \r \t \v \ddd (up to three octal digits) and \\.
Note 1: this feature does not recognize text that requires MIME decoding. It inspects raw message content, Note 1: this feature does not recognize text that requires MIME decoding. It inspects raw message content,
just like header_checks and body_checks. just like header_checks and body_checks.
Note 2: this feature is disabled with "receive_override_options = no_head er_body_checks". Note 2: this feature is disabled with "receive_override_options = no_head er_body_checks".
Example: Example:
message_strip_characters = \0 message_strip_characters = \0
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
meta_directory (default: see 'postconf -d' output) meta_directory (default: see 'postconf -d' output)
The location of non-executable files that are shared among multiple The location of non-executable files that are shared among multiple Pos
Postfix instances, such as post- tfix instances, such as post-
fix-files, dynamicmaps.cf, and the multi-instance template files main.cf. fix-files, dynamicmaps.cf, and the multi-instance template files main.cf
proto and master.cf.proto. This .proto and master.cf.proto. This
directory should contain only Postfix-related files. Typically, the meta _directory parameter has the same directory should contain only Postfix-related files. Typically, the meta _directory parameter has the same
default as the config_directory parameter (/etc/postfix or /usr/local/etc /postfix). default as the config_directory parameter (/etc/postfix or /usr/local/etc /postfix).
For backwards compatibility with Postfix versions 2.6..2.11, specify "met For backwards compatibility with Postfix versions 2.6..2.11, specify "me
a_directory = $daemon_directory" ta_directory = $daemon_directory"
in main.cf before installing or upgrading Postfix, or specify "meta_dir in main.cf before installing or upgrading Postfix, or specify "meta_direc
ectory = /path/name" on the "make tory = /path/name" on the "make
makefiles", "make install" or "make upgrade" command line. makefiles", "make install" or "make upgrade" command line.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
milter_command_timeout (default: 30s) milter_command_timeout (default: 30s)
The time limit for sending an SMTP command to a Milter (mail filter) appl ication, and for receiving the The time limit for sending an SMTP command to a Milter (mail filter) a pplication, and for receiving the
response. response.
Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the
time unit). time unit).
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_connect_macros (default: see postconf -d output) milter_connect_macros (default: see postconf -d output)
The macros that are sent to Milter (mail filter) applications after comp letion of an SMTP connection. See The macros that are sent to Milter (mail filter) applications after compl etion of an SMTP connection. See
MILTER_README for a list of available macro names and their meanings. MILTER_README for a list of available macro names and their meanings.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_connect_timeout (default: 30s) milter_connect_timeout (default: 30s)
The time limit for connecting to a Milter (mail filter) application, and for negotiating protocol options. The time limit for connecting to a Milter (mail filter) application, and for negotiating protocol options.
Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the
time unit). time unit).
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_content_timeout (default: 300s) milter_content_timeout (default: 300s)
The time limit for sending message content to a Milter (mail filter) appl ication, and for receiving the The time limit for sending message content to a Milter (mail filter) a pplication, and for receiving the
response. response.
Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the
time unit). time unit).
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_data_macros (default: see postconf -d output) milter_data_macros (default: see postconf -d output)
The macros that are sent to version 4 or higher Milter (mail filter) appl ications after the SMTP DATA com- The macros that are sent to version 4 or higher Milter (mail filter) appl ications after the SMTP DATA com-
mand. See MILTER_README for a list of available macro names and their mea nings. mand. See MILTER_README for a list of available macro names and their mea nings.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_default_action (default: tempfail) milter_default_action (default: tempfail)
The default action when a Milter (mail filter) response is unavailable (f or example, bad Postfix configu- The default action when a Milter (mail filter) response is unavailable ( for example, bad Postfix configu-
ration or Milter failure). Specify one of the following: ration or Milter failure). Specify one of the following:
accept Proceed as if the mail filter was not present. accept Proceed as if the mail filter was not present.
reject Reject all further commands in this session with a permanent statu s code. reject Reject all further commands in this session with a permanent statu s code.
tempfail tempfail
Reject all further commands in this session with a temporary statu s code. Reject all further commands in this session with a temporary statu s code.
quarantine quarantine
Like "accept", but freeze the message in the "hold" queue. Availab le with Postfix 2.6 and later. Like "accept", but freeze the message in the "hold" queue. Availab le with Postfix 2.6 and later.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_end_of_data_macros (default: see postconf -d output) milter_end_of_data_macros (default: see postconf -d output)
The macros that are sent to Milter (mail filter) applications after the message end-of-data. See MIL- The macros that are sent to Milter (mail filter) applications after the message end-of-data. See MIL-
TER_README for a list of available macro names and their meanings. TER_README for a list of available macro names and their meanings.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_end_of_header_macros (default: see postconf -d output) milter_end_of_header_macros (default: see postconf -d output)
The macros that are sent to Milter (mail filter) applications after the e nd of the message header. See The macros that are sent to Milter (mail filter) applications after t he end of the message header. See
MILTER_README for a list of available macro names and their meanings. MILTER_README for a list of available macro names and their meanings.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
milter_header_checks (default: empty) milter_header_checks (default: empty)
Optional lookup tables for content inspection of message headers that are produced by Milter applications. Optional lookup tables for content inspection of message headers that are produced by Milter applications.
See the header_checks(5) manual page available actions. Currently, PREPEN D is not implemented. See the header_checks(5) manual page available actions. Currently, PREPEN D is not implemented.
The following example sends all mail that is marked as SPAM to a spam han dling machine. Note that matches The following example sends all mail that is marked as SPAM to a spam ha ndling machine. Note that matches
are case-insensitive by default. are case-insensitive by default.
/etc/postfix/main.cf: /etc/postfix/main.cf:
milter_header_checks = pcre:/etc/postfix/milter_header_checks milter_header_checks = pcre:/etc/postfix/milter_header_checks
/etc/postfix/milter_header_checks: /etc/postfix/milter_header_checks:
/^X-SPAM-FLAG:\s+YES/ FILTER mysmtp:sanitizer.example.com:25 /^X-SPAM-FLAG:\s+YES/ FILTER mysmtp:sanitizer.example.com:25
The milter_header_checks mechanism could also be used for whitelisting . For example it could be used to The milter_header_checks mechanism could also be used for whitelisting. F or example it could be used to
skip heavy content inspection for DKIM-signed mail from known friendly do mains. skip heavy content inspection for DKIM-signed mail from known friendly do mains.
This feature is available in Postfix 2.7, and as an optional patch for Po stfix 2.6. This feature is available in Postfix 2.7, and as an optional patch for Po stfix 2.6.
milter_helo_macros (default: see postconf -d output) milter_helo_macros (default: see postconf -d output)
The macros that are sent to Milter (mail filter) applications after the S MTP HELO or EHLO command. See The macros that are sent to Milter (mail filter) applications after t he SMTP HELO or EHLO command. See
MILTER_README for a list of available macro names and their meanings. MILTER_README for a list of available macro names and their meanings.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_macro_daemon_name (default: $myhostname) milter_macro_daemon_name (default: $myhostname)
The {daemon_name} macro value for Milter (mail filter) applications. See MILTER_README for a list of The {daemon_name} macro value for Milter (mail filter) applications. See MILTER_README for a list of
available macro names and their meanings. available macro names and their meanings.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_macro_defaults (default: empty) milter_macro_defaults (default: empty)
Optional list of name=value pairs that specify default values for arbitra Optional list of name=value pairs that specify default values for arbit
ry macros that Postfix may send rary macros that Postfix may send
to Milter applications. These defaults are used when there is no corres to Milter applications. These defaults are used when there is no corresp
ponding information from the mes- onding information from the mes-
sage delivery context. sage delivery context.
Specify name=value or {name}=value pairs separated by comma or whitespace Specify name=value or {name}=value pairs separated by comma or whitespac
. Enclose a pair in "{}" when a e. Enclose a pair in "{}" when a
value contains comma or whitespace (this form ignores whitespace after t value contains comma or whitespace (this form ignores whitespace after th
he enclosing "{", around the "=", e enclosing "{", around the "=",
and before the enclosing "}"). and before the enclosing "}").
This feature is available in Postfix 3.1 and later. This feature is available in Postfix 3.1 and later.
milter_macro_v (default: $mail_name $mail_version) milter_macro_v (default: $mail_name $mail_version)
The {v} macro value for Milter (mail filter) applications. See MILTER_RE ADME for a list of available The {v} macro value for Milter (mail filter) applications. See MILT ER_README for a list of available
macro names and their meanings. macro names and their meanings.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_mail_macros (default: see postconf -d output) milter_mail_macros (default: see postconf -d output)
The macros that are sent to Milter (mail filter) applications after the SMTP MAIL FROM command. See MIL- The macros that are sent to Milter (mail filter) applications after the S MTP MAIL FROM command. See MIL-
TER_README for a list of available macro names and their meanings. TER_README for a list of available macro names and their meanings.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_protocol (default: 6) milter_protocol (default: 6)
The mail filter protocol version and optional protocol extensions for com munication with a Milter applica- The mail filter protocol version and optional protocol extensions for com munication with a Milter applica-
tion; prior to Postfix 2.6 the default protocol is 2. Postfix sends this version number during the initial tion; prior to Postfix 2.6 the default protocol is 2. Postfix sends this version number during the initial
protocol handshake. It should match the version number that is expected by the mail filter application protocol handshake. It should match the version number that is expect ed by the mail filter application
(or by its Milter library). (or by its Milter library).
Protocol versions: Protocol versions:
2 Use Sendmail 8 mail filter protocol version 2 (default with Sendma il version 8.11 .. 8.13 and Post- 2 Use Sendmail 8 mail filter protocol version 2 (default with Sendma il version 8.11 .. 8.13 and Post-
fix version 2.3 .. 2.5). fix version 2.3 .. 2.5).
3 Use Sendmail 8 mail filter protocol version 3. 3 Use Sendmail 8 mail filter protocol version 3.
4 Use Sendmail 8 mail filter protocol version 4. 4 Use Sendmail 8 mail filter protocol version 4.
6 Use Sendmail 8 mail filter protocol version 6 (default with Sendma il version 8.14 and Postfix ver- 6 Use Sendmail 8 mail filter protocol version 6 (default with Sendm ail version 8.14 and Postfix ver-
sion 2.6). sion 2.6).
Protocol extensions: Protocol extensions:
no_header_reply no_header_reply
Specify this when the Milter application will not reply for each i ndividual message header. Specify this when the Milter application will not reply for each i ndividual message header.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_rcpt_macros (default: see postconf -d output) milter_rcpt_macros (default: see postconf -d output)
The macros that are sent to Milter (mail filter) applications after t he SMTP RCPT TO command. See MIL- The macros that are sent to Milter (mail filter) applications after the S MTP RCPT TO command. See MIL-
TER_README for a list of available macro names and their meanings. TER_README for a list of available macro names and their meanings.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
milter_unknown_command_macros (default: see postconf -d output) milter_unknown_command_macros (default: see postconf -d output)
The macros that are sent to version 3 or higher Milter (mail filter) appl ications after an unknown SMTP The macros that are sent to version 3 or higher Milter (mail filter) a pplications after an unknown SMTP
command. See MILTER_README for a list of available macro names and their meanings. command. See MILTER_README for a list of available macro names and their meanings.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
mime_boundary_length_limit (default: 2048) mime_boundary_length_limit (default: 2048)
The maximal length of MIME multipart boundary strings. The MIME processor is unable to distinguish between The maximal length of MIME multipart boundary strings. The MIME processor is unable to distinguish between
boundary strings that do not differ in the first $mime_boundary_length_li mit characters. boundary strings that do not differ in the first $mime_boundary_length_li mit characters.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
mime_header_checks (default: $header_checks) mime_header_checks (default: $header_checks)
Optional lookup tables for content inspection of MIME related message headers, as described in the Optional lookup tables for content inspection of MIME related mes sage headers, as described in the
header_checks(5) manual page. header_checks(5) manual page.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
mime_nesting_limit (default: 100) mime_nesting_limit (default: 100)
The maximal recursion level that the MIME processor will handle. Po stfix refuses mail that is nested The maximal recursion level that the MIME processor will handle. Postfix refuses mail that is nested
deeper than the specified limit. deeper than the specified limit.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
minimal_backoff_time (default: 300s) minimal_backoff_time (default: 300s)
The minimal time between attempts to deliver a deferred message; prior to Postfix 2.4 the default value The minimal time between attempts to deliver a deferred message; prior to Postfix 2.4 the default value
was 1000s. was 1000s.
This parameter also limits the time an unreachable destination is kept i n the short-term, in-memory, des- This parameter also limits the time an unreachable destination is kept in the short-term, in-memory, des-
tination status cache. tination status cache.
This parameter should be set greater than or equal to $queue_run_delay. S ee also $maximal_backoff_time. This parameter should be set greater than or equal to $queue_run_delay. S ee also $maximal_backoff_time.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
multi_instance_directories (default: empty) multi_instance_directories (default: empty)
An optional list of non-default Postfix configuration directories; these An optional list of non-default Postfix configuration directories; these
directories belong to additional directories belong to additional
Postfix instances that share the Postfix executable files and documenta Postfix instances that share the Postfix executable files and docum
tion with the default Postfix entation with the default Postfix
instance, and that are started, stopped, etc., together with the default Postfix instance. Specify a list instance, and that are started, stopped, etc., together with the default Postfix instance. Specify a list
of pathnames separated by comma or whitespace. of pathnames separated by comma or whitespace.
When $multi_instance_directories is empty, the postfix(1) command runs in When $multi_instance_directories is empty, the postfix(1) command runs
single-instance mode and oper- in single-instance mode and oper-
ates on a single Postfix instance only. Otherwise, the postfix(1) comman ates on a single Postfix instance only. Otherwise, the postfix(1) command
d runs in multi-instance mode and runs in multi-instance mode and
invokes the multi-instance manager specified with the multi_instance_wrap per parameter. The multi-instance invokes the multi-instance manager specified with the multi_instance_wrap per parameter. The multi-instance
manager in turn executes postfix(1) commands for the default instance and for all Postfix instances in manager in turn executes postfix(1) commands for the default instance and for all Postfix instances in
$multi_instance_directories. $multi_instance_directories.
Currently, this parameter setting is ignored except for the default main. cf file. Currently, this parameter setting is ignored except for the default main. cf file.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
multi_instance_enable (default: no) multi_instance_enable (default: no)
Allow this Postfix instance to be started, stopped, etc., by a multi-inst ance manager. By default, new Allow this Postfix instance to be started, stopped, etc., by a multi-i nstance manager. By default, new
instances are created in a safe state that prevents them from being start ed inadvertently. This parameter instances are created in a safe state that prevents them from being start ed inadvertently. This parameter
is reserved for the multi-instance manager. is reserved for the multi-instance manager.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
multi_instance_group (default: empty) multi_instance_group (default: empty)
The optional instance group name of this Postfix instance. A group ide The optional instance group name of this Postfix instance. A group i
ntifies closely-related Postfix dentifies closely-related Postfix
instances that the multi-instance manager can start, stop, etc., as a instances that the multi-instance manager can start, stop, etc., as a uni
unit. This parameter is reserved t. This parameter is reserved
for the multi-instance manager. for the multi-instance manager.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
multi_instance_name (default: empty) multi_instance_name (default: empty)
The optional instance name of this Postfix instance. This name becomes al so the default value for the sys- The optional instance name of this Postfix instance. This name becomes al so the default value for the sys-
log_name parameter. log_name parameter.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
multi_instance_wrapper (default: empty) multi_instance_wrapper (default: empty)
The pathname of a multi-instance manager command that the postfi x(1) command invokes when the The pathname of a multi-instance manager command that the postfi x(1) command invokes when the
multi_instance_directories parameter value is non-empty. The pathname may be followed by initial command multi_instance_directories parameter value is non-empty. The pathname m ay be followed by initial command
arguments separated by whitespace; shell metacharacters such as quotes ar e not supported in this context. arguments separated by whitespace; shell metacharacters such as quotes ar e not supported in this context.
The postfix(1) command invokes the manager command with the postfix(1) no n-option command arguments on the The postfix(1) command invokes the manager command with the postfix(1) no n-option command arguments on the
manager command line, and with all installation configuration parameters exported into the manager command manager command line, and with all installation configuration parameters exported into the manager command
process environment. The manager command in turn invokes the postfix( 1) command for individual Postfix process environment. The manager command in turn invokes the postfix(1) command for individual Postfix
instances as "postfix -c config_directory command". instances as "postfix -c config_directory command".
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
multi_recipient_bounce_reject_code (default: 550) multi_recipient_bounce_reject_code (default: 550)
The numerical Postfix SMTP server response code when a remote SMTP clie nt request is blocked by the The numerical Postfix SMTP server response code when a remote SMTP client request is blocked by the
reject_multi_recipient_bounce restriction. reject_multi_recipient_bounce restriction.
Do not change this unless you have a complete understanding of RFC 5321. Do not change this unless you have a complete understanding of RFC 5321.
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
mydestination (default: $myhostname, localhost.$mydomain, localhost) mydestination (default: $myhostname, localhost.$mydomain, localhost)
The list of domains that are delivered via the $local_transport mail de The list of domains that are delivered via the $local_transport mail deli
livery transport. By default this very transport. By default this
is the Postfix local(8) delivery agent which looks up all recipients in / is the Postfix local(8) delivery agent which looks up all recipients in
etc/passwd and /etc/aliases. The /etc/passwd and /etc/aliases. The
SMTP server validates recipient addresses with $local_recipient_maps and SMTP server validates recipient addresses with $local_recipient_maps and
rejects non-existent recipients. rejects non-existent recipients.
See also the local domain class in the ADDRESS_CLASS_README file. See also the local domain class in the ADDRESS_CLASS_README file.
The default mydestination value specifies names for the local machine onl y. On a mail domain gateway, you The default mydestination value specifies names for the local machine onl y. On a mail domain gateway, you
should also include $mydomain. should also include $mydomain.
The $local_transport delivery method is also selected for mail addressed to user@[the.net.work.address] of The $local_transport delivery method is also selected for mail addressed to user@[the.net.work.address] of
the mail system (the IP addresses specified with the inet_interfaces and proxy_interfaces parameters). the mail system (the IP addresses specified with the inet_interfaces and proxy_interfaces parameters).
Warnings: Warnings:
· Do not specify the names of virtual domains - those domains are specified elsewhere. See VIR- · Do not specify the names of virtual domains - those domains are specified elsewhere. See VIR-
TUAL_README for more information. TUAL_README for more information.
· Do not specify the names of domains that this machine is backup M X host for. See STANDARD_CONFIGU- · Do not specify the names of domains that this machine is backup MX host for. See STANDARD_CONFIGU-
RATION_README for how to set up backup MX hosts. RATION_README for how to set up backup MX hosts.
· By default, the Postfix SMTP server rejects mail for recipients no · By default, the Postfix SMTP server rejects mail for recipients
t listed with the local_recipi- not listed with the local_recipi-
ent_maps parameter. See the postconf(5) manual for a descriptio ent_maps parameter. See the postconf(5) manual for a description
n of the local_recipient_maps and of the local_recipient_maps and
unknown_local_recipient_reject_code parameters. unknown_local_recipient_reject_code parameters.
Specify a list of host or domain names, "/file/name" or "type:table" patt Specify a list of host or domain names, "/file/name" or "type:table" pat
erns, separated by commas and/or terns, separated by commas and/or
whitespace. A "/file/name" pattern is replaced by its contents; a "ty whitespace. A "/file/name" pattern is replaced by its contents; a "type:t
pe:table" lookup table is matched able" lookup table is matched
when a name matches a lookup key (the lookup result is ignored). Continu e long lines by starting the next when a name matches a lookup key (the lookup result is ignored). Continu e long lines by starting the next
line with whitespace. line with whitespace.
Examples: Examples:
mydestination = $myhostname, localhost.$mydomain $mydomain mydestination = $myhostname, localhost.$mydomain $mydomain
mydestination = $myhostname, localhost.$mydomain www.$mydomain, ftp.$mydo main mydestination = $myhostname, localhost.$mydomain www.$mydomain, ftp.$mydo main
mydomain (default: see postconf -d output) mydomain (default: see postconf -d output)
The internet domain name of this mail system. The default is to use $ The internet domain name of this mail system. The default is to use $myh
myhostname minus the first compo- ostname minus the first compo-
nent, or "localdomain" (Postfix 2.3 and later). $mydomain is used as a d nent, or "localdomain" (Postfix 2.3 and later). $mydomain is used as a
efault value for many other con- default value for many other con-
figuration parameters. figuration parameters.
Example: Example:
mydomain = domain.tld mydomain = domain.tld
myhostname (default: see postconf -d output) myhostname (default: see postconf -d output)
The internet hostname of this mail system. The default is to use the f ully-qualified domain name (FQDN) The internet hostname of this mail system. The default is to use the full y-qualified domain name (FQDN)
from gethostname(), or to use the non-FQDN result from gethostname() and append ".$mydomain". $myhostname from gethostname(), or to use the non-FQDN result from gethostname() and append ".$mydomain". $myhostname
is used as a default value for many other configuration parameters. is used as a default value for many other configuration parameters.
Example: Example:
myhostname = host.example.com myhostname = host.example.com
mynetworks (default: see postconf -d output) mynetworks (default: see postconf -d output)
The list of "trusted" remote SMTP clients that have more privileges than "strangers". The list of "trusted" remote SMTP clients that have more privileges than "strangers".
In particular, "trusted" SMTP clients are allowed to relay m ail through Postfix. See the In particular, "trusted" SMTP clients are allowed to relay mail through Postfix. See the
smtpd_relay_restrictions parameter description in the postconf(5) manual. smtpd_relay_restrictions parameter description in the postconf(5) manual.
You can specify the list of "trusted" network addresses by hand or you ca n let Postfix do it for you You can specify the list of "trusted" network addresses by hand or you can let Postfix do it for you
(which is the default). See the description of the mynetworks_style para meter for more information. (which is the default). See the description of the mynetworks_style para meter for more information.
If you specify the mynetworks list by hand, Postfix ignores the mynetwork s_style setting. If you specify the mynetworks list by hand, Postfix ignores the mynetwork s_style setting.
Specify a list of network addresses or network/netmask patterns, separ ated by commas and/or whitespace. Specify a list of network addresses or network/netmask patterns, separate d by commas and/or whitespace.
Continue long lines by starting the next line with whitespace. Continue long lines by starting the next line with whitespace.
The netmask specifies the number of bits in the network part of a host a ddress. You can also specify The netmask specifies the number of bits in the network part of a ho st address. You can also specify
"/file/name" or "type:table" patterns. A "/file/name" pattern is replace d by its contents; a "type:table" "/file/name" or "type:table" patterns. A "/file/name" pattern is replace d by its contents; a "type:table"
lookup table is matched when a table entry matches a lookup string (the l ookup result is ignored). lookup table is matched when a table entry matches a lookup string (the l ookup result is ignored).
The list is matched left to right, and the search stops on the first matc h. Specify "!pattern" to exclude The list is matched left to right, and the search stops on the first matc h. Specify "!pattern" to exclude
an address or network block from the list. The form "!/file/name" is supp orted only in Postfix version 2.4 an address or network block from the list. The form "!/file/name" is supp orted only in Postfix version 2.4
and later. and later.
Note 1: Pattern matching of domain names is controlled by the or absence of "mynetworks" in the par- Note 1: Pattern matching of domain names is controlled by the or ab sence of "mynetworks" in the par-
ent_domain_matches_subdomains parameter value. ent_domain_matches_subdomains parameter value.
Note 2: IP version 6 address information must be specified inside [] in t he mynetworks value, and in files Note 2: IP version 6 address information must be specified inside [] in t he mynetworks value, and in files
specified with "/file/name". IP version 6 addresses contain the ":" char acter, and would otherwise be specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be
confused with a "type:table" pattern. confused with a "type:table" pattern.
Examples: Examples:
mynetworks = 127.0.0.0/8 168.100.189.0/28 mynetworks = 127.0.0.0/8 168.100.189.0/28
mynetworks = !192.168.0.1, 192.168.0.0/28 mynetworks = !192.168.0.1, 192.168.0.0/28
mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:587::]/64 mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:587::]/64
mynetworks = $config_directory/mynetworks mynetworks = $config_directory/mynetworks
mynetworks = hash:/etc/postfix/network_table mynetworks = hash:/etc/postfix/network_table
mynetworks_style (default: Postfix >= 3.0: host, Postfix < 3.0: subnet) mynetworks_style (default: Postfix >= 3.0: host, Postfix < 3.0: subnet)
The method to generate the default value for the mynetworks parameter. This is the list of trusted net- The method to generate the default value for the mynetworks parameter. T his is the list of trusted net-
works for relay access control etc. works for relay access control etc.
· Specify "mynetworks_style = host" when Postfix should "trust" only the local machine. · Specify "mynetworks_style = host" when Postfix should "trust" only the local machine.
· Specify "mynetworks_style = subnet" when Postfix should "trust" re · Specify "mynetworks_style = subnet" when Postfix should "trust" r
mote SMTP clients in the same IP emote SMTP clients in the same IP
subnetworks as the local machine. On Linux, this works correct subnetworks as the local machine. On Linux, this works correctly
ly only with interfaces specified only with interfaces specified
with the "ifconfig" command. with the "ifconfig" command.
· Specify "mynetworks_style = class" when Postfix should "trust" rem · Specify "mynetworks_style = class" when Postfix should "trust" r
ote SMTP clients in the same IP emote SMTP clients in the same IP
class A/B/C networks as the local machine. Caution: this may cau class A/B/C networks as the local machine. Caution: this may caus
se Postfix to "trust" your entire e Postfix to "trust" your entire
provider's network. Instead, specify an explicit mynetworks list provider's network. Instead, specify an explicit mynetworks li
by hand, as described with the st by hand, as described with the
mynetworks configuration parameter. mynetworks configuration parameter.
myorigin (default: $myhostname) myorigin (default: $myhostname)
The domain name that locally-posted mail appears to come from, and that The domain name that locally-posted mail appears to come from, and that l
locally posted mail is delivered ocally posted mail is delivered
to. The default, $myhostname, is adequate for small sites. If you run a to. The default, $myhostname, is adequate for small sites. If you run
domain with multiple machines, a domain with multiple machines,
you should (1) change this to $mydomain and (2) set up a domain-wide alia s database that aliases each user you should (1) change this to $mydomain and (2) set up a domain-wide alia s database that aliases each user
to user@that.users.mailhost. to user@that.users.mailhost.
Example: Example:
myorigin = $mydomain myorigin = $mydomain
nested_header_checks (default: $header_checks) nested_header_checks (default: $header_checks)
Optional lookup tables for content inspection of non-MIME message hea ders in attached messages, as Optional lookup tables for content inspection of non-MIME message headers in attached messages, as
described in the header_checks(5) manual page. described in the header_checks(5) manual page.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
newaliases_path (default: see postconf -d output) newaliases_path (default: see postconf -d output)
Sendmail compatibility feature that specifies the location of the newali ases(1) command. This command can Sendmail compatibility feature that specifies the location of the newalia ses(1) command. This command can
be used to rebuild the local(8) aliases(5) database. be used to rebuild the local(8) aliases(5) database.
non_fqdn_reject_code (default: 504) non_fqdn_reject_code (default: 504)
The numerical Postfix SMTP server reply code when a client r equest is rejected by the The numerical Postfix SMTP server reply code when a clien t request is rejected by the
reject_non_fqdn_helo_hostname, reject_non_fqdn_sender or reject_non_fqdn_ recipient restriction. reject_non_fqdn_helo_hostname, reject_non_fqdn_sender or reject_non_fqdn_ recipient restriction.
non_smtpd_milters (default: empty) non_smtpd_milters (default: empty)
A list of Milter (mail filter) applications for new mail that does no A list of Milter (mail filter) applications for new mail that does not ar
t arrive via the Postfix smtpd(8) rive via the Postfix smtpd(8)
server. This includes local submission via the sendmail(1) command line, server. This includes local submission via the sendmail(1) command li
new mail that arrives via the ne, new mail that arrives via the
Postfix qmqpd(8) server, and old mail that is re-injected into the qu Postfix qmqpd(8) server, and old mail that is re-injected into the queue
eue with "postsuper -r". Specify with "postsuper -r". Specify
space or comma as separator. See the MILTER_README document for details. space or comma as separator. See the MILTER_README document for details.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
notify_classes (default: resource, software) notify_classes (default: resource, software)
The list of error classes that are reported to the postmaster. The defaul The list of error classes that are reported to the postmaster. The d
t is to report only the most efault is to report only the most
serious problems. The paranoid may wish to turn on the policy (UCE and serious problems. The paranoid may wish to turn on the policy (UCE and ma
mail relaying) and protocol error il relaying) and protocol error
(broken mail software) reports. (broken mail software) reports.
NOTE: postmaster notifications may contain confidential information such as SASL passwords or message con- NOTE: postmaster notifications may contain confidential information such as SASL passwords or message con-
tent. It is the system administrator's responsibility to treat such info rmation with care. tent. It is the system administrator's responsibility to treat such info rmation with care.
The error classes are: The error classes are:
bounce (also implies 2bounce) bounce (also implies 2bounce)
Send the postmaster copies of the headers of bounced mail, and Send the postmaster copies of the headers of bounced mail, and sen
send transcripts of SMTP sessions d transcripts of SMTP sessions
when Postfix rejects mail. The notification is sent to th when Postfix rejects mail. The notification is sent to t
e address specified with the he address specified with the
bounce_notice_recipient configuration parameter (default: postmast er). bounce_notice_recipient configuration parameter (default: postmast er).
2bounce 2bounce
Send undeliverable bounced mail to the postmaster. The notificat ion is sent to the address speci- Send undeliverable bounced mail to the postmaster. The notificatio n is sent to the address speci-
fied with the 2bounce_notice_recipient configuration parameter (de fault: postmaster). fied with the 2bounce_notice_recipient configuration parameter (de fault: postmaster).
data Send the postmaster a transcript of the SMTP session with an error because a critical data file was data Send the postmaster a transcript of the SMTP session with an error because a critical data file was
unavailable. The notification is sent to the address specified wit h the error_notice_recipient con- unavailable. The notification is sent to the address specified wit h the error_notice_recipient con-
figuration parameter (default: postmaster). figuration parameter (default: postmaster).
This feature is available in Postfix 2.9 and later. This feature is available in Postfix 2.9 and later.
delay Send the postmaster copies of the headers of delayed mail (see del delay Send the postmaster copies of the headers of delayed mail (see d
ay_warning_time). The notifica- elay_warning_time). The notifica-
tion is sent to the address specified with the delay_notice_ tion is sent to the address specified with the delay_notice_re
recipient configuration parameter cipient configuration parameter
(default: postmaster). (default: postmaster).
policy Send the postmaster a transcript of the SMTP session when a client policy Send the postmaster a transcript of the SMTP session when a clien
request was rejected because of t request was rejected because of
(UCE) policy. The notification is sent to the address specifie (UCE) policy. The notification is sent to the address specified
d with the error_notice_recipient with the error_notice_recipient
configuration parameter (default: postmaster). configuration parameter (default: postmaster).
protocol protocol
Send the postmaster a transcript of the SMTP session in case of cl Send the postmaster a transcript of the SMTP session in case of
ient or server protocol errors. client or server protocol errors.
The notification is sent to the address specified with the err The notification is sent to the address specified with the erro
or_notice_recipient configuration r_notice_recipient configuration
parameter (default: postmaster). parameter (default: postmaster).
resource resource
Inform the postmaster of mail not delivered due to resource proble Inform the postmaster of mail not delivered due to resource probl
ms. The notification is sent to ems. The notification is sent to
the address specified with the error_notice_recipient configura the address specified with the error_notice_recipient configuratio
tion parameter (default: postmas- n parameter (default: postmas-
ter). ter).
software software
Inform the postmaster of mail not delivered due to software proble Inform the postmaster of mail not delivered due to software probl
ms. The notification is sent to ems. The notification is sent to
the address specified with the error_notice_recipient configura the address specified with the error_notice_recipient configuratio
tion parameter (default: postmas- n parameter (default: postmas-
ter). ter).
Examples: Examples:
notify_classes = bounce, delay, policy, protocol, resource, software notify_classes = bounce, delay, policy, protocol, resource, software
notify_classes = 2bounce, resource, software notify_classes = 2bounce, resource, software
nullmx_reject_code (default: 556) nullmx_reject_code (default: 556)
The numerical reply code when the Postfix SMTP server rejects a sender or The numerical reply code when the Postfix SMTP server rejects a sender
recipient address because its or recipient address because its
domain has a nullmx DNS record (an MX record with an empty hostname). Th domain has a nullmx DNS record (an MX record with an empty hostname). Thi
is is one of the possible replies s is one of the possible replies
from the restrictions reject_unknown_sender_domain and reject_unknown_rec ipient_domain. from the restrictions reject_unknown_sender_domain and reject_unknown_rec ipient_domain.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
openssl_path (default: openssl) openssl_path (default: openssl)
The location of the OpenSSL command line program openssl(1). This is use d by the "postfix tls" command to The location of the OpenSSL command line program openssl(1). This is use d by the "postfix tls" command to
create private keys, certificate signing requests, self-signed certif create private keys, certificate signing requests, self-signed certificat
icates, and to compute public key es, and to compute public key
digests for DANE TLSA records. In multi-instance environments, this para digests for DANE TLSA records. In multi-instance environments, this pa
meter is always determined from rameter is always determined from
the configuration of the default Postfix instance. the configuration of the default Postfix instance.
Example: Example:
/etc/postfix/main.cf: /etc/postfix/main.cf:
# NetBSD pkgsrc: # NetBSD pkgsrc:
openssl_path = /usr/pkg/bin/openssl openssl_path = /usr/pkg/bin/openssl
# Local build: # Local build:
openssl_path = /usr/local/bin/openssl openssl_path = /usr/local/bin/openssl
This feature is available in Postfix 3.1 and later. This feature is available in Postfix 3.1 and later.
owner_request_special (default: yes) owner_request_special (default: yes)
Enable special treatment for owner-listname entries in the aliases(5) fil e, and don't split owner-listname Enable special treatment for owner-listname entries in the aliases(5) fil e, and don't split owner-listname
and listname-request address localparts when the recipient_delimiter is s et to "-". This feature is use- and listname-request address localparts when the recipient_delimiter is set to "-". This feature is use-
ful for mailing lists. ful for mailing lists.
parent_domain_matches_subdomains (default: see postconf -d output) parent_domain_matches_subdomains (default: see postconf -d output)
A list of Postfix features where the pattern "example.com" also matches s ubdomains of example.com, instead A list of Postfix features where the pattern "example.com" also matches s ubdomains of example.com, instead
of requiring an explicit ".example.com" pattern. This is planned backwa of requiring an explicit ".example.com" pattern. This is planned back
rds compatibility: eventually, wards compatibility: eventually,
all Postfix features are expected to require explicit ".example.com" st all Postfix features are expected to require explicit ".example.com" styl
yle patterns when you really want e patterns when you really want
to match subdomains. to match subdomains.
The following Postfix feature names are supported. The following Postfix feature names are supported.
Postfix version 1.0 and later Postfix version 1.0 and later
debug_peer_list, fast_flush_domains, mynetworks, permit_mx_backup_ networks, relay_domains, trans- debug_peer_list, fast_flush_domains, mynetworks, permit_mx_backu p_networks, relay_domains, trans-
port_maps port_maps
Postfix version 1.1 and later Postfix version 1.1 and later
qmqpd_authorized_clients, smtpd_access_maps, qmqpd_authorized_clients, smtpd_access_maps,
Postfix version 2.8 and later Postfix version 2.8 and later
postscreen_access_list postscreen_access_list
Postfix version 3.0 and later Postfix version 3.0 and later
smtpd_client_event_limit_exceptions smtpd_client_event_limit_exceptions
permit_mx_backup_networks (default: empty) permit_mx_backup_networks (default: empty)
Restrict the use of the permit_mx_backup SMTP access feature to only dom Restrict the use of the permit_mx_backup SMTP access feature to only doma
ains whose primary MX hosts match ins whose primary MX hosts match
the listed networks. The parameter value syntax is the same as with the the listed networks. The parameter value syntax is the same as with the
mynetworks parameter; note, how- mynetworks parameter; note, how-
ever, that the default value is empty. ever, that the default value is empty.
Pattern matching of domain names is controlled by the presence or absen ce of "permit_mx_backup_networks" Pattern matching of domain names is controlled by the presence or absence of "permit_mx_backup_networks"
in the parent_domain_matches_subdomains parameter value. in the parent_domain_matches_subdomains parameter value.
pickup_service_name (default: pickup) pickup_service_name (default: pickup)
The name of the pickup(8) service. This service picks up local mail submi ssions from the Postfix maildrop The name of the pickup(8) service. This service picks up local mail subm issions from the Postfix maildrop
queue. queue.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
pipe_delivery_status_filter (default: $default_delivery_status_filter) pipe_delivery_status_filter (default: $default_delivery_status_filter)
Optional filter for the pipe(8) delivery agent to change the delivery s tatus code or explanatory text of Optional filter for the pipe(8) delivery agent to change the delivery sta tus code or explanatory text of
successful or unsuccessful deliveries. See default_delivery_status_filte r for details. successful or unsuccessful deliveries. See default_delivery_status_filte r for details.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
plaintext_reject_code (default: 450) plaintext_reject_code (default: 450)
The numerical Postfix SMTP server response code when a request is rejecte d by the reject_plaintext_session The numerical Postfix SMTP server response code when a request is rejecte d by the reject_plaintext_session
restriction. restriction.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
postlog_service_name (default: postlog) postlog_service_name (default: postlog)
The name of the postlogd(8) service entry in master.cf. This service ap pends logfile records to the file The name of the postlogd(8) service entry in master.cf. This service app ends logfile records to the file
specified with the maillog_file parameter. specified with the maillog_file parameter.
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
postlogd_watchdog_timeout (default: 10s) postlogd_watchdog_timeout (default: 10s)
How much time a postlogd(8) process may take to process a request before it is terminated by a built-in How much time a postlogd(8) process may take to process a request befo re it is terminated by a built-in
watchdog timer. This is a safety mechanism that prevents postlogd(8) from becoming non-responsive due to a watchdog timer. This is a safety mechanism that prevents postlogd(8) from becoming non-responsive due to a
bug in Postfix itself or in system software. This limit cannot be set und er 10s. bug in Postfix itself or in system software. This limit cannot be set und er 10s.
Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the
time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
postmulti_control_commands (default: reload flush) postmulti_control_commands (default: reload flush)
The postfix(1) commands that the postmulti(1) instance manager treats as "control" commands, that operate The postfix(1) commands that the postmulti(1) instance manager treats as "control" commands, that operate
on running instances. For these commands, disabled instances are skipped. on running instances. For these commands, disabled instances are skipped.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
postmulti_start_commands (default: start) postmulti_start_commands (default: start)
The postfix(1) commands that the postmulti(1) instance manager treats as "start" commands. For these com- The postfix(1) commands that the postmulti(1) instance manager treats as "start" commands. For these com-
mands, disabled instances are "checked" rather than "started", and failur e to "start" a member instance of mands, disabled instances are "checked" rather than "started", and failur e to "start" a member instance of
an instance group will abort the start-up of later instances. an instance group will abort the start-up of later instances.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
postmulti_stop_commands (default: see postconf -d output) postmulti_stop_commands (default: see postconf -d output)
The postfix(1) commands that the postmulti(1) instance manager treats as "stop" commands. For these com- The postfix(1) commands that the postmulti(1) instance manager treats a s "stop" commands. For these com-
mands, disabled instances are skipped, and enabled instances are processe d in reverse order. mands, disabled instances are skipped, and enabled instances are processe d in reverse order.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
postscreen_access_list (default: permit_mynetworks) postscreen_access_list (default: permit_mynetworks)
Permanent white/blacklist for remote SMTP client IP addresses. postscr Permanent white/blacklist for remote SMTP client IP addresses. postscree
een(8) searches this list immedi- n(8) searches this list immedi-
ately after a remote SMTP client connects. Specify a comma- or whitespac ately after a remote SMTP client connects. Specify a comma- or whitespa
e-separated list of commands (in ce-separated list of commands (in
upper or lower case) or lookup tables. The search stops upon the first upper or lower case) or lookup tables. The search stops upon the first co
command that fires for the client mmand that fires for the client
IP address. IP address.
permit_mynetworks permit_mynetworks
Whitelist the client and terminate the search if the client IP add ress matches $mynetworks. Do not Whitelist the client and terminate the search if the client IP add ress matches $mynetworks. Do not
subject the client to any before/after 220 greeting tests. Pas s the connection immediately to a subject the client to any before/after 220 greeting tests. Pass t he connection immediately to a
Postfix SMTP server process. Postfix SMTP server process.
Pattern matching of domain names is controlled by t he presence or absence of Pattern matching of domain names is controlled by the presence or absence of
"postscreen_access_list" in the parent_domain_matches_subdomains p arameter value. "postscreen_access_list" in the parent_domain_matches_subdomains p arameter value.
type:table type:table
Query the specified lookup table. Each table lookup result is a n access list, except that access Query the specified lookup table. Each table lookup result is an a ccess list, except that access
lists inside a table cannot specify type:table entries. lists inside a table cannot specify type:table entries.
To discourage the use of hash, btree, etc. tables, there is no sup port for substring matching like To discourage the use of hash, btree, etc. tables, there is no su pport for substring matching like
smtpd(8). Use CIDR tables instead. smtpd(8). Use CIDR tables instead.
permit permit
Whitelist the client and terminate the search. Do not subject t he client to any before/after 220 Whitelist the client and terminate the search. Do not subject the client to any before/after 220
greeting tests. Pass the connection immediately to a Postfix SMTP server process. greeting tests. Pass the connection immediately to a Postfix SMTP server process.
reject reject
Blacklist the client and terminate the search. Subject the client to the action configured with the Blacklist the client and terminate the search. Subject the client to the action configured with the
postscreen_blacklist_action configuration parameter. postscreen_blacklist_action configuration parameter.
dunno All postscreen(8) access lists implicitly have this command at the end. dunno All postscreen(8) access lists implicitly have this command at the end.
When dunno is executed inside a lookup table, return from the l ookup table and evaluate the next When dunno is executed inside a lookup table, return from the loo kup table and evaluate the next
command. command.
When dunno is executed outside a lookup table, terminate the sea rch, and subject the client to When dunno is executed outside a lookup table, terminate the search, and subject the client to
the configured before/after 220 greeting tests. the configured before/after 220 greeting tests.
Example: Example:
/etc/postfix/main.cf: /etc/postfix/main.cf:
postscreen_access_list = permit_mynetworks, postscreen_access_list = permit_mynetworks,
cidr:/etc/postfix/postscreen_access.cidr cidr:/etc/postfix/postscreen_access.cidr
postscreen_blacklist_action = enforce postscreen_blacklist_action = enforce
/etc/postfix/postscreen_access.cidr: /etc/postfix/postscreen_access.cidr:
# Rules are evaluated in the order as specified. # Rules are evaluated in the order as specified.
# Blacklist 192.168.* except 192.168.0.1. # Blacklist 192.168.* except 192.168.0.1.
192.168.0.1 dunno 192.168.0.1 dunno
192.168.0.0/16 reject 192.168.0.0/16 reject
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_bare_newline_action (default: ignore) postscreen_bare_newline_action (default: ignore)
The action that postscreen(8) takes when a remote SMTP client sends a b are newline character, that is, a The action that postscreen(8) takes when a remote SMTP client sends a bar e newline character, that is, a
newline not preceded by carriage return. Specify one of the following: newline not preceded by carriage return. Specify one of the following:
ignore Ignore the failure of this test. Allow other tests to complete. D ignore Ignore the failure of this test. Allow other tests to complete
o not repeat this test before . Do not repeat this test before
some the result from some other test expires. This option is some the result from some other test expires. This option is usef
useful for testing and collecting ul for testing and collecting
statistics without blocking mail permanently. statistics without blocking mail permanently.
enforce enforce
Allow other tests to complete. Reject attempts to deliver mail wit h a 550 SMTP reply, and log the Allow other tests to complete. Reject attempts to deliver mail w ith a 550 SMTP reply, and log the
helo/sender/recipient information. Repeat this test the next time the client connects. helo/sender/recipient information. Repeat this test the next time the client connects.
drop Drop the connection immediately with a 521 SMTP reply. Repeat t his test the next time the client drop Drop the connection immediately with a 521 SMTP reply. Repeat this test the next time the client
connects. connects.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_bare_newline_enable (default: no) postscreen_bare_newline_enable (default: no)
Enable "bare newline" SMTP protocol tests in the postscreen(8) server. Th ese tests are expensive: a remote Enable "bare newline" SMTP protocol tests in the postscreen(8) server. Th ese tests are expensive: a remote
SMTP client must disconnect after it passes the test, before it can talk to a real Postfix SMTP server. SMTP client must disconnect after it passes the test, before it can talk to a real Postfix SMTP server.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_bare_newline_ttl (default: 30d) postscreen_bare_newline_ttl (default: 30d)
The amount of time that postscreen(8) will use the result from a succes The amount of time that postscreen(8) will use the result from a successf
sful "bare newline" SMTP protocol ul "bare newline" SMTP protocol
test. During this time, the client IP address is excluded from this test. test. During this time, the client IP address is excluded from this te
The default is long because a st. The default is long because a
remote SMTP client must disconnect after it passes the test, before i remote SMTP client must disconnect after it passes the test, before it ca
t can talk to a real Postfix SMTP n talk to a real Postfix SMTP
server. server.
Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the
time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_blacklist_action (default: ignore) postscreen_blacklist_action (default: ignore)
The action that postscreen(8) takes when a remote SMTP client is permanently blacklisted with the The action that postscreen(8) takes when a remote SMTP client is pe rmanently blacklisted with the
postscreen_access_list parameter. Specify one of the following: postscreen_access_list parameter. Specify one of the following:
ignore (default) ignore (default)
Ignore this result. Allow other tests to complete. Repeat this t est the next time the client con- Ignore this result. Allow other tests to complete. Repeat this t est the next time the client con-
nects. This option is useful for testing and collecting statistic s without blocking mail. nects. This option is useful for testing and collecting statistic s without blocking mail.
enforce enforce
Allow other tests to complete. Reject attempts to deliver mail w ith a 550 SMTP reply, and log the Allow other tests to complete. Reject attempts to deliver mail wit h a 550 SMTP reply, and log the
helo/sender/recipient information. Repeat this test the next time the client connects. helo/sender/recipient information. Repeat this test the next time the client connects.
drop Drop the connection immediately with a 521 SMTP reply. Repeat this test the next time the client drop Drop the connection immediately with a 521 SMTP reply. Repeat t his test the next time the client
connects. connects.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_cache_cleanup_interval (default: 12h) postscreen_cache_cleanup_interval (default: 12h)
The amount of time between postscreen(8) cache cleanup runs. Cache The amount of time between postscreen(8) cache cleanup runs. Cache clean
cleanup increases the load on the up increases the load on the
cache database and should therefore not be run frequently. This feature r cache database and should therefore not be run frequently. This feature
equires that the cache database requires that the cache database
supports the "delete" and "sequence" operators. Specify a zero interval to disable cache cleanup. supports the "delete" and "sequence" operators. Specify a zero interval to disable cache cleanup.
After each cache cleanup run, the postscreen(8) daemon logs the number After each cache cleanup run, the postscreen(8) daemon logs the number of
of entries that were retained and entries that were retained and
dropped. A cleanup run is logged as "partial" when the daemon terminates dropped. A cleanup run is logged as "partial" when the daemon termina
early after "postfix reload", tes early after "postfix reload",
"postfix stop", or no requests for $max_idle seconds. "postfix stop", or no requests for $max_idle seconds.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_cache_map (default: btree:$data_directory/postscreen_cache) postscreen_cache_map (default: btree:$data_directory/postscreen_cache)
Persistent storage for the postscreen(8) server decisions. Persistent storage for the postscreen(8) server decisions.
To share a postscreen(8) cache between multiple postscreen(8) insta To share a postscreen(8) cache between multiple postscreen(8) instance
nces, use "postscreen_cache_map = s, use "postscreen_cache_map =
proxy:btree:/path/to/file". This requires Postfix version 2.9 or later; proxy:btree:/path/to/file". This requires Postfix version 2.9 or later
earlier proxymap(8) implementa- ; earlier proxymap(8) implementa-
tions don't support cache cleanup. For an alternative approach see the me mcache_table(5) manpage. tions don't support cache cleanup. For an alternative approach see the me mcache_table(5) manpage.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_cache_retention_time (default: 7d) postscreen_cache_retention_time (default: 7d)
The amount of time that postscreen(8) will cache an expired tempo The amount of time that postscreen(8) will cache an expired temporary
rary whitelist entry before it is whitelist entry before it is
removed. This prevents clients from being logged as "NEW" just because th removed. This prevents clients from being logged as "NEW" just because
eir cache entry expired an hour their cache entry expired an hour
ago. It also prevents the cache from filling up with clients that passed ago. It also prevents the cache from filling up with clients that passed
some deep protocol test once and some deep protocol test once and
never came back. never came back.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_client_connection_count_limit (default: $smtpd_client_connection_coun t_limit) postscreen_client_connection_count_limit (default: $smtpd_client_connection_coun t_limit)
How many simultaneous connections any remote SMTP client is allowed to ha ve with the postscreen(8) daemon. How many simultaneous connections any remote SMTP client is allowed to ha ve with the postscreen(8) daemon.
By default, this limit is the same as with the Postfix SMTP server. Note By default, this limit is the same as with the Postfix SMTP server. Note
that the triage process can take that the triage process can take
several seconds, with the time spent in postscreen_greet_wait delay, and several seconds, with the time spent in postscreen_greet_wait delay, a
with the time spent talking to nd with the time spent talking to
the postscreen(8) built-in dummy SMTP protocol engine. the postscreen(8) built-in dummy SMTP protocol engine.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_command_count_limit (default: 20) postscreen_command_count_limit (default: 20)
The limit on the total number of commands per SMTP session for posts The limit on the total number of commands per SMTP session for postscre
creen(8)'s built-in SMTP protocol en(8)'s built-in SMTP protocol
engine. This SMTP engine defers or rejects all attempts to deliver mail, engine. This SMTP engine defers or rejects all attempts to deliver ma
therefore there is no need to il, therefore there is no need to
enforce separate limits on the number of junk commands and error commands . enforce separate limits on the number of junk commands and error commands .
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_command_filter (default: $smtpd_command_filter) postscreen_command_filter (default: $smtpd_command_filter)
A mechanism to transform commands from remote SMTP clients. See smtpd_co mmand_filter for further details. A mechanism to transform commands from remote SMTP clients. See smtpd_co mmand_filter for further details.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
postscreen_command_time_limit (default: normal: 300s, overload: 10s) postscreen_command_time_limit (default: normal: 300s, overload: 10s)
The time limit to read an entire command line with postscreen(8)'s built- in SMTP protocol engine. The time limit to read an entire command line with postscreen(8)'s built- in SMTP protocol engine.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_disable_vrfy_command (default: $disable_vrfy_command) postscreen_disable_vrfy_command (default: $disable_vrfy_command)
Disable the SMTP VRFY command in the postscreen(8) daemon. See disable_v rfy_command for details. Disable the SMTP VRFY command in the postscreen(8) daemon. See disable_v rfy_command for details.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_discard_ehlo_keyword_address_maps (default: $smtpd_discard_ehlo_keywo rd_address_maps) postscreen_discard_ehlo_keyword_address_maps (default: $smtpd_discard_ehlo_keywo rd_address_maps)
Lookup tables, indexed by the remote SMTP client address, with case i Lookup tables, indexed by the remote SMTP client address, with case insen
nsensitive lists of EHLO keywords sitive lists of EHLO keywords
(pipelining, starttls, auth, etc.) that the postscreen(8) server will not (pipelining, starttls, auth, etc.) that the postscreen(8) server will n
send in the EHLO response to a ot send in the EHLO response to a
remote SMTP client. See smtpd_discard_ehlo_keywords for details. The remote SMTP client. See smtpd_discard_ehlo_keywords for details. The tab
table is not searched by hostname le is not searched by hostname
for robustness reasons. for robustness reasons.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
postscreen_discard_ehlo_keywords (default: $smtpd_discard_ehlo_keywords) postscreen_discard_ehlo_keywords (default: $smtpd_discard_ehlo_keywords)
A case insensitive list of EHLO keywords (pipelining, starttls, auth, etc .) that the postscreen(8) server A case insensitive list of EHLO keywords (pipelining, starttls, auth, et c.) that the postscreen(8) server
will not send in the EHLO response to a remote SMTP client. See smtpd_dis card_ehlo_keywords for details. will not send in the EHLO response to a remote SMTP client. See smtpd_dis card_ehlo_keywords for details.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
postscreen_dnsbl_action (default: ignore) postscreen_dnsbl_action (default: ignore)
The action that postscreen(8) takes when a remote SMTP client's co mbined DNSBL score is equal to or The action that postscreen(8) takes when a remote SMTP client's combined DNSBL score is equal to or
greater than a threshold (as defined with the postscreen_dnsbl_sites and postscreen_dnsbl_threshold param- greater than a threshold (as defined with the postscreen_dnsbl_sites and postscreen_dnsbl_threshold param-
eters). Specify one of the following: eters). Specify one of the following:
ignore (default) ignore (default)
Ignore the failure of this test. Allow other tests to complete. R epeat this test the next time the Ignore the failure of this test. Allow other tests to complete. R epeat this test the next time the
client connects. This option is useful for testing and collecti ng statistics without blocking client connects. This option is useful for testing and colle cting statistics without blocking
mail. mail.
enforce enforce
Allow other tests to complete. Reject attempts to deliver mail w ith a 550 SMTP reply, and log the Allow other tests to complete. Reject attempts to deliver mail wit h a 550 SMTP reply, and log the
helo/sender/recipient information. Repeat this test the next time the client connects. helo/sender/recipient information. Repeat this test the next time the client connects.
drop Drop the connection immediately with a 521 SMTP reply. Repeat this test the next time the client drop Drop the connection immediately with a 521 SMTP reply. Repeat t his test the next time the client
connects. connects.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_dnsbl_max_ttl (default: ${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl }:{1}}h) postscreen_dnsbl_max_ttl (default: ${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl }:{1}}h)
The maximum amount of time that postscreen(8) will use the result from The maximum amount of time that postscreen(8) will use the result from a
a successful DNS-based reputation successful DNS-based reputation
test before a client IP address is required to pass that test again. If t test before a client IP address is required to pass that test again. If
he DNS reply specifies a shorter the DNS reply specifies a shorter
TTL value, that value will be used unless it would be smaller than postsc reen_dnsbl_min_ttl. TTL value, that value will be used unless it would be smaller than postsc reen_dnsbl_min_ttl.
Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the
time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 3.1. The default setting is backward s-compatible with older Postfix This feature is available in Postfix 3.1. The default setting is backwa rds-compatible with older Postfix
versions. versions.
postscreen_dnsbl_min_ttl (default: 60s) postscreen_dnsbl_min_ttl (default: 60s)
The minimum amount of time that postscreen(8) will use the result from The minimum amount of time that postscreen(8) will use the result from a
a successful DNS-based reputation successful DNS-based reputation
test before a client IP address is required to pass that test again. If t test before a client IP address is required to pass that test again. If
he DNS reply specifies a larger the DNS reply specifies a larger
TTL value, that value will be used unless it would be larger than postscr een_dnsbl_max_ttl. TTL value, that value will be used unless it would be larger than postscr een_dnsbl_max_ttl.
Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the
time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 3.1. This feature is available in Postfix 3.1.
postscreen_dnsbl_reply_map (default: empty) postscreen_dnsbl_reply_map (default: empty)
A mapping from actual DNSBL domain name which includes a secret password, A mapping from actual DNSBL domain name which includes a secret passwo
to the DNSBL domain name that rd, to the DNSBL domain name that
postscreen will reply with when it rejects mail. When no mapping is fo postscreen will reply with when it rejects mail. When no mapping is foun
und, the actual DNSBL domain will d, the actual DNSBL domain will
be used. be used.
For maximal stability it is best to use a file that is read into memory s uch as pcre:, regexp: or tex- For maximal stability it is best to use a file that is read into memo ry such as pcre:, regexp: or tex-
thash: (texthash: is similar to hash:, except a) there is no need to run postmap(1) before the file can be thash: (texthash: is similar to hash:, except a) there is no need to run postmap(1) before the file can be
used, and b) texthash: does not detect changes after the file is read). used, and b) texthash: does not detect changes after the file is read).
Example: Example:
/etc/postfix/main.cf: /etc/postfix/main.cf:
postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply
/etc/postfix/dnsbl_reply: /etc/postfix/dnsbl_reply:
secret.zen.spamhaus.org zen.spamhaus.org secret.zen.spamhaus.org zen.spamhaus.org
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_dnsbl_sites (default: empty) postscreen_dnsbl_sites (default: empty)
Optional list of DNS white/blacklist domains, filters and weight factors. When the list is non-empty, the Optional list of DNS white/blacklist domains, filters and weight factors . When the list is non-empty, the
dnsblog(8) daemon will query these domains with the IP addresses of remot e SMTP clients, and postscreen(8) dnsblog(8) daemon will query these domains with the IP addresses of remot e SMTP clients, and postscreen(8)
will update an SMTP client's DNSBL score with each non-error reply. will update an SMTP client's DNSBL score with each non-error reply.
Caution: when postscreen rejects mail, it replies with the D NSBL domain name. Use the Caution: when postscreen rejects mail, it replies with th e DNSBL domain name. Use the
postscreen_dnsbl_reply_map feature to hide "password" information in DNSB L domain names. postscreen_dnsbl_reply_map feature to hide "password" information in DNSB L domain names.
When a client's score is equal to or greater than the threshold specified with postscreen_dnsbl_threshold, When a client's score is equal to or greater than the threshold specified with postscreen_dnsbl_threshold,
postscreen(8) can drop the connection with the remote SMTP client. postscreen(8) can drop the connection with the remote SMTP client.
Specify a list of domain=filter*weight entries, separated by comma or whi tespace. Specify a list of domain=filter*weight entries, separated by comma or whi tespace.
· When no "=filter" is specified, postscreen(8) will use any non- error DNSBL reply. Otherwise, · When no "=filter" is specified, postscreen(8) will use any n on-error DNSBL reply. Otherwise,
postscreen(8) uses only DNSBL replies that match the filter. The f ilter has the form d.d.d.d, where postscreen(8) uses only DNSBL replies that match the filter. The f ilter has the form d.d.d.d, where
each d is a number, or a pattern inside [] that contains one or mo re ";"-separated numbers or num- each d is a number, or a pattern inside [] that contains one or m ore ";"-separated numbers or num-
ber..number ranges. ber..number ranges.
· When no "*weight" is specified, postscreen(8) increments the remot e SMTP client's DNSBL score by 1. · When no "*weight" is specified, postscreen(8) increments the remot e SMTP client's DNSBL score by 1.
Otherwise, the weight must be an integral number, and postscreen(8 ) adds the specified weight to Otherwise, the weight must be an integral number, and postscree n(8) adds the specified weight to
the remote SMTP client's DNSBL score. Specify a negative number f or whitelisting. the remote SMTP client's DNSBL score. Specify a negative number f or whitelisting.
· When one postscreen_dnsbl_sites entry produces multiple DNSBL res ponses, postscreen(8) applies the · When one postscreen_dnsbl_sites entry produces multiple DNSBL resp onses, postscreen(8) applies the
weight at most once. weight at most once.
Examples: Examples:
To use example.com as a high-confidence blocklist, and to block mail with example.net and example.org only To use example.com as a high-confidence blocklist, and to block mail with example.net and example.org only
when both agree: when both agree:
postscreen_dnsbl_threshold = 2 postscreen_dnsbl_threshold = 2
postscreen_dnsbl_sites = example.com*2, example.net, example.org postscreen_dnsbl_sites = example.com*2, example.net, example.org
To filter only DNSBL replies containing 127.0.0.4: To filter only DNSBL replies containing 127.0.0.4:
postscreen_dnsbl_sites = example.com=127.0.0.4 postscreen_dnsbl_sites = example.com=127.0.0.4
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_dnsbl_threshold (default: 1) postscreen_dnsbl_threshold (default: 1)
The inclusive lower bound for blocking a remote SMTP client, based on it s combined DNSBL score as defined The inclusive lower bound for blocking a remote SMTP client, based on its combined DNSBL score as defined
with the postscreen_dnsbl_sites parameter. with the postscreen_dnsbl_sites parameter.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_dnsbl_timeout (default: 10s) postscreen_dnsbl_timeout (default: 10s)
The time limit for DNSBL or DNSWL lookups. This is separate from the time outs in the dnsblog(8) daemon The time limit for DNSBL or DNSWL lookups. This is separate from the timeouts in the dnsblog(8) daemon
which are defined by system resolver(3) routines. which are defined by system resolver(3) routines.
This feature is available in Postfix 3.0. This feature is available in Postfix 3.0.
postscreen_dnsbl_ttl (default: 1h) postscreen_dnsbl_ttl (default: 1h)
The amount of time that postscreen(8) will use the result from a suc cessful DNS-based reputation test The amount of time that postscreen(8) will use the result from a succes sful DNS-based reputation test
before a client IP address is required to pass that test again. before a client IP address is required to pass that test again.
Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the
time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 2.8-3.0. It was replaced by postscre en_dnsbl_max_ttl in Postfix 3.1. This feature is available in Postfix 2.8-3.0. It was replaced by postscre en_dnsbl_max_ttl in Postfix 3.1.
postscreen_dnsbl_whitelist_threshold (default: 0) postscreen_dnsbl_whitelist_threshold (default: 0)
Allow a remote SMTP client to skip "before" and "after 220 greeting" prot ocol tests, based on its combined Allow a remote SMTP client to skip "before" and "after 220 greeting" prot ocol tests, based on its combined
DNSBL score as defined with the postscreen_dnsbl_sites parameter. DNSBL score as defined with the postscreen_dnsbl_sites parameter.
Specify a negative value to enable this feature. Whe Specify a negative value to enable this feature.
n a client passes the When a client passes the
postscreen_dnsbl_whitelist_threshold without having failed other tests, postscreen_dnsbl_whitelist_threshold without having failed other tests, a
all pending or disabled tests are ll pending or disabled tests are
flagged as completed with a time-to-live value equal to postscreen_dnsbl_ flagged as completed with a time-to-live value equal to postscreen_dn
ttl. When a test was already sbl_ttl. When a test was already
completed, its time-to-live value is updated if it was less than postscre en_dnsbl_ttl. completed, its time-to-live value is updated if it was less than postscre en_dnsbl_ttl.
This feature is available in Postfix 2.11. This feature is available in Postfix 2.11.
postscreen_enforce_tls (default: $smtpd_enforce_tls) postscreen_enforce_tls (default: $smtpd_enforce_tls)
Mandatory TLS: announce STARTTLS support to remote SMTP clients, and req uire that clients use TLS encryp- Mandatory TLS: announce STARTTLS support to remote SMTP clients, and requ ire that clients use TLS encryp-
tion. See smtpd_postscreen_enforce_tls for details. tion. See smtpd_postscreen_enforce_tls for details.
This feature is available in Postfix 2.8 and later. Preferably, u se postscreen_tls_security_level This feature is available in Postfix 2.8 and later. Preferably, use postscreen_tls_security_level
instead. instead.
postscreen_expansion_filter (default: see postconf -d output) postscreen_expansion_filter (default: see postconf -d output)
List of characters that are permitted in postscreen_reject_footer attrib ute expansions. See smtpd_expan- List of characters that are permitted in postscreen_reject_footer attribu te expansions. See smtpd_expan-
sion_filter for further details. sion_filter for further details.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
postscreen_forbidden_commands (default: $smtpd_forbidden_commands) postscreen_forbidden_commands (default: $smtpd_forbidden_commands)
List of commands that the postscreen(8) server considers in violation of the SMTP protocol. See smtpd_for- List of commands that the postscreen(8) server considers in violation of the SMTP protocol. See smtpd_for-
bidden_commands for syntax, and postscreen_non_smtp_command_action for po ssible actions. bidden_commands for syntax, and postscreen_non_smtp_command_action for po ssible actions.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_greet_action (default: ignore) postscreen_greet_action (default: ignore)
The action that postscreen(8) takes when a remote SMTP client speaks befo re its turn within the time spec- The action that postscreen(8) takes when a remote SMTP client speaks befo re its turn within the time spec-
ified with the postscreen_greet_wait parameter. Specify one of the follo wing: ified with the postscreen_greet_wait parameter. Specify one of the follo wing:
ignore (default) ignore (default)
Ignore the failure of this test. Allow other tests to complete. R epeat this test the next time the Ignore the failure of this test. Allow other tests to complete. R epeat this test the next time the
client connects. This option is useful for testing and colle cting statistics without blocking client connects. This option is useful for testing and collecti ng statistics without blocking
mail. mail.
enforce enforce
Allow other tests to complete. Reject attempts to deliver mail wit h a 550 SMTP reply, and log the Allow other tests to complete. Reject attempts to deliver mail w ith a 550 SMTP reply, and log the
helo/sender/recipient information. Repeat this test the next time the client connects. helo/sender/recipient information. Repeat this test the next time the client connects.
drop Drop the connection immediately with a 521 SMTP reply. Repeat t his test the next time the client drop Drop the connection immediately with a 521 SMTP reply. Repeat this test the next time the client
connects. connects.
In either case, postscreen(8) will not whitelist the remote SMTP client I P address. In either case, postscreen(8) will not whitelist the remote SMTP client I P address.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_greet_banner (default: $smtpd_banner) postscreen_greet_banner (default: $smtpd_banner)
The text in the optional "220-text..." server response that postscreen(8) The text in the optional "220-text..." server response that postscreen(8
sends ahead of the real Postfix ) sends ahead of the real Postfix
SMTP server's "220 text..." response, in an attempt to confuse bad SMTP SMTP server's "220 text..." response, in an attempt to confuse bad SMTP c
clients so that they speak before lients so that they speak before
their turn (pre-greet). Specify an empty value to disable this feature. their turn (pre-greet). Specify an empty value to disable this feature.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_greet_ttl (default: 1d) postscreen_greet_ttl (default: 1d)
The amount of time that postscreen(8) will use the result from a successf The amount of time that postscreen(8) will use the result from a succ
ul PREGREET test. During this essful PREGREET test. During this
time, the client IP address is excluded from this test. The default is time, the client IP address is excluded from this test. The default is re
relatively short, because a good latively short, because a good
client can immediately talk to a real Postfix SMTP server. client can immediately talk to a real Postfix SMTP server.
Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the
time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_greet_wait (default: normal: 6s, overload: 2s) postscreen_greet_wait (default: normal: 6s, overload: 2s)
The amount of time that postscreen(8) will wait for an SMTP client to se The amount of time that postscreen(8) will wait for an SMTP client to sen
nd a command before its turn, and d a command before its turn, and
for DNS blocklist lookup results to arrive (default: up to 2 seconds unde for DNS blocklist lookup results to arrive (default: up to 2 seconds und
r stress, up to 6 seconds other- er stress, up to 6 seconds other-
wise). wise).
Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the
time unit). time unit).
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_helo_required (default: $smtpd_helo_required) postscreen_helo_required (default: $smtpd_helo_required)
Require that a remote SMTP client sends HELO or EHLO before commencing a MAIL transaction. Require that a remote SMTP client sends HELO or EHLO before commencing a MAIL transaction.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_non_smtp_command_action (default: drop) postscreen_non_smtp_command_action (default: drop)
The action that postscreen(8) takes when a remote SMTP client sends non-S MTP commands as specified with The action that postscreen(8) takes when a remote SMTP client sends no n-SMTP commands as specified with
the postscreen_forbidden_commands parameter. Specify one of the followin g: the postscreen_forbidden_commands parameter. Specify one of the followin g:
ignore Ignore the failure of this test. Allow other tests to complete ignore Ignore the failure of this test. Allow other tests to complete. D
. Do not repeat this test before o not repeat this test before
some the result from some other test expires. This option is usef some the result from some other test expires. This option is
ul for testing and collecting useful for testing and collecting
statistics without blocking mail permanently. statistics without blocking mail permanently.
enforce enforce
Allow other tests to complete. Reject attempts to deliver mail w ith a 550 SMTP reply, and log the Allow other tests to complete. Reject attempts to deliver mail wit h a 550 SMTP reply, and log the
helo/sender/recipient information. Repeat this test the next time the client connects. helo/sender/recipient information. Repeat this test the next time the client connects.
drop Drop the connection immediately with a 521 SMTP reply. Repeat this drop Drop the connection immediately with a 521 SMTP reply. Repeat t
test the next time the client his test the next time the client
connects. This action is the same as with the Postfix SMTP serve connects. This action is the same as with the Postfix SMTP server'
r's smtpd_forbidden_commands fea- s smtpd_forbidden_commands fea-
ture. ture.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_non_smtp_command_enable (default: no) postscreen_non_smtp_command_enable (default: no)
Enable "non-SMTP command" tests in the postscreen(8) server. These tests are expensive: a client must dis- Enable "non-SMTP command" tests in the postscreen(8) server. These tests are expensive: a client must dis-
connect after it passes the test, before it can talk to a real Postfix SM TP server. connect after it passes the test, before it can talk to a real Postfix SM TP server.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_non_smtp_command_ttl (default: 30d) postscreen_non_smtp_command_ttl (default: 30d)
The amount of time that postscreen(8) will use the result from a successf ul "non_smtp_command" SMTP proto- The amount of time that postscreen(8) will use the result from a successf ul "non_smtp_command" SMTP proto-
col test. During this time, the client IP address is excluded from this t est. The default is long because col test. During this time, the client IP address is excluded from this test. The default is long because
a client must disconnect after it passes the test, before it can talk to a real Postfix SMTP server. a client must disconnect after it passes the test, before it can talk to a real Postfix SMTP server.
Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the
time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_pipelining_action (default: enforce) postscreen_pipelining_action (default: enforce)
The action that postscreen(8) takes when a remote SMTP client sends multi ple commands instead of sending The action that postscreen(8) takes when a remote SMTP client sends mul tiple commands instead of sending
one command and waiting for the server to respond. Specify one of the fo llowing: one command and waiting for the server to respond. Specify one of the fo llowing:
ignore Ignore the failure of this test. Allow other tests to complete ignore Ignore the failure of this test. Allow other tests to complete. D
. Do not repeat this test before o not repeat this test before
some the result from some other test expires. This option is usef some the result from some other test expires. This option is
ul for testing and collecting useful for testing and collecting
statistics without blocking mail permanently. statistics without blocking mail permanently.
enforce enforce
Allow other tests to complete. Reject attempts to deliver mail w ith a 550 SMTP reply, and log the Allow other tests to complete. Reject attempts to deliver mail wit h a 550 SMTP reply, and log the
helo/sender/recipient information. Repeat this test the next time the client connects. helo/sender/recipient information. Repeat this test the next time the client connects.
drop Drop the connection immediately with a 521 SMTP reply. Repeat this test the next time the client drop Drop the connection immediately with a 521 SMTP reply. Repeat t his test the next time the client
connects. connects.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_pipelining_enable (default: no) postscreen_pipelining_enable (default: no)
Enable "pipelining" SMTP protocol tests in the postscreen(8) server. These tests are expensive: a good Enable "pipelining" SMTP protocol tests in the postscreen(8) server. Thes e tests are expensive: a good
client must disconnect after it passes the test, before it can talk to a real Postfix SMTP server. client must disconnect after it passes the test, before it can talk to a real Postfix SMTP server.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_pipelining_ttl (default: 30d) postscreen_pipelining_ttl (default: 30d)
The amount of time that postscreen(8) will use the result from a success The amount of time that postscreen(8) will use the result from a succ
ful "pipelining" SMTP protocol essful "pipelining" SMTP protocol
test. During this time, the client IP address is excluded from this te test. During this time, the client IP address is excluded from this test.
st. The default is long because a The default is long because a
good client must disconnect after it passes the test, before it can talk to a real Postfix SMTP server. good client must disconnect after it passes the test, before it can talk to a real Postfix SMTP server.
Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the
time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_post_queue_limit (default: $default_process_limit) postscreen_post_queue_limit (default: $default_process_limit)
The number of clients that can be waiting for service from a real Postf ix SMTP server process. When this The number of clients that can be waiting for service from a real Postfix SMTP server process. When this
queue is full, all clients will receive a 421 response. queue is full, all clients will receive a 421 response.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_pre_queue_limit (default: $default_process_limit) postscreen_pre_queue_limit (default: $default_process_limit)
The number of non-whitelisted clients that can be waiting for a decision whether they will receive service The number of non-whitelisted clients that can be waiting for a decision whether they will receive service
from a real Postfix SMTP server process. When this queue is full, all non -whitelisted clients will receive from a real Postfix SMTP server process. When this queue is full, all non -whitelisted clients will receive
a 421 response. a 421 response.
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_reject_footer (default: $smtpd_reject_footer) postscreen_reject_footer (default: $smtpd_reject_footer)
Optional information that is appended after a 4XX or 5XX postsc reen(8) server response. See Optional information that is appended after a 4XX or 5XX post screen(8) server response. See
smtpd_reject_footer for further details. smtpd_reject_footer for further details.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
postscreen_reject_footer_maps (default: $smtpd_reject_footer_maps) postscreen_reject_footer_maps (default: $smtpd_reject_footer_maps)
Optional lookup table for information that is appended after a 4XX or 5 XX postscreen(8) server response. Optional lookup table for information that is appended after a 4XX or 5XX postscreen(8) server response.
See smtpd_reject_footer_maps for further details. See smtpd_reject_footer_maps for further details.
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
postscreen_tls_security_level (default: $smtpd_tls_security_level) postscreen_tls_security_level (default: $smtpd_tls_security_level)
The SMTP TLS security level for the postscreen(8) server; when a non-empt The SMTP TLS security level for the postscreen(8) server; when a non-emp
y value is specified, this over- ty value is specified, this over-
rides the obsolete parameters postscreen_use_tls and postscreen_enforce_ rides the obsolete parameters postscreen_use_tls and postscreen_enforce_t
tls. See smtpd_tls_security_level ls. See smtpd_tls_security_level
for details. for details.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
postscreen_upstream_proxy_protocol (default: empty) postscreen_upstream_proxy_protocol (default: empty)
The name of the proxy protocol used by an optional before-postscreen prox The name of the proxy protocol used by an optional before-postscreen p
y agent. When a proxy agent is roxy agent. When a proxy agent is
used, this protocol conveys local and remote address an used, this protocol conveys local and remote address and
d port information. Specify port information. Specify
"postscreen_upstream_proxy_protocol = haproxy" to enable the haproxy prot ocol; version 2 is supported with "postscreen_upstream_proxy_protocol = haproxy" to enable the haproxy prot ocol; version 2 is supported with
Postfix 3.5 and later. Postfix 3.5 and later.
This feature is available in Postfix 2.10 and later. This feature is available in Postfix 2.10 and later.
postscreen_upstream_proxy_timeout (default: 5s) postscreen_upstream_proxy_timeout (default: 5s)
The time limit for the proxy protocol specified with the postscreen_upstr eam_proxy_protocol parameter. The time limit for the proxy protocol specified with the postscreen_upstr eam_proxy_protocol parameter.
This feature is available in Postfix 2.10 and later. This feature is available in Postfix 2.10 and later.
postscreen_use_tls (default: $smtpd_use_tls) postscreen_use_tls (default: $smtpd_use_tls)
Opportunistic TLS: announce STARTTLS support to remote SMTP clients, bu t do not require that clients use Opportunistic TLS: announce STARTTLS support to remote SMTP clients, but do not require that clients use
TLS encryption. TLS encryption.
This feature is available in Postfix 2.8 and later. Preferably, u se postscreen_tls_security_level This feature is available in Postfix 2.8 and later. Preferably, use postscreen_tls_security_level
instead. instead.
postscreen_watchdog_timeout (default: 10s) postscreen_watchdog_timeout (default: 10s)
How much time a postscreen(8) process may take to respond to a remote SM How much time a postscreen(8) process may take to respond to a remote SMT
TP client command or to perform a P client command or to perform a
cache operation before it is terminated by a built-in watchdog timer. Th cache operation before it is terminated by a built-in watchdog timer.
is is a safety mechanism that This is a safety mechanism that
prevents postscreen(8) from becoming non-responsive due to a bug in Post prevents postscreen(8) from becoming non-responsive due to a bug in Postf
fix itself or in system software. ix itself or in system software.
To avoid false alarms and unnecessary cache corruption this limit cannot be set under 10s. To avoid false alarms and unnecessary cache corruption this limit cannot be set under 10s.
Specify a non-zero time value (an integral value plus an optional one-let ter suffix that specifies the Specify a non-zero time value (an integral value plus an optional one -letter suffix that specifies the
time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). time unit). Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
This feature is available in Postfix 2.8. This feature is available in Postfix 2.8.
postscreen_whitelist_interfaces (default: static:all) postscreen_whitelist_interfaces (default: static:all)
A list of local postscreen(8) server IP addresses where a non-whitelis A list of local postscreen(8) server IP addresses where a non-whitelisted
ted remote SMTP client can obtain remote SMTP client can obtain
postscreen(8)'s temporary whitelist status. This status is required befor postscreen(8)'s temporary whitelist status. This status is required befo
e the client can talk to a Post- re the client can talk to a Post-
fix SMTP server process. By default, a client can obtain postscreen(8 fix SMTP server process. By default, a client can obtain postscreen(8)'s
)'s whitelist status on any local whitelist status on any local
postscreen(8) server IP address. postscreen(8) server IP address.
When postscreen(8) listens on both primary and backup MX addresses, the When postscreen(8) listens on both primary and backup MX addresses, th
postscreen_whitelist_interfaces e postscreen_whitelist_interfaces
parameter can be configured to give the temporary whitelist status only parameter can be configured to give the temporary whitelist status only w
when a client connects to a pri- hen a client connects to a pri-
mary MX address. Once a client is whitelisted it can talk to a Postfix SM mary MX address. Once a client is whitelisted it can talk to a Postfix
TP server on any address. Thus, SMTP server on any address. Thus,
clients that connect only to backup MX addresses will never become white clients that connect only to backup MX addresses will never become whitel
listed, and will never be allowed isted, and will never be allowed
to talk to a Postfix SMTP server process. to talk to a Postfix SMTP server process.
Specify a list of network addresses or network/netmask patterns, separate Specify a list of network addresses or network/netmask patterns, separ
d by commas and/or whitespace. ated by commas and/or whitespace.
The netmask specifies the number of bits in the network part of a hos The netmask specifies the number of bits in the network part of a host ad
t address. Continue long lines by dress. Continue long lines by
starting the next line with whitespace. starting the next line with whitespace.
You can also specify "/file/name" or "type:table" patterns. A "/file/nam You can also specify "/file/name" or "type:table" patterns. A "/file
e" pattern is replaced by its /name" pattern is replaced by its
contents; a "type:table" lookup table is matched when a table entry ma contents; a "type:table" lookup table is matched when a table entry match
tches a lookup string (the lookup es a lookup string (the lookup
result is ignored). result is ignored).
The list is matched left to right, and the search stops on the first matc h. Specify "!pattern" to exclude The list is matched left to right, and the search stops on the first mat ch. Specify "!pattern" to exclude
an address or network block from the list. an address or network block from the list.
Note: IP version 6 address information must be specified inside [] in th Note: IP version 6 address information must be specified inside [] in the
e postscreen_whitelist_interfaces postscreen_whitelist_interfaces
value, and in files specified with "/file/name". IP version 6 addresses value, and in files specified with "/file/name". IP version 6 address
contain the ":" character, and es contain the ":" character, and
would otherwise be confused with a "type:table" pattern. would otherwise be confused with a "type:table" pattern.
Example: Example:
/etc/postfix/main.cf: /etc/postfix/main.cf:
# Don't whitelist connections to the backup IP address. # Don't whitelist connections to the backup IP address.
postscreen_whitelist_interfaces = !168.100.189.8, static:all postscreen_whitelist_interfaces = !168.100.189.8, static:all
This feature is available in Postfix 2.9 and later. This feature is available in Postfix 2.9 and later.
prepend_delivered_header (default: command, file, forward) prepend_delivered_header (default: command, file, forward)
The message delivery contexts where the Postfix local(8) delivery agent The message delivery contexts where the Postfix local(8) delivery agent p
prepends a Delivered-To: message repends a Delivered-To: message
header with the address that the mail was delivered to. This information header with the address that the mail was delivered to. This informati
is used for mail delivery loop on is used for mail delivery loop
detection. detection.
By default, the Postfix local delivery agent prepends a Delivered-To: hea der when forwarding mail and when By default, the Postfix local delivery agent prepends a Delivered-To: hea der when forwarding mail and when
delivering to file (mailbox) and command. Turning off the Delivered-To: h eader when forwarding mail is not delivering to file (mailbox) and command. Turning off the Delivered-To: h eader when forwarding mail is not
recommended. recommended.
Specify zero or more of forward, file, or command. Specify zero or more of forward, file, or command.
Example: Example:
skipping to change at line 4466 skipping to change at line 4502
process_id_directory (default: pid) process_id_directory (default: pid)
The location of Postfix PID files relative to $queue_directory. This is a read-only parameter. The location of Postfix PID files relative to $queue_directory. This is a read-only parameter.
process_name (read-only) process_name (read-only)
The process name of a Postfix command or daemon process. The process name of a Postfix command or daemon process.
propagate_unmatched_extensions (default: canonical, virtual) propagate_unmatched_extensions (default: canonical, virtual)
What address lookup tables copy an address extension from the lookup key to the lookup result. What address lookup tables copy an address extension from the lookup key to the lookup result.
For example, with a virtual(5) mapping of "joe@example.com => jo e.user@example.net", the address For example, with a virtual(5) mapping of "joe@example.com => joe .user@example.net", the address
"joe+foo@example.com" would rewrite to "joe.user+foo@example.net". "joe+foo@example.com" would rewrite to "joe.user+foo@example.net".
Specify zero or more of canonical, virtual, alias, forward, include or ge neric. These cause address exten- Specify zero or more of canonical, virtual, alias, forward, include or ge neric. These cause address exten-
sion propagation with canonical(5), virtual(5), and aliases(5) maps, wit h local(8) .forward and :include: sion propagation with canonical(5), virtual(5), and aliases(5) maps, with local(8) .forward and :include:
file lookups, and with smtp(8) generic maps, respectively. file lookups, and with smtp(8) generic maps, respectively.
Note: enabling this feature for types other than canonical and virtual is likely to cause problems when Note: enabling this feature for types other than canonical and virtual is likely to cause problems when
mail is forwarded to other sites, especially with mail that is sent to a mailing list exploder address. mail is forwarded to other sites, especially with mail that is sent to a mailing list exploder address.
Examples: Examples:
propagate_unmatched_extensions = canonical, virtual, alias, propagate_unmatched_extensions = canonical, virtual, alias,
forward, include forward, include
propagate_unmatched_extensions = canonical, virtual propagate_unmatched_extensions = canonical, virtual
proxy_interfaces (default: empty) proxy_interfaces (default: empty)
The network interface addresses that this mail system receives mai l on by way of a proxy or network The network interface addresses that this mail system receives mail on b y way of a proxy or network
address translation unit. address translation unit.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
You must specify your "outside" proxy/NAT addresses when your system is a backup MX host for other You must specify your "outside" proxy/NAT addresses when your sys tem is a backup MX host for other
domains, otherwise mail delivery loops will happen when the primary MX ho st is down. domains, otherwise mail delivery loops will happen when the primary MX ho st is down.
Example: Example:
proxy_interfaces = 1.2.3.4 proxy_interfaces = 1.2.3.4
proxy_read_maps (default: see postconf -d output) proxy_read_maps (default: see postconf -d output)
The lookup tables that the proxymap(8) server is allowed to access for th e read-only service. The lookup tables that the proxymap(8) server is allowed to access for th e read-only service.
Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Table references that Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Table references that
don't begin with proxy: are ignored. don't begin with proxy: are ignored.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
proxy_write_maps (default: see postconf -d output) proxy_write_maps (default: see postconf -d output)
The lookup tables that the proxymap(8) server is allowed to access for The lookup tables that the proxymap(8) server is allowed to access
the read-write service. Post- for the read-write service. Post-
fix-owned local database files should be stored under the Postfix-owned fix-owned local database files should be stored under the Postfix-owned d
data_directory. Table references ata_directory. Table references
that don't begin with proxy: are ignored. that don't begin with proxy: are ignored.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
proxymap_service_name (default: proxymap) proxymap_service_name (default: proxymap)
The name of the proxymap read-only table lookup service. This service i s normally implemented by the The name of the proxymap read-only table lookup service. This servi ce is normally implemented by the
proxymap(8) daemon. proxymap(8) daemon.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
proxywrite_service_name (default: proxywrite) proxywrite_service_name (default: proxywrite)
The name of the proxywrite read-write table lookup service. This servi ce is normally implemented by the The name of the proxywrite read-write table lookup service. This service is normally implemented by the
proxymap(8) daemon. proxymap(8) daemon.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
qmgr_clog_warn_time (default: 300s) qmgr_clog_warn_time (default: 300s)
The minimal delay between warnings that a specific destination is cloggin g up the Postfix active queue. The minimal delay between warnings that a specific destination is clog ging up the Postfix active queue.
Specify 0 to disable. Specify 0 to disable.
This feature is enabled with the helpful_warnings parameter. This feature is enabled with the helpful_warnings parameter.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
qmgr_daemon_timeout (default: 1000s) qmgr_daemon_timeout (default: 1000s)
How much time a Postfix queue manager process may take to handle a req uest before it is terminated by a How much time a Postfix queue manager process may take to handle a reques t before it is terminated by a
built-in watchdog timer. built-in watchdog timer.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
qmgr_fudge_factor (default: 100) qmgr_fudge_factor (default: 100)
Obsolete feature: the percentage of delivery resources that a busy mail s ystem will use up for delivery of Obsolete feature: the percentage of delivery resources that a busy mail s ystem will use up for delivery of
a large mailing list message. a large mailing list message.
This feature exists only in the oqmgr(8) old queue manager. The current q ueue manager solves the problem This feature exists only in the oqmgr(8) old queue manager. The current queue manager solves the problem
in a better way. in a better way.
qmgr_ipc_timeout (default: 60s) qmgr_ipc_timeout (default: 60s)
The time limit for the queue manager to send or receive information ove The time limit for the queue manager to send or receive information over
r an internal communication chan- an internal communication chan-
nel. The purpose is to break out of deadlock situations. If the time l nel. The purpose is to break out of deadlock situations. If the ti
imit is exceeded the software me limit is exceeded the software
either retries or aborts the operation. either retries or aborts the operation.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
qmgr_message_active_limit (default: 20000) qmgr_message_active_limit (default: 20000)
The maximal number of messages in the active queue. The maximal number of messages in the active queue.
qmgr_message_recipient_limit (default: 20000) qmgr_message_recipient_limit (default: 20000)
The maximal number of recipients held in memory by the Postfix queue mana ger, and the maximal size of the The maximal number of recipients held in memory by the Postfix queue man ager, and the maximal size of the
short-term, in-memory "dead" destination status cache. short-term, in-memory "dead" destination status cache.
qmgr_message_recipient_minimum (default: 10) qmgr_message_recipient_minimum (default: 10)
The minimal number of in-memory recipients for any message. This takes priority over any other in-memory The minimal number of in-memory recipients for any message. This takes pr iority over any other in-memory
recipient limits (i.e., the global qmgr_message_recipient_limit and the p er transport _recipient_limit) if recipient limits (i.e., the global qmgr_message_recipient_limit and the p er transport _recipient_limit) if
necessary. The minimum value allowed for this parameter is 1. necessary. The minimum value allowed for this parameter is 1.
qmqpd_authorized_clients (default: empty) qmqpd_authorized_clients (default: empty)
What remote QMQP clients are allowed to connect to the Postfix QMQP serve r port. What remote QMQP clients are allowed to connect to the Postfix QMQP serve r port.
By default, no client is allowed to use the service. This is because t he QMQP server will relay mail to By default, no client is allowed to use the service. This is because the QMQP server will relay mail to
any destination. any destination.
Specify a list of client patterns. A list pattern specifies a host name , a domain name, an internet Specify a list of client patterns. A list pattern specifies a host name, a domain name, an internet
address, or a network/mask pattern, where the mask specifies the number o f bits in the network part. When address, or a network/mask pattern, where the mask specifies the number o f bits in the network part. When
a pattern specifies a file name, its contents are substituted for the fil e name; when a pattern is a a pattern specifies a file name, its contents are substituted for t he file name; when a pattern is a
"type:table" table specification, table lookup is used instead. "type:table" table specification, table lookup is used instead.
Patterns are separated by whitespace and/or commas. In order to reverse t he result, precede a pattern with Patterns are separated by whitespace and/or commas. In order to reverse t he result, precede a pattern with
an exclamation point (!). The form "!/file/name" is supported only in Pos tfix version 2.4 and later. an exclamation point (!). The form "!/file/name" is supported only in Pos tfix version 2.4 and later.
Pattern matching of domain names is controlled by the presence or absence of "qmqpd_authorized_clients" in Pattern matching of domain names is controlled by the presence or absence of "qmqpd_authorized_clients" in
the parent_domain_matches_subdomains parameter value. the parent_domain_matches_subdomains parameter value.
Example: Example:
skipping to change at line 4599 skipping to change at line 4635
qmqpd_client_port_logging (default: no) qmqpd_client_port_logging (default: no)
Enable logging of the remote QMQP client port in addition to the hostname and IP address. The logging for- Enable logging of the remote QMQP client port in addition to the hostname and IP address. The logging for-
mat is "host[address]:port". mat is "host[address]:port".
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
qmqpd_error_delay (default: 1s) qmqpd_error_delay (default: 1s)
How long the Postfix QMQP server will pause before sending a negative rep ly to the remote QMQP client. The How long the Postfix QMQP server will pause before sending a negative rep ly to the remote QMQP client. The
purpose is to slow down confused or malicious clients. purpose is to slow down confused or malicious clients.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
qmqpd_timeout (default: 300s) qmqpd_timeout (default: 300s)
The time limit for sending or receiving information over the network. If a read or write operation blocks The time limit for sending or receiving information over the network. If a read or write operation blocks
for more than $qmqpd_timeout seconds the Postfix QMQP server gives up and disconnects. for more than $qmqpd_timeout seconds the Postfix QMQP server gives up and disconnects.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
queue_directory (default: see postconf -d output) queue_directory (default: see postconf -d output)
The location of the Postfix top-level queue directory. This is the root d irectory of Postfix daemon pro- The location of the Postfix top-level queue directory. This is the root directory of Postfix daemon pro-
cesses that run chrooted. cesses that run chrooted.
queue_file_attribute_count_limit (default: 100) queue_file_attribute_count_limit (default: 100)
The maximal number of (name=value) attributes that may be stored in a Postfix queue file. The limit is The maximal number of (name=value) attributes that may be stored in a Pos tfix queue file. The limit is
enforced by the cleanup(8) server. enforced by the cleanup(8) server.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
queue_minfree (default: 0) queue_minfree (default: 0)
The minimal amount of free space in bytes in the queue file system that i s needed to receive mail. This The minimal amount of free space in bytes in the queue file system that is needed to receive mail. This
is currently used by the Postfix SMTP server to decide if it will accept any mail at all. is currently used by the Postfix SMTP server to decide if it will accept any mail at all.
By default, the Postfix SMTP server rejects MAIL FROM commands when the By default, the Postfix SMTP server rejects MAIL FROM commands when the a
amount of free space is less than mount of free space is less than
1.5*$message_size_limit (Postfix version 2.1 and later). To specify a hi 1.5*$message_size_limit (Postfix version 2.1 and later). To specify a
gher minimum free space limit, higher minimum free space limit,
specify a queue_minfree value that is at least 1.5*$message_size_limit. specify a queue_minfree value that is at least 1.5*$message_size_limit.
With Postfix versions 2.0 and earlier, a queue_minfree value of zero m eans there is no minimum required With Postfix versions 2.0 and earlier, a queue_minfree value of zero mean s there is no minimum required
amount of free space. amount of free space.
queue_run_delay (default: 300s) queue_run_delay (default: 300s)
The time between deferred queue scans by the queue manager; prior to Post fix 2.4 the default value was The time between deferred queue scans by the queue manager; prior to Postfix 2.4 the default value was
1000s. 1000s.
This parameter should be set less than or equal to $minimal_backoff_time. See also $maximal_backoff_time. This parameter should be set less than or equal to $minimal_backoff_time. See also $maximal_backoff_time.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
queue_service_name (default: qmgr) queue_service_name (default: qmgr)
The name of the qmgr(8) service. This service manages the Postfix queue a nd schedules delivery requests. The name of the qmgr(8) service. This service manages the Postfix queue a nd schedules delivery requests.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
rbl_reply_maps (default: empty) rbl_reply_maps (default: empty)
Optional lookup tables with RBL response templates. The tables are indexe Optional lookup tables with RBL response templates. The tables are i
d by the RBL domain name. By ndexed by the RBL domain name. By
default, Postfix uses the default template as specified with the defaul default, Postfix uses the default template as specified with the default_
t_rbl_reply configuration parame- rbl_reply configuration parame-
ter. See there for a discussion of the syntax of RBL reply templates. ter. See there for a discussion of the syntax of RBL reply templates.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
readme_directory (default: see postconf -d output) readme_directory (default: see postconf -d output)
The location of Postfix README files that describe how to build, configur e or operate a specific Postfix The location of Postfix README files that describe how to build, config ure or operate a specific Postfix
subsystem or feature. subsystem or feature.
receive_override_options (default: empty) receive_override_options (default: empty)
Enable or disable recipient validation, built-in content filtering, or address mapping. Typically, these Enable or disable recipient validation, built-in content filtering, or ad dress mapping. Typically, these
are specified in master.cf as command-line arguments for the smtpd(8), qm qpd(8) or pickup(8) daemons. are specified in master.cf as command-line arguments for the smtpd(8), qm qpd(8) or pickup(8) daemons.
Specify zero or more of the following options. The options override ma in.cf settings and are either Specify zero or more of the following options. The options overrid e main.cf settings and are either
implemented by smtpd(8), qmqpd(8), or pickup(8) themselves, or they are f orwarded to the cleanup server. implemented by smtpd(8), qmqpd(8), or pickup(8) themselves, or they are f orwarded to the cleanup server.
no_unknown_recipient_checks no_unknown_recipient_checks
Do not try to reject unknown recipients (SMTP server only). Thi s is typically specified AFTER an Do not try to reject unknown recipients (SMTP server only). This is typically specified AFTER an
external content filter. external content filter.
no_address_mappings no_address_mappings
Disable canonical address mapping, virtual alias map expansion, ad dress masquerading, and automatic Disable canonical address mapping, virtual alias map expansion, ad dress masquerading, and automatic
BCC (blind carbon-copy) recipients. This is typically specified BE FORE an external content filter. BCC (blind carbon-copy) recipients. This is typically specified BE FORE an external content filter.
no_header_body_checks no_header_body_checks
Disable header/body_checks. This is typically specified AFTER an e xternal content filter. Disable header/body_checks. This is typically specified AFTER an e xternal content filter.
no_milters no_milters
Disable Milter (mail filter) applications. This is typically sp ecified AFTER an external content Disable Milter (mail filter) applications. This is typically speci fied AFTER an external content
filter. filter.
Note: when the "BEFORE content filter" receive_override_options setting i s specified in the main.cf file, Note: when the "BEFORE content filter" receive_override_options setting is specified in the main.cf file,
specify the "AFTER content filter" receive_override_options setting in ma ster.cf (and vice versa). specify the "AFTER content filter" receive_override_options setting in ma ster.cf (and vice versa).
Examples: Examples:
receive_override_options = receive_override_options =
no_unknown_recipient_checks, no_header_body_checks no_unknown_recipient_checks, no_header_body_checks
receive_override_options = no_address_mappings receive_override_options = no_address_mappings
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
recipient_bcc_maps (default: empty) recipient_bcc_maps (default: empty)
Optional BCC (blind carbon-copy) address lookup tables, indexed by re cipient address. The BCC address Optional BCC (blind carbon-copy) address lookup tables, indexed by recipi ent address. The BCC address
(multiple results are not supported) is added when mail enters from outsi de of Postfix. (multiple results are not supported) is added when mail enters from outsi de of Postfix.
Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
The table search order is as follows: The table search order is as follows:
· Look up the "user+extension@domain.tld" address including the opti onal address extension. · Look up the "user+extension@domain.tld" address including the opti onal address extension.
· Look up the "user@domain.tld" address without the optional address extension. · Look up the "user@domain.tld" address without the optional address extension.
· Look up the "user+extension" address local part when the recipient domain equals $myorigin, $mydes- · Look up the "user+extension" address local part when the recipient domain equals $myorigin, $mydes-
tination, $inet_interfaces or $proxy_interfaces. tination, $inet_interfaces or $proxy_interfaces.
· Look up the "user" address local part when the recipient domain eq uals $myorigin, $mydestination, · Look up the "user" address local part when the recipient domain equals $myorigin, $mydestination,
$inet_interfaces or $proxy_interfaces. $inet_interfaces or $proxy_interfaces.
· Look up the "@domain.tld" part. · Look up the "@domain.tld" part.
Note: with Postfix 2.3 and later the BCC address is added as if it wa Note: with Postfix 2.3 and later the BCC address is added as if it was s
s specified with NOTIFY=NONE. The pecified with NOTIFY=NONE. The
sender will not be notified when the BCC address is undeliverable, as lon sender will not be notified when the BCC address is undeliverable, as
g as all down-stream software long as all down-stream software
implements RFC 3461. implements RFC 3461.
Note: with Postfix 2.2 and earlier the sender will unconditionally be notified when the BCC address is Note: with Postfix 2.2 and earlier the sender will unconditionally be not ified when the BCC address is
undeliverable. undeliverable.
Note: automatic BCC recipients are produced only for new mail. To avoi Note: automatic BCC recipients are produced only for new mail. To
d mailer loops, automatic BCC avoid mailer loops, automatic BCC
recipients are not generated after Postfix forwards mail internally recipients are not generated after Postfix forwards mail internally, or
, or after Postfix generates mail after Postfix generates mail
itself. itself.
Example: Example:
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
After a change, run "postmap /etc/postfix/recipient_bcc". After a change, run "postmap /etc/postfix/recipient_bcc".
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
recipient_canonical_classes (default: envelope_recipient, header_recipient) recipient_canonical_classes (default: envelope_recipient, header_recipient)
What addresses are subject to recipient_canonical_maps address mapping. By default, recipient_canoni- What addresses are subject to recipient_canonical_maps address mappin g. By default, recipient_canoni-
cal_maps address mapping is applied to envelope recipient addresses, and to header recipient addresses. cal_maps address mapping is applied to envelope recipient addresses, and to header recipient addresses.
Specify one or more of: envelope_recipient, header_recipient Specify one or more of: envelope_recipient, header_recipient
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
recipient_canonical_maps (default: empty) recipient_canonical_maps (default: empty)
Optional address mapping lookup tables for envelope and header recipient addresses. The table format and Optional address mapping lookup tables for envelope and header recipient addresses. The table format and
lookups are documented in canonical(5). lookups are documented in canonical(5).
Note: $recipient_canonical_maps is processed before $canonical_maps. Note: $recipient_canonical_maps is processed before $canonical_maps.
Example: Example:
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
recipient_delimiter (default: empty) recipient_delimiter (default: empty)
The set of characters that can separate a user name from its extension (e The set of characters that can separate a user name from its extension (
xample: user+foo), or a .forward example: user+foo), or a .forward
file name from its extension (example: .forward+foo). Basically, the file name from its extension (example: .forward+foo). Basically, the sof
software tries user+foo and .for- tware tries user+foo and .for-
ward+foo before trying user and .forward. This implementation recognizes ward+foo before trying user and .forward. This implementation recognize
one delimiter character and one s one delimiter character and one
extension per email address or .forward file name. extension per email address or .forward file name.
When the recipient_delimiter set contains multiple characters (Postfi When the recipient_delimiter set contains multiple characters (Postfix 2.
x 2.11 and later), a user name or 11 and later), a user name or
.forward file name is separated from its extension by the first chara .forward file name is separated from its extension by the first c
cter that matches the recipi- haracter that matches the recipi-
ent_delimiter set. ent_delimiter set.
See canonical(5), local(8), relocated(5) and virtual(5) for the effects See canonical(5), local(8), relocated(5) and virtual(5) for the effects o
of recipient_delimiter on lookups f recipient_delimiter on lookups
in aliases, canonical, virtual, and relocated maps, and see the propagat in aliases, canonical, virtual, and relocated maps, and see the propaga
e_unmatched_extensions parameter te_unmatched_extensions parameter
for propagating an extension from one email address to another. for propagating an extension from one email address to another.
When used in command_execution_directory, forward_path, or luser_relay, $ {recipient_delimiter} is replaced When used in command_execution_directory, forward_path, or luser_relay, $ {recipient_delimiter} is replaced
with the actual recipient delimiter that was found in the recipient em ail address (Postfix 2.11 and with the actual recipient delimiter that was found in the recipien t email address (Postfix 2.11 and
later), or it is replaced with the main.cf recipient_delimiter parameter value (Postfix 2.10 and earlier). later), or it is replaced with the main.cf recipient_delimiter parameter value (Postfix 2.10 and earlier).
The recipient_delimiter is not applied to the mailer-daemon address, th The recipient_delimiter is not applied to the mailer-daemon address, the
e postmaster address, or the dou- postmaster address, or the dou-
ble-bounce address. With the default "owner_request_special = yes" setti ble-bounce address. With the default "owner_request_special = yes" se
ng, the recipient_delimiter is tting, the recipient_delimiter is
also not applied to addresses with the special "owner-" prefix or the spe cial "-request" suffix. also not applied to addresses with the special "owner-" prefix or the spe cial "-request" suffix.
Examples: Examples:
# Handle Postfix-style extensions. # Handle Postfix-style extensions.
recipient_delimiter = + recipient_delimiter = +
# Handle both Postfix and qmail extensions (Postfix 2.11 and later). # Handle both Postfix and qmail extensions (Postfix 2.11 and later).
recipient_delimiter = +- recipient_delimiter = +-
# Use .forward for mail without address extension, and for mail with # Use .forward for mail without address extension, and for mail with
# an unrecognized address extension. # an unrecognized address extension.
forward_path = $home/.forward${recipient_delimiter}${extension}, forward_path = $home/.forward${recipient_delimiter}${extension},
$home/.forward $home/.forward
reject_code (default: 554) reject_code (default: 554)
The numerical Postfix SMTP server response code when a remote SMTP client request is rejected by the The numerical Postfix SMTP server response code when a remote SMTP clien t request is rejected by the
"reject" restriction. "reject" restriction.
Do not change this unless you have a complete understanding of RFC 5321. Do not change this unless you have a complete understanding of RFC 5321.
reject_tempfail_action (default: defer_if_permit) reject_tempfail_action (default: defer_if_permit)
The Postfix SMTP server's action when a reject-type restriction fails due The Postfix SMTP server's action when a reject-type restriction fails du
to a temporary error condition. e to a temporary error condition.
Specify "defer" to defer the remote SMTP client request immediately. W Specify "defer" to defer the remote SMTP client request immediately. With
ith the default "defer_if_permit" the default "defer_if_permit"
action, the Postfix SMTP server continues to look for opportunities to re action, the Postfix SMTP server continues to look for opportunities to r
ject mail, and defers the client eject mail, and defers the client
request only if it would otherwise be accepted. request only if it would otherwise be accepted.
For finer control, see: unverified_recipient_tempfail_action, u nverified_sender_tempfail_action, For finer control, see: unverified_recipient_tempfail_action, u nverified_sender_tempfail_action,
unknown_address_tempfail_action, and unknown_helo_hostname_tempfail_actio n. unknown_address_tempfail_action, and unknown_helo_hostname_tempfail_actio n.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
relay_clientcerts (default: empty) relay_clientcerts (default: empty)
List of tables with remote SMTP client-certificate fingerprints or public List of tables with remote SMTP client-certificate fingerprints or pub
key fingerprints (Postfix 2.9 lic key fingerprints (Postfix 2.9
and later) for which the Postfix SMTP server will allow access with th and later) for which the Postfix SMTP server will allow access with the
e permit_tls_clientcerts feature. permit_tls_clientcerts feature.
The fingerprint digest algorithm is configurable via the smtpd_t The fingerprint digest algorithm is configurable via the smtpd_
ls_fingerprint_digest parameter tls_fingerprint_digest parameter
(hard-coded as md5 prior to Postfix version 2.5). (hard-coded as md5 prior to Postfix version 2.5).
Postfix lookup tables are in the form of (key, value) pairs. Since we on ly need the key, the value can be Postfix lookup tables are in the form of (key, value) pairs. Since we on ly need the key, the value can be
chosen freely, e.g. the name of the user or host: D7:04:2F:A7:0B :8C:A5:21:FA:31:77:E1:41:8A:EE:80 chosen freely, e.g. the name of the user or host: D7:04:2F:A7:0B :8C:A5:21:FA:31:77:E1:41:8A:EE:80
lutzpc.at.home lutzpc.at.home
Example: Example:
relay_clientcerts = hash:/etc/postfix/relay_clientcerts relay_clientcerts = hash:/etc/postfix/relay_clientcerts
For more fine-grained control, use check_ccert_access to select an appr opriate access(5) policy for each For more fine-grained control, use check_ccert_access to select an approp riate access(5) policy for each
client. See RESTRICTION_CLASS_README. client. See RESTRICTION_CLASS_README.
Note: Postfix 2.9.0-2.9.5 computed the public key fingerprint incorrectly . To use public-key fingerprints, Note: Postfix 2.9.0-2.9.5 computed the public key fingerprint incorrectly . To use public-key fingerprints,
upgrade to Postfix 2.9.6 or later. upgrade to Postfix 2.9.6 or later.
This feature is available with Postfix version 2.2. This feature is available with Postfix version 2.2.
relay_destination_concurrency_limit (default: $default_destination_concurrency_l imit) relay_destination_concurrency_limit (default: $default_destination_concurrency_l imit)
The maximal number of parallel deliveries to the same destination via The maximal number of parallel deliveries to the same destination via the
the relay message delivery trans- relay message delivery trans-
port. This limit is enforced by the queue manager. The message delivery t port. This limit is enforced by the queue manager. The message delivery
ransport name is the first field transport name is the first field
in the entry in the master.cf file. in the entry in the master.cf file.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
relay_destination_recipient_limit (default: $default_destination_recipient_limit ) relay_destination_recipient_limit (default: $default_destination_recipient_limit )
The maximal number of recipients per message for the relay message The maximal number of recipients per message for the relay message deli
delivery transport. This limit is very transport. This limit is
enforced by the queue manager. The message delivery transport name is the enforced by the queue manager. The message delivery transport name is th
first field in the entry in the e first field in the entry in the
master.cf file. master.cf file.
Setting this parameter to a value of 1 changes the meaning of relay_d estination_concurrency_limit from Setting this parameter to a value of 1 changes the meaning of relay_de stination_concurrency_limit from
concurrency per domain into concurrency per recipient. concurrency per domain into concurrency per recipient.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
relay_domains (default: Postfix >= 3.0: empty, Postfix < 3.0: $mydestination) relay_domains (default: Postfix >= 3.0: empty, Postfix < 3.0: $mydestination)
What destination domains (and subdomains thereof) this system will relay mail to. For details about how What destination domains (and subdomains thereof) this system will rel ay mail to. For details about how
the relay_domains value is used, see the description of the permit_auth_d estination and reject_unauth_des- the relay_domains value is used, see the description of the permit_auth_d estination and reject_unauth_des-
tination SMTP recipient restrictions. tination SMTP recipient restrictions.
Domains that match $relay_domains are delivered with the $relay_transport Domains that match $relay_domains are delivered with the $relay_trans
mail delivery transport. The port mail delivery transport. The
SMTP server validates recipient addresses with $relay_recipient_maps and SMTP server validates recipient addresses with $relay_recipient_maps and
rejects non-existent recipients. rejects non-existent recipients.
See also the relay domains address class in the ADDRESS_CLASS_README file . See also the relay domains address class in the ADDRESS_CLASS_README file .
Note: Postfix will not automatically forward mail for domains that list t his system as their primary or Note: Postfix will not automatically forward mail for domains that lis t this system as their primary or
backup MX host. See the permit_mx_backup restriction in the postconf(5) m anual page. backup MX host. See the permit_mx_backup restriction in the postconf(5) m anual page.
Specify a list of host or domain names, "/file/name" patterns or "type:t Specify a list of host or domain names, "/file/name" patterns or "type:ta
able" lookup tables, separated by ble" lookup tables, separated by
commas and/or whitespace. Continue long lines by starting the next line commas and/or whitespace. Continue long lines by starting the next lin
with whitespace. A "/file/name" e with whitespace. A "/file/name"
pattern is replaced by its contents; a "type:table" lookup table is match ed when a (parent) domain appears pattern is replaced by its contents; a "type:table" lookup table is match ed when a (parent) domain appears
as lookup key. Specify "!pattern" to exclude a domain from the list. The form "!/file/name" is supported as lookup key. Specify "!pattern" to exclude a domain from the list. Th e form "!/file/name" is supported
only in Postfix version 2.4 and later. only in Postfix version 2.4 and later.
Pattern matching of domain names is controlled by the presence or absen ce of "relay_domains" in the par- Pattern matching of domain names is controlled by the presence or absence of "relay_domains" in the par-
ent_domain_matches_subdomains parameter value. ent_domain_matches_subdomains parameter value.
relay_domains_reject_code (default: 554) relay_domains_reject_code (default: 554)
The numerical Postfix SMTP server response code when a client r equest is rejected by the The numerical Postfix SMTP server response code when a clien t request is rejected by the
reject_unauth_destination recipient restriction. reject_unauth_destination recipient restriction.
Do not change this unless you have a complete understanding of RFC 5321. Do not change this unless you have a complete understanding of RFC 5321.
relay_recipient_maps (default: empty) relay_recipient_maps (default: empty)
Optional lookup tables with all valid addresses in the domains that matc Optional lookup tables with all valid addresses in the domains that match
h $relay_domains. Specify @domain $relay_domains. Specify @domain
as a wild-card for domains that have no valid recipient list, and become as a wild-card for domains that have no valid recipient list, and bec
a source of backscatter mail: ome a source of backscatter mail:
Postfix accepts spam for non-existent recipients and then floods innocen Postfix accepts spam for non-existent recipients and then floods innocent
t people with undeliverable mail. people with undeliverable mail.
Technically, tables listed with $relay_recipient_maps are used as lists: Technically, tables listed with $relay_recipient_maps are used as lists
Postfix needs to know only if a : Postfix needs to know only if a
lookup string is found or not, but it does not use the result from table lookup. lookup string is found or not, but it does not use the result from table lookup.
Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
If this parameter is non-empty, then the Postfix SMTP server will reject mail to unknown relay users. This If this parameter is non-empty, then the Postfix SMTP server will reject mail to unknown relay users. This
feature is off by default. feature is off by default.
See also the relay domains address class in the ADDRESS_CLASS_README file . See also the relay domains address class in the ADDRESS_CLASS_README file .
Example: Example:
relay_recipient_maps = hash:/etc/postfix/relay_recipients relay_recipient_maps = hash:/etc/postfix/relay_recipients
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
relay_transport (default: relay) relay_transport (default: relay)
The default mail delivery transport and next-hop destination for remot e delivery to domains listed with The default mail delivery transport and next-hop destination for remote d elivery to domains listed with
$relay_domains. In order of decreasing precedence, the nexthop destinatio n is taken from $relay_transport, $relay_domains. In order of decreasing precedence, the nexthop destinatio n is taken from $relay_transport,
$sender_dependent_relayhost_maps, $relayhost, or from the recipient doma in. This information can be over- $sender_dependent_relayhost_maps, $relayhost, or from the recipient domai n. This information can be over-
ruled with the transport(5) table. ruled with the transport(5) table.
Specify a string of the form transport:nexthop, where transport is the na Specify a string of the form transport:nexthop, where transport is the
me of a mail delivery transport name of a mail delivery transport
defined in master.cf. The :nexthop destination is optional; its syntax defined in master.cf. The :nexthop destination is optional; its syntax i
is documented in the manual page s documented in the manual page
of the corresponding delivery agent. of the corresponding delivery agent.
See also the relay domains address class in the ADDRESS_CLASS_README file . See also the relay domains address class in the ADDRESS_CLASS_README file .
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
relayhost (default: empty) relayhost (default: empty)
The next-hop destination(s) for non-local mail; overrides non-local domai ns in recipient addresses. This The next-hop destination(s) for non-local mail; overrides non-local dom ains in recipient addresses. This
information is overruled with relay_transport, sender_dependent_default_t ransport_maps, default_transport, information is overruled with relay_transport, sender_dependent_default_t ransport_maps, default_transport,
sender_dependent_relayhost_maps and with the transport(5) table. sender_dependent_relayhost_maps and with the transport(5) table.
On an intranet, specify the organizational domain name. If your internal DNS uses no MX records, specify On an intranet, specify the organizational domain name. If your interna l DNS uses no MX records, specify
the name of the intranet gateway host instead. the name of the intranet gateway host instead.
In the case of SMTP or LMTP delivery, specify one or more destinations in the form of a domain name, host- In the case of SMTP or LMTP delivery, specify one or more destinations in the form of a domain name, host-
name, hostname:port, [hostname]:port, [hostaddress] or [hostaddress]:port name, hostname:port, [hostname]:port, [hostaddress] or [hostaddress]:p
, separated by comma or white- ort, separated by comma or white-
space. The form [hostname] turns off MX lookups. Multiple destinations space. The form [hostname] turns off MX lookups. Multiple destinations a
are supported in Postfix 3.5 and re supported in Postfix 3.5 and
later. later.
If you're connected via UUCP, see the UUCP_README file for useful informa tion. If you're connected via UUCP, see the UUCP_README file for useful informa tion.
Examples: Examples:
relayhost = $mydomain relayhost = $mydomain
relayhost = [gateway.example.com] relayhost = [gateway.example.com]
relayhost = mail1.example:587, mail2.example:587 relayhost = mail1.example:587, mail2.example:587
relayhost = [an.ip.add.ress] relayhost = [an.ip.add.ress]
relocated_maps (default: empty) relocated_maps (default: empty)
Optional lookup tables with new contact information for users or domains that no longer exist. The table Optional lookup tables with new contact information for users or domains that no longer exist. The table
format and lookups are documented in relocated(5). format and lookups are documented in relocated(5).
Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
If you use this feature, run "postmap /etc/postfix/relocated" to build th e necessary DBM or DB file after If you use this feature, run "postmap /etc/postfix/relocated" to build t he necessary DBM or DB file after
change, then "postfix reload" to make the changes visible. change, then "postfix reload" to make the changes visible.
Examples: Examples:
relocated_maps = dbm:/etc/postfix/relocated relocated_maps = dbm:/etc/postfix/relocated
relocated_maps = hash:/etc/postfix/relocated relocated_maps = hash:/etc/postfix/relocated
remote_header_rewrite_domain (default: empty) remote_header_rewrite_domain (default: empty)
Don't rewrite message headers from remote clients at all when this param Don't rewrite message headers from remote clients at all when this parame
eter is empty; otherwise, rewrite ter is empty; otherwise, rewrite
message headers and append the specified domain name to incomplete a message headers and append the specified domain name to incomplete
ddresses. The local_header_re- addresses. The local_header_re-
write_clients parameter controls what clients Postfix considers local. write_clients parameter controls what clients Postfix considers local.
Examples: Examples:
The safe setting: append "domain.invalid" to incomplete header addresses from remote SMTP clients, so that The safe setting: append "domain.invalid" to incomplete header addresses from remote SMTP clients, so that
those addresses cannot be confused with local addresses. those addresses cannot be confused with local addresses.
remote_header_rewrite_domain = domain.invalid remote_header_rewrite_domain = domain.invalid
The default, purist, setting: don't rewrite headers from remote clients a t all. The default, purist, setting: don't rewrite headers from remote clients a t all.
remote_header_rewrite_domain = remote_header_rewrite_domain =
require_home_directory (default: no) require_home_directory (default: no)
Require that a local(8) recipient's home directory exists before mail del Require that a local(8) recipient's home directory exists before mail
ivery is attempted. By default delivery is attempted. By default
this test is disabled. It can be useful for environments that import ho this test is disabled. It can be useful for environments that import hom
me directories to the mail server e directories to the mail server
(IMPORTING HOME DIRECTORIES IS NOT RECOMMENDED). (IMPORTING HOME DIRECTORIES IS NOT RECOMMENDED).
reset_owner_alias (default: no) reset_owner_alias (default: no)
Reset the local(8) delivery agent's idea of the owner-alias attribute, wh en delivering mail to a child Reset the local(8) delivery agent's idea of the owner-alias attribute , when delivering mail to a child
alias that does not have its own owner alias. alias that does not have its own owner alias.
This feature is available in Postfix 2.8 and later. With older Postfi x releases, the behavior is as if This feature is available in Postfix 2.8 and later. With older Postfix re leases, the behavior is as if
this parameter is set to "yes". this parameter is set to "yes".
As documented in aliases(5), when an alias name has a companion alias nam As documented in aliases(5), when an alias name has a companion alias na
ed owner-name, this will replace med owner-name, this will replace
the envelope sender address, so that delivery errors will be reported the envelope sender address, so that delivery errors will be reported to
to the owner alias instead of the the owner alias instead of the
sender. This configuration is recommended for mailing lists. sender. This configuration is recommended for mailing lists.
A less known property of the owner alias is that it also forces the local (8) delivery agent to write local A less known property of the owner alias is that it also forces the local (8) delivery agent to write local
and remote addresses from alias expansion to a new queue file, instead of attempting to deliver mail to and remote addresses from alias expansion to a new queue file, instead of attempting to deliver mail to
local addresses as soon as they come out of alias expansion. local addresses as soon as they come out of alias expansion.
Writing local addresses from alias expansion to a new queue file allows f Writing local addresses from alias expansion to a new queue file allows
or robust handling of temporary for robust handling of temporary
delivery errors: errors with one local member have no effect on deliver delivery errors: errors with one local member have no effect on deliverie
ies to other members of the list. s to other members of the list.
On the other hand, delivery to local addresses as soon as they come out o On the other hand, delivery to local addresses as soon as they come out
f alias expansion is fragile: a of alias expansion is fragile: a
temporary error with one local address from alias expansion will caus temporary error with one local address from alias expansion will cause th
e the entire alias to be expanded e entire alias to be expanded
repeatedly until the error goes away, or until the message expires in the repeatedly until the error goes away, or until the message expires in th
queue. In that case, a problem e queue. In that case, a problem
with one list member results in multiple message deliveries to other list members. with one list member results in multiple message deliveries to other list members.
The default behavior of Postfix 2.8 and later is to keep the owner-ali The default behavior of Postfix 2.8 and later is to keep the owner-alias
as attribute of the parent alias, attribute of the parent alias,
when delivering mail to a child alias that does not have its own owner al when delivering mail to a child alias that does not have its own owner
ias. Then, local addresses from alias. Then, local addresses from
that child alias will be written to a new queue file, and a temporary that child alias will be written to a new queue file, and a temporary err
error with one local address will or with one local address will
not affect delivery to other mailing list members. not affect delivery to other mailing list members.
Unfortunately, older Postfix releases reset the owner-alias attribute whe n delivering mail to a child Unfortunately, older Postfix releases reset the owner-alias attribut e when delivering mail to a child
alias that does not have its own owner alias. To be precise, this resets only the decision to create a new alias that does not have its own owner alias. To be precise, this resets only the decision to create a new
queue file, not the decision to override the envelope sender address. The local(8) delivery agent then queue file, not the decision to override the envelope sender address. The local(8) delivery agent then
attempts to deliver local addresses as soon as they come out of child ali as expansion. If delivery to any attempts to deliver local addresses as soon as they come out of child ali as expansion. If delivery to any
address from child alias expansion fails with a temporary error condition , the entire mailing list may be address from child alias expansion fails with a temporary error conditio n, the entire mailing list may be
expanded repeatedly until the mail expires in the queue, resulting in mul tiple deliveries of the same mes- expanded repeatedly until the mail expires in the queue, resulting in mul tiple deliveries of the same mes-
sage to mailing list members. sage to mailing list members.
resolve_dequoted_address (default: yes) resolve_dequoted_address (default: yes)
Resolve a recipient address safely instead of correctly, by looking insid e quotes. Resolve a recipient address safely instead of correctly, by looking insid e quotes.
By default, the Postfix address resolver does not quote the address local By default, the Postfix address resolver does not quote the address
part as per RFC 822, so that localpart as per RFC 822, so that
additional @ or % or ! operators remain visible. This behavior is safe additional @ or % or ! operators remain visible. This behavior is safe b
but it is also technically incor- ut it is also technically incor-
rect. rect.
If you specify "resolve_dequoted_address = no", then the Postfix resolver will not know about additional @ If you specify "resolve_dequoted_address = no", then the Postfix resolver will not know about additional @
etc. operators in the address localpart. This opens opportunities fo r obscure mail relay attacks with etc. operators in the address localpart. This opens opportunities for ob scure mail relay attacks with
user@domain@domain addresses when Postfix provides backup MX service for Sendmail systems. user@domain@domain addresses when Postfix provides backup MX service for Sendmail systems.
resolve_null_domain (default: no) resolve_null_domain (default: no)
Resolve an address that ends in the "@" null domain as if the local hostn ame were specified, instead of Resolve an address that ends in the "@" null domain as if the local ho stname were specified, instead of
rejecting the address as invalid. rejecting the address as invalid.
This feature is available in Postfix 2.1 and later. Earlier versions always resolve the null domain as This feature is available in Postfix 2.1 and later. Earlier versions alw ays resolve the null domain as
the local hostname. the local hostname.
The Postfix SMTP server uses this feature to reject mail from or to addre sses that end in the "@" null The Postfix SMTP server uses this feature to reject mail from or to a ddresses that end in the "@" null
domain, and from addresses that rewrite into a form that ends in the "@" null domain. domain, and from addresses that rewrite into a form that ends in the "@" null domain.
resolve_numeric_domain (default: no) resolve_numeric_domain (default: no)
Resolve "user@ipaddress" as "user@[ipaddress]", instead of rejecting the address as invalid. Resolve "user@ipaddress" as "user@[ipaddress]", instead of rejecting the address as invalid.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
rewrite_service_name (default: rewrite) rewrite_service_name (default: rewrite)
The name of the address rewriting service. This service rewrites addres ses to standard form and resolves The name of the address rewriting service. This service rewrites addresse s to standard form and resolves
them to a (delivery method, next-hop host, recipient) triple. them to a (delivery method, next-hop host, recipient) triple.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
sample_directory (default: /etc/postfix) sample_directory (default: /etc/postfix)
The name of the directory with example Postfix configuration files. Sta rting with Postfix 2.1, these The name of the directory with example Postfix configuration files. Starting with Postfix 2.1, these
files have been replaced with the postconf(5) manual page. files have been replaced with the postconf(5) manual page.
send_cyrus_sasl_authzid (default: no) send_cyrus_sasl_authzid (default: no)
When authenticating to a remote SMTP or LMTP server with the default sett ing "no", send no SASL authoriZa- When authenticating to a remote SMTP or LMTP server with the default sett ing "no", send no SASL authoriZa-
tion ID (authzid); send only the SASL authentiCation ID (authcid) plus th e authcid's password. tion ID (authzid); send only the SASL authentiCation ID (authcid) plus th e authcid's password.
The non-default setting "yes" enables the behavior of older Postfix versi The non-default setting "yes" enables the behavior of older Postfix ve
ons. These always send a SASL rsions. These always send a SASL
authzid that is equal to the SASL authcid, but this causes interop authzid that is equal to the SASL authcid, but this causes interoperab
erability problems with some SMTP ility problems with some SMTP
servers. servers.
This feature is available in Postfix 2.4.4 and later. This feature is available in Postfix 2.4.4 and later.
sender_based_routing (default: no) sender_based_routing (default: no)
This parameter should not be used. It was replaced by sender_dependent_re layhost_maps in Postfix version This parameter should not be used. It was replaced by sender_dependent_ relayhost_maps in Postfix version
2.3. 2.3.
sender_bcc_maps (default: empty) sender_bcc_maps (default: empty)
Optional BCC (blind carbon-copy) address lookup tables, indexed by sende r address. The BCC address (mul- Optional BCC (blind carbon-copy) address lookup tables, indexed by sender address. The BCC address (mul-
tiple results are not supported) is added when mail enters from outside o f Postfix. tiple results are not supported) is added when mail enters from outside o f Postfix.
Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
The table search order is as follows: The table search order is as follows:
· Look up the "user+extension@domain.tld" address including the opti onal address extension. · Look up the "user+extension@domain.tld" address including the opti onal address extension.
· Look up the "user@domain.tld" address without the optional address extension. · Look up the "user@domain.tld" address without the optional address extension.
· Look up the "user+extension" address local part when the sender d omain equals $myorigin, $mydesti- · Look up the "user+extension" address local part when the sender do main equals $myorigin, $mydesti-
nation, $inet_interfaces or $proxy_interfaces. nation, $inet_interfaces or $proxy_interfaces.
· Look up the "user" address local part when the sender domain eq uals $myorigin, $mydestination, · Look up the "user" address local part when the sender domain equals $myorigin, $mydestination,
$inet_interfaces or $proxy_interfaces. $inet_interfaces or $proxy_interfaces.
· Look up the "@domain.tld" part. · Look up the "@domain.tld" part.
Note: with Postfix 2.3 and later the BCC address is added as if it wa Note: with Postfix 2.3 and later the BCC address is added as if it was s
s specified with NOTIFY=NONE. The pecified with NOTIFY=NONE. The
sender will not be notified when the BCC address is undeliverable, as lon sender will not be notified when the BCC address is undeliverable, as
g as all down-stream software long as all down-stream software
implements RFC 3461. implements RFC 3461.
Note: with Postfix 2.2 and earlier the sender will be notified when the B CC address is undeliverable. Note: with Postfix 2.2 and earlier the sender will be notified when the B CC address is undeliverable.
Note: automatic BCC recipients are produced only for new mail. To Note: automatic BCC recipients are produced only for new mail. To avoi
avoid mailer loops, automatic BCC d mailer loops, automatic BCC
recipients are not generated after Postfix forwards mail internally, or recipients are not generated after Postfix forwards mail internally
after Postfix generates mail , or after Postfix generates mail
itself. itself.
Example: Example:
sender_bcc_maps = hash:/etc/postfix/sender_bcc sender_bcc_maps = hash:/etc/postfix/sender_bcc
After a change, run "postmap /etc/postfix/sender_bcc". After a change, run "postmap /etc/postfix/sender_bcc".
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
sender_canonical_classes (default: envelope_sender, header_sender) sender_canonical_classes (default: envelope_sender, header_sender)
What addresses are subject to sender_canonical_maps address mapping. By default, sender_canonical_maps What addresses are subject to sender_canonical_maps address mapping. By default, sender_canonical_maps
address mapping is applied to envelope sender addresses, and to header se nder addresses. address mapping is applied to envelope sender addresses, and to header se nder addresses.
Specify one or more of: envelope_sender, header_sender Specify one or more of: envelope_sender, header_sender
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
sender_canonical_maps (default: empty) sender_canonical_maps (default: empty)
Optional address mapping lookup tables for envelope and header sender add resses. The table format and Optional address mapping lookup tables for envelope and header sender addresses. The table format and
lookups are documented in canonical(5). lookups are documented in canonical(5).
Example: you want to rewrite the SENDER address "user@ugly.domain" to "user@pretty.domain", while still Example: you want to rewrite the SENDER address "user@ugly.domain" to "u ser@pretty.domain", while still
being able to send mail to the RECIPIENT address "user@ugly.domain". being able to send mail to the RECIPIENT address "user@ugly.domain".
Note: $sender_canonical_maps is processed before $canonical_maps. Note: $sender_canonical_maps is processed before $canonical_maps.
Example: Example:
sender_canonical_maps = hash:/etc/postfix/sender_canonical sender_canonical_maps = hash:/etc/postfix/sender_canonical
sender_dependent_default_transport_maps (default: empty) sender_dependent_default_transport_maps (default: empty)
A sender-dependent override for the global default_transport parameter se tting. The tables are searched by A sender-dependent override for the global default_transport parameter se tting. The tables are searched by
the envelope sender address and @domain. A lookup result of DUNNO termina tes the search without overriding the envelope sender address and @domain. A lookup result of DUNNO termina tes the search without overriding
the global default_transport parameter setting. This information is over ruled with the transport(5) ta- the global default_transport parameter setting. This information is ov erruled with the transport(5) ta-
ble. ble.
Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
Note: this overrides default_transport, not transport_maps, and therefore Note: this overrides default_transport, not transport_maps, and therefo
the expected syntax is that of re the expected syntax is that of
default_transport, not the syntax of transport_maps. Specifically, default_transport, not the syntax of transport_maps. Specifically, this
this does not support the trans- does not support the trans-
port_maps syntax for null transport, null nexthop, or null email addresse s. port_maps syntax for null transport, null nexthop, or null email addresse s.
For safety reasons, this feature does not allow $number substitutions in regular expression maps. For safety reasons, this feature does not allow $number substitutions in regular expression maps.
This feature is available in Postfix 2.7 and later. This feature is available in Postfix 2.7 and later.
sender_dependent_relayhost_maps (default: empty) sender_dependent_relayhost_maps (default: empty)
A sender-dependent override for the global relayhost parameter setting. T he tables are searched by the A sender-dependent override for the global relayhost parameter settin g. The tables are searched by the
envelope sender address and @domain. A lookup result of DUNNO terminates the search without overriding the envelope sender address and @domain. A lookup result of DUNNO terminates the search without overriding the
global relayhost parameter setting (Postfix 2.6 and later). This information is overruled with global relayhost parameter setting (Postfix 2.6 and later). This information is overruled with
relay_transport, sender_dependent_default_transport_maps, default_transp ort and with the transport(5) ta- relay_transport, sender_dependent_default_transport_maps, default_transpo rt and with the transport(5) ta-
ble. ble.
Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
For safety reasons, this feature does not allow $number substitutions in regular expression maps. For safety reasons, this feature does not allow $number substitutions in regular expression maps.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
sendmail_fix_line_endings (default: always) sendmail_fix_line_endings (default: always)
Controls how the Postfix sendmail command converts email message line end ings from <CR><LF> into UNIX for- Controls how the Postfix sendmail command converts email message line end ings from <CR><LF> into UNIX for-
mat (<LF>). mat (<LF>).
always Always convert message lines ending in <CR><LF>. This setting is t he default with Postfix 2.9 and always Always convert message lines ending in <CR><LF>. This setting is the default with Postfix 2.9 and
later. later.
strict Convert message lines ending in <CR><LF> only if the first input line ends in <CR><LF>. This set- strict Convert message lines ending in <CR><LF> only if the first input l ine ends in <CR><LF>. This set-
ting is backwards-compatible with Postfix 2.8 and earlier. ting is backwards-compatible with Postfix 2.8 and earlier.
never Never convert message lines ending in <CR><LF>. This setting exist s for completeness only. never Never convert message lines ending in <CR><LF>. This setting exist s for completeness only.
This feature is available in Postfix 2.9 and later. This feature is available in Postfix 2.9 and later.
sendmail_path (default: see postconf -d output) sendmail_path (default: see postconf -d output)
A Sendmail compatibility feature that specifies the location of the Postf ix sendmail(1) command. This com- A Sendmail compatibility feature that specifies the location of the Postf ix sendmail(1) command. This com-
mand can be used to submit mail into the Postfix queue. mand can be used to submit mail into the Postfix queue.
service_name (read-only) service_name (read-only)
The master.cf service name of a Postfix daemon process. This can be use d to distinguish the logging from The master.cf service name of a Postfix daemon process. This can be used to distinguish the logging from
different services that use the same program name. different services that use the same program name.
Example master.cf entries: Example master.cf entries:
# Distinguish inbound MTA logging from submission and smtps logging. # Distinguish inbound MTA logging from submission and smtps logging.
smtp inet n - n - - smtpd smtp inet n - n - - smtpd
submission inet n - n - - smtpd submission inet n - n - - smtpd
-o syslog_name=postfix/$service_name -o syslog_name=postfix/$service_name
smtps inet n - n - - smtpd smtps inet n - n - - smtpd
-o syslog_name=postfix/$service_name -o syslog_name=postfix/$service_name
# Distinguish outbound MTA logging from inbound relay logging. # Distinguish outbound MTA logging from inbound relay logging.
smtp unix - - n - - smtp smtp unix - - n - - smtp
relay unix - - n - - smtp relay unix - - n - - smtp
-o syslog_name=postfix/$service_name -o syslog_name=postfix/$service_name
service_throttle_time (default: 60s) service_throttle_time (default: 60s)
How long the Postfix master(8) waits before forking a server that appears to be malfunctioning. How long the Postfix master(8) waits before forking a server that appears to be malfunctioning.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
setgid_group (default: postdrop) setgid_group (default: postdrop)
The group ownership of set-gid Postfix commands and of group-writab le Postfix directories. When this The group ownership of set-gid Postfix commands and of group-writable Postfix directories. When this
parameter value is changed you need to re-run "postfix set-permissions" ( with Postfix version 2.0 and ear- parameter value is changed you need to re-run "postfix set-permissions" ( with Postfix version 2.0 and ear-
lier: "/etc/postfix/post-install set-permissions". lier: "/etc/postfix/post-install set-permissions".
shlib_directory (default: see 'postconf -d' output) shlib_directory (default: see 'postconf -d' output)
The location of Postfix dynamically-linked libraries (libpostfix-*.so), The location of Postfix dynamically-linked libraries (libpostfix-*.so), a
and the default location of Post- nd the default location of Post-
fix database plugins (postfix-*.so) that have a relative pathname in fix database plugins (postfix-*.so) that have a relative pathname
the dynamicmaps.cf file. The in the dynamicmaps.cf file. The
shlib_directory parameter defaults to "no" when Postfix dynamically-link shlib_directory parameter defaults to "no" when Postfix dynamically-linke
ed libraries and database plugins d libraries and database plugins
are disabled at compile time, otherwise it typically defaults to /usr/lib are disabled at compile time, otherwise it typically defaults to /usr/li
/postfix or /usr/local/lib/post- b/postfix or /usr/local/lib/post-
fix. fix.
Notes: Notes:
· The directory specified with shlib_directory should contain on · The directory specified with shlib_directory should contain only
ly Postfix-related files. Postfix Postfix-related files. Postfix
dynamically-linked libraries and database plugins should not be i dynamically-linked libraries and database plugins should not
nstalled in a "public" system be installed in a "public" system
directory such as /usr/lib or /usr/local/lib. Linking Postfix dy directory such as /usr/lib or /usr/local/lib. Linking Postfix dyna
namically-linked library files or mically-linked library files or
database plugins into non-Postfix programs is not supported. Post database plugins into non-Postfix programs is not supported. Pos
fix dynamically-linked libraries tfix dynamically-linked libraries
and database plugins implement a Postfix-internal API that change and database plugins implement a Postfix-internal API that changes
s without maintaining compatibil- without maintaining compatibil-
ity. ity.
· You can change the shlib_directory value after Postfix is built. · You can change the shlib_directory value after Postfix is bu
However, you may have to run ilt. However, you may have to run
ldconfig or equivalent to prevent Postfix programs from failing ldconfig or equivalent to prevent Postfix programs from failing be
because the libpostfix-*.so files cause the libpostfix-*.so files
are not found. No ldconfig command is needed if you keep the libp are not found. No ldconfig command is needed if you keep the
ostfix-*.so files in the com- libpostfix-*.so files in the com-
piled-in default $shlib_directory location. piled-in default $shlib_directory location.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
show_user_unknown_table_name (default: yes) show_user_unknown_table_name (default: yes)
Display the name of the recipient table in the "User unknown" respons es. The extra detail makes trou- Display the name of the recipient table in the "User unknown" responses. The extra detail makes trou-
bleshooting easier but also reveals information that is nobody else's bus iness. bleshooting easier but also reveals information that is nobody else's bus iness.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
showq_service_name (default: showq) showq_service_name (default: showq)
The name of the showq(8) service. This service produces mail queue status reports. The name of the showq(8) service. This service produces mail queue status reports.
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
smtp_address_preference (default: any) smtp_address_preference (default: any)
The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP client w ill try first, when a destination The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP client w ill try first, when a destination
has IPv6 and IPv4 addresses with equal MX preference. This feature has no effect unless the inet_protocols has IPv6 and IPv4 addresses with equal MX preference. This feature has no effect unless the inet_protocols
setting enables both IPv4 and IPv6. setting enables both IPv4 and IPv6.
Postfix SMTP client address preference has evolved. With Postfix 2.8 the default is "ipv6"; earlier imple- Postfix SMTP client address preference has evolved. With Postfix 2.8 the default is "ipv6"; earlier imple-
mentations are hard-coded to prefer IPv6 over IPv4. mentations are hard-coded to prefer IPv6 over IPv4.
Notes for mail delivery between sites that have both IPv4 and IPv6 connec tivity: Notes for mail delivery between sites that have both IPv4 and IPv6 connec tivity:
· The setting "smtp_address_preference = ipv6" is unsafe. It can f ail to deliver mail when there is · The setting "smtp_address_preference = ipv6" is unsafe. It can fa il to deliver mail when there is
an outage that affects IPv6, while the destination is still reacha ble over IPv4. an outage that affects IPv6, while the destination is still reacha ble over IPv4.
· The setting "smtp_address_preference = any" is safe. With this, ma il will eventually be delivered · The setting "smtp_address_preference = any" is safe. With this, mail will eventually be delivered
even if there is an outage that affects IPv6 or IPv4, as long as i t does not affect both. even if there is an outage that affects IPv6 or IPv4, as long as i t does not affect both.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
smtp_address_verify_target (default: rcpt) smtp_address_verify_target (default: rcpt)
In the context of email address verification, the SMTP protocol stage In the context of email address verification, the SMTP protocol stage tha
that determines whether an email t determines whether an email
address is deliverable. Specify one of "rcpt" or "data". The latter is address is deliverable. Specify one of "rcpt" or "data". The latter i
needed with remote SMTP servers s needed with remote SMTP servers
that reject recipients after the DATA command. Use transport_maps to appl y this feature selectively: that reject recipients after the DATA command. Use transport_maps to appl y this feature selectively:
/etc/postfix/main.cf: /etc/postfix/main.cf:
transport_maps = hash:/etc/postfix/transport transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport: /etc/postfix/transport:
smtp-domain-that-verifies-after-data smtp-data-target: smtp-domain-that-verifies-after-data smtp-data-target:
lmtp-domain-that-verifies-after-data lmtp-data-target: lmtp-domain-that-verifies-after-data lmtp-data-target:
/etc/postfix/master.cf: /etc/postfix/master.cf:
smtp-data-target unix - - n - - smtp smtp-data-target unix - - n - - smtp
-o smtp_address_verify_target=data -o smtp_address_verify_target=data
lmtp-data-target unix - - n - - lmtp lmtp-data-target unix - - n - - lmtp
-o lmtp_address_verify_target=data -o lmtp_address_verify_target=data
Unselective use of the "data" target does no harm, but will result in u nnecessary "lost connection after Unselective use of the "data" target does no harm, but will result in unn ecessary "lost connection after
DATA" events at remote SMTP/LMTP servers. DATA" events at remote SMTP/LMTP servers.
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
smtp_always_send_ehlo (default: yes) smtp_always_send_ehlo (default: yes)
Always send EHLO at the start of an SMTP session. Always send EHLO at the start of an SMTP session.
With "smtp_always_send_ehlo = no", the Postfix SMTP client sends EHLO onl y when the word "ESMTP" appears With "smtp_always_send_ehlo = no", the Postfix SMTP client sends EHLO o nly when the word "ESMTP" appears
in the server greeting banner (example: 220 spike.porcupine.org ESMTP Pos tfix). in the server greeting banner (example: 220 spike.porcupine.org ESMTP Pos tfix).
smtp_balance_inet_protocols (default: yes) smtp_balance_inet_protocols (default: yes)
When a remote destination resolves to a combination of IPv4 and IPv6 a ddresses, ensure that the Postfix When a remote destination resolves to a combination of IPv4 and IPv6 addr esses, ensure that the Postfix
SMTP client can try both address types before it runs into the smtp_mx_ad dress_limit. SMTP client can try both address types before it runs into the smtp_mx_ad dress_limit.
This avoids an interoperability problem when a destination resolves to This avoids an interoperability problem when a destination resolves
primarily IPv6 addresses, the to primarily IPv6 addresses, the
smtp_address_limit feature eliminates most or all IPv4 addresses, and smtp_address_limit feature eliminates most or all IPv4 addresses, and the
the destination is not reachable destination is not reachable
over IPv6. over IPv6.
This feature is available in Postfix 3.3 and later. This feature is available in Postfix 3.3 and later.
smtp_bind_address (default: empty) smtp_bind_address (default: empty)
An optional numerical network address that the Postfix SMTP client should bind to when making an IPv4 con- An optional numerical network address that the Postfix SMTP client should bind to when making an IPv4 con-
nection. nection.
This can be specified in the main.cf file for all SMTP clients, or it can be specified in the master.cf This can be specified in the main.cf file for all SMTP clients, or it can be specified in the master.cf
file for a specific client, for example: file for a specific client, for example:
/etc/postfix/master.cf: /etc/postfix/master.cf:
smtp ... smtp -o smtp_bind_address=11.22.33.44 smtp ... smtp -o smtp_bind_address=11.22.33.44
Note 1: when inet_interfaces specifies no more than one IPv4 address, and Note 1: when inet_interfaces specifies no more than one IPv4 address, a
that address is a non-loopback nd that address is a non-loopback
address, it is automatically used as the smtp_bind_address. This suppor address, it is automatically used as the smtp_bind_address. This support
ts virtual IP hosting, but can be s virtual IP hosting, but can be
a problem on multi-homed firewalls. See the inet_interfaces documentation for more detail. a problem on multi-homed firewalls. See the inet_interfaces documentation for more detail.
Note 2: address information may be enclosed inside [], but this form is n ot required here. Note 2: address information may be enclosed inside [], but this form is n ot required here.
smtp_bind_address6 (default: empty) smtp_bind_address6 (default: empty)
An optional numerical network address that the Postfix SMTP client should bind to when making an IPv6 con- An optional numerical network address that the Postfix SMTP client should bind to when making an IPv6 con-
nection. nection.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
This can be specified in the main.cf file for all SMTP clients, or it can be specified in the master.cf This can be specified in the main.cf file for all SMTP clients, or it can be specified in the master.cf
file for a specific client, for example: file for a specific client, for example:
/etc/postfix/master.cf: /etc/postfix/master.cf:
smtp ... smtp -o smtp_bind_address6=1:2:3:4:5:6:7:8 smtp ... smtp -o smtp_bind_address6=1:2:3:4:5:6:7:8
Note 1: when inet_interfaces specifies no more than one IPv6 address, and that address is a non-loopback Note 1: when inet_interfaces specifies no more than one IPv6 address, a nd that address is a non-loopback
address, it is automatically used as the smtp_bind_address6. This suppor ts virtual IP hosting, but can be address, it is automatically used as the smtp_bind_address6. This suppor ts virtual IP hosting, but can be
a problem on multi-homed firewalls. See the inet_interfaces documentation for more detail. a problem on multi-homed firewalls. See the inet_interfaces documentation for more detail.
Note 2: address information may be enclosed inside [], but this form is n ot recommended here. Note 2: address information may be enclosed inside [], but this form is n ot recommended here.
smtp_body_checks (default: empty) smtp_body_checks (default: empty)
Restricted body_checks(5) tables for the Postfix SMTP client. These tabl es are searched while mail is Restricted body_checks(5) tables for the Postfix SMTP client. These tables are searched while mail is
being delivered. Actions that change the delivery time or destination ar e not available. being delivered. Actions that change the delivery time or destination ar e not available.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
smtp_cname_overrides_servername (default: version dependent) smtp_cname_overrides_servername (default: version dependent)
When the remote SMTP servername is a DNS CNAME, replace the servername When the remote SMTP servername is a DNS CNAME, replace the servername wi
with the result from CNAME expan- th the result from CNAME expan-
sion for the purpose of logging, SASL password lookup, TLS policy decisio sion for the purpose of logging, SASL password lookup, TLS policy decisi
ns, or TLS certificate verifica- ons, or TLS certificate verifica-
tion. The value "no" hardens Postfix smtp_tls_per_site hostname-base tion. The value "no" hardens Postfix smtp_tls_per_site hostname-based p
d policies against false hostname olicies against false hostname
information in DNS CNAME records, and makes SASL password file lookups information in DNS CNAME records, and makes SASL password file look
more predictable. This is the ups more predictable. This is the
default setting as of Postfix 2.3. default setting as of Postfix 2.3.
When DNS CNAME records are validated with secure DNS lookups (smtp_dns_ support_level = dnssec), they are When DNS CNAME records are validated with secure DNS lookups (smtp_dns_su pport_level = dnssec), they are
always allowed to override the above servername (Postfix 2.11 and later). always allowed to override the above servername (Postfix 2.11 and later).
This feature is available in Postfix 2.2.9 and later. This feature is available in Postfix 2.2.9 and later.
smtp_connect_timeout (default: 30s) smtp_connect_timeout (default: 30s)
The Postfix SMTP client time limit for completing a TCP connection, or z ero (use the operating system The Postfix SMTP client time limit for completing a TCP connection, or zero (use the operating system
built-in time limit). built-in time limit).
When no connection can be made within the deadline, the Postfix SMTP cli When no connection can be made within the deadline, the Postfix SMTP clie
ent tries the next address on the nt tries the next address on the
mail exchanger list. Specify 0 to disable the time limit (i.e. use whatev mail exchanger list. Specify 0 to disable the time limit (i.e. use whate
er timeout is implemented by the ver timeout is implemented by the
operating system). operating system).
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
smtp_connection_cache_destinations (default: empty) smtp_connection_cache_destinations (default: empty)
Permanently enable SMTP connection caching for the specified destinations . With SMTP connection caching, Permanently enable SMTP connection caching for the specified destination s. With SMTP connection caching,
a connection is not closed immediately after completion of a mail transac tion. Instead, the connection is a connection is not closed immediately after completion of a mail transac tion. Instead, the connection is
kept open for up to $smtp_connection_cache_time_limit seconds. This allo ws connections to be reused for kept open for up to $smtp_connection_cache_time_limit seconds. This al lows connections to be reused for
other deliveries, and can improve mail delivery performance. other deliveries, and can improve mail delivery performance.
Specify a comma or white space separated list of destinations or pseudo-d estinations: Specify a comma or white space separated list of destinations or pseudo-d estinations:
· if mail is sent without a relay host: a domain name (the right-han d side of an email address, with- · if mail is sent without a relay host: a domain name (the right-han d side of an email address, with-
out the [] around a numeric IP address), out the [] around a numeric IP address),
· if mail is sent via a relay host: a relay host name (without [] or non-default TCP port), as speci- · if mail is sent via a relay host: a relay host name (without [] or non-default TCP port), as speci-
fied in main.cf or in the transport map, fied in main.cf or in the transport map,
· if mail is sent via a UNIX-domain socket: a pathname (without the unix: prefix), · if mail is sent via a UNIX-domain socket: a pathname (without the unix: prefix),
· a /file/name with domain names and/or relay host names as defined above, · a /file/name with domain names and/or relay host names as defined above,
· a "type:table" with domain names and/or relay host names on th e left-hand side. The right-hand · a "type:table" with domain names and/or relay host names on the l eft-hand side. The right-hand
side result from "type:table" lookups is ignored. side result from "type:table" lookups is ignored.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_connection_cache_on_demand (default: yes) smtp_connection_cache_on_demand (default: yes)
Temporarily enable SMTP connection caching while a destination has a high Temporarily enable SMTP connection caching while a destination has a
volume of mail in the active high volume of mail in the active
queue. With SMTP connection caching, a connection is not closed immed queue. With SMTP connection caching, a connection is not closed immediat
iately after completion of a mail ely after completion of a mail
transaction. Instead, the connection is kept open for up to $smtp_conn transaction. Instead, the connection is kept open for up to $smtp_con
ection_cache_time_limit seconds. nection_cache_time_limit seconds.
This allows connections to be reused for other deliveries, and can improv e mail delivery performance. This allows connections to be reused for other deliveries, and can improv e mail delivery performance.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_connection_cache_time_limit (default: 2s) smtp_connection_cache_time_limit (default: 2s)
When SMTP connection caching is enabled, the amount of time that an unuse d SMTP client socket is kept open When SMTP connection caching is enabled, the amount of time that an unuse d SMTP client socket is kept open
before it is closed. Do not specify larger values without permission fro m the remote sites. before it is closed. Do not specify larger values without permission fro m the remote sites.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_connection_reuse_count_limit (default: 0) smtp_connection_reuse_count_limit (default: 0)
When SMTP connection caching is enabled, the number of times that an SMTP session may be reused before it When SMTP connection caching is enabled, the number of times that an SMT P session may be reused before it
is closed, or zero (no limit). With a reuse count limit of N, a connecti on is used up to N+1 times. is closed, or zero (no limit). With a reuse count limit of N, a connecti on is used up to N+1 times.
NOTE: This feature is unsafe. When a high-volume destination has multip NOTE: This feature is unsafe. When a high-volume destination has multiple
le inbound MTAs, then the slowest inbound MTAs, then the slowest
inbound MTA will attract the most connections to that destination. This inbound MTA will attract the most connections to that destination. Th
limitation does not exist with is limitation does not exist with
the smtp_connection_reuse_time_limit feature. the smtp_connection_reuse_time_limit feature.
This feature is available in Postfix 2.11. This feature is available in Postfix 2.11.
smtp_connection_reuse_time_limit (default: 300s) smtp_connection_reuse_time_limit (default: 300s)
The amount of time during which Postfix will use an SMTP connection repea tedly. The timer starts when the The amount of time during which Postfix will use an SMTP connection repea tedly. The timer starts when the
connection is initiated (i.e. it includes the connect, greeting and helo latency, in addition to the connection is initiated (i.e. it includes the connect, greeting and helo latency, in addition to the
latencies of subsequent mail delivery transactions). latencies of subsequent mail delivery transactions).
This feature addresses a performance stability problem with remote SMTP servers. This problem is not spe- This feature addresses a performance stability problem with remote SMTP s ervers. This problem is not spe-
cific to Postfix: it can happen when any MTA sends large amounts of SMTP email to a site that has multiple cific to Postfix: it can happen when any MTA sends large amounts of SMTP email to a site that has multiple
MX hosts. MX hosts.
The problem starts when one of a set of MX hosts becomes slower than th The problem starts when one of a set of MX hosts becomes slower than the
e rest. Even though SMTP clients rest. Even though SMTP clients
connect to fast and slow MX hosts with equal probability, the slow MX hos connect to fast and slow MX hosts with equal probability, the slow MX ho
t ends up with more simultaneous st ends up with more simultaneous
inbound connections than the faster MX hosts, because the slow MX h inbound connections than the faster MX hosts, because the slow MX host n
ost needs more time to serve each eeds more time to serve each
client request. client request.
The slow MX host becomes a connection attractor. If one MX host becomes The slow MX host becomes a connection attractor. If one MX host becomes
N times slower than the rest, it N times slower than the rest, it
dominates mail delivery latency unless there are more than N fast MX ho dominates mail delivery latency unless there are more than N fast MX host
sts to counter the effect. And if s to counter the effect. And if
the number of MX hosts is smaller than N, the mail delivery latency becom the number of MX hosts is smaller than N, the mail delivery latency beco
es effectively that of the slow- mes effectively that of the slow-
est MX host divided by the total number of MX hosts. est MX host divided by the total number of MX hosts.
The solution uses connection caching in a way that differs from Post The solution uses connection caching in a way that differs from Postfix
fix version 2.2. By limiting the version 2.2. By limiting the
amount of time during which a connection can be used repeatedly (instead amount of time during which a connection can be used repeatedly (instead
of limiting the number of deliv- of limiting the number of deliv-
eries over that connection), Postfix not only restores fairness in the eries over that connection), Postfix not only restores fairness in the di
distribution of simultaneous con- stribution of simultaneous con-
nections across a set of MX hosts, it also favors deliveries over connect nections across a set of MX hosts, it also favors deliveries over connec
ions that perform well, which is tions that perform well, which is
exactly what we want. exactly what we want.
The default reuse time limit, 300s, is comparable to the various smtp tr ansaction timeouts which are fair The default reuse time limit, 300s, is comparable to the various smtp tra nsaction timeouts which are fair
estimates of maximum excess latency for a slow delivery. Note that hosts may accept thousands of messages estimates of maximum excess latency for a slow delivery. Note that hosts may accept thousands of messages
over a single connection within the default connection reuse time limit over a single connection within the default connection reuse time limit.
. This number is much larger than This number is much larger than
the default Postfix version 2.2 limit of 10 messages per cached connectio the default Postfix version 2.2 limit of 10 messages per cached conn
n. It may prove necessary to ection. It may prove necessary to
lower the limit to avoid interoperability issues with MTAs that exhibit b ugs when many messages are deliv- lower the limit to avoid interoperability issues with MTAs that exhibit b ugs when many messages are deliv-
ered via a single connection. A lower reuse time limit risks losing the benefit of connection reuse when ered via a single connection. A lower reuse time limit risks losing the benefit of connection reuse when
the average connection and mail delivery latency exceeds the reuse time l imit. the average connection and mail delivery latency exceeds the reuse time l imit.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
smtp_data_done_timeout (default: 600s) smtp_data_done_timeout (default: 600s)
The Postfix SMTP client time limit for sending the SMTP ".", and for receiving the remote SMTP server The Postfix SMTP client time limit for sending the SMTP ".", and for rec eiving the remote SMTP server
response. response.
When no response is received within the deadline, a warning is logged tha t the mail may be delivered mul- When no response is received within the deadline, a warning is logged th at the mail may be delivered mul-
tiple times. tiple times.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
smtp_data_init_timeout (default: 120s) smtp_data_init_timeout (default: 120s)
The Postfix SMTP client time limit for sending the SMTP DATA command, and for receiving the remote SMTP The Postfix SMTP client time limit for sending the SMTP DATA command, and for receiving the remote SMTP
server response. server response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
smtp_data_xfer_timeout (default: 180s) smtp_data_xfer_timeout (default: 180s)
The Postfix SMTP client time limit for sending the SMTP message content. When the connection makes no The Postfix SMTP client time limit for sending the SMTP message conte nt. When the connection makes no
progress for more than $smtp_data_xfer_timeout seconds the Postfix SMTP c lient terminates the transfer. progress for more than $smtp_data_xfer_timeout seconds the Postfix SMTP c lient terminates the transfer.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
smtp_defer_if_no_mx_address_found (default: no) smtp_defer_if_no_mx_address_found (default: no)
Defer mail delivery when no MX record resolves to an IP address. Defer mail delivery when no MX record resolves to an IP address.
The default (no) is to return the mail as undeliverable. With older Postf ix versions the default was to The default (no) is to return the mail as undeliverable. With older Po stfix versions the default was to
keep trying to deliver the mail until someone fixed the MX record or unti l the mail was too old. keep trying to deliver the mail until someone fixed the MX record or unti l the mail was too old.
Note: the Postfix SMTP client always ignores MX records with equal or wo rse preference than the local MTA Note: the Postfix SMTP client always ignores MX records with equal or wor se preference than the local MTA
itself. itself.
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
smtp_delivery_status_filter (default: $default_delivery_status_filter) smtp_delivery_status_filter (default: $default_delivery_status_filter)
Optional filter for the smtp(8) delivery agent to change the delivery sta tus code or explanatory text of Optional filter for the smtp(8) delivery agent to change the delivery s tatus code or explanatory text of
successful or unsuccessful deliveries. See default_delivery_status_filte r for details. successful or unsuccessful deliveries. See default_delivery_status_filte r for details.
NOTE: This feature modifies Postfix SMTP client error or non-error messag es that may or may not be derived NOTE: This feature modifies Postfix SMTP client error or non-error messag es that may or may not be derived
from remote SMTP server responses. In contrast, the smtp_reply_filter fe ature modifies remote SMTP server from remote SMTP server responses. In contrast, the smtp_reply_filter fe ature modifies remote SMTP server
responses only. responses only.
smtp_destination_concurrency_limit (default: $default_destination_concurrency_li mit) smtp_destination_concurrency_limit (default: $default_destination_concurrency_li mit)
The maximal number of parallel deliveries to the same destination via the smtp message delivery transport. The maximal number of parallel deliveries to the same destination via the smtp message delivery transport.
This limit is enforced by the queue manager. The message delivery transpo rt name is the first field in the This limit is enforced by the queue manager. The message delivery transpo rt name is the first field in the
entry in the master.cf file. entry in the master.cf file.
smtp_destination_recipient_limit (default: $default_destination_recipient_limit) smtp_destination_recipient_limit (default: $default_destination_recipient_limit)
The maximal number of recipients per message for the smtp message The maximal number of recipients per message for the smtp message deli
delivery transport. This limit is very transport. This limit is
enforced by the queue manager. The message delivery transport name is the enforced by the queue manager. The message delivery transport name is th
first field in the entry in the e first field in the entry in the
master.cf file. master.cf file.
Setting this parameter to a value of 1 changes the meaning of smtp_destin ation_concurrency_limit from con- Setting this parameter to a value of 1 changes the meaning of smtp_destin ation_concurrency_limit from con-
currency per domain into concurrency per recipient. currency per domain into concurrency per recipient.
smtp_discard_ehlo_keyword_address_maps (default: empty) smtp_discard_ehlo_keyword_address_maps (default: empty)
Lookup tables, indexed by the remote SMTP server address, with case insen Lookup tables, indexed by the remote SMTP server address, with case i
sitive lists of EHLO keywords nsensitive lists of EHLO keywords
(pipelining, starttls, auth, etc.) that the Postfix SMTP client will i (pipelining, starttls, auth, etc.) that the Postfix SMTP client will igno
gnore in the EHLO response from a re in the EHLO response from a
remote SMTP server. See smtp_discard_ehlo_keywords for details. The table remote SMTP server. See smtp_discard_ehlo_keywords for details. The tab
is not indexed by hostname for le is not indexed by hostname for
consistency with smtpd_discard_ehlo_keyword_address_maps. consistency with smtpd_discard_ehlo_keyword_address_maps.
Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_discard_ehlo_keywords (default: empty) smtp_discard_ehlo_keywords (default: empty)
A case insensitive list of EHLO keywords (pipelining, starttls, auth, etc .) that the Postfix SMTP client A case insensitive list of EHLO keywords (pipelining, starttls, auth, e tc.) that the Postfix SMTP client
will ignore in the EHLO response from a remote SMTP server. will ignore in the EHLO response from a remote SMTP server.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
Notes: Notes:
· Specify the silent-discard pseudo keyword to prevent this action f rom being logged. · Specify the silent-discard pseudo keyword to prevent this action f rom being logged.
· Use the smtp_discard_ehlo_keyword_address_maps feature to discard EHLO keywords selectively. · Use the smtp_discard_ehlo_keyword_address_maps feature to discard EHLO keywords selectively.
smtp_dns_reply_filter (default: empty) smtp_dns_reply_filter (default: empty)
Optional filter for Postfix SMTP client DNS lookup results. Specify Optional filter for Postfix SMTP client DNS lookup results. Specify zero
zero or more lookup tables. The or more lookup tables. The
lookup tables are searched in the given order for a match with the DNS lo lookup tables are searched in the given order for a match with the DN
okup result, converted to the S lookup result, converted to the
following form: following form:
name ttl class type preference value name ttl class type preference value
The class field is always "IN", the preference field exists only fo r MX records, the names of hosts, The class field is always "IN", the preference field exists only for MX records, the names of hosts,
domains, etc. end in ".", and those names are in ASCII form (xn--mumble form in the case of UTF8 names). domains, etc. end in ".", and those names are in ASCII form (xn--mumble form in the case of UTF8 names).
When a match is found, the table lookup result specifies an action. By d efault, the table query and the When a match is found, the table lookup result specifies an action. By default, the table query and the
action name are case-insensitive. Currently, only the IGNORE action is i mplemented. action name are case-insensitive. Currently, only the IGNORE action is i mplemented.
Notes: Notes:
· Postfix DNS reply filters have no effect on implicit DNS lookups through nsswitch.conf or equiva- · Postfix DNS reply filters have no effect on implicit DNS lookups t hrough nsswitch.conf or equiva-
lent mechanisms. lent mechanisms.
· The Postfix SMTP/LMTP client uses smtp_dns_reply_filter and lmtp_d · The Postfix SMTP/LMTP client uses smtp_dns_reply_filter and lmtp_
ns_reply_filter only to discover dns_reply_filter only to discover
a remote SMTP or LMTP service (record types MX, A, AAAAA, and TL a remote SMTP or LMTP service (record types MX, A, AAAAA, and TLSA
SA). These lookups are also made ). These lookups are also made
to implement the features reject_unverified_sender and reject_unve rified_recipient. to implement the features reject_unverified_sender and reject_unve rified_recipient.
· The Postfix SMTP/LMTP client defers mail delivery when a filter re moves all lookup results from a · The Postfix SMTP/LMTP client defers mail delivery when a filter removes all lookup results from a
successful query. successful query.
· Postfix SMTP server uses smtpd_dns_reply_filter only to look up · Postfix SMTP server uses smtpd_dns_reply_filter only to look up MX
MX, A, AAAAA, and TXT records to , A, AAAAA, and TXT records to
implement the features reject_unknown_helo_hostname, implement the features reject_unknown_helo_hostname,
reject_unknown_sender_domain, reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_rbl_*, and reject_rhsbl_*. reject_unknown_recipient_domain, reject_rbl_*, and reject_rhsbl_*.
· The Postfix SMTP server logs a warning or defers mail delivery when a filter removes all lookup · The Postfix SMTP server logs a warning or defers mail delivery whe n a filter removes all lookup
results from a successful query. results from a successful query.
Example: ignore Google AAAA records in Postfix SMTP client DNS loo kups, because Google sometimes Example: ignore Google AAAA records in Postfix SMTP client DNS lookups, because Google sometimes
hard-rejects mail from IPv6 clients with valid PTR etc. records. hard-rejects mail from IPv6 clients with valid PTR etc. records.
/etc/postfix/main.cf: /etc/postfix/main.cf:
smtp_dns_reply_filter = pcre:/etc/postfix/smtp_dns_reply_filter smtp_dns_reply_filter = pcre:/etc/postfix/smtp_dns_reply_filter
/etc/postfix/smtp_dns_reply_filter: /etc/postfix/smtp_dns_reply_filter:
# /domain ttl IN AAAA address/ action, all case-insensitive. # /domain ttl IN AAAA address/ action, all case-insensitive.
# Note: the domain name ends in ".". # Note: the domain name ends in ".".
/^\S+\.google\.com\.\s+\S+\s+\S+\s+AAAA\s+/ IGNORE /^\S+\.google\.com\.\s+\S+\s+\S+\s+AAAA\s+/ IGNORE
This feature is available in Postfix 3.0 and later. This feature is available in Postfix 3.0 and later.
smtp_dns_resolver_options (default: empty) smtp_dns_resolver_options (default: empty)
DNS Resolver options for the Postfix SMTP client. Specify zero or mor DNS Resolver options for the Postfix SMTP client. Specify zero or more o
e of the following options, sepa- f the following options, sepa-
rated by comma or whitespace. Option names are case-sensitive. Some opti rated by comma or whitespace. Option names are case-sensitive. Some o
ons refer to domain names that ptions refer to domain names that
are specified in the file /etc/resolv.conf or equivalent. are specified in the file /etc/resolv.conf or equivalent.
res_defnames res_defnames
Append the current domain name to single-component names (those that do not contain a "." charac- Append the current domain name to single-component names (those th at do not contain a "." charac-
ter). This can produce incorrect results, and is the hard-coded be havior prior to Postfix 2.8. ter). This can produce incorrect results, and is the hard-coded be havior prior to Postfix 2.8.
res_dnsrch res_dnsrch
Search for host names in the current domain and in parent domain s. This can produce incorrect Search for host names in the current domain and in parent do mains. This can produce incorrect
results and is therefore not recommended. results and is therefore not recommended.
This feature is available in Postfix 2.8 and later. This feature is available in Postfix 2.8 and later.
smtp_dns_support_level (default: empty) smtp_dns_support_level (default: empty)
Level of DNS support in the Postfix SMTP client. With "smtp_dns_support Level of DNS support in the Postfix SMTP client. With "smtp_dns_support_
_level" left at its empty default level" left at its empty default
value, the legacy "disable_dns_lookups" parameter controls whether DNS is value, the legacy "disable_dns_lookups" parameter controls whether D
enabled in the Postfix SMTP NS is enabled in the Postfix SMTP
client, otherwise the legacy parameter is ignored. client, otherwise the legacy parameter is ignored.
Specify one of the following: Specify one of the following:
disabled disabled
Disable DNS lookups. No MX lookups are performed and hostname to address lookups are uncondition- Disable DNS lookups. No MX lookups are performed and hostname to address lookups are uncondition-
ally "native". This setting is not appropriate for hosts that del iver mail to the public Internet. ally "native". This setting is not appropriate for hosts that del iver mail to the public Internet.
Some obsolete how-to documents recommend disabling DNS lookups in some configurations with con- Some obsolete how-to documents recommend disabling DNS lookups in some configurations with con-
tent_filters. This is no longer required and strongly discouraged . tent_filters. This is no longer required and strongly discouraged .
enabled enabled
Enable DNS lookups. Nexthop destination domains not enclosed in "[]" will be subject to MX Enable DNS lookups. Nexthop destination domains not enclos ed in "[]" will be subject to MX
lookups. If "dns" and "native" are included in the "smtp_host_loo kup" parameter value, DNS will be lookups. If "dns" and "native" are included in the "smtp_host_loo kup" parameter value, DNS will be
queried first to resolve MX-host A records, followed by "native" l ookups if no answer is found in queried first to resolve MX-host A records, followed by "native" lookups if no answer is found in
DNS. DNS.
dnssec Enable DNSSEC lookups. The "dnssec" setting differs from the "e nabled" setting above in the fol- dnssec Enable DNSSEC lookups. The "dnssec" setting differs from the "ena bled" setting above in the fol-
lowing ways: lowing ways:
· Any MX lookups will set RES_USE_DNSSEC and RES_USE_EDNS0 to reques t DNSSEC-validated responses. If · Any MX lookups will set RES_USE_DNSSEC and RES_USE_EDNS0 to reque st DNSSEC-validated responses. If
the MX response is DNSSEC-validated the corresponding hostnames ar e considered validated. the MX response is DNSSEC-validated the corresponding hostnames ar e considered validated.
· The address lookups of validated hostnames are also validated, (provided of course · The address lookups of validated hostnames are also val idated, (provided of course
"smtp_host_lookup" includes "dns", see below). "smtp_host_lookup" includes "dns", see below).
· Temporary failures in DNSSEC-enabled hostname-to-address resolutio n block any "native" lookups. · Temporary failures in DNSSEC-enabled hostname-to-address resol ution block any "native" lookups.
Additional "native" lookups only happen when DNSSEC lookups hard-f ail (NODATA or NXDOMAIN). Additional "native" lookups only happen when DNSSEC lookups hard-f ail (NODATA or NXDOMAIN).
The Postfix SMTP client considers non-MX "[nexthop]" and "[nexthop]:port" destinations equivalent to stat- The Postfix SMTP client considers non-MX "[nexthop]" and "[nexthop]:port" destinations equivalent to stat-
ically-validated MX records of the form "nexthop. IN MX 0 nexthop." Th ically-validated MX records of the form "nexthop. IN MX 0 nexthop."
erefore, with "dnssec" support Therefore, with "dnssec" support
turned on, validated hostname-to-address lookups apply to the nexthop do turned on, validated hostname-to-address lookups apply to the nexthop dom
main of any "[nexthop]" or "[nex- ain of any "[nexthop]" or "[nex-
thop]:port" destination. This is also true for LMTP "inet:host" and "i thop]:port" destination. This is also true for LMTP "inet:host" and
net:host:port" destinations, as "inet:host:port" destinations, as
LMTP hostnames are never subject to MX lookups. LMTP hostnames are never subject to MX lookups.
The "dnssec" setting is recommended only if you plan to use the dane or d ane-only TLS security level, oth- The "dnssec" setting is recommended only if you plan to use the dane or d ane-only TLS security level, oth-
erwise enabling DNSSEC support in Postfix offers no additional security. Postfix DNSSEC support relies on erwise enabling DNSSEC support in Postfix offers no additional security. Postfix DNSSEC support relies on
an upstream recursive nameserver that validates DNSSEC signatures. Suc h a DNS server will always filter an upstream recursive nameserver that validates DNSSEC signatures. Such a DNS server will always filter
out forged DNS responses, even when Postfix itself is not configured to u se DNSSEC. out forged DNS responses, even when Postfix itself is not configured to u se DNSSEC.
When using Postfix DANE support the "smtp_host_lookup" parameter should i nclude "dns", as DANE is not When using Postfix DANE support the "smtp_host_lookup" parameter sho uld include "dns", as DANE is not
applicable to hosts resolved via "native" lookups. applicable to hosts resolved via "native" lookups.
As mentioned above, Postfix is not a validating stub resolver; it As mentioned above, Postfix is not a validating stub resolver; it reli
relies on the system's configured es on the system's configured
DNSSEC-validating recursive nameserver to perform all DNSSEC valida DNSSEC-validating recursive nameserver to perform all DNSSEC valid
tion. Since this nameserver's ation. Since this nameserver's
DNSSEC-validated responses will be fully trusted, it is strongly rec DNSSEC-validated responses will be fully trusted, it is strongly recommen
ommended that the MTA host have a ded that the MTA host have a
local DNSSEC-validating recursive caching nameserver listening on a loopb ack address, and be configured to local DNSSEC-validating recursive caching nameserver listening on a loopb ack address, and be configured to
use only this nameserver for all lookups. Otherwise, Postfix may re main subject to man-in-the-middle use only this nameserver for all lookups. Otherwise, Postfix may remai n subject to man-in-the-middle
attacks that forge responses from the recursive nameserver attacks that forge responses from the recursive nameserver
DNSSEC support requires a version of Postfix compiled against a reasonabl y-modern DNS resolver(3) library DNSSEC support requires a version of Postfix compiled against a reasonab ly-modern DNS resolver(3) library
that implements the RES_USE_DNSSEC and RES_USE_EDNS0 resolver options. that implements the RES_USE_DNSSEC and RES_USE_EDNS0 resolver options.
This feature is available in Postfix 2.11 and later. This feature is available in Postfix 2.11 and later.
smtp_enforce_tls (default: no) smtp_enforce_tls (default: no)
Enforcement mode: require that remote SMTP servers use TLS encryption, Enforcement mode: require that remote SMTP servers use TLS encryption, an
and never send mail in the clear. d never send mail in the clear.
This also requires that the remote SMTP server hostname matches the infor This also requires that the remote SMTP server hostname matches the info
mation in the remote server cer- rmation in the remote server cer-
tificate, and that the remote SMTP server certificate was issued by a tificate, and that the remote SMTP server certificate was issued by a CA
CA that is trusted by the Postfix that is trusted by the Postfix
SMTP client. If the certificate doesn't verify or the hostname doesn't ma SMTP client. If the certificate doesn't verify or the hostname doesn'
tch, delivery is deferred and t match, delivery is deferred and
mail stays in the queue. mail stays in the queue.
The server hostname is matched against all names provided as dNSNames i The server hostname is matched against all names provided as dNSNames in
n the SubjectAlternativeName. If the SubjectAlternativeName. If
no dNSNames are specified, the CommonName is checked. The behav no dNSNames are specified, the CommonName is checked. The beha
ior may be changed with the vior may be changed with the
smtp_tls_enforce_peername option. smtp_tls_enforce_peername option.
This option is useful only if you are definitely sure that you will onl This option is useful only if you are definitely sure that you will only
y connect to servers that support connect to servers that support
RFC 2487 _and_ that provide valid server certificates. Typical use is fo RFC 2487 _and_ that provide valid server certificates. Typical use i
r clients that send all their s for clients that send all their
email to a dedicated mailhub. email to a dedicated mailhub.
This feature is available in Postfix 2.2 and later. With Postfix 2.3 and later use smtp_tls_security_level This feature is available in Postfix 2.2 and later. With Postfix 2.3 and later use smtp_tls_security_level
instead. instead.
smtp_fallback_relay (default: $fallback_relay) smtp_fallback_relay (default: $fallback_relay)
Optional list of relay hosts for SMTP destinations that can't be found or that are unreachable. With Post- Optional list of relay hosts for SMTP destinations that can't be found or that are unreachable. With Post-
fix 2.2 and earlier this parameter is called fallback_relay. fix 2.2 and earlier this parameter is called fallback_relay.
By default, mail is returned to the sender when a destination is not fou nd, and delivery is deferred when By default, mail is returned to the sender when a destination is not foun d, and delivery is deferred when
a destination is unreachable. a destination is unreachable.
With bulk email deliveries, it can be beneficial to run the fallback rela With bulk email deliveries, it can be beneficial to run the fallback re
y MTA on the same host, so that lay MTA on the same host, so that
it can reuse the sender IP address. This speeds up deliveries that a it can reuse the sender IP address. This speeds up deliveries that are
re delayed by IP-based reputation delayed by IP-based reputation
systems (greylist, etc.). systems (greylist, etc.).
The fallback relays must be SMTP destinations. Specify a domain, host, ho st:port, [host]:port, [address] The fallback relays must be SMTP destinations. Specify a domain, host, host:port, [host]:port, [address]
or [address]:port; the form [host] turns off MX lookups. If you specify multiple SMTP destinations, Post- or [address]:port; the form [host] turns off MX lookups. If you specify multiple SMTP destinations, Post-
fix will try them in the specified order. fix will try them in the specified order.
To prevent mailer loops between MX hosts and fall-back hosts, Postfix ver sion 2.2 and later will not use To prevent mailer loops between MX hosts and fall-back hosts, Postfix v ersion 2.2 and later will not use
the fallback relays for destinations that it is MX host for (assuming DNS lookup is turned on). the fallback relays for destinations that it is MX host for (assuming DNS lookup is turned on).
smtp_generic_maps (default: empty) smtp_generic_maps (default: empty)
Optional lookup tables that perform address rewriting in the Postfix SMTP client, typically to transform a Optional lookup tables that perform address rewriting in the Postfix SMTP client, typically to transform a
locally valid address into a globally valid address when sending mail acr oss the Internet. This is needed locally valid address into a globally valid address when sending mail acr oss the Internet. This is needed
when the local machine does not have its own Internet domain name, but uses something like localdo- when the local machine does not have its own Internet domain name, but uses something like localdo-
main.local instead. main.local instead.
Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
The table format and lookups are documented in generic(5); examples are shown in the ADDRESS_REWRIT- The table format and lookups are documented in generic(5); examples are shown in the ADDRESS_REWRIT-
ING_README and STANDARD_CONFIGURATION_README documents. ING_README and STANDARD_CONFIGURATION_README documents.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_header_checks (default: empty) smtp_header_checks (default: empty)
Restricted header_checks(5) tables for the Postfix SMTP client. These ta bles are searched while mail is Restricted header_checks(5) tables for the Postfix SMTP client. These tables are searched while mail is
being delivered. Actions that change the delivery time or destination ar e not available. being delivered. Actions that change the delivery time or destination ar e not available.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
smtp_helo_name (default: $myhostname) smtp_helo_name (default: $myhostname)
The hostname to send in the SMTP HELO or EHLO command. The hostname to send in the SMTP HELO or EHLO command.
The default value is the machine hostname. Specify a hostname or [ip.add .re.ss]. The default value is the machine hostname. Specify a hostname or [ip.add .re.ss].
This information can be specified in the main.cf file for all SMTP clien ts, or it can be specified in the This information can be specified in the main.cf file for all SMTP client s, or it can be specified in the
master.cf file for a specific client, for example: master.cf file for a specific client, for example:
/etc/postfix/master.cf: /etc/postfix/master.cf:
mysmtp ... smtp -o smtp_helo_name=foo.bar.com mysmtp ... smtp -o smtp_helo_name=foo.bar.com
This feature is available in Postfix 2.0 and later. This feature is available in Postfix 2.0 and later.
smtp_helo_timeout (default: 300s) smtp_helo_timeout (default: 300s)
The Postfix SMTP client time limit for sending the HELO or EHLO command, and for receiving the initial The Postfix SMTP client time limit for sending the HELO or EHLO comma nd, and for receiving the initial
remote SMTP server response. remote SMTP server response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec-
onds). onds).
smtp_host_lookup (default: dns) smtp_host_lookup (default: dns)
What mechanisms the Postfix SMTP client uses to look up a host's IP addre What mechanisms the Postfix SMTP client uses to look up a host's IP ad
ss. This parameter is ignored dress. This parameter is ignored
when DNS lookups are disabled (see: disable_dns_lookups and smtp_dns_sup when DNS lookups are disabled (see: disable_dns_lookups and smtp_dns_supp
port_level). The "dns" mechanism ort_level). The "dns" mechanism
is always tried before "native" if both are listed. is always tried before "native" if both are listed.
Specify one of the following: Specify one of the following:
dns Hosts can be found in the DNS (preferred). dns Hosts can be found in the DNS (preferred).
native Use the native naming service only (nsswitch.conf, or equivalent m echanism). native Use the native naming service only (nsswitch.conf, or equivalent m echanism).
dns, native dns, native
Use the native service for hosts not found in the DNS. Use the native service for hosts not found in the DNS.
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
smtp_line_length_limit (default: 998) smtp_line_length_limit (default: 998)
The maximal length of message header and body lines that Postfix will sen The maximal length of message header and body lines that Postfix will s
d via SMTP. This limit does not end via SMTP. This limit does not
include the <CR><LF> at the end of each line. Longer lines are broken b include the <CR><LF> at the end of each line. Longer lines are broken by
y inserting "<CR><LF><SPACE>", to inserting "<CR><LF><SPACE>", to
minimize the damage to MIME formatted mail. minimize the damage to MIME formatted mail.
The Postfix limit of 998 characters not including <CR><LF> is consistent with the SMTP limit of 1000 char- The Postfix limit of 998 characters not including <CR><LF> is consistent with the SMTP limit of 1000 char-
acters including <CR><LF>. The Postfix limit was 990 with Postfix 2.8 an d earlier. acters including <CR><LF>. The Postfix limit was 990 with Postfix 2.8 an d earlier.
smtp_mail_timeout (default: 300s) smtp_mail_timeout (default: 300s)
The Postfix SMTP client time limit for sending the MAIL FROM command, and for receiving the remote SMTP The Postfix SMTP client time limit for sending the MAIL FROM command, and for receiving the remote SMTP
server response. server response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
smtp_mime_header_checks (default: empty) smtp_mime_header_checks (default: empty)
Restricted mime_header_checks(5) tables for the Postfix SMTP client. The se tables are searched while mail Restricted mime_header_checks(5) tables for the Postfix SMTP client. Thes e tables are searched while mail
is being delivered. Actions that change the delivery time or destination are not available. is being delivered. Actions that change the delivery time or destination are not available.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
smtp_mx_address_limit (default: 5) smtp_mx_address_limit (default: 5)
The maximal number of MX (mail exchanger) IP addresses that can result from Postfix SMTP client mail The maximal number of MX (mail exchanger) IP addresses that can res ult from Postfix SMTP client mail
exchanger lookups, or zero (no limit). Prior to Postfix version 2.3, this limit was disabled by default. exchanger lookups, or zero (no limit). Prior to Postfix version 2.3, this limit was disabled by default.
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
smtp_mx_session_limit (default: 2) smtp_mx_session_limit (default: 2)
The maximal number of SMTP sessions per delivery request before the Postf ix SMTP client gives up or deliv- The maximal number of SMTP sessions per delivery request before the Postf ix SMTP client gives up or deliv-
ers to a fall-back relay host, or zero (no limit). This restriction ignor es sessions that fail to complete ers to a fall-back relay host, or zero (no limit). This restriction ignor es sessions that fail to complete
the SMTP initial handshake (Postfix version 2.2 and earlier) or that fail to complete the EHLO and TLS the SMTP initial handshake (Postfix version 2.2 and earlier) or that fail to complete the EHLO and TLS
handshake (Postfix version 2.3 and later). handshake (Postfix version 2.3 and later).
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
smtp_nested_header_checks (default: empty) smtp_nested_header_checks (default: empty)
Restricted nested_header_checks(5) tables for the Postfix SMTP client. Th ese tables are searched while Restricted nested_header_checks(5) tables for the Postfix SMTP client . These tables are searched while
mail is being delivered. Actions that change the delivery time or destin ation are not available. mail is being delivered. Actions that change the delivery time or destin ation are not available.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
smtp_never_send_ehlo (default: no) smtp_never_send_ehlo (default: no)
Never send EHLO at the start of an SMTP session. See also the smtp_always _send_ehlo parameter. Never send EHLO at the start of an SMTP session. See also the smtp_always _send_ehlo parameter.
smtp_per_record_deadline (default: no) smtp_per_record_deadline (default: no)
Change the behavior of the smtp_*_timeout time limits, from a time limit per read or write system call, to Change the behavior of the smtp_*_timeout time limits, from a time limit per read or write system call, to
a time limit to send or receive a complete record (an SMTP command line, a time limit to send or receive a complete record (an SMTP command line,
SMTP response line, SMTP message SMTP response line, SMTP message
content line, or TLS protocol message). This limits the impact from ho content line, or TLS protocol message). This limits the impact from host
stile peers that trickle data one ile peers that trickle data one
byte at a time. byte at a time.
Note: when per-record deadlines are enabled, a short timeout may cause pr Note: when per-record deadlines are enabled, a short timeout may cause
oblems with TLS over very slow problems with TLS over very slow
network connections. The reasons are that a TLS protocol message network connections. The reasons are that a TLS protocol message can be
can be up to 16 kbytes long (with up to 16 kbytes long (with
TLSv1), and that an entire TLS protocol message must be sent or received within the per-record deadline. TLSv1), and that an entire TLS protocol message must be sent or received within the per-record deadline.
This feature is available in Postfix 2.9 and later. With older Postfix re leases, the behavior is as if This feature is available in Postfix 2.9 and later. With older Postfi x releases, the behavior is as if
this parameter is set to "no". this parameter is set to "no".
smtp_pix_workaround_delay_time (default: 10s) smtp_pix_workaround_delay_time (default: 10s)
How long the Postfix SMTP client pauses before sending ".<CR><LF>" in o rder to work around the PIX fire- How long the Postfix SMTP client pauses before sending ".<CR><LF>" in ord er to work around the PIX fire-
wall "<CR><LF>.<CR><LF>" bug. wall "<CR><LF>.<CR><LF>" bug.
Choosing a too short time makes this workaround ineffective when sending large messages over slow network Choosing a too short time makes this workaround ineffective when sending large messages over slow network
connections. connections.
smtp_pix_workaround_maps (default: empty) smtp_pix_workaround_maps (default: empty)
Lookup tables, indexed by the remote SMTP server address, with per-dest Lookup tables, indexed by the remote SMTP server address, with per-destin
ination workarounds for CISCO PIX ation workarounds for CISCO PIX
firewall bugs. The table is not indexed by hostname for consiste firewall bugs. The table is not indexed by hostname for consis
ncy with smtp_discard_ehlo_key- tency with smtp_discard_ehlo_key-
word_address_maps. word_address_maps.
Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
This feature is available in Postfix 2.4 and later. This feature is available in Postfix 2.4 and later.
smtp_pix_workaround_threshold_time (default: 500s) smtp_pix_workaround_threshold_time (default: 500s)
How long a message must be queued before the Postfix SMTP clie nt turns on the PIX firewall How long a message must be queued before the Postfix SMTP clie nt turns on the PIX firewall
"<CR><LF>.<CR><LF>" bug workaround for delivery through firewalls with "s mtp fixup" mode turned on. "<CR><LF>.<CR><LF>" bug workaround for delivery through firewalls with "s mtp fixup" mode turned on.
By default, the workaround is turned off for mail that is queued fo r less than 500 seconds. In other By default, the workaround is turned off for mail that is queued for les s than 500 seconds. In other
words, the workaround is normally turned off for the first delivery attem pt. words, the workaround is normally turned off for the first delivery attem pt.
Specify 0 to enable the PIX firewall "<CR><LF>.<CR><LF>" bug workaround u pon the first delivery attempt. Specify 0 to enable the PIX firewall "<CR><LF>.<CR><LF>" bug workaround u pon the first delivery attempt.
smtp_pix_workarounds (default: disable_esmtp, delay_dotcrlf) smtp_pix_workarounds (default: disable_esmtp, delay_dotcrlf)
A list that specifies zero or more workarounds for CISCO PIX firewall bug s. These workarounds are imple- A list that specifies zero or more workarounds for CISCO PIX firewall b ugs. These workarounds are imple-
mented by the Postfix SMTP client. Workaround names are separated by comm a or space, and are case insensi- mented by the Postfix SMTP client. Workaround names are separated by comm a or space, and are case insensi-
tive. This parameter setting can be overruled with per-destination smtp_ pix_workaround_maps settings. tive. This parameter setting can be overruled with per-destination smtp_ pix_workaround_maps settings.
delay_dotcrlf delay_dotcrlf
Insert a delay before sending ".<CR><LF>" after the end of the mes Insert a delay before sending ".<CR><LF>" after the end of the me
sage content. The delay is sub- ssage content. The delay is sub-
ject to the smtp_pix_workaround_delay_time and smtp_pix_workaro ject to the smtp_pix_workaround_delay_time and smtp_pix_workaroun
und_threshold_time parameter set- d_threshold_time parameter set-
tings. tings.
disable_esmtp disable_esmtp
Disable all extended SMTP commands: send HELO instead of EHLO. Disable all extended SMTP commands: send HELO instead of EHLO.
This feature is available in Postfix 2.4 and later. The default settings are backwards compatible with This feature is available in Postfix 2.4 and later. The default setti ngs are backwards compatible with
earlier Postfix versions. earlier Postfix versions.
smtp_quit_timeout (default: 300s) smtp_quit_timeout (default: 300s)
The Postfix SMTP client time limit for sending the QUIT command, and for receiving the remote SMTP server The Postfix SMTP client time limit for sending the QUIT command, and for receiving the remote SMTP server
response. response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
smtp_quote_rfc821_envelope (default: yes) smtp_quote_rfc821_envelope (default: yes)
Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO comma nds as required by RFC 5321. This Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands a s required by RFC 5321. This
includes putting quotes around an address localpart that ends in ".". includes putting quotes around an address localpart that ends in ".".
The default is to comply with RFC 5321. If you have to send mail to a bro ken SMTP server, configure a spe- The default is to comply with RFC 5321. If you have to send mail to a bro ken SMTP server, configure a spe-
cial SMTP client in master.cf: cial SMTP client in master.cf:
/etc/postfix/master.cf: /etc/postfix/master.cf:
broken-smtp . . . smtp -o smtp_quote_rfc821_envelope=no broken-smtp . . . smtp -o smtp_quote_rfc821_envelope=no
and route mail for the destination in question to the "broken-smtp" mes sage delivery with a transport(5) and route mail for the destination in question to the "broken-smtp" messa ge delivery with a transport(5)
table. table.
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
smtp_randomize_addresses (default: yes) smtp_randomize_addresses (default: yes)
Randomize the order of equal-preference MX host addresses. This is a per formance feature of the Postfix Randomize the order of equal-preference MX host addresses. This is a p erformance feature of the Postfix
SMTP client. SMTP client.
smtp_rcpt_timeout (default: 300s) smtp_rcpt_timeout (default: 300s)
The Postfix SMTP client time limit for sending the SMTP RCPT TO command, and for receiving the remote SMTP The Postfix SMTP client time limit for sending the SMTP RCPT TO command, and for receiving the remote SMTP
server response. server response.
Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). Th e default time unit is s (sec- Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (sec-
onds). onds).
smtp_reply_filter (default: empty) smtp_reply_filter (default: empty)
A mechanism to transform replies from remote SMTP servers one line at a A mechanism to transform replies from remote SMTP servers one line at a t
time. This is a last-resort tool ime. This is a last-resort tool
to work around server replies that break interoperability with the Pos to work around server replies that break interoperability with the
tfix SMTP client. Other uses Postfix SMTP client. Other uses
involve fault injection to test Postfix's handling of invalid responses. involve fault injection to test Postfix's handling of invalid responses.
Notes: Notes:
· In the case of a multi-line reply, the Postfix SMTP client uses the final reply line's numerical · In the case of a multi-line reply, the Postfix SMTP client uses th e final reply line's numerical
SMTP reply code and enhanced status code. SMTP reply code and enhanced status code.
· The numerical SMTP reply code (XYZ) takes precedence over the enha · The numerical SMTP reply code (XYZ) takes precedence over the en
nced status code (X.Y.Z). When hanced status code (X.Y.Z). When
the enhanced status code initial digit differs from the SMTP rep the enhanced status code initial digit differs from the SMTP reply
ly code initial digit, or when no code initial digit, or when no
enhanced status code is present, the Postfix SMTP client uses a enhanced status code is present, the Postfix SMTP client us
generic enhanced status code es a generic enhanced status code
(X.0.0) instead. (X.0.0) instead.
Specify the name of a "type:table" lookup table. The search string is a s ingle SMTP reply line as received Specify the name of a "type:table" lookup table. The search string is a s ingle SMTP reply line as received
from the remote SMTP server, except that the trailing <CR><LF> are remove d. When the lookup succeeds, the from the remote SMTP server, except that the trailing <CR><LF> are remove d. When the lookup succeeds, the
result replaces the single SMTP reply line. result replaces the single SMTP reply line.
Examples: Examples:
/etc/postfix/main.cf: /etc/postfix/main.cf:
smtp_reply_filter = pcre:/etc/postfix/reply_filter smtp_reply_filter = pcre:/etc/postfix/reply_filter
skipping to change at line 5871 skipping to change at line 5907
# Transform garbage into "250-filler..." so that it looks like # Transform garbage into "250-filler..." so that it looks like
# one line from a multi-line reply. It does not matter what we # one line from a multi-line reply. It does not matter what we
# substitute here as long it has the right syntax. The Postfix # substitute here as long it has the right syntax. The Postfix
# SMTP client will use the final line's numerical SMTP reply # SMTP client will use the final line's numerical SMTP reply
# code and enhanced status code. # code and enhanced status code.
!/^([2-5][0-9][0-9]($|[- ]))/ 250-filler for garbage !/^([2-5][0-9][0-9]($|[- ]))/ 250-filler for garbage
This feature is available in Postfix 2.7. This feature is available in Postfix 2.7.
smtp_rset_timeout (default: 20s) smtp_rset_timeout (default: 20s)
The Postfix SMTP client time limit for sending the RSET command, and for The Postfix SMTP client time limit for sending the RSET command, and for
receiving the remote SMTP server receiving the remote SMTP server
response. The SMTP client sends RSET in order to finish a recipient addre response. The SMTP client sends RSET in order to finish a recipient a
ss probe, or to verify that a ddress probe, or to verify that a
cached session is still usable. cached session is still usable.
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
smtp_sasl_auth_cache_name (default: empty) smtp_sasl_auth_cache_name (default: empty)
An optional table to prevent repeated SASL authentication failures with the same remote SMTP server host- An optional table to prevent repeated SASL authentication failures with t he same remote SMTP server host-
name, username and password. Each table (key, value) pair contains a serv er name, a username and password, name, username and password. Each table (key, value) pair contains a serv er name, a username and password,
and the full server response. This information is stored when a remote S and the full server response. This information is stored when a remote SM
MTP server rejects an authentica- TP server rejects an authentica-
tion attempt with a 535 reply code. As long as the smtp_sasl_password_ma tion attempt with a 535 reply code. As long as the smtp_sasl_password
ps information does no change, _maps information does no change,
and as long as the smtp_sasl_auth_cache_name information does not expir and as long as the smtp_sasl_auth_cache_name information does not expire
e (see smtp_sasl_auth_cache_time) (see smtp_sasl_auth_cache_time)
the Postfix SMTP client avoids SASL authentication attempts with the same the Postfix SMTP client avoids SASL authentication attempts with the sa
server, username and password, me server, username and password,
and instead bounces or defers mail as controlled with the smtp_sasl_auth_ soft_bounce configuration parame- and instead bounces or defers mail as controlled with the smtp_sasl_auth_ soft_bounce configuration parame-
ter. ter.
Use a per-destination delivery concurrency of 1 (for example, "smtp_dest Use a per-destination delivery concurrency of 1 (for example, "smtp_de
ination_concurrency_limit = 1", stination_concurrency_limit = 1",
"relay_destination_concurrency_limit = 1", etc.), otherwise multiple "relay_destination_concurrency_limit = 1", etc.), otherwise multiple del
delivery agents may experience a ivery agents may experience a
login failure at the same time. login failure at the same time.
The table must be accessed via the proxywrite service, i.e. the map name must start with "proxy:". The ta- The table must be accessed via the proxywrite service, i.e. the map name must start with "proxy:". The ta-
ble should be stored under the directory specified with the data_director y parameter. ble should be stored under the directory specified with the data_director y parameter.
This feature uses cryptographic hashing to protect plain-text passwords, and requires that Postfix is com- This feature uses cryptographic hashing to protect plain-text passwords, and requires that Postfix is com-
piled with TLS support. piled with TLS support.
Example: Example:
smtp_sasl_auth_cache_name = proxy:btree:/var/lib/postfix/sasl_auth_cache smtp_sasl_auth_cache_name = proxy:btree:/var/lib/postfix/sasl_auth_cache
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
smtp_sasl_auth_cache_time (default: 90d) smtp_sasl_auth_cache_time (default: 90d)
The maximal age of an smtp_sasl_auth_cache_name entry before it is remove d. The maximal age of an smtp_sasl_auth_cache_name entry before it is remove d.
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
smtp_sasl_auth_enable (default: no) smtp_sasl_auth_enable (default: no)
Enable SASL authentication in the Postfix SMTP client. By default, the Postfix SMTP client uses no Enable SASL authentication in the Postfix SMTP client. By default , the Postfix SMTP client uses no
authentication. authentication.
Example: Example:
smtp_sasl_auth_enable = yes smtp_sasl_auth_enable = yes
smtp_sasl_auth_soft_bounce (default: yes) smtp_sasl_auth_soft_bounce (default: yes)
When a remote SMTP server rejects a SASL authentication request with a 53 5 reply code, defer mail delivery When a remote SMTP server rejects a SASL authentication request with a 53 5 reply code, defer mail delivery
instead of returning mail as undeliverable. The latter behavior was hard- coded prior to Postfix version instead of returning mail as undeliverable. The latter behavior was ha rd-coded prior to Postfix version
2.5. 2.5.
Note: the setting "yes" overrides the global soft_bounce parameter, but t he setting "no" does not. Note: the setting "yes" overrides the global soft_bounce parameter, but t he setting "no" does not.
Example: Example:
# Default as of Postfix 2.5 # Default as of Postfix 2.5
smtp_sasl_auth_soft_bounce = yes smtp_sasl_auth_soft_bounce = yes
# The old hard-coded default # The old hard-coded default
smtp_sasl_auth_soft_bounce = no smtp_sasl_auth_soft_bounce = no
This feature is available in Postfix 2.5 and later. This feature is available in Postfix 2.5 and later.
smtp_sasl_mechanism_filter (default: empty) smtp_sasl_mechanism_filter (default: empty)
If non-empty, a Postfix SMTP client filter for the remote SMTP server's list of offered SASL mechanisms. If non-empty, a Postfix SMTP client filter for the remote SMTP server's l ist of offered SASL mechanisms.
Different client and server implementations may support different mechani sm lists; by default, the Postfix Different client and server implementations may support different mechani sm lists; by default, the Postfix
SMTP client will use the intersection of the two. smtp_sasl_mechanism_f ilter specifies an optional third SMTP client will use the intersection of the two. smtp_sasl_mechanism_fil ter specifies an optional third
mechanism list to intersect with. mechanism list to intersect with.
Specify mechanism names, "/file/name" patterns or "type:table" lookup tab Specify mechanism names, "/file/name" patterns or "type:table" lookup t
les. The right-hand side result ables. The right-hand side result
from "type:table" lookups is ignored. Specify "!pattern" to exclude a from "type:table" lookups is ignored. Specify "!pattern" to exclude a mec
mechanism name from the list. The hanism name from the list. The
form "!/file/name" is supported only in Postfix version 2.4 and later. form "!/file/name" is supported only in Postfix version 2.4 and later.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
Examples: Examples:
smtp_sasl_mechanism_filter = plain, login smtp_sasl_mechanism_filter = plain, login
smtp_sasl_mechanism_filter = /etc/postfix/smtp_mechs smtp_sasl_mechanism_filter = /etc/postfix/smtp_mechs
smtp_sasl_mechanism_filter = !gssapi, !login, static:rest smtp_sasl_mechanism_filter = !gssapi, !login, static:rest
smtp_sasl_password_maps (default: empty) smtp_sasl_password_maps (default: empty)
Optional Postfix SMTP client lookup tables with one username:password ent ry per sender, remote hostname or Optional Postfix SMTP client lookup tables with one username:password ent ry per sender, remote hostname or
next-hop domain. Per-sender lookup is done only when sender-dependent next-hop domain. Per-sender lookup is done only when sender-dependent aut
authentication is enabled. If no hentication is enabled. If no
username:password entry is found, then the Postfix SMTP client will not a username:password entry is found, then the Postfix SMTP client will n
ttempt to authenticate to the ot attempt to authenticate to the
remote host. remote host.
The Postfix SMTP client opens the lookup table before going to chroot ja il, so you can leave the password The Postfix SMTP client opens the lookup table before going to chroot jai l, so you can leave the password
file in /etc/postfix. file in /etc/postfix.
Specify zero or more "type:name" lookup tables, separated by whitespace o r comma. Tables will be searched Specify zero or more "type:name" lookup tables, separated by whitespace or comma. Tables will be searched
in the specified order until a match is found. in the specified order until a match is found.
smtp_sasl_path (default: empty) smtp_sasl_path (default: empty)
Implementation-specific information that the Postfix SMTP client passes t hrough to the SASL plug-in imple- Implementation-specific information that the Postfix SMTP client passes t hrough to the SASL plug-in imple-
mentation that is selected with smtp_sasl_type. Typically this specifies the name of a configuration file mentation that is selected with smtp_sasl_type. Typically this specifies the name of a configuration file
or rendezvous point. or rendezvous point.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
smtp_sasl_security_options (default: noplaintext, noanonymous) smtp_sasl_security_options (default: noplaintext, noanonymous)
skipping to change at line 5997 skipping to change at line 6033
Disallow methods that allow anonymous authentication. Disallow methods that allow anonymous authentication.
mutual_auth mutual_auth
Only allow methods that provide mutual authentication (not availab le with SASL version 1). Only allow methods that provide mutual authentication (not availab le with SASL version 1).
Example: Example:
smtp_sasl_security_options = noplaintext smtp_sasl_security_options = noplaintext
smtp_sasl_tls_security_options (default: $smtp_sasl_security_options) smtp_sasl_tls_security_options (default: $smtp_sasl_security_options)
The SASL authentication security options that the Postfix SMTP client use s for TLS encrypted SMTP ses- The SASL authentication security options that the Postfix SMTP client uses for TLS encrypted SMTP ses-
sions. sions.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_sasl_tls_verified_security_options (default: $smtp_sasl_tls_security_option s) smtp_sasl_tls_verified_security_options (default: $smtp_sasl_tls_security_option s)
The SASL authentication security options that the Postfix SMTP client use s for TLS encrypted SMTP sessions The SASL authentication security options that the Postfix SMTP client use s for TLS encrypted SMTP sessions
with a verified server certificate. with a verified server certificate.
When mail is sent to the public MX host for the recipient's domain, serve r certificates are by default When mail is sent to the public MX host for the recipient's domain, s erver certificates are by default
optional, and delivery proceeds even if certificate verification fails. F or delivery via a submission ser- optional, and delivery proceeds even if certificate verification fails. F or delivery via a submission ser-
vice that requires SASL authentication, it may be appropriate to send pla intext passwords only when the vice that requires SASL authentication, it may be appropriate to send plaintext passwords only when the
connection to the server is strongly encrypted and the server identity is verified. connection to the server is strongly encrypted and the server identity is verified.
The smtp_sasl_tls_verified_security_options parameter makes it possibl The smtp_sasl_tls_verified_security_options parameter makes it possible t
e to only enable plaintext mecha- o only enable plaintext mecha-
nisms when a secure connection to the server is available. Submission ser nisms when a secure connection to the server is available. Submission se
vers subject to this policy must rvers subject to this policy must
either have verifiable certificates or offer suitable non-plaintext SASL mechanisms. either have verifiable certificates or offer suitable non-plaintext SASL mechanisms.
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
smtp_sasl_type (default: cyrus) smtp_sasl_type (default: cyrus)
The SASL plug-in type that the Postfix SMTP client should use for authent ication. The available types are The SASL plug-in type that the Postfix SMTP client should use for authent ication. The available types are
listed with the "postconf -A" command. listed with the "postconf -A" command.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
smtp_send_dummy_mail_auth (default: no) smtp_send_dummy_mail_auth (default: no)
Whether or not to append the "AUTH=<>" option to the MAIL FROM command i n SASL-authenticated SMTP ses- Whether or not to append the "AUTH=<>" option to the MAIL FROM comman d in SASL-authenticated SMTP ses-
sions. The default is not to send this, to avoid problems with broken rem ote SMTP servers. Before Postfix sions. The default is not to send this, to avoid problems with broken rem ote SMTP servers. Before Postfix
2.9 the behavior is as if "smtp_send_dummy_mail_auth = yes". 2.9 the behavior is as if "smtp_send_dummy_mail_auth = yes".
This feature is available in Postfix 2.9 and later. This feature is available in Postfix 2.9 and later.
smtp_send_xforward_command (default: no) smtp_send_xforward_command (default: no)
Send the non-standard XFORWARD command when the Postfix SMTP server EHLO response announces XFORWARD sup- Send the non-standard XFORWARD command when the Postfix SMTP server EHLO response announces XFORWARD sup-
port. port.
This allows a Postfix SMTP delivery agent, used for injecting mail into This allows a Postfix SMTP delivery agent, used for injecting mail into a
a content filter, to forward the content filter, to forward the
name, address, protocol and HELO name of the original client to the conte name, address, protocol and HELO name of the original client to the cont
nt filter and downstream queuing ent filter and downstream queuing
SMTP server. This can produce more useful logging than localhost[127.0.0. 1] etc. SMTP server. This can produce more useful logging than localhost[127.0.0. 1] etc.
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
smtp_sender_dependent_authentication (default: no) smtp_sender_dependent_authentication (default: no)
Enable sender-dependent authentication in the Postfix SMTP client; Enable sender-dependent authentication in the Postfix SMTP client; this
this is available only with SASL is available only with SASL
authentication, and disables SMTP connection caching to ensure that mail authentication, and disables SMTP connection caching to ensure that mai
from different senders will use l from different senders will use
the appropriate credentials. the appropriate credentials.
This feature is available in Postfix 2.3 and later. This feature is available in Postfix 2.3 and later.
smtp_skip_4xx_greeting (default: yes) smtp_skip_4xx_greeting (default: yes)
Skip SMTP servers that greet with a 4XX status code (go away, try again l ater). Skip SMTP servers that greet with a 4XX status code (go away, try again l ater).
By default, the Postfix SMTP client moves on the next mail exchanger. Specify "smtp_skip_4xx_greeting = By default, the Postfix SMTP client moves on the next mail exchanger. Sp ecify "smtp_skip_4xx_greeting =
no" if Postfix should defer delivery immediately. no" if Postfix should defer delivery immediately.
This feature is available in Postfix 2.0 and earlier. Later Postfix ver sions always skip remote SMTP This feature is available in Postfix 2.0 and earlier. Later Postfix versions always skip remote SMTP
servers that greet with a 4XX status code. servers that greet with a 4XX status code.
smtp_skip_5xx_greeting (default: yes) smtp_skip_5xx_greeting (default: yes)
Skip remote SMTP servers that greet with a 5XX status code. Skip remote SMTP servers that greet with a 5XX status code.
By default, the Postfix SMTP client moves on the next mail exchanger. By default, the Postfix SMTP client moves on the next mail exchanger. Sp
Specify "smtp_skip_5xx_greeting = ecify "smtp_skip_5xx_greeting =
no" if Postfix should bounce the mail immediately. Caution: the latter be no" if Postfix should bounce the mail immediately. Caution: the latter b
havior appears to contradict RFC ehavior appears to contradict RFC
2821. 2821.
smtp_skip_quit_response (default: yes) smtp_skip_quit_response (default: yes)
Do not wait for the response to the SMTP QUIT command. Do not wait for the response to the SMTP QUIT command.
smtp_starttls_timeout (default: 300s) smtp_starttls_timeout (default: 300s)
Time limit for Postfix SMTP client write and read operations during T LS startup and shutdown handshake Time limit for Postfix SMTP client write and read operations during TLS startup and shutdown handshake
procedures. procedures.
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_tcp_port (default: smtp) smtp_tcp_port (default: smtp)
The default TCP port that the Postfix SMTP client connects to. Specify a symbolic name (see services(5)) The default TCP port that the Postfix SMTP client connects to. Specify a symbolic name (see services(5))
or a numeric port. or a numeric port.
smtp_tls_CAfile (default: empty) smtp_tls_CAfile (default: empty)
A file containing CA certificates of root CAs trusted to sign either r A file containing CA certificates of root CAs trusted to sign either remo
emote SMTP server certificates or te SMTP server certificates or
intermediate CA certificates. These are loaded into memory before the sm intermediate CA certificates. These are loaded into memory before the
tp(8) client enters the chroot smtp(8) client enters the chroot
jail. If the number of trusted roots is large, consider using smtp_tls_ jail. If the number of trusted roots is large, consider using smtp_tls_CA
CApath instead, but note that the path instead, but note that the
latter directory must be present in the chroot jail if the smtp(8) client latter directory must be present in the chroot jail if the smtp(8) clien
is chrooted. This file may also t is chrooted. This file may also
be used to augment the client certificate trust chain, but it is best to include all the required certifi- be used to augment the client certificate trust chain, but it is best to include all the required certifi-
cates directly in $smtp_tls_cert_file (or, Postfix >= 3.4 $smtp_tls_chain _files). cates directly in $smtp_tls_cert_file (or, Postfix >= 3.4 $smtp_tls_chain _files).
Specify "smtp_tls_CAfile = /path/to/system_CA_file" to use ONLY the syste m-supplied default Certification Specify "smtp_tls_CAfile = /path/to/system_CA_file" to use ONLY the syst em-supplied default Certification
Authority certificates. Authority certificates.
Specify "tls_append_default_CA = no" to prevent Postfix from appending th e system-supplied default CAs and Specify "tls_append_default_CA = no" to prevent Postfix from appending th e system-supplied default CAs and
trusting third-party certificates. trusting third-party certificates.
Example: Example:
smtp_tls_CAfile = /etc/postfix/CAcert.pem smtp_tls_CAfile = /etc/postfix/CAcert.pem
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_tls_CApath (default: empty) smtp_tls_CApath (default: empty)
Directory with PEM format Certification Authority certificates that the P ostfix SMTP client uses to verify Directory with PEM format Certification Authority certificates that the P ostfix SMTP client uses to verify
a remote SMTP server certificate. Don't forget to create the necessar y "hash" links with, for example, a remote SMTP server certificate. Don't forget to create the necessary " hash" links with, for example,
"$OPENSSL_HOME/bin/c_rehash /etc/postfix/certs". "$OPENSSL_HOME/bin/c_rehash /etc/postfix/certs".
To use this option in chroot mode, this directory (or a copy) must be ins ide the chroot jail. To use this option in chroot mode, this directory (or a copy) must be ins ide the chroot jail.
Specify "smtp_tls_CApath = /path/to/system_CA_directory" to use ONLY the system-supplied default Certifi- Specify "smtp_tls_CApath = /path/to/system_CA_directory" to use ONLY the system-supplied default Certifi-
cation Authority certificates. cation Authority certificates.
Specify "tls_append_default_CA = no" to prevent Postfix from appending th e system-supplied default CAs and Specify "tls_append_default_CA = no" to prevent Postfix from appending th e system-supplied default CAs and
trusting third-party certificates. trusting third-party certificates.
Example: Example:
smtp_tls_CApath = /etc/postfix/certs smtp_tls_CApath = /etc/postfix/certs
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_tls_block_early_mail_reply (default: no) smtp_tls_block_early_mail_reply (default: no)
Try to detect a mail hijacking attack based on a TLS protocol vulnerabi Try to detect a mail hijacking attack based on a TLS protocol vulner
lity (CVE-2009-3555), where an ability (CVE-2009-3555), where an
attacker prepends malicious HELO, MAIL, RCPT, DATA commands to a Post attacker prepends malicious HELO, MAIL, RCPT, DATA commands to a Postfix
fix SMTP client TLS session. The SMTP client TLS session. The
attack would succeed with non-Postfix SMTP servers that reply to the mali cious HELO, MAIL, RCPT, DATA com- attack would succeed with non-Postfix SMTP servers that reply to the mali cious HELO, MAIL, RCPT, DATA com-
mands after negotiating the Postfix SMTP client TLS session. mands after negotiating the Postfix SMTP client TLS session.
This feature is available in Postfix 2.7. This feature is available in Postfix 2.7.
smtp_tls_cert_file (default: empty) smtp_tls_cert_file (default: empty)
File with the Postfix SMTP client RSA certificate in PEM format. This File with the Postfix SMTP client RSA certificate in PEM format. This fi
file may also contain the Postfix le may also contain the Postfix
SMTP client private RSA key, and these may be the same as the Postfix SMT SMTP client private RSA key, and these may be the same as the Postfix SM
P server RSA certificate and key TP server RSA certificate and key
file. With Postfix >= 3.4 the preferred way to configure client file. With Postfix >= 3.4 the preferred way to configure client keys
keys and certificates is via the and certificates is via the
"smtp_tls_chain_files" parameter. "smtp_tls_chain_files" parameter.
Do not configure client certificates unless you must present client TLS Do not configure client certificates unless you must present clien
certificates to one or more t TLS certificates to one or more
servers. Client certificates are not usually needed, and can cause pro servers. Client certificates are not usually needed, and can cause proble
blems in configurations that work ms in configurations that work
well without them. The recommended setting is to let the defaults stand: well without them. The recommended setting is to let the defaults stand:
smtp_tls_cert_file = smtp_tls_cert_file =
smtp_tls_key_file = smtp_tls_key_file =
smtp_tls_eccert_file = smtp_tls_eccert_file =
smtp_tls_eckey_file = smtp_tls_eckey_file =
# Obsolete DSA parameters # Obsolete DSA parameters
smtp_tls_dcert_file = smtp_tls_dcert_file =
smtp_tls_dkey_file = smtp_tls_dkey_file =
# Postfix >= 3.4 interface # Postfix >= 3.4 interface
smtp_tls_chain_files = smtp_tls_chain_files =
The best way to use the default settings is to comment out the above para meters in main.cf if present. The best way to use the default settings is to comment out the above para meters in main.cf if present.
To enable remote SMTP servers to verify the Postfix SMTP client certifica To enable remote SMTP servers to verify the Postfix SMTP client certifi
te, the issuing CA certificates cate, the issuing CA certificates
must be made available to the server. You should include the required ce must be made available to the server. You should include the required cer
rtificates in the client certifi- tificates in the client certifi-
cate file, the client certificate first, then the issuing CA(s) (bottom-u p order). cate file, the client certificate first, then the issuing CA(s) (bottom-u p order).
Example: the certificate for "client.example.com" was issued by "intermed iate CA" which itself has a cer- Example: the certificate for "client.example.com" was issued by "interme diate CA" which itself has a cer-
tificate issued by "root CA". As the "root" super-user create the client .pem file with: tificate issued by "root CA". As the "root" super-user create the client .pem file with:
# umask 077 # umask 077
# cat client_key.pem client_cert.pem intermediate_CA.pem > chain.pem # cat client_key.pem client_cert.pem intermediate_CA.pem > chain.pem
If you also want to verify remote SMTP server certificates issued by t If you also want to verify remote SMTP server certificates issued by thes
hese CAs, you can add the CA cer- e CAs, you can add the CA cer-
tificates to the smtp_tls_CAfile, in which case it is not neces tificates to the smtp_tls_CAfile, in which case it is not n
sary to have them in the ecessary to have them in the
smtp_tls_cert_file, smtp_tls_dcert_file (obsolete) or smtp_tls_eccert_fil e. smtp_tls_cert_file, smtp_tls_dcert_file (obsolete) or smtp_tls_eccert_fil e.
A certificate supplied here must be usable as an SSL client certificate a nd hence pass the "openssl verify A certificate supplied here must be usable as an SSL client certificate a nd hence pass the "openssl verify
-purpose sslclient ..." test. -purpose sslclient ..." test.
Example: Example:
smtp_tls_cert_file = /etc/postfix/chain.pem smtp_tls_cert_file = /etc/postfix/chain.pem
This feature is available in Postfix 2.2 and later. This feature is available in Postfix 2.2 and later.
smtp_tls_chain_files (default: empty) smtp_tls_chain_files (default: empty)
List of one or more PEM files, each holding one or more private keys dire List of one or more PEM files, each holding one or more private keys dir
ctly followed by a corresponding ectly followed by a corresponding
certificate chain. The file names are separated by commas and/or whit certificate chain. The file names are separated by commas and/or whitesp
espace. This parameter obsoletes ace. This parameter obsoletes
the legacy algorithm-specific key and certificate file settings. When th the legacy algorithm-specific key and certificate file settings. When
is parameter is non-empty, the this parameter is non-empty, the
legacy parameters are ignored, and a warning is logged if any are also no n-empty. legacy parameters are ignored, and a warning is logged if any are also no n-empty.
With the proliferation of multiple private key algorithms-which, as of With the proliferation of multiple private key algorithms-which, as of Op
OpenSSL 1.1.1, include DSA (obso- enSSL 1.1.1, include DSA (obso-
lete), RSA, ECDSA, Ed25519 and Ed448-it is increasingly impractical to us lete), RSA, ECDSA, Ed25519 and Ed448-it is increasingly impractical to u
e separate parameters to config- se separate parameters to config-
ure the key and certificate chain for each algorithm. Therefore, Post ure the key and certificate chain for each algorithm. Therefore, Postfix
fix now supports storing multiple now supports storing multiple
keys and corresponding certificate chains in a single file or in a set of files. keys and corresponding certificate chains in a single file or in a set of files.
Each key must appear immediately before the corresponding certificate, op Each key must appear immediately before the corresponding certificate,
tionally followed by additional optionally followed by additional
issuer certificates that complete the certificate chain for that key. W issuer certificates that complete the certificate chain for that key. Wh
hen multiple files are specified, en multiple files are specified,
they are equivalent to a single file that is concatenated from those file they are equivalent to a single file that is concatenated from those
s in the given order. Thus, files in the given order. Thus,
while a key must always precede its certificate and issuer chain, it can be in a separate file, so long as while a key must always precede its certificate and issuer chain, it can be in a separate file, so long as
that file is listed immediately before the file that holds the correspond that file is listed immediately before the file that holds the correspon
ing certificate chain. Once all ding certificate chain. Once all
the files are concatenated, the sequence of PEM objects must be: ke the files are concatenated, the sequence of PEM objects must be: key1,
y1, cert1, [chain1], key2, cert2, cert1, [chain1], key2, cert2,
[chain2], ..., keyN, certN, [chainN]. [chain2], ..., keyN, certN, [chainN].
Storing the private key in the same file as the corresponding certificate is more reliable. With the key Storing the private key in the same file as the corresponding certificat e is more reliable. With the key
and certificate in separate files, there is a chance that during key roll over a Postfix process might load and certificate in separate files, there is a chance that during key roll over a Postfix process might load
a private key and certificate from separate files that don't match. Vari ous operational errors may even a private key and certificate from separate files that don't match. Va rious operational errors may even
result in a persistent broken configuration in which the certificate does not match the private key. result in a persistent broken configuration in which the certificate does not match the private key.
The file or files must contain at most one key of each type. If, for example, two or more RSA keys and The file or files must contain at most one key of each type. If, for exa mple, two or more RSA keys and
corresponding chains are listed, depending on the version of OpenSSL eith er only the last one will be used corresponding chains are listed, depending on the version of OpenSSL eith er only the last one will be used
or an configuration error may be detected. Note that while "Ed25519" an or an configuration error may be detected. Note that while "Ed25519" and
d "Ed448" are considered separate "Ed448" are considered separate
algorithms, the various ECDSA curves (typically one of prime256v1, secp38 algorithms, the various ECDSA curves (typically one of prime256v1, secp3
4r1 or secp521r1) are considered 84r1 or secp521r1) are considered
as different parameters of a single "ECDSA" algorithm, so it is not pre as different parameters of a single "ECDSA" algorithm, so it is not prese
sently possible to configure keys ntly possible to configure keys
for more than one ECDSA curve. for more than one ECDSA curve.
Example (separate files for each key and corresponding certificate chain) : Example (separate files for each key and corresponding certificate chain) :
/etc/postfix/main.cf: /etc/postfix/main.cf:
smtp_tls_chain_files = smtp_tls_chain_files =
${config_directory}/ed25519.pem, ${config_directory}/ed25519.pem,
${config_directory}/ed448.pem, ${config_directory}/ed448.pem,
${config_directory}/rsa.pem ${config_directory}/rsa.pem
skipping to change at line 6279 skipping to change at line 6315
MIIC+DCCAeCgAwIBAgIUIUkrbk1GAemPCT8i9wKsTGDH7HswDQYJKoZIhvcNAQEL MIIC+DCCAeCgAwIBAgIUIUkrbk1GAemPCT8i9wKsTGDH7HswDQYJKoZIhvcNAQEL
... ...
Rirz15HGVNTK8wzFd+nulPzwUo6dH2IU8KazmyRi7OGvpyrMlm15TRE2oyE= Rirz15HGVNTK8wzFd+nulPzwUo6dH2IU8KazmyRi7OGvpyrMlm15TRE2oyE=
-----END CERTIFICATE----- -----END CERTIFICATE-----
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
smtp_tls_cipherlist (default: empty) smtp_tls_cipherlist (default: empty)
Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS cipher lis t. As this feature applies to all Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS cipher lis t. As this feature applies to all
TLS security levels, it is easy to create interoperability problems by ch oosing a non-default cipher list. TLS security levels, it is easy to create interoperability problems by ch oosing a non-default cipher list.
Do not use a non-default TLS cipher list on hosts that deliver email to t Do not use a non-default TLS cipher list on hosts that deliver email to
he public Internet: you will be the public Internet: you will be
unable to send email to servers that only support the ciphers you exclud unable to send email to servers that only support the ciphers you exclude
e. Using a restricted cipher list . Using a restricted cipher list
may be more appropriate for an internal MTA, where one can exert some con may be more appropriate for an internal MTA, where one can exert some
trol over the TLS software and control over the TLS software and
settings of the peer servers. settings of the peer servers.
Note: do not use "" quotes around the parameter value. Note: do not use "" quotes around the parameter value.
This feature is available in Postfix version 2.2. It is not use d with Postfix 2.3 and later; use This feature is available in Postfix version 2.2. It is not used wit h Postfix 2.3 and later; use
smtp_tls_mandatory_ciphers instead. smtp_tls_mandatory_ciphers instead.
smtp_tls_ciphers (default: medium) smtp_tls_ciphers (default: medium)
The minimum TLS cipher grade that the Postfix SMTP client will use with The minimum TLS cipher grade that the Postfix SMTP client will use w
opportunistic TLS encryption. ith opportunistic TLS encryption.
Cipher types listed in smtp_tls_exclude_ciphers are excluded from th Cipher types listed in smtp_tls_exclude_ciphers are excluded from the ba
e base definition of the selected se definition of the selected
cipher grade. The default value is "medium" for Postfix releases after cipher grade. The default value is "medium" for Postfix releases after
the middle of 2015, "export" for the middle of 2015, "export" for
older releases. older releases.
When TLS is mandatory the cipher grade is chosen via the smtp_tls_mandat ory_ciphers configuration parame- When TLS is mandatory the cipher grade is chosen via the smtp_tls_mandato ry_ciphers configuration parame-
ter, see there for syntax details. See smtp_tls_policy_maps for informati on on how to configure ciphers on ter, see there for syntax details. See smtp_tls_policy_maps for informati on on how to configure ciphers on
a per-destination basis. a per-destination basis.
This feature is available in Postfix 2.6 and later. With earlier Postfix releases only the smtp_tls_manda- This feature is available in Postfix 2.6 and later. With earlier Postfix releases only the smtp_tls_manda-
tory_ciphers parameter is implemented, and opportunistic TLS always uses "export" or better (i.e. all) tory_ciphers parameter is implemented, and opportunistic TLS always u ses "export" or better (i.e. all)
ciphers. ciphers.
smtp_tls_connection_reuse (default: no) smtp_tls_connection_reuse (default: no)
Try to make multiple deliveries per TLS-encrypted connection. Thi Try to make multiple deliveries per TLS-encrypted connection. This us
s uses the tlsproxy(8) service to es the tlsproxy(8) service to
encrypt an SMTP connection, uses the scache(8) service to save that conne encrypt an SMTP connection, uses the scache(8) service to save that con
ction, and relies on hints from nection, and relies on hints from
the qmgr(8) daemon. the qmgr(8) daemon.
See "Client-side TLS connection reuse" for background details. See "Client-side TLS connection reuse" for background details.
This feature is available in Postfix 3.4 and later. This feature is available in Postfix 3.4 and later.
smtp_tls_dane_insecure_mx_policy (default: dane) smtp_tls_dane_insecure_mx_policy (default: see postconf -d output)
The TLS policy for MX hosts with "secure" TLSA records when the next The TLS policy for MX hosts with "secure" TLSA records when the nexthop
hop destination security level is destination security level is
dane, but the MX record was found via an "insecure" MX lookup. The choic es are: dane, but the MX record was found via an "insecure" MX lookup. The choic es are:
may The TLSA records will be ignored and TLS will be optional. If the MX host does not appear to sup- may The TLSA records will be ignored and TLS will be optional. If th e MX host does not appear to sup-
port STARTTLS, or the STARTTLS handshake fails, mail may be sent i n the clear. port STARTTLS, or the STARTTLS handshake fails, mail may be sent i n the clear.
encrypt encrypt
The TLSA records will signal a requirement to use TLS. While TLS encryption will be required, The TLSA records will signal a requirement to use TLS. While TLS encryption will be required,
authentication will not be performed. authentication will not be performed.
dane (default) dane (default)
The TLSA records will be used just as with "secure" MX records. T The TLSA records will be used just as with "secure" MX records.
LS encryption will be required, TLS encryption will be required,
and, if at least one of the TLSA records is "usable", authe and, if at least one of the TLSA records is "usable", authentic
ntication will be required. When ation will be required. When
authentication succeeds, it will be logged only as "Trusted", not authentication succeeds, it will be logged only as "Trusted", no
"Verified", because the MX host t "Verified", because the MX host
name could have been forged. name could have been forged.
Though with "insecure" MX records an active attacker can comp The default setting for Postfix >= 3.6 is "dane" with "smtp_tls_se
romise SMTP transport security by curity_level = dane", otherwise
returning forged MX records, such attacks are "tamper-evident" sin "may". This behavior was backported to Postfix versions 3.5.9, 3
ce any forged MX hostnames will .4.19, 3.3.16. 3.2.21. With ear-
be recorded in the mail logs. Attackers who place a high value st lier Postfix versions the default setting was always "dane".
aying hidden may be deterred from
forging MX records. Though with "insecure" MX records an active attacker can compromise SMTP
transport security by returning
forged MX records, such attacks are "tamper-evident" since any forged MX
hostnames will be recorded in the
mail logs. Attackers who place a high value staying hidden may be deterr
ed from forging MX records.
This feature is available in Postfix 3.1 and later. The may policy is ba ckwards-compatible with earlier This feature is available in Postfix 3.1 and later. The may policy is ba ckwards-compatible with earlier
Postfix versions. Postfix versions.
smtp_tls_dcert_file (default: empty) smtp_tls_dcert_file (default: empty)
File with the Postfix SMTP client DSA certificate in PEM format. This file may also contain the Postfix File with the Postfix SMTP client DSA certificate in PEM format. This file may also contain the Postfix
SMTP client private DSA key. The DSA algorithm is obsolete and should no t be used. SMTP client private DSA key. The DSA algorithm is obsolete and should no t be used.
See the discussion under smtp_tls_cert_file for more details. See the discussion under smtp_tls_cert_file for more details.
 End of changes. 699 change blocks. 
1466 lines changed or deleted 1523 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)