"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "man/man8/smtp.8" between
postfix-3.5.8.tar.gz and postfix-3.5.9.tar.gz

About: Postfix is a mail system (an alternative to sendmail).

smtp.8  (postfix-3.5.8):smtp.8  (postfix-3.5.9)
skipping to change at line 315 skipping to change at line 315
smtp_balance_inet_protocols (yes) smtp_balance_inet_protocols (yes)
When a remote destination resolves to a combination of IPv4 an d IPv6 addresses, ensure that the When a remote destination resolves to a combination of IPv4 an d IPv6 addresses, ensure that the
Postfix SMTP client can try both address types before it runs into the smtp_mx_address_limit. Postfix SMTP client can try both address types before it runs into the smtp_mx_address_limit.
Available in Postfix 3.5 and later: Available in Postfix 3.5 and later:
info_log_address_format (external) info_log_address_format (external)
The email address form that will be used in non-debug logging (inf o, warning, etc.). The email address form that will be used in non-debug logging (inf o, warning, etc.).
Available in Postfix 3.5.9 and later:
dnssec_probe (ns:.)
The DNS query type (default: "ns") and DNS query name (default: ".
") that Postfix may use to deter-
mine whether DNSSEC validation is available.
MIME PROCESSING CONTROLS MIME PROCESSING CONTROLS
Available in Postfix version 2.0 and later: Available in Postfix version 2.0 and later:
disable_mime_output_conversion (no) disable_mime_output_conversion (no)
Disable the conversion of 8BITMIME format to 7BIT format. Disable the conversion of 8BITMIME format to 7BIT format.
mime_boundary_length_limit (2048) mime_boundary_length_limit (2048)
The maximal length of MIME multipart boundary strings. The maximal length of MIME multipart boundary strings.
mime_nesting_limit (100) mime_nesting_limit (100)
The maximal recursion level that the MIME processor will handle. The maximal recursion level that the MIME processor will handle.
EXTERNAL CONTENT INSPECTION CONTROLS EXTERNAL CONTENT INSPECTION CONTROLS
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
smtp_send_xforward_command (no) smtp_send_xforward_command (no)
Send the non-standard XFORWARD command when the Postfix SMTP serve r EHLO response announces XFOR- Send the non-standard XFORWARD command when the Postfix SMTP ser ver EHLO response announces XFOR-
WARD support. WARD support.
SASL AUTHENTICATION CONTROLS SASL AUTHENTICATION CONTROLS
smtp_sasl_auth_enable (no) smtp_sasl_auth_enable (no)
Enable SASL authentication in the Postfix SMTP client. Enable SASL authentication in the Postfix SMTP client.
smtp_sasl_password_maps (empty) smtp_sasl_password_maps (empty)
Optional Postfix SMTP client lookup tables with one username: password entry per sender, remote Optional Postfix SMTP client lookup tables with one username:pass word entry per sender, remote
hostname or next-hop domain. hostname or next-hop domain.
smtp_sasl_security_options (noplaintext, noanonymous) smtp_sasl_security_options (noplaintext, noanonymous)
Postfix SMTP client SASL security options; as of Postfix 2.3 the l ist of available features depends Postfix SMTP client SASL security options; as of Postfix 2.3 the l ist of available features depends
on the SASL client implementation that is selected with smtp_sasl_ type. on the SASL client implementation that is selected with smtp_sasl_ type.
Available in Postfix version 2.2 and later: Available in Postfix version 2.2 and later:
smtp_sasl_mechanism_filter (empty) smtp_sasl_mechanism_filter (empty)
If non-empty, a Postfix SMTP client filter for the remote SMTP ser ver's list of offered SASL mecha- If non-empty, a Postfix SMTP client filter for the remote SMTP ser ver's list of offered SASL mecha-
nisms. nisms.
Available in Postfix version 2.3 and later: Available in Postfix version 2.3 and later:
smtp_sender_dependent_authentication (no) smtp_sender_dependent_authentication (no)
Enable sender-dependent authentication in the Postfix SMTP client; this is available only with SASL Enable sender-dependent authentication in the Postfix SMTP client; this is available only with SASL
authentication, and disables SMTP connection caching to ensure that mail from different senders authentication, and disables SMTP connection caching to ensure tha t mail from different senders
will use the appropriate credentials. will use the appropriate credentials.
smtp_sasl_path (empty) smtp_sasl_path (empty)
Implementation-specific information that the Postfix SMTP client p asses through to the SASL plug-in Implementation-specific information that the Postfix SMTP client p asses through to the SASL plug-in
implementation that is selected with smtp_sasl_type. implementation that is selected with smtp_sasl_type.
smtp_sasl_type (cyrus) smtp_sasl_type (cyrus)
The SASL plug-in type that the Postfix SMTP client should use for authentication. The SASL plug-in type that the Postfix SMTP client should use for authentication.
Available in Postfix version 2.5 and later: Available in Postfix version 2.5 and later:
smtp_sasl_auth_cache_name (empty) smtp_sasl_auth_cache_name (empty)
An optional table to prevent repeated SASL authentication failures with the same remote SMTP server An optional table to prevent repeated SASL authentication failures with the same remote SMTP server
hostname, username and password. hostname, username and password.
smtp_sasl_auth_cache_time (90d) smtp_sasl_auth_cache_time (90d)
The maximal age of an smtp_sasl_auth_cache_name entry before it is removed. The maximal age of an smtp_sasl_auth_cache_name entry before it is removed.
smtp_sasl_auth_soft_bounce (yes) smtp_sasl_auth_soft_bounce (yes)
When a remote SMTP server rejects a SASL authentication request wi th a 535 reply code, defer mail When a remote SMTP server rejects a SASL authentication request with a 535 reply code, defer mail
delivery instead of returning mail as undeliverable. delivery instead of returning mail as undeliverable.
Available in Postfix version 2.9 and later: Available in Postfix version 2.9 and later:
smtp_send_dummy_mail_auth (no) smtp_send_dummy_mail_auth (no)
Whether or not to append the "AUTH=<>" option to the MAIL FROM c ommand in SASL-authenticated SMTP Whether or not to append the "AUTH=<>" option to the MAIL FROM com mand in SASL-authenticated SMTP
sessions. sessions.
STARTTLS SUPPORT CONTROLS STARTTLS SUPPORT CONTROLS
Detailed information about STARTTLS configuration may be found in the TLS _README document. Detailed information about STARTTLS configuration may be found in the TLS _README document.
smtp_tls_security_level (empty) smtp_tls_security_level (empty)
The default SMTP TLS security level for the Postfix SMTP client; w The default SMTP TLS security level for the Postfix SMTP client;
hen a non-empty value is speci- when a non-empty value is speci-
fied, this overrides the obsolete parameters smtp_u fied, this overrides the obsolete parameters smtp_use
se_tls, smtp_enforce_tls, and _tls, smtp_enforce_tls, and
smtp_tls_enforce_peername. smtp_tls_enforce_peername.
smtp_sasl_tls_security_options ($smtp_sasl_security_options) smtp_sasl_tls_security_options ($smtp_sasl_security_options)
The SASL authentication security options that the Postfix SMTP cli ent uses for TLS encrypted SMTP The SASL authentication security options that the Postfix SMTP c lient uses for TLS encrypted SMTP
sessions. sessions.
smtp_starttls_timeout (300s) smtp_starttls_timeout (300s)
Time limit for Postfix SMTP client write and read operations duri ng TLS startup and shutdown hand- Time limit for Postfix SMTP client write and read operations durin g TLS startup and shutdown hand-
shake procedures. shake procedures.
smtp_tls_CAfile (empty) smtp_tls_CAfile (empty)
A file containing CA certificates of root CAs trusted to sign eith er remote SMTP server certifi- A file containing CA certificates of root CAs trusted to sign e ither remote SMTP server certifi-
cates or intermediate CA certificates. cates or intermediate CA certificates.
smtp_tls_CApath (empty) smtp_tls_CApath (empty)
Directory with PEM format Certification Authority certificates tha t the Postfix SMTP client uses to Directory with PEM format Certification Authority certificates tha t the Postfix SMTP client uses to
verify a remote SMTP server certificate. verify a remote SMTP server certificate.
smtp_tls_cert_file (empty) smtp_tls_cert_file (empty)
File with the Postfix SMTP client RSA certificate in PEM format. File with the Postfix SMTP client RSA certificate in PEM format.
smtp_tls_mandatory_ciphers (medium) smtp_tls_mandatory_ciphers (medium)
The minimum TLS cipher grade that the Postfix SMTP client will use with mandatory TLS encryption. The minimum TLS cipher grade that the Postfix SMTP client will use with mandatory TLS encryption.
smtp_tls_exclude_ciphers (empty) smtp_tls_exclude_ciphers (empty)
List of ciphers or cipher types to exclude from the Postfix SMTP c lient cipher list at all TLS List of ciphers or cipher types to exclude from the Postfix S MTP client cipher list at all TLS
security levels. security levels.
smtp_tls_mandatory_exclude_ciphers (empty) smtp_tls_mandatory_exclude_ciphers (empty)
Additional list of ciphers or cipher types to exclude from the P ostfix SMTP client cipher list at Additional list of ciphers or cipher types to exclude from the Pos tfix SMTP client cipher list at
mandatory TLS security levels. mandatory TLS security levels.
smtp_tls_dcert_file (empty) smtp_tls_dcert_file (empty)
File with the Postfix SMTP client DSA certificate in PEM format. File with the Postfix SMTP client DSA certificate in PEM format.
smtp_tls_dkey_file ($smtp_tls_dcert_file) smtp_tls_dkey_file ($smtp_tls_dcert_file)
File with the Postfix SMTP client DSA private key in PEM format. File with the Postfix SMTP client DSA private key in PEM format.
smtp_tls_key_file ($smtp_tls_cert_file) smtp_tls_key_file ($smtp_tls_cert_file)
File with the Postfix SMTP client RSA private key in PEM format. File with the Postfix SMTP client RSA private key in PEM format.
smtp_tls_loglevel (0) smtp_tls_loglevel (0)
Enable additional Postfix SMTP client logging of TLS activity. Enable additional Postfix SMTP client logging of TLS activity.
smtp_tls_note_starttls_offer (no) smtp_tls_note_starttls_offer (no)
Log the hostname of a remote SMTP server that offers STARTTLS, whe n TLS is not already enabled for Log the hostname of a remote SMTP server that offers STARTTLS, wh en TLS is not already enabled for
that server. that server.
smtp_tls_policy_maps (empty) smtp_tls_policy_maps (empty)
Optional lookup tables with the Postfix SMTP client TLS securit y policy by next-hop destination; Optional lookup tables with the Postfix SMTP client TLS security p olicy by next-hop destination;
when a non-empty value is specified, this overrides the obsolete s mtp_tls_per_site parameter. when a non-empty value is specified, this overrides the obsolete s mtp_tls_per_site parameter.
smtp_tls_mandatory_protocols (!SSLv2, !SSLv3) smtp_tls_mandatory_protocols (!SSLv2, !SSLv3)
List of SSL/TLS protocols that the Postfix SMTP client will use wi th mandatory TLS encryption. List of SSL/TLS protocols that the Postfix SMTP client will use wi th mandatory TLS encryption.
smtp_tls_scert_verifydepth (9) smtp_tls_scert_verifydepth (9)
The verification depth for remote SMTP server certificates. The verification depth for remote SMTP server certificates.
smtp_tls_secure_cert_match (nexthop, dot-nexthop) smtp_tls_secure_cert_match (nexthop, dot-nexthop)
How the Postfix SMTP client verifies the server certificate peerna me for the "secure" TLS security How the Postfix SMTP client verifies the server certificate peern ame for the "secure" TLS security
level. level.
smtp_tls_session_cache_database (empty) smtp_tls_session_cache_database (empty)
Name of the file containing the optional Postfix SMTP client TLS s ession cache. Name of the file containing the optional Postfix SMTP client TLS s ession cache.
smtp_tls_session_cache_timeout (3600s) smtp_tls_session_cache_timeout (3600s)
The expiration time of Postfix SMTP client TLS session cache infor mation. The expiration time of Postfix SMTP client TLS session cache infor mation.
smtp_tls_verify_cert_match (hostname) smtp_tls_verify_cert_match (hostname)
How the Postfix SMTP client verifies the server certificate peern ame for the "verify" TLS security How the Postfix SMTP client verifies the server certificate peerna me for the "verify" TLS security
level. level.
tls_daemon_random_bytes (32) tls_daemon_random_bytes (32)
The number of pseudo-random bytes that an smtp(8) or smtpd(8) proc ess requests from the tlsmgr(8) The number of pseudo-random bytes that an smtp(8) or smtpd(8) pr ocess requests from the tlsmgr(8)
server in order to seed its internal pseudo random number generato r (PRNG). server in order to seed its internal pseudo random number generato r (PRNG).
tls_high_cipherlist (see 'postconf -d' output) tls_high_cipherlist (see 'postconf -d' output)
The OpenSSL cipherlist for "high" grade ciphers. The OpenSSL cipherlist for "high" grade ciphers.
tls_medium_cipherlist (see 'postconf -d' output) tls_medium_cipherlist (see 'postconf -d' output)
The OpenSSL cipherlist for "medium" or higher grade ciphers. The OpenSSL cipherlist for "medium" or higher grade ciphers.
tls_low_cipherlist (see 'postconf -d' output) tls_low_cipherlist (see 'postconf -d' output)
The OpenSSL cipherlist for "low" or higher grade ciphers. The OpenSSL cipherlist for "low" or higher grade ciphers.
tls_export_cipherlist (see 'postconf -d' output) tls_export_cipherlist (see 'postconf -d' output)
The OpenSSL cipherlist for "export" or higher grade ciphers. The OpenSSL cipherlist for "export" or higher grade ciphers.
tls_null_cipherlist (eNULL:!aNULL) tls_null_cipherlist (eNULL:!aNULL)
The OpenSSL cipherlist for "NULL" grade ciphers that provide authe ntication without encryption. The OpenSSL cipherlist for "NULL" grade ciphers that provide authe ntication without encryption.
Available in Postfix version 2.4 and later: Available in Postfix version 2.4 and later:
smtp_sasl_tls_verified_security_options ($smtp_sasl_tls_security_options) smtp_sasl_tls_verified_security_options ($smtp_sasl_tls_security_options)
The SASL authentication security options that the Postfix SMTP c lient uses for TLS encrypted SMTP The SASL authentication security options that the Postfix SMTP cli ent uses for TLS encrypted SMTP
sessions with a verified server certificate. sessions with a verified server certificate.
Available in Postfix version 2.5 and later: Available in Postfix version 2.5 and later:
smtp_tls_fingerprint_cert_match (empty) smtp_tls_fingerprint_cert_match (empty)
List of acceptable remote SMTP server certificate fingerprints for the "fingerprint" TLS security List of acceptable remote SMTP server certificate fingerprints f or the "fingerprint" TLS security
level (smtp_tls_security_level = fingerprint). level (smtp_tls_security_level = fingerprint).
smtp_tls_fingerprint_digest (md5) smtp_tls_fingerprint_digest (md5)
The message digest algorithm used to construct remote SMTP server certificate fingerprints. The message digest algorithm used to construct remote SMTP server certificate fingerprints.
Available in Postfix version 2.6 and later: Available in Postfix version 2.6 and later:
smtp_tls_protocols (!SSLv2, !SSLv3) smtp_tls_protocols (!SSLv2, !SSLv3)
List of TLS protocols that the Postfix SMTP client will exclude or include with opportunistic TLS List of TLS protocols that the Postfix SMTP client will exclude or include with opportunistic TLS
encryption. encryption.
smtp_tls_ciphers (medium) smtp_tls_ciphers (medium)
The minimum TLS cipher grade that the Postfix SMTP client will use with opportunistic TLS encryp- The minimum TLS cipher grade that the Postfix SMTP client will u se with opportunistic TLS encryp-
tion. tion.
smtp_tls_eccert_file (empty) smtp_tls_eccert_file (empty)
File with the Postfix SMTP client ECDSA certificate in PEM format. File with the Postfix SMTP client ECDSA certificate in PEM format.
smtp_tls_eckey_file ($smtp_tls_eccert_file) smtp_tls_eckey_file ($smtp_tls_eccert_file)
File with the Postfix SMTP client ECDSA private key in PEM format. File with the Postfix SMTP client ECDSA private key in PEM format.
Available in Postfix version 2.7 and later: Available in Postfix version 2.7 and later:
smtp_tls_block_early_mail_reply (no) smtp_tls_block_early_mail_reply (no)
Try to detect a mail hijacking attack based on a TLS protocol vul Try to detect a mail hijacking attack based on a TLS protocol vuln
nerability (CVE-2009-3555), where erability (CVE-2009-3555), where
an attacker prepends malicious HELO, MAIL, RCPT, DATA commands to an attacker prepends malicious HELO, MAIL, RCPT, DATA commands
a Postfix SMTP client TLS ses- to a Postfix SMTP client TLS ses-
sion. sion.
Available in Postfix version 2.8 and later: Available in Postfix version 2.8 and later:
tls_disable_workarounds (see 'postconf -d' output) tls_disable_workarounds (see 'postconf -d' output)
List or bit-mask of OpenSSL bug work-arounds to disable. List or bit-mask of OpenSSL bug work-arounds to disable.
Available in Postfix version 2.11-3.1: Available in Postfix version 2.11-3.1:
tls_dane_digest_agility (on) tls_dane_digest_agility (on)
skipping to change at line 540 skipping to change at line 546
tls_dane_trust_anchor_digest_enable (yes) tls_dane_trust_anchor_digest_enable (yes)
Enable support for RFC 6698 (DANE TLSA) DNS records that contain d igests of trust-anchors with cer- Enable support for RFC 6698 (DANE TLSA) DNS records that contain d igests of trust-anchors with cer-
tificate usage "2". tificate usage "2".
Available in Postfix version 2.11 and later: Available in Postfix version 2.11 and later:
smtp_tls_trust_anchor_file (empty) smtp_tls_trust_anchor_file (empty)
Zero or more PEM-format files with trust-anchor certificates and/o r public keys. Zero or more PEM-format files with trust-anchor certificates and/o r public keys.
smtp_tls_force_insecure_host_tlsa_lookup (no) smtp_tls_force_insecure_host_tlsa_lookup (no)
Lookup the associated DANE TLSA RRset even when a hostname is not an alias and its address records Lookup the associated DANE TLSA RRset even when a hostname is not an alias and its address records
lie in an unsigned zone. lie in an unsigned zone.
tlsmgr_service_name (tlsmgr) tlsmgr_service_name (tlsmgr)
The name of the tlsmgr(8) service entry in master.cf. The name of the tlsmgr(8) service entry in master.cf.
Available in Postfix version 3.0 and later: Available in Postfix version 3.0 and later:
smtp_tls_wrappermode (no) smtp_tls_wrappermode (no)
Request that the Postfix SMTP client connects using the legacy SM TPS protocol instead of using the Request that the Postfix SMTP client connects using the legacy SMT PS protocol instead of using the
STARTTLS command. STARTTLS command.
Available in Postfix version 3.1 and later: Available in Postfix version 3.1 and later:
smtp_tls_dane_insecure_mx_policy (dane) smtp_tls_dane_insecure_mx_policy (dane)
The TLS policy for MX hosts with "secure" TLSA records when the ne xthop destination security level The TLS policy for MX hosts with "secure" TLSA records when the n exthop destination security level
is dane, but the MX record was found via an "insecure" MX lookup. is dane, but the MX record was found via an "insecure" MX lookup.
Available in Postfix version 3.4 and later: Available in Postfix version 3.4 and later:
smtp_tls_connection_reuse (no) smtp_tls_connection_reuse (no)
Try to make multiple deliveries per TLS-encrypted connection. Try to make multiple deliveries per TLS-encrypted connection.
smtp_tls_chain_files (empty) smtp_tls_chain_files (empty)
List of one or more PEM files, each holding one or more private k eys directly followed by a corre- List of one or more PEM files, each holding one or more private ke ys directly followed by a corre-
sponding certificate chain. sponding certificate chain.
smtp_tls_servername (empty) smtp_tls_servername (empty)
Optional name to send to the remote SMTP server in the TLS Server Name Indication (SNI) extension. Optional name to send to the remote SMTP server in the TLS Server Name Indication (SNI) extension.
Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later: Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
tls_fast_shutdown_enable (yes) tls_fast_shutdown_enable (yes)
A workaround for implementations that hang Postfix while shutting down a TLS session, until Postfix A workaround for implementations that hang Postfix while shutting down a TLS session, until Postfix
times out. times out.
OBSOLETE STARTTLS CONTROLS OBSOLETE STARTTLS CONTROLS
The following configuration parameters exist for compatibility with Pos tfix versions before 2.3. Support The following configuration parameters exist for compatibility with Postf ix versions before 2.3. Support
for these will be removed in a future release. for these will be removed in a future release.
smtp_use_tls (no) smtp_use_tls (no)
Opportunistic mode: use TLS when a remote SMTP server announces ST ARTTLS support, otherwise send Opportunistic mode: use TLS when a remote SMTP server announces STARTTLS support, otherwise send
the mail in the clear. the mail in the clear.
smtp_enforce_tls (no) smtp_enforce_tls (no)
Enforcement mode: require that remote SMTP servers use TLS encry ption, and never send mail in the Enforcement mode: require that remote SMTP servers use TLS encrypt ion, and never send mail in the
clear. clear.
smtp_tls_enforce_peername (yes) smtp_tls_enforce_peername (yes)
With mandatory TLS encryption, require that the remote SMTP server hostname matches the information With mandatory TLS encryption, require that the remote SMTP server hostname matches the information
in the remote SMTP server certificate. in the remote SMTP server certificate.
smtp_tls_per_site (empty) smtp_tls_per_site (empty)
Optional lookup tables with the Postfix SMTP client TLS usage poli cy by next-hop destination and by Optional lookup tables with the Postfix SMTP client TLS usage poli cy by next-hop destination and by
remote SMTP server hostname. remote SMTP server hostname.
skipping to change at line 609 skipping to change at line 615
RESOURCE AND RATE CONTROLS RESOURCE AND RATE CONTROLS
smtp_connect_timeout (30s) smtp_connect_timeout (30s)
The Postfix SMTP client time limit for completing a TCP connection , or zero (use the operating sys- The Postfix SMTP client time limit for completing a TCP connection , or zero (use the operating sys-
tem built-in time limit). tem built-in time limit).
smtp_helo_timeout (300s) smtp_helo_timeout (300s)
The Postfix SMTP client time limit for sending the HELO or EHLO co mmand, and for receiving the ini- The Postfix SMTP client time limit for sending the HELO or EHLO co mmand, and for receiving the ini-
tial remote SMTP server response. tial remote SMTP server response.
lmtp_lhlo_timeout (300s) lmtp_lhlo_timeout (300s)
The Postfix LMTP client time limit for sending the LHLO command, and for receiving the initial The Postfix LMTP client time limit for sending the LHLO comma nd, and for receiving the initial
remote LMTP server response. remote LMTP server response.
smtp_xforward_timeout (300s) smtp_xforward_timeout (300s)
The Postfix SMTP client time limit for sending the XFORWARD comm and, and for receiving the remote The Postfix SMTP client time limit for sending the XFORWARD comman d, and for receiving the remote
SMTP server response. SMTP server response.
smtp_mail_timeout (300s) smtp_mail_timeout (300s)
The Postfix SMTP client time limit for sending the MAIL FROM comma nd, and for receiving the remote The Postfix SMTP client time limit for sending the MAIL FROM comm and, and for receiving the remote
SMTP server response. SMTP server response.
smtp_rcpt_timeout (300s) smtp_rcpt_timeout (300s)
The Postfix SMTP client time limit for sending the SMTP RCPT TO command, and for receiving the The Postfix SMTP client time limit for sending the SMTP RCPT TO c ommand, and for receiving the
remote SMTP server response. remote SMTP server response.
smtp_data_init_timeout (120s) smtp_data_init_timeout (120s)
The Postfix SMTP client time limit for sending the SMTP DATA comma nd, and for receiving the remote The Postfix SMTP client time limit for sending the SMTP DATA comm and, and for receiving the remote
SMTP server response. SMTP server response.
smtp_data_xfer_timeout (180s) smtp_data_xfer_timeout (180s)
The Postfix SMTP client time limit for sending the SMTP message co ntent. The Postfix SMTP client time limit for sending the SMTP message co ntent.
smtp_data_done_timeout (600s) smtp_data_done_timeout (600s)
The Postfix SMTP client time limit for sending the SMTP ".", and for receiving the remote SMTP The Postfix SMTP client time limit for sending the SMTP ".", and for receiving the remote SMTP
server response. server response.
smtp_quit_timeout (300s) smtp_quit_timeout (300s)
The Postfix SMTP client time limit for sending the QUIT command, a nd for receiving the remote SMTP The Postfix SMTP client time limit for sending the QUIT command, and for receiving the remote SMTP
server response. server response.
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
smtp_mx_address_limit (5) smtp_mx_address_limit (5)
The maximal number of MX (mail exchanger) IP addresses that ca n result from Postfix SMTP client The maximal number of MX (mail exchanger) IP addresses that can re sult from Postfix SMTP client
mail exchanger lookups, or zero (no limit). mail exchanger lookups, or zero (no limit).
smtp_mx_session_limit (2) smtp_mx_session_limit (2)
The maximal number of SMTP sessions per delivery request before th e Postfix SMTP client gives up or The maximal number of SMTP sessions per delivery request before th e Postfix SMTP client gives up or
delivers to a fall-back relay host, or zero (no limit). delivers to a fall-back relay host, or zero (no limit).
smtp_rset_timeout (20s) smtp_rset_timeout (20s)
The Postfix SMTP client time limit for sending the RSET command, and for receiving the remote SMTP The Postfix SMTP client time limit for sending the RSET command, a nd for receiving the remote SMTP
server response. server response.
Available in Postfix version 2.2 and earlier: Available in Postfix version 2.2 and earlier:
lmtp_cache_connection (yes) lmtp_cache_connection (yes)
Keep Postfix LMTP client connections open for up to $max_idle seco nds. Keep Postfix LMTP client connections open for up to $max_idle seco nds.
Available in Postfix version 2.2 and later: Available in Postfix version 2.2 and later:
smtp_connection_cache_destinations (empty) smtp_connection_cache_destinations (empty)
Permanently enable SMTP connection caching for the specified desti nations. Permanently enable SMTP connection caching for the specified desti nations.
smtp_connection_cache_on_demand (yes) smtp_connection_cache_on_demand (yes)
Temporarily enable SMTP connection caching while a destination has a high volume of mail in the Temporarily enable SMTP connection caching while a destination has a high volume of mail in the
active queue. active queue.
smtp_connection_reuse_time_limit (300s) smtp_connection_reuse_time_limit (300s)
The amount of time during which Postfix will use an SMTP connectio n repeatedly. The amount of time during which Postfix will use an SMTP connectio n repeatedly.
smtp_connection_cache_time_limit (2s) smtp_connection_cache_time_limit (2s)
When SMTP connection caching is enabled, the amount of time tha t an unused SMTP client socket is When SMTP connection caching is enabled, the amount of time that a n unused SMTP client socket is
kept open before it is closed. kept open before it is closed.
Available in Postfix version 2.3 and later: Available in Postfix version 2.3 and later:
connection_cache_protocol_timeout (5s) connection_cache_protocol_timeout (5s)
Time limit for connection cache connect, send or receive operation s. Time limit for connection cache connect, send or receive operation s.
Available in Postfix version 2.9 and later: Available in Postfix version 2.9 and later:
smtp_per_record_deadline (no) smtp_per_record_deadline (no)
Change the behavior of the smtp_*_timeout time limits, from a time Change the behavior of the smtp_*_timeout time limits, from a ti
limit per read or write system me limit per read or write system
call, to a time limit to send or receive a complete record (an call, to a time limit to send or receive a complete record (an SMT
SMTP command line, SMTP response P command line, SMTP response
line, SMTP message content line, or TLS protocol message). line, SMTP message content line, or TLS protocol message).
Available in Postfix version 2.11 and later: Available in Postfix version 2.11 and later:
smtp_connection_reuse_count_limit (0) smtp_connection_reuse_count_limit (0)
When SMTP connection caching is enabled, the number of times that an SMTP session may be reused When SMTP connection caching is enabled, the number of times t hat an SMTP session may be reused
before it is closed, or zero (no limit). before it is closed, or zero (no limit).
Available in Postfix version 3.4 and later: Available in Postfix version 3.4 and later:
smtp_tls_connection_reuse (no) smtp_tls_connection_reuse (no)
Try to make multiple deliveries per TLS-encrypted connection. Try to make multiple deliveries per TLS-encrypted connection.
Implemented in the qmgr(8) daemon: Implemented in the qmgr(8) daemon:
transport_destination_concurrency_limit ($default_destination_concurrency _limit) transport_destination_concurrency_limit ($default_destination_concurrency _limit)
A transport-specific override for the default_destination_concurr ency_limit parameter value, where A transport-specific override for the default_destination_concurre ncy_limit parameter value, where
transport is the master.cf name of the message delivery transport. transport is the master.cf name of the message delivery transport.
transport_destination_recipient_limit ($default_destination_recipient_lim it) transport_destination_recipient_limit ($default_destination_recipient_lim it)
A transport-specific override for the default_destination_recipien t_limit parameter value, where A transport-specific override for the default_destination_recip ient_limit parameter value, where
transport is the master.cf name of the message delivery transport. transport is the master.cf name of the message delivery transport.
SMTPUTF8 CONTROLS SMTPUTF8 CONTROLS
Preliminary SMTPUTF8 support is introduced with Postfix 3.0. Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
smtputf8_enable (yes) smtputf8_enable (yes)
Enable preliminary SMTPUTF8 support for the protocols described in RFC 6531..6533. Enable preliminary SMTPUTF8 support for the protocols described in RFC 6531..6533.
smtputf8_autodetect_classes (sendmail, verify) smtputf8_autodetect_classes (sendmail, verify)
Detect that a message requires SMTPUTF8 support for the specified mail origin classes. Detect that a message requires SMTPUTF8 support for the specified mail origin classes.
Available in Postfix version 3.2 and later: Available in Postfix version 3.2 and later:
enable_idna2003_compatibility (no) enable_idna2003_compatibility (no)
Enable 'transitional' compatibility between IDNA2003 and IDNA2 008, when converting UTF-8 domain Enable 'transitional' compatibility between IDNA2003 and IDNA2008, when converting UTF-8 domain
names to/from the ASCII form that is used for DNS lookups. names to/from the ASCII form that is used for DNS lookups.
TROUBLE SHOOTING CONTROLS TROUBLE SHOOTING CONTROLS
debug_peer_level (2) debug_peer_level (2)
The increment in verbose logging level when a remote client or ser ver matches a pattern in the The increment in verbose logging level when a remote client o r server matches a pattern in the
debug_peer_list parameter. debug_peer_list parameter.
debug_peer_list (empty) debug_peer_list (empty)
Optional list of remote client or server hostname or network add ress patterns that cause the ver- Optional list of remote client or server hostname or network addre ss patterns that cause the ver-
bose logging level to increase by the amount specified in $debug_p eer_level. bose logging level to increase by the amount specified in $debug_p eer_level.
error_notice_recipient (postmaster) error_notice_recipient (postmaster)
The recipient of postmaster notifications about mail delivery prob lems that are caused by policy, The recipient of postmaster notifications about mail delivery pr oblems that are caused by policy,
resource, software or protocol errors. resource, software or protocol errors.
internal_mail_filter_classes (empty) internal_mail_filter_classes (empty)
What categories of Postfix-generated mail are subject to b efore-queue content inspection by What categories of Postfix-generated mail are subject to befo re-queue content inspection by
non_smtpd_milters, header_checks and body_checks. non_smtpd_milters, header_checks and body_checks.
notify_classes (resource, software) notify_classes (resource, software)
The list of error classes that are reported to the postmaster. The list of error classes that are reported to the postmaster.
MISCELLANEOUS CONTROLS MISCELLANEOUS CONTROLS
best_mx_transport (empty) best_mx_transport (empty)
Where the Postfix SMTP client should deliver mail when it detects a "mail loops back to myself" Where the Postfix SMTP client should deliver mail when it dete cts a "mail loops back to myself"
error condition. error condition.
config_directory (see 'postconf -d' output) config_directory (see 'postconf -d' output)
The default location of the Postfix main.cf and master.cf configur ation files. The default location of the Postfix main.cf and master.cf configur ation files.
daemon_timeout (18000s) daemon_timeout (18000s)
How much time a Postfix daemon process may take to handle a req uest before it is terminated by a How much time a Postfix daemon process may take to handle a reques t before it is terminated by a
built-in watchdog timer. built-in watchdog timer.
delay_logging_resolution_limit (2) delay_logging_resolution_limit (2)
The maximal number of digits after the decimal point when logging sub-second delay values. The maximal number of digits after the decimal point when logging sub-second delay values.
disable_dns_lookups (no) disable_dns_lookups (no)
Disable DNS lookups in the Postfix SMTP and LMTP clients. Disable DNS lookups in the Postfix SMTP and LMTP clients.
inet_interfaces (all) inet_interfaces (all)
The network interface addresses that this mail system receives mai l on. The network interface addresses that this mail system receives mai l on.
skipping to change at line 777 skipping to change at line 783
The time limit for sending or receiving information over an intern al communication channel. The time limit for sending or receiving information over an intern al communication channel.
lmtp_assume_final (no) lmtp_assume_final (no)
When a remote LMTP server announces no DSN support, assume that th e server performs final delivery, When a remote LMTP server announces no DSN support, assume that th e server performs final delivery,
and send "delivered" delivery status notifications instead of "rel ayed". and send "delivered" delivery status notifications instead of "rel ayed".
lmtp_tcp_port (24) lmtp_tcp_port (24)
The default TCP port that the Postfix LMTP client connects to. The default TCP port that the Postfix LMTP client connects to.
max_idle (100s) max_idle (100s)
The maximum amount of time that an idle Postfix daemon process waits for an incoming connection The maximum amount of time that an idle Postfix daemon process wai ts for an incoming connection
before terminating voluntarily. before terminating voluntarily.
max_use (100) max_use (100)
The maximal number of incoming connections that a Postfix daemon p rocess will service before termi- The maximal number of incoming connections that a Postfix daemon p rocess will service before termi-
nating voluntarily. nating voluntarily.
process_id (read-only) process_id (read-only)
The process ID of a Postfix command or daemon process. The process ID of a Postfix command or daemon process.
process_name (read-only) process_name (read-only)
skipping to change at line 799 skipping to change at line 805
proxy_interfaces (empty) proxy_interfaces (empty)
The network interface addresses that this mail system receives mai l on by way of a proxy or network The network interface addresses that this mail system receives mai l on by way of a proxy or network
address translation unit. address translation unit.
smtp_address_preference (any) smtp_address_preference (any)
The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP c lient will try first, when a des- The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP c lient will try first, when a des-
tination has IPv6 and IPv4 addresses with equal MX preference. tination has IPv6 and IPv4 addresses with equal MX preference.
smtp_bind_address (empty) smtp_bind_address (empty)
An optional numerical network address that the Postfix SMTP cli ent should bind to when making an An optional numerical network address that the Postfix SMTP client should bind to when making an
IPv4 connection. IPv4 connection.
smtp_bind_address6 (empty) smtp_bind_address6 (empty)
An optional numerical network address that the Postfix SMTP client should bind to when making an An optional numerical network address that the Postfix SMTP cli ent should bind to when making an
IPv6 connection. IPv6 connection.
smtp_helo_name ($myhostname) smtp_helo_name ($myhostname)
The hostname to send in the SMTP HELO or EHLO command. The hostname to send in the SMTP HELO or EHLO command.
lmtp_lhlo_name ($myhostname) lmtp_lhlo_name ($myhostname)
The hostname to send in the LMTP LHLO command. The hostname to send in the LMTP LHLO command.
smtp_host_lookup (dns) smtp_host_lookup (dns)
What mechanisms the Postfix SMTP client uses to look up a host's I P address. What mechanisms the Postfix SMTP client uses to look up a host's I P address.
smtp_randomize_addresses (yes) smtp_randomize_addresses (yes)
Randomize the order of equal-preference MX host addresses. Randomize the order of equal-preference MX host addresses.
syslog_facility (mail) syslog_facility (mail)
The syslog facility of Postfix logging. The syslog facility of Postfix logging.
syslog_name (see 'postconf -d' output) syslog_name (see 'postconf -d' output)
A prefix that is prepended to the process name in syslog recor ds, so that, for example, "smtpd" A prefix that is prepended to the process name in syslog records, so that, for example, "smtpd"
becomes "prefix/smtpd". becomes "prefix/smtpd".
Available with Postfix 2.2 and earlier: Available with Postfix 2.2 and earlier:
fallback_relay (empty) fallback_relay (empty)
Optional list of relay hosts for SMTP destinations that can't be f ound or that are unreachable. Optional list of relay hosts for SMTP destinations that can't be f ound or that are unreachable.
Available with Postfix 2.3 and later: Available with Postfix 2.3 and later:
smtp_fallback_relay ($fallback_relay) smtp_fallback_relay ($fallback_relay)
Optional list of relay hosts for SMTP destinations that can't be f ound or that are unreachable. Optional list of relay hosts for SMTP destinations that can't be f ound or that are unreachable.
Available with Postfix 3.0 and later: Available with Postfix 3.0 and later:
smtp_address_verify_target (rcpt) smtp_address_verify_target (rcpt)
In the context of email address verification, the SMTP protocol st age that determines whether an In the context of email address verification, the SMTP protocol stage that determines whether an
email address is deliverable. email address is deliverable.
Available with Postfix 3.1 and later: Available with Postfix 3.1 and later:
lmtp_fallback_relay (empty) lmtp_fallback_relay (empty)
Optional list of relay hosts for LMTP destinations that can't be f ound or that are unreachable. Optional list of relay hosts for LMTP destinations that can't be f ound or that are unreachable.
Available with Postfix 3.2 and later: Available with Postfix 3.2 and later:
smtp_tcp_port (smtp) smtp_tcp_port (smtp)
 End of changes. 56 change blocks. 
64 lines changed or deleted 71 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)