mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 13:48:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.2-20040422

Browse Source
This commit is contained in:
Wietse Venema 2004-04-22 00:00:00 -05:00 committed by Viktor Dukhovni
parent 3e4842d1c6
commit aeab334cf6
33 changed files with 3310 additions and 378 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
postfix/AAAREADME
View File

@ -97,10 +97,6 @@ navigate faster.
The PORTING file discusses how to go about porting Postfix to other
UNIX platforms.
The TODO file lists things that still need to be done. If you want
to set your teeth into one of those problems, drop me a note at
wietse@porcupine.org to avoid duplication of effort.
Documentation:
README_FILES/ Instructions for specific Postfix features
@ -123,6 +119,7 @@ Command-line utilities:
src/postalias/ Alias database management
src/postcat/ List Postfix queue file
src/postconf/ Configuration utility
src/postdrop/ Postfix mail submission program
src/postfix/ Postfix administrative interface
src/postkick/ Postfix IPC for shell scripts
src/postlock/ Postfix locking for shell scripts

14
postfix/README_FILES/PACKAGE_README
View File

@ -85,12 +85,14 @@ IInnssttaalllliinngg aa pprree--bbuuiilltt PPoossttffi
* Create the necessary mail_owner account and setgid_group group for
exclusive use by Postfix.
* Execute the post-install script in the Postfix configuration directory to
set ownership and permission of Postfix files and directories. Specify any
non-default settings for mail_owner or setgid_group on the post-install
command line:
* Execute the postfix command to set ownership and permission of Postfix
files and directories, and to update Postfix configuration files. If
necessary, specify any non-default settings for mail_owner or setgid_group
on the postfix command line:
# sh post-install upgrade-package setgid_group=xxx mail_owner=yyy
# postfix set-permissions upgrade-configuration \
setgid_group=xxx mail_owner=yyy
This will also update the main.cf and master.cf files if necessary.
With Postfix versions before 2.1 you achieve the same result by invoking
the post-install script directly.

26
postfix/README_FILES/QSHAPE_README
View File

@ -4,13 +4,15 @@ PPoossttffiixx BBoottttlleenneecckk AAnnaallyyssiiss
PPuurrppoossee ooff tthhiiss ddooccuummeenntt
This document describes the "qshape" program which helps the administrator
This document describes the qshape(1) program which helps the administrator
understand the Postfix queue message distribution sorted by time and by sender
or recipient domain. qshape is bundled with the Postfix 2.1 source under the
"auxiliary" directory. In order to understand the output of qshape, it useful
to understand the various Postfix queues. To this end the role of each Postfix
queue directory is described briefly in the "Background info: Postfix queue
directories" section near the end of this document.
or recipient domain. qshape(1) is bundled with the Postfix 2.1 source under the
"auxiliary" directory.
In order to understand the output of qshape(1), it useful to understand the
various Postfix queues. To this end the role of each Postfix queue directory is
described briefly in the "Background info: Postfix queue directories" section
near the end of this document.
This document covers the following topics:
@ -32,8 +34,8 @@ This document covers the following topics:
IInnttrroodduucciinngg tthhee qqsshhaappee ttooooll
When mail is draining slowly or the queue is unexpectedly large, run "qshape"
as the super-user (root) to help zero in on the problem. The "qshape" program
When mail is draining slowly or the queue is unexpectedly large, run qshape(1)
as the super-user (root) to help zero in on the problem. The qshape(1) program
displays a tabular view of the Postfix queue contents.
* On the horizontal axis, it displays the queue age with fine granularity for
@ -133,7 +135,7 @@ suggest strategies to reduce congestion.
$ egrep 'qmgr.*(panic|fatal|error|warning):' /var/log/maillog
When all else fails try the Postfix mailing list for help, but please don't
forget to include the top 10 or 20 lines of "qshape" output.
forget to include the top 10 or 20 lines of qshape(1) output.
EExxaammppllee 11:: HHeeaalltthhyy qquueeuuee
@ -188,7 +190,7 @@ The domains shown are mostly bulk-mailers and all the volume is the tail end of
the time distribution, showing that short term arrival rates are moderate.
Larger numbers and lower message ages are more indicative of current trouble.
Old mail still going nowhere is largely harmless so long as the active and
incoming queues are short. We can also see that the groups.msg.com
incoming queues are short. We can also see that the groups.msn.com
undeliverables are low rate steady stream rather than a concentrated dictionary
attack that is now over.
@ -214,7 +216,7 @@ Congestion was reported with the active and incoming queues large and not
shrinking despite very large delivery agent process limits. The thread is
archived at: http://groups.google.com/groups?th=636626c645f5bbde
Using an older version of "qshape" it was quickly determined that all the
Using an older version of qshape(1) it was quickly determined that all the
messages were for just a few destinations:
$ qshape (show incoming and active queue status)
@ -597,6 +599,6 @@ strategies) to reduce the chances of repeated complete deferred queue flushes.
CCrreeddiittss
The "qshape" program was developed by Victor Duchovni of Morgan Stanley, who
The qshape(1) program was developed by Victor Duchovni of Morgan Stanley, who
also wrote the initial version of this document.

3
postfix/README_FILES/RESTRICTION_CLASS_README
View File

@ -65,7 +65,8 @@ SMTP client IP address, and therefore is subject to IP spoofing.
...the usual stuff...
/etc/postfix/access:
all permit_mynetworks,reject
all@my.domain permit_mynetworks,reject
all@my.hostname permit_mynetworks,reject
Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb files.
To find out what map types Postfix supports, use the command ppoossttccoonnff --mm.

14
postfix/README_FILES/SMTPD_ACCESS_README
View File

@ -77,29 +77,29 @@ apply to all SMTP mail.
SMTPD_PROXY_README document. This happens while Postfix receives mail,
before it is stored in the incoming queue.
* Require that the client sends the HELO or EHLO command before sending the
* Requiring that the client sends the HELO or EHLO command before sending the
MAIL FROM or ETRN command. This may cause problems with home-grown
applications that send mail. For this reason, the requirement is disabled
by default ("smtpd_helo_required = no").
* Disallow illegal syntax in MAIL FROM or RCPT TO commands. This may cause
* Disallowing illegal syntax in MAIL FROM or RCPT TO commands. This may cause
problems with home-grown applications that send mail, and with ancient PC
mail clients. For this reason, the requirement is disabled by default
("strict_rfc821_envelopes = no").
o Disallow RFC 822 address syntax (example: "MAIL FROM: the dude
o Disallowing RFC 822 address syntax (example: "MAIL FROM: the dude
<dude@example.com>").
o Disallow addresses that are not enclosed with <> (example: "MAIL FROM:
dude@example.com").
o Disallowing addresses that are not enclosed with <> (example: "MAIL
FROM: dude@example.com").
* Reject mail from a non-existent sender address. This form of egress
* Rejecting mail from a non-existent sender address. This form of egress
filtering helps to slow down worms and other malware, but may cause
problems with home-grown software that sends out mail software with an
unreplyable address. For this reason the requirement is disabled by default
("smtpd_reject_unlisted_sender = no").
* Reject mail for a non-existent recipient address. This form of ingress
* Rejecting mail for a non-existent recipient address. This form of ingress
filtering helps to keep the mail queue free of undeliverable MAILER-DAEMON
messages. This requirement is enabled by default
("smtpd_reject_unlisted_recipient = yes").

18
postfix/RELEASE_NOTES-2.2 → postfix/RELEASE_NOTES-2.1
View File

@ -5,19 +5,19 @@ incompatibility.
The official Postfix release is called 2.1.x where 2=major release
number, 1=minor release number, x=patchlevel. Snapshot releases
are now called 2.2-yyyymmdd where yyyymmdd is the release date
(yyyy=year, mm=month, dd=day). The mail_release_date configuration
parameter contains the release date (both for official release and
snapshot release). Patches are issued for the official release
and change the patchlevel and the release date. Patches are never
issued for snapshot releases.
are called 2.2-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). The mail_release_date configuration parameter
contains the release date (both for official release and snapshot
release). Patches are issued for the official release and change
the patchlevel and the release date. Patches are never issued for
snapshot releases.
Major changes - critical
------------------------
You must stop Postfix 1.x before upgrading. This is because the
master-child protocols have changed, and nothing will work with
the old master daemon process.
If you run Postfix 1.x or earlier then you must stop Postfix before
upgrading. This is because the master-child protocols have changed,
and very little will work with the old master daemon process.
[Incompat 20021119] You can upgrade Postfix 2.0 without stopping.
After upgrading an existing Postfix 2.0 system you must use "postfix

28
postfix/TODO-BEFORE-RELEASE
View File

@ -1,28 +0,0 @@
Documentation needed before official release:
=============================================
- RELEASE_NOTES file with all changes since Postfix version 2.0.
Tools cleanup
=============
Remove mantools script for 2.0 to 2.1 migration:
docparam docuseparam double makepostconf makepostconflinks
readme2html specmiss spell useparam user2var var2user
Functionality to be removed before official release:
====================================================
- The anvil daemon. Its user interface needs to evolve.
find . type f -print | xargs grep -i anvil
- The tcp_table dictionary type. It's a weak protocol, and the
SMTPD policy delegation protocol provides a superior mechanism.
find . type f -print | xargs egrep -i 'tcp_table|tcp-based'
- Change top-level Makefile.stable/snapshot, makedefs.stable/snapshot
- Delete TODO-BEFORE-RELEASE :-)

1
postfix/conf/postfix-files
View File

@ -325,6 +325,7 @@ $html_directory/postlog.1.html:f:root:-:644
$html_directory/postmap.1.html:f:root:-:644
$html_directory/postqueue.1.html:f:root:-:644
$html_directory/postsuper.1.html:f:root:-:644
$html_directory/qshape.1.html:f:root:-:644
$html_directory/proxymap.8.html:f:root:-:644
$html_directory/qmgr.8.html:f:root:-:644
$html_directory/qmqp-sink.1.html:f:root:-:644

143
postfix/conf/transport
View File

@ -75,11 +75,9 @@
# a domain name hierarchy, as described in section "TABLE
# LOOKUP".
#
# The result is of the form transport:nexthop. The trans-
# port field specifies a mail delivery transport such as
# smtp or local. The nexthop field specifies where and how
# to deliver mail. More details are given in section "RESULT
# FORMAT".
# The result is of the form transport:nexthop and specifies
# how or where to deliver mail. This is described in section
# "RESULT FORMAT".
#
# TABLE LOOKUP
# With lookups from indexed files such as DB or DBM, or from
@ -114,129 +112,134 @@
# mon@hostname).
#
# RESULT FORMAT
# The transport field specifies the name of a mail delivery
# The lookup result is of the form transport:nexthop. The
# transport field specifies a mail delivery transport such
# as smtp or local. The nexthop field specifies where and
# how to deliver mail.
#
# The transport field specifies the name of a mail delivery
# transport (the first name of a mail delivery service entry
# in the Postfix master.cf file).
#
# The interpretation of the nexthop field is transport
# dependent. In the case of SMTP, specify host:service for a
# non-default server port, and use [host] or [host]:port in
# order to disable MX (mail exchanger) DNS lookups. The []
# The interpretation of the nexthop field is transport
# dependent. In the case of SMTP, specify a service on a
# non-default port as host:service, and disable MX (mail
# exchanger) DNS lookups with [host] or [host]:port. The []
# form is required when you specify an IP address instead of
# a hostname.
#
# A null transport and null nexthop result means "do not
# change": use the delivery transport and nexthop informa-
# tion that would be used when the entire transport table
# A null transport and null nexthop result means "do not
# change": use the delivery transport and nexthop informa-
# tion that would be used when the entire transport table
# did not exist.
#
# A non-null transport field with a null nexthop field
# A non-null transport field with a null nexthop field
# resets the nexthop information to the recipient domain.
#
# A null transport field with non-null nexthop field does
# A null transport field with non-null nexthop field does
# not modify the transport information.
#
# EXAMPLES
# In order to deliver internal mail directly, while using a
# mail relay for all other mail, specify a null entry for
# internal destinations (do not change the delivery trans-
# port or the nexthop information) and specify a wildcard
# In order to deliver internal mail directly, while using a
# mail relay for all other mail, specify a null entry for
# internal destinations (do not change the delivery trans-
# port or the nexthop information) and specify a wildcard
# for all other destinations.
#
# my.domain :
# .my.domain :
# * smtp:outbound-relay.my.domain
#
# In order to send mail for foo.org and its subdomains via
# the uucp transport to the UUCP host named foo:
# In order to send mail for example.com and its subdomains
# via the uucp transport to the UUCP host named example:
#
# foo.org uucp:foo
# .foo.org uucp:foo
# example.com uucp:example
# .example.com uucp:example
#
# When no nexthop host name is specified, the destination
# domain name is used instead. For example, the following
# directs mail for user@foo.org via the slow transport to a
# mail exchanger for foo.org. The slow transport could be
# something that runs at most one delivery process at a
# time:
# When no nexthop host name is specified, the destination
# domain name is used instead. For example, the following
# directs mail for user@example.com via the slow transport
# to a mail exchanger for example.com. The slow transport
# could be configured to run at most one delivery process at
# a time:
#
# foo.org slow:
# example.com slow:
#
# When no transport is specified, Postfix uses the transport
# that matches the address domain class (see TRANSPORT FIELD
# discussion above). The following sends all mail for
# foo.org and its subdomains to host gateway.foo.org:
# that matches the address domain class (see DESCRIPTION
# above). The following sends all mail for example.com and
# its subdomains to host gateway.example.com:
#
# foo.org :[gateway.foo.org]
# .foo.org :[gateway.foo.org]
# example.com :[gateway.example.com]
# .example.com :[gateway.example.com]
#
# In the above example, the [] are used to suppress MX
# lookups. The result would likely point to your local
# machine.
# In the above example, the [] suppress MX lookups. This
# prevents mail routing loops when your machine is primary
# MX host for example.com.
#
# In the case of delivery via SMTP, one may specify host-
# In the case of delivery via SMTP, one may specify host-
# name:service instead of just a host:
#
# foo.org smtp:bar.org:2025
# example.com smtp:bar.example:2025
#
# This directs mail for user@foo.org to host bar.org port
# 2025. Instead of a numerical port a symbolic name may be
# used. Specify [] around the hostname in order to disable
# MX lookups.
# This directs mail for user@example.com to host bar.example
# port 2025. Instead of a numerical port a symbolic name may
# be used. Specify [] around the hostname if MX lookups must
# be disabled.
#
# The error mailer can be used to bounce mail:
#
# .foo.org error:mail for *.foo.org is not deliv-
# erable
# .example.com error:mail for *.example.com is not
# deliverable
#
# This causes all mail for user@anything.foo.org to be
# This causes all mail for user@anything.example.com to be
# bounced.
#
# REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when
# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax,
# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus,
# some.domain.hierarchy is not looked up via its parent
# domains, nor is user+foo@domain looked up as user@domain.
# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus,
# some.domain.hierarchy is not looked up via its parent
# domains, nor is user+foo@domain looked up as user@domain.
#
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# string.
#
# Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
# This section describes how the table lookups change when
# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see
# tcp_table(5). This feature is not available in Postfix
# tion of the TCP client/server lookup protocol, see
# tcp_table(5). This feature is not available in Postfix
# version 2.1.
#
# Each lookup operation uses the entire recipient address
# once. Thus, some.domain.hierarchy is not looked up via
# its parent domains, nor is user+foo@domain looked up as
# Each lookup operation uses the entire recipient address
# once. Thus, some.domain.hierarchy is not looked up via
# its parent domains, nor is user+foo@domain looked up as
# user@domain.
#
# Results are the same as with indexed file lookups.
#
# CONFIGURATION PARAMETERS
# The following main.cf parameters are especially relevant.
# The text below provides only a parameter summary. See
# The following main.cf parameters are especially relevant.
# The text below provides only a parameter summary. See
# postconf(5) for more details including examples.
#
# empty_address_recipient
# The address that is looked up instead of the null
# The address that is looked up instead of the null
# sender address.
#
# parent_domain_matches_subdomains
# List of Postfix features that use domain.tld pat-
# terns to match sub.domain.tld (as opposed to
# List of Postfix features that use domain.tld pat-
# terns to match sub.domain.tld (as opposed to
# requiring .domain.tld patterns).
#
# transport_maps
@ -248,13 +251,13 @@
# postmap(1), Postfix lookup table manager
#
# README FILES
# Use "postconf readme_directory" or "postconf html_direc-
# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# DATABASE_README, Postfix lookup table overview
# FILTER_README, external content filter
#
# LICENSE
# The Secure Mailer license must be distributed with this
# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)

7
postfix/html/Makefile.in
View File

@ -11,7 +11,8 @@ COMMANDS= mailq.1.html newaliases.1.html postalias.1.html postcat.1.html \
postconf.1.html postfix.1.html postkick.1.html postlock.1.html \
postlog.1.html postdrop.1.html postmap.1.html sendmail.1.html \
postqueue.1.html postsuper.1.html smtp-source.1.html \
smtp-sink.1.html qmqp-source.1.html qmqp-sink.1.html
smtp-sink.1.html qmqp-source.1.html qmqp-sink.1.html \
qshape.1.html
CONFIG = access.5.html aliases.5.html canonical.5.html relocated.5.html \
transport.5.html virtual.5.html pcre_table.5.html regexp_table.5.html \
cidr_table.5.html tcp_table.5.html header_checks.5.html \
@ -201,6 +202,10 @@ qmqp-sink.1.html: ../src/smtpstone/qmqp-sink.c
PATH=../mantools:$$PATH; \
srctoman $? | $(AWK) | nroff -man | uniq | $(MAN2HTML) | postlink >$@
qshape.1.html: ../auxiliary/qshape/qshape.pl
PATH=../mantools:$$PATH; \
srctoman - $? | $(AWK) | nroff -man | uniq | $(MAN2HTML) | postlink >$@
access.5.html: ../proto/access
PATH=../mantools:$$PATH; \
srctoman - $? | $(AWK) | nroff -man | uniq | $(MAN2HTML) | postlink >$@

15
postfix/html/PACKAGE_README.html
View File

@ -118,17 +118,18 @@ on non-Postfix directories that need to be created in the process.
<li> <p> Create the necessary <a href="postconf.5.html#mail_owner">mail_owner</a> account and <a href="postconf.5.html#setgid_group">setgid_group</a>
group for exclusive use by Postfix. </p>
<li> <p> Execute the post-install script in the Postfix configuration
directory to set ownership and permission of Postfix files and
directories. Specify any non-default settings for <a href="postconf.5.html#mail_owner">mail_owner</a> or
<a href="postconf.5.html#setgid_group">setgid_group</a> on the post-install command line: </p>
<li> <p> Execute the postfix command to set ownership and permission
of Postfix files and directories, and to update Postfix configuration
files. If necessary, specify any non-default settings for <a href="postconf.5.html#mail_owner">mail_owner</a>
or <a href="postconf.5.html#setgid_group">setgid_group</a> on the postfix command line: </p>
<pre>
# sh post-install upgrade-package <a href="postconf.5.html#setgid_group">setgid_group</a>=xxx <a href="postconf.5.html#mail_owner">mail_owner</a>=yyy
# postfix set-permissions upgrade-configuration \
<a href="postconf.5.html#setgid_group">setgid_group</a>=xxx <a href="postconf.5.html#mail_owner">mail_owner</a>=yyy
</pre>
<p> This will also update the main.cf and master.cf files if
necessary. </p>
<p> With Postfix versions before 2.1 you achieve the same result
by invoking the post-install script directly. </p>
</ul>

28
postfix/html/QSHAPE_README.html
View File

@ -19,16 +19,18 @@
<h2>Purpose of this document </h2>
<p> This document describes the "qshape" program which helps the
<p> This document describes the <a href="qshape.1.html">qshape(1)</a> program which helps the
administrator understand the Postfix queue message distribution
sorted by time and by sender or recipient domain. qshape is bundled
with the Postfix 2.1 source under the "auxiliary" directory. In
order to understand the output of qshape, it useful to understand
the various Postfix queues. To this end the role of each Postfix
queue directory is described briefly in the "Background info:
Postfix queue directories" section near the end of this document.
sorted by time and by sender or recipient domain. <a href="qshape.1.html">qshape(1)</a> is
bundled with the Postfix 2.1 source under the "auxiliary" directory.
</p>
<p> In order to understand the output of <a href="qshape.1.html">qshape(1)</a>, it useful to
understand the various Postfix queues. To this end the role of each
Postfix queue directory is described briefly in the "Background
info: Postfix queue directories" section near the end of this
document. </p>
<p> This document covers the following topics: </p>
<ul>
@ -71,8 +73,8 @@ queue</a></li>
<p> When mail is draining slowly or the queue is unexpectedly large,
run "qshape" as the super-user (root) to help zero in on the problem.
The "qshape" program displays a tabular view of the Postfix queue
run <a href="qshape.1.html">qshape(1)</a> as the super-user (root) to help zero in on the problem.
The <a href="qshape.1.html">qshape(1)</a> program displays a tabular view of the Postfix queue
contents. </p>
<ul>
@ -217,7 +219,7 @@ $ egrep 'qmgr.*(panic|fatal|error|warning):' /var/log/maillog
</blockquote>
<p> When all else fails try the Postfix mailing list for help, but
please don't forget to include the top 10 or 20 lines of "qshape"
please don't forget to include the top 10 or 20 lines of <a href="qshape.1.html">qshape(1)</a>
output. </p>
<h2><a name="healthy">Example 1: Healthy queue</a></h2>
@ -290,7 +292,7 @@ is the tail end of the time distribution, showing that short term
arrival rates are moderate. Larger numbers and lower message ages
are more indicative of current trouble. Old mail still going nowhere
is largely harmless so long as the active and <a href="QSHAPE_README.html#incoming_queue">incoming queues</a> are
short. We can also see that the groups.msg.com undeliverables are
short. We can also see that the groups.msn.com undeliverables are
low rate steady stream rather than a concentrated dictionary attack
that is now over. </p>
@ -322,7 +324,7 @@ queues large and not shrinking despite very large delivery agent
process limits. The thread is archived at:
<a href="http://groups.google.com/groups?th=636626c645f5bbde">http://groups.google.com/groups?th=636626c645f5bbde</a> </p>
<p> Using an older version of "qshape" it was quickly determined
<p> Using an older version of <a href="qshape.1.html">qshape(1)</a> it was quickly determined
that all the messages were for just a few destinations: </p>
<blockquote>
@ -780,7 +782,7 @@ queue flushes. </p>
<h2><a name="credits">Credits</a></h2>
<p> The "qshape" program was developed by Victor Duchovni of Morgan
<p> The <a href="qshape.1.html">qshape(1)</a> program was developed by Victor Duchovni of Morgan
Stanley, who also wrote the initial version of this document. </p>
</body>

3
postfix/html/RESTRICTION_CLASS_README.html
View File

@ -105,7 +105,8 @@ to IP spoofing. </p>
<i>...the usual stuff...</i>
/etc/postfix/access:
all <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,reject
all@my.domain <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,reject
all@my.hostname <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,reject
</pre>
</blockquote>

12
postfix/html/SMTPD_ACCESS_README.html
View File

@ -122,13 +122,13 @@ the <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>. </p>
in the <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document. This happens while Postfix
receives mail, before it is stored in the <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>. </p>
<li> <p> Require that the client sends the HELO or EHLO command
<li> <p> Requiring that the client sends the HELO or EHLO command
before sending the MAIL FROM or ETRN command. This may cause problems
with home-grown applications that send mail. For this reason, the
requirement is disabled by default ("<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = no").
</p>
<li> <p> Disallow illegal syntax in MAIL FROM or RCPT TO commands.
<li> <p> Disallowing illegal syntax in MAIL FROM or RCPT TO commands.
This may cause problems with home-grown applications that send
mail, and with ancient PC mail clients. For this reason, the
requirement is disabled by default ("<a href="postconf.5.html#strict_rfc821_envelopes">strict_rfc821_envelopes</a> =
@ -136,21 +136,21 @@ no"). </p>
<ul>
<li> <p> Disallow <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> address syntax (example: "MAIL FROM: the
<li> <p> Disallowing <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> address syntax (example: "MAIL FROM: the
dude &lt;dude@example.com&gt;"). </p>
<li> <p> Disallow addresses that are not enclosed with &lt;&gt;
<li> <p> Disallowing addresses that are not enclosed with &lt;&gt;
(example: "MAIL FROM: dude@example.com"). </p>
</ul>
<li> <p> Reject mail from a non-existent sender address. This form
<li> <p> Rejecting mail from a non-existent sender address. This form
of egress filtering helps to slow down worms and other malware, but
may cause problems with home-grown software that sends out mail
software with an unreplyable address. For this reason the requirement
is disabled by default ("<a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> = no"). </p>
<li> <p> Reject mail for a non-existent recipient address. This
<li> <p> Rejecting mail for a non-existent recipient address. This
form of ingress filtering helps to keep the mail queue free of
undeliverable MAILER-DAEMON messages. This requirement is enabled
by default ("<a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> = yes"). </p>

4
postfix/html/STANDARD_CONFIGURATION_README.html
View File

@ -108,7 +108,7 @@ their default settings. </p>
2 <a href="postconf.5.html#myorigin">myorigin</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
3 <a href="postconf.5.html#relayhost">relayhost</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
4 <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = 127.0.0.1
5 <a href="postconf.5.html#local_transport">local_transport</a> = error:local delivery is disabled
5 <a href="postconf.5.html#local_transport">local_transport</a> = <a href="error.8.html">error</a>:local delivery is disabled
6
7 /etc/postfix/master.cf:
8 Comment out the local delivery agent entry
@ -282,7 +282,7 @@ harder to break. </p>
2 <a href="postconf.5.html#myorigin">myorigin</a> = example.com
3 <a href="postconf.5.html#mydestination">mydestination</a> =
4 <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =
5 <a href="postconf.5.html#local_transport">local_transport</a> = error:local mail delivery is disabled
5 <a href="postconf.5.html#local_transport">local_transport</a> = <a href="error.8.html">error</a>:local mail delivery is disabled
6
7 /etc/postfix/master.cf:
8 Comment out the local delivery agent

32
postfix/html/postconf.1.html
View File

@ -118,24 +118,30 @@ POSTCONF(1) POSTCONF(1)
always returns the string <b>foobar</b> as lookup
result.
<b>tcp</b> (read-only)
Perform lookups using a simple request-reply
protocol that is described in <a href="tcp_table.5.html">tcp_table(5)</a>.
This feature is not included with Postfix
2.1.
<b>unix</b> (read-only)
A limited way to query the UNIX authentica-
A limited way to query the UNIX authentica-
tion database. The following tables are
implemented:
<b>unix:passwd.byname</b>
The table is the UNIX password
database. The key is a login name.
The result is a password file entry
The table is the UNIX password
database. The key is a login name.
The result is a password file entry
in passwd(5) format.
<b>unix:group.byname</b>
The table is the UNIX group
database. The key is a group name.
The result is a group file entry in
The table is the UNIX group
database. The key is a group name.
The result is a group file entry in
group(5) format.
Other table types may exist depending on how Postfix was
Other table types may exist depending on how Postfix was
built.
<b>-n</b> Print parameter settings that are not left at their
@ -143,7 +149,7 @@ POSTCONF(1) POSTCONF(1)
specified in main.cf.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
tiple <b>-v</b> options make the software increasingly
tiple <b>-v</b> options make the software increasingly
verbose.
<b>DIAGNOSTICS</b>
@ -154,14 +160,14 @@ POSTCONF(1) POSTCONF(1)
Directory with Postfix configuration files.
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
The following <b>main.cf</b> parameters are especially relevant
to this program.
The text below provides only a parameter summary. See
The text below provides only a parameter summary. See
<a href="postconf.5.html">postconf(5)</a> for more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
The default location of the Postfix main.cf and
master.cf configuration files.
<b>FILES</b>
@ -174,7 +180,7 @@ POSTCONF(1) POSTCONF(1)
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

30
postfix/html/postconf.5.html
View File

@ -2245,11 +2245,9 @@ configure or operate a specific Postfix subsystem or feature.
<DT><b><a name="ignore_mx_lookup_error">ignore_mx_lookup_error</a>
(default: no)</b></DT><DD>
<p>
Ignore DNS MX lookups that produce no response. By default,
Postfix defers delivery and tries again after some delay. This
behavior is required by the SMTP standard.
</p>
<p> Ignore DNS MX lookups that produce no response. By default,
the Postfix SMTP client defers delivery and tries again after some
delay. This behavior is required by the SMTP standard. </p>
<p>
Specify "<b><a href="postconf.5.html#ignore_mx_lookup_error">ignore_mx_lookup_error</a> = yes</b>" to force a DNS A record
@ -5578,12 +5576,10 @@ Skip SMTP servers that greet with a 5XX status code (go away, do
not try again later).
</p>
<p>
By default, Postfix moves on the next mail exchanger. Specify
"<a href="postconf.5.html#smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a> = no" if Postfix should bounce the mail
immediately. The default setting is incorrect, but it is what a
lot of people expect to happen.
</p>
<p> By default, the Postfix SMTP client moves on the next mail
exchanger. Specify "<a href="postconf.5.html#smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a> = no" if Postfix should
bounce the mail immediately. The default setting is incorrect, but
it is what a lot of people expect to happen. </p>
</DD>
@ -6605,7 +6601,8 @@ code for rejected requests (default: 554). </dd>
<dt><b><a name="reject_unknown_recipient_domain">reject_unknown_recipient_domain</a></b></dt>
<dd>Reject the request when the RCPT TO address has no DNS A or MX
record. <br> The <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter specifies
record and Postfix is not final destination for the recipient
address. <br> The <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter specifies
the response code for rejected requests (default: 450). The response
is always 450 in case of a temporary DNS error.</dd>
@ -7050,10 +7047,11 @@ Postfix version 2.1 and later. </dd>
<dt><b><a name="reject_unknown_sender_domain">reject_unknown_sender_domain</a></b></dt>
<dd>Reject the request when the MAIL FROM address has no DNS A
or MX record. <br> The <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter
specifies the response code for rejected requests (default: 450).
The response is always 450 in case of a temporary DNS error. </dd>
<dd>Reject the request when the MAIL FROM address has no DNS A or
MX record and Postfix is not final destination for the sender
address. <br> The <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter specifies
the response code for rejected requests (default: 450). The response
is always 450 in case of a temporary DNS error. </dd>
<dt><b><a name="reject_unlisted_sender">reject_unlisted_sender</a></b></dt>

117
postfix/html/qshape.1.html Normal file
View File

@ -0,0 +1,117 @@
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html> <head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - qshape(1) </title>
</head> <body> <pre>
QSHAPE(1) QSHAPE(1)
<b>NAME</b>
qshape - Print Postfix queue domain and age distribution
<b>SYNOPSIS</b>
<b>qshape</b> [<b>-s</b>] [<b>-p</b>] [<b>-m</b> <i>min</i><b>_</b><i>subdomains</i>]
[<b>-b</b> <i>bucket</i><b>_</b><i>count</i>] [<b>-t</b> <i>bucket</i><b>_</b><i>time</i>]
[<b>-w</b> <i>terminal</i><b>_</b><i>width</i>]
[<b>-c</b> <i>config</i><b>_</b><i>directory</i>] [<i>queue</i><b>_</b><i>name</i> ...]
<b>DESCRIPTION</b>
The <b>qshape</b> program helps the administrator understand the
Postfix queue message distribution in time and by sender
domain or recipient domain. The program needs read access
to the queue directories and queue files, so it must run
as the superuser or the <b><a href="postconf.5.html#mail_owner">mail_owner</a></b> specified in <i>main.cf</i>
(typically <b>postfix</b>).
Options:
<b>-s</b> Display the sender domain distribution instead of
the recipient domain distribution. By default the
recipient distribution is displayed. There can be
more recipients than messages, but as each message
has only one sender, the sender distribution is a a
message distribution.
<b>-p</b> Generate aggregate statistics for parent domains.
Top level domains are not shown, nor are domains
with fewer than <i>min</i><b>_</b><i>subdomains</i> subdomains. The
names of parent domains are shown with a leading
dot, (e.g. <i>.example.com</i>).
<b>-m</b> <i>min</i><b>_</b><i>subdomains</i>
When used with the <b>-p</b> option, sets the minimum sub-
domain count needed to show a separate line for a
parent domain. The default is 5.
<b>-b</b> <i>bucket</i><b>_</b><i>count</i>
The age distribution is broken up into a sequence
of geometrically increasing intervals. This option
sets the number of intervals or "buckets". Each
bucket has a maximum queue age that is twice as
large as that of the previous bucket. The last
bucket has no age limit.
<b>-b</b> <i>bucket</i><b>_</b><i>time</i>
The age limit in minutes for the first time bucket.
The default value is 5, meaning that the first
bucket counts messages between 0 and 5 minutes old.
<b>-w</b> <i>terminal</i><b>_</b><i>width</i>
The output is right justified, with the counts for
the last bucket shown on the 80th column, the <i>ter-</i>
<i>minal</i><b>_</b><i>width</i> can be adjusted for wider screens
allowing more buckets to be displayed with truncat-
ing the domain names on the left. When a row for a
full domain name and its counters does not fit in
the specified number of columns, only the last 17
bytes of the domain name are shown with the prefix
replaced by a '+' character. Truncated parent
domain rows are shown as '.+' followed by the last
16 bytes of the domain name. If this is still too
narrow to show the domain name and all the coun-
ters, the terminal_width limit is violated.
<b>-c</b> <i>config</i><b>_</b><i>directory</i>
The <b>main.cf</b> configuration file is in the named
directory instead of the default configuration
directory.
Arguments:
<i>queue</i><b>_</b><i>name</i>
By default <b>qshape</b> displays the combined distribu-
tion of the <a href="QSHAPE_README.html#incoming_queue">incoming</a> and <a href="QSHAPE_README.html#active_queue">active queues</a>. To display
a different set of queues, just list their direc-
tory names on the command line. Absolute paths are
used as is, other paths are taken relative to the
<i>main.cf</i> <b><a href="postconf.5.html#queue_directory">queue_directory</a></b> parameter setting. While
<i>main.cf</i> supports the use of <i>$variable</i> expansion in
the definition of the <b><a href="postconf.5.html#queue_directory">queue_directory</a></b> parameter,
the <b>qshape</b> program does not. If you must use vari-
able expansions in the <b><a href="postconf.5.html#queue_directory">queue_directory</a></b> setting, you
must specify an explicit absolute path for each
queue subdirectory even if you want the default
<a href="QSHAPE_README.html#incoming_queue">incoming</a> and <a href="QSHAPE_README.html#active_queue">active queue</a> distribution.
<b>SEE ALSO</b>
<a href="mailq.1.html">mailq(1)</a> List all messages in the queue.
<a href="QSHAPE_README.html">QSHAPE_README</a> Examples and background material.
<b>FILES</b>
$<a href="postconf.5.html#config_directory">config_directory</a>/main.cf, Postfix installation parameters.
$<a href="postconf.5.html#queue_directory">queue_directory</a>/maildrop/, local submission directory.
$<a href="postconf.5.html#queue_directory">queue_directory</a>/incoming/, new message queue.
$<a href="postconf.5.html#queue_directory">queue_directory</a>/hold/, messages waiting for tech support.
$<a href="postconf.5.html#queue_directory">queue_directory</a>/active/, messages scheduled for delivery.
$<a href="postconf.5.html#queue_directory">queue_directory</a>/deferred/, messages postponed for later delivery.
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
Victor Duchovni
Morgan Stanley
QSHAPE(1)
</pre> </body> </html>

141
postfix/html/transport.5.html
View File

@ -81,11 +81,9 @@ TRANSPORT(5) TRANSPORT(5)
a domain name hierarchy, as described in section "TABLE
LOOKUP".
The <i>result</i> is of the form <i>transport</i><b>:</b><i>nexthop</i>. The <i>trans-</i>
<i>port</i> field specifies a mail delivery transport such as
<b>smtp</b> or <b>local</b>. The <i>nexthop</i> field specifies where and how
to deliver mail. More details are given in section "RESULT
FORMAT".
The <i>result</i> is of the form <i>transport:nexthop</i> and specifies
how or where to deliver mail. This is described in section
"RESULT FORMAT".
<b>TABLE LOOKUP</b>
With lookups from indexed files such as DB or DBM, or from
@ -120,129 +118,134 @@ TRANSPORT(5) TRANSPORT(5)
mon@hostname).
<b>RESULT FORMAT</b>
The transport field specifies the name of a mail delivery
The lookup result is of the form <i>transport</i><b>:</b><i>nexthop</i>. The
<i>transport</i> field specifies a mail delivery transport such
as <b>smtp</b> or <b>local</b>. The <i>nexthop</i> field specifies where and
how to deliver mail.
The transport field specifies the name of a mail delivery
transport (the first name of a mail delivery service entry
in the Postfix <b>master.cf</b> file).
The interpretation of the nexthop field is transport
dependent. In the case of SMTP, specify <i>host</i>:<i>service</i> for a
non-default server port, and use [<i>host</i>] or [<i>host</i>]:<i>port</i> in
order to disable MX (mail exchanger) DNS lookups. The []
The interpretation of the nexthop field is transport
dependent. In the case of SMTP, specify a service on a
non-default port as <i>host</i>:<i>service</i>, and disable MX (mail
exchanger) DNS lookups with [<i>host</i>] or [<i>host</i>]:<i>port</i>. The []
form is required when you specify an IP address instead of
a hostname.
A null <i>transport</i> and null <i>nexthop</i> result means "do not
change": use the delivery transport and nexthop informa-
tion that would be used when the entire transport table
A null <i>transport</i> and null <i>nexthop</i> result means "do not
change": use the delivery transport and nexthop informa-
tion that would be used when the entire transport table
did not exist.
A non-null <i>transport</i> field with a null <i>nexthop</i> field
A non-null <i>transport</i> field with a null <i>nexthop</i> field
resets the nexthop information to the recipient domain.
A null <i>transport</i> field with non-null <i>nexthop</i> field does
A null <i>transport</i> field with non-null <i>nexthop</i> field does
not modify the transport information.
<b>EXAMPLES</b>
In order to deliver internal mail directly, while using a
mail relay for all other mail, specify a null entry for
internal destinations (do not change the delivery trans-
port or the nexthop information) and specify a wildcard
In order to deliver internal mail directly, while using a
mail relay for all other mail, specify a null entry for
internal destinations (do not change the delivery trans-
port or the nexthop information) and specify a wildcard
for all other destinations.
<b>my.domain :</b>
<b>.my.domain :</b>
<b>* <a href="smtp.8.html">smtp</a>:outbound-relay.my.domain</b>
In order to send mail for <b>foo.org</b> and its subdomains via
the <b>uucp</b> transport to the UUCP host named <b>foo</b>:
In order to send mail for <b>example.com</b> and its subdomains
via the <b>uucp</b> transport to the UUCP host named <b>example</b>:
<b>foo.org uucp:foo</b>
<b>.foo.org uucp:foo</b>
<b>example.com uucp:example</b>
<b>.example.com uucp:example</b>
When no nexthop host name is specified, the destination
domain name is used instead. For example, the following
directs mail for <i>user</i>@<b>foo.org</b> via the <b>slow</b> transport to a
mail exchanger for <b>foo.org</b>. The <b>slow</b> transport could be
something that runs at most one delivery process at a
time:
When no nexthop host name is specified, the destination
domain name is used instead. For example, the following
directs mail for <i>user</i>@<b>example.com</b> via the <b>slow</b> transport
to a mail exchanger for <b>example.com</b>. The <b>slow</b> transport
could be configured to run at most one delivery process at
a time:
<b>foo.org slow:</b>
<b>example.com slow:</b>
When no transport is specified, Postfix uses the transport
that matches the address domain class (see TRANSPORT FIELD
discussion above). The following sends all mail for
<b>foo.org</b> and its subdomains to host <b>gateway.foo.org</b>:
that matches the address domain class (see DESCRIPTION
above). The following sends all mail for <b>example.com</b> and
its subdomains to host <b>gateway.example.com</b>:
<b>foo.org :[gateway.foo.org]</b>
<b>.foo.org :[gateway.foo.org]</b>
<b>example.com :[gateway.example.com]</b>
<b>.example.com :[gateway.example.com]</b>
In the above example, the [] are used to suppress MX
lookups. The result would likely point to your local
machine.
In the above example, the [] suppress MX lookups. This
prevents mail routing loops when your machine is primary
MX host for <b>example.com</b>.
In the case of delivery via SMTP, one may specify <i>host-</i>
In the case of delivery via SMTP, one may specify <i>host-</i>
<i>name</i>:<i>service</i> instead of just a host:
<b>foo.org <a href="smtp.8.html">smtp</a>:bar.org:2025</b>
<b>example.com <a href="smtp.8.html">smtp</a>:bar.example:2025</b>
This directs mail for <i>user</i>@<b>foo.org</b> to host <b>bar.org</b> port
<b>2025</b>. Instead of a numerical port a symbolic name may be
used. Specify [] around the hostname in order to disable
MX lookups.
This directs mail for <i>user</i>@<b>example.com</b> to host <b>bar.example</b>
port <b>2025</b>. Instead of a numerical port a symbolic name may
be used. Specify [] around the hostname if MX lookups must
be disabled.
The error mailer can be used to bounce mail:
<b>.foo.org error:mail for *.foo.org is not deliv-</b>
<b>erable</b>
<b>.example.com <a href="error.8.html">error</a>:mail for *.example.com is not</b>
<b>deliverable</b>
This causes all mail for <i>user</i>@<i>anything</i><b>.foo.org</b> to be
This causes all mail for <i>user</i>@<i>anything</i><b>.example.com</b> to be
bounced.
<b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when
This section describes how the table lookups change when
the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax,
a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to
the entire address being looked up. Thus,
<i>some.domain.hierarchy</i> is not looked up via its parent
domains, nor is <i>user+foo@domain</i> looked up as <i>user@domain</i>.
Each pattern is a regular expression that is applied to
the entire address being looked up. Thus,
<i>some.domain.hierarchy</i> is not looked up via its parent
domains, nor is <i>user+foo@domain</i> looked up as <i>user@domain</i>.
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
string.
Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see
<a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available in Postfix
tion of the TCP client/server lookup protocol, see
<a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available in Postfix
version 2.1.
Each lookup operation uses the entire recipient address
once. Thus, <i>some.domain.hierarchy</i> is not looked up via
its parent domains, nor is <i>user+foo@domain</i> looked up as
Each lookup operation uses the entire recipient address
once. Thus, <i>some.domain.hierarchy</i> is not looked up via
its parent domains, nor is <i>user+foo@domain</i> looked up as
<i>user@domain</i>.
Results are the same as with indexed file lookups.
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See
The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See
<a href="postconf.5.html">postconf(5)</a> for more details including examples.
<b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a></b>
The address that is looked up instead of the null
The address that is looked up instead of the null
sender address.
<b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b>
List of Postfix features that use <i>domain.tld</i> pat-
terns to match <i>sub.domain.tld</i> (as opposed to
List of Postfix features that use <i>domain.tld</i> pat-
terns to match <i>sub.domain.tld</i> (as opposed to
requiring <i>.domain.tld</i> patterns).
<b><a href="postconf.5.html#transport_maps">transport_maps</a></b>
@ -258,7 +261,7 @@ TRANSPORT(5) TRANSPORT(5)
<a href="FILTER_README.html">FILTER_README</a>, external content filter
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

2796
postfix/man/junk Normal file
View File

File diff suppressed because it is too large Load Diff

4
postfix/man/man1/postconf.1
View File

@ -99,6 +99,10 @@ described in \fBregexp_table\fR(5).
A table that always returns its name as lookup result. For example,
\fBstatic:foobar\fR always returns the string \fBfoobar\fR as lookup
result.
.IP "\fBtcp\fR (read-only)"
Perform lookups using a simple request-reply protocol that is
described in tcp_table(5).
This feature is not included with Postfix 2.1.
.IP "\fBunix\fR (read-only)"
A limited way to query the UNIX authentication database. The
following tables are implemented:

26
postfix/man/man5/postconf.5
View File

@ -1116,8 +1116,8 @@ The location of Postfix HTML files that describe how to build,
configure or operate a specific Postfix subsystem or feature.
.SH ignore_mx_lookup_error (default: no)
Ignore DNS MX lookups that produce no response. By default,
Postfix defers delivery and tries again after some delay. This
behavior is required by the SMTP standard.
the Postfix SMTP client defers delivery and tries again after some
delay. This behavior is required by the SMTP standard.
.PP
Specify "\fBignore_mx_lookup_error = yes\fR" to force a DNS A record
lookup instead. This violates the SMTP standard and can result in
@ -2882,10 +2882,10 @@ Later Postfix versions always skip SMTP servers that greet with a
Skip SMTP servers that greet with a 5XX status code (go away, do
not try again later).
.PP
By default, Postfix moves on the next mail exchanger. Specify
"smtp_skip_5xx_greeting = no" if Postfix should bounce the mail
immediately. The default setting is incorrect, but it is what a
lot of people expect to happen.
By default, the Postfix SMTP client moves on the next mail
exchanger. Specify "smtp_skip_5xx_greeting = no" if Postfix should
bounce the mail immediately. The default setting is incorrect, but
it is what a lot of people expect to happen.
.SH smtp_skip_quit_response (default: yes)
Do not wait for the response to the SMTP QUIT command.
.SH smtp_xforward_timeout (default: 300s)
@ -3501,7 +3501,8 @@ no sender-specified routing (user@elsewhere@domain).
code for rejected requests (default: 554).
.IP "\fBreject_unknown_recipient_domain\fR"
Reject the request when the RCPT TO address has no DNS A or MX
record.
record and Postfix is not final destination for the recipient
address.
.br
The unknown_address_reject_code parameter specifies
the response code for rejected requests (default: 450). The response
@ -3793,12 +3794,13 @@ Enforces the reject_sender_login_mismatch restriction for
unauthenticated clients only. This feature is available in
Postfix version 2.1 and later.
.IP "\fBreject_unknown_sender_domain\fR"
Reject the request when the MAIL FROM address has no DNS A
or MX record.
Reject the request when the MAIL FROM address has no DNS A or
MX record and Postfix is not final destination for the sender
address.
.br
The unknown_address_reject_code parameter
specifies the response code for rejected requests (default: 450).
The response is always 450 in case of a temporary DNS error.
The unknown_address_reject_code parameter specifies
the response code for rejected requests (default: 450). The response
is always 450 in case of a temporary DNS error.
.IP "\fBreject_unlisted_sender\fR"
Reject the request when the MAIL FROM address is not listed in
the list of valid recipients for its domain class. See the

60
postfix/man/man5/transport.5
View File

@ -70,11 +70,9 @@ starts with whitespace continues a logical line.
The \fIpattern\fR specifies an email address, a domain name, or
a domain name hierarchy, as described in section "TABLE LOOKUP".
The \fIresult\fR is of the form \fItransport\fB:\fInexthop\fR.
The \fItransport\fR field specifies a mail delivery transport
such as \fBsmtp\fR or \fBlocal\fR. The \fInexthop\fR field
specifies where and how to deliver mail. More details are given
in section "RESULT FORMAT".
The \fIresult\fR is of the form \fItransport:nexthop\fR and
specifies how or where to deliver mail. This is described in
section "RESULT FORMAT".
.SH "TABLE LOOKUP"
.na
.nf
@ -111,14 +109,19 @@ mailer-daemon@hostname).
.nf
.ad
.fi
The lookup result is of the form \fItransport\fB:\fInexthop\fR.
The \fItransport\fR field specifies a mail delivery transport
such as \fBsmtp\fR or \fBlocal\fR. The \fInexthop\fR field
specifies where and how to deliver mail.
The transport field specifies the name of a mail delivery transport
(the first name of a mail delivery service entry in the Postfix
\fBmaster.cf\fR file).
The interpretation of the nexthop field is transport
dependent. In the case of SMTP, specify \fIhost\fR:\fIservice\fR for a
non-default server port, and use [\fIhost\fR] or [\fIhost\fR]:\fIport\fR
in order to disable MX (mail exchanger) DNS lookups. The [] form
dependent. In the case of SMTP, specify a service on a non-default
port as \fIhost\fR:\fIservice\fR, and disable MX (mail exchanger)
DNS lookups with [\fIhost\fR] or [\fIhost\fR]:\fIport\fR. The [] form
is required when you specify an IP address instead of a hostname.
A null \fItransport\fR and null \fInexthop\fR result means "do
@ -148,52 +151,53 @@ destinations.
.ti +5
\fB* smtp:outbound-relay.my.domain\fR
In order to send mail for \fBfoo.org\fR and its subdomains
via the \fBuucp\fR transport to the UUCP host named \fBfoo\fR:
In order to send mail for \fBexample.com\fR and its subdomains
via the \fBuucp\fR transport to the UUCP host named \fBexample\fR:
.ti +5
\fBfoo.org uucp:foo\fR
\fBexample.com uucp:example\fR
.ti +5
\fB\&.foo.org uucp:foo\fR
\fB\&.example.com uucp:example\fR
When no nexthop host name is specified, the destination domain
name is used instead. For example, the following directs mail for
\fIuser\fR@\fBfoo.org\fR via the \fBslow\fR transport to a mail
exchanger for \fBfoo.org\fR. The \fBslow\fR transport could be
something that runs at most one delivery process at a time:
\fIuser\fR@\fBexample.com\fR via the \fBslow\fR transport to a mail
exchanger for \fBexample.com\fR. The \fBslow\fR transport could be
configured to run at most one delivery process at a time:
.ti +5
\fBfoo.org slow:\fR
\fBexample.com slow:\fR
When no transport is specified, Postfix uses the transport that
matches the address domain class (see TRANSPORT FIELD discussion
above). The following sends all mail for \fBfoo.org\fR and its
subdomains to host \fBgateway.foo.org\fR:
matches the address domain class (see DESCRIPTION
above). The following sends all mail for \fBexample.com\fR and its
subdomains to host \fBgateway.example.com\fR:
.ti +5
\fBfoo.org :[gateway.foo.org]\fR
\fBexample.com :[gateway.example.com]\fR
.ti +5
\fB\&.foo.org :[gateway.foo.org]\fR
\fB\&.example.com :[gateway.example.com]\fR
In the above example, the [] are used to suppress MX lookups.
The result would likely point to your local machine.
In the above example, the [] suppress MX lookups.
This prevents mail routing loops when your machine is primary MX
host for \fBexample.com\fR.
In the case of delivery via SMTP, one may specify
\fIhostname\fR:\fIservice\fR instead of just a host:
.ti +5
\fBfoo.org smtp:bar.org:2025\fR
\fBexample.com smtp:bar.example:2025\fR
This directs mail for \fIuser\fR@\fBfoo.org\fR to host \fBbar.org\fR
This directs mail for \fIuser\fR@\fBexample.com\fR to host \fBbar.example\fR
port \fB2025\fR. Instead of a numerical port a symbolic name may be
used. Specify [] around the hostname in order to disable MX lookups.
used. Specify [] around the hostname if MX lookups must be disabled.
The error mailer can be used to bounce mail:
.ti +5
\fB\&.foo.org error:mail for *.foo.org is not deliverable\fR
\fB\&.example.com error:mail for *.example.com is not deliverable\fR
This causes all mail for \fIuser\fR@\fIanything\fB.foo.org\fR
This causes all mail for \fIuser\fR@\fIanything\fB.example.com\fR
to be bounced.
.SH "REGULAR EXPRESSION TABLES"
.na

2
postfix/mantools/postlink
View File

@ -450,6 +450,7 @@ exec sed '
s/[<bB>]*smtp-[</bB>]*\n* *[<bB>]*sink[</bB>]*(1)/<a href="smtp-sink.1.html">&<\/a>/g
s/[<bB>]*qmqp-[</bB>]*\n* *[<bB>]*source[</bB>]*(1)/<a href="qmqp-source.1.html">&<\/a>/g
s/[<bB>]*qmqp-[</bB>]*\n* *[<bB>]*sink[</bB>]*(1)/<a href="qmqp-sink.1.html">&<\/a>/g
s/[<bB>]*qshape[</bB>]*(1)/<a href="qshape.1.html">&<\/a>/g
s/[<bB>]*access[</bB>]*(5)/<a href="access.5.html">&<\/a>/g
s/[<bB>]*aliases[</bB>]*(5)/<a href="aliases.5.html">&<\/a>/g
s/[<bB>]*canonical[</bB>]*(5)/<a href="canonical.5.html">&<\/a>/g
@ -594,6 +595,7 @@ exec sed '
# Do nice links for smtp:host:port etc.
s/[[:<:]]\(error\):/<a href="error.8.html">\1<\/a>:/g
s/[[:<:]]\(smtp\):/<a href="smtp.8.html">\1<\/a>:/g
s/[[:<:]]\(lmtp\):/<a href="lmtp.8.html">\1<\/a>:/g

15
postfix/proto/PACKAGE_README.html
View File

@ -118,17 +118,18 @@ on non-Postfix directories that need to be created in the process.
<li> <p> Create the necessary mail_owner account and setgid_group
group for exclusive use by Postfix. </p>
<li> <p> Execute the post-install script in the Postfix configuration
directory to set ownership and permission of Postfix files and
directories. Specify any non-default settings for mail_owner or
setgid_group on the post-install command line: </p>
<li> <p> Execute the postfix command to set ownership and permission
of Postfix files and directories, and to update Postfix configuration
files. If necessary, specify any non-default settings for mail_owner
or setgid_group on the postfix command line: </p>
<pre>
# sh post-install upgrade-package setgid_group=xxx mail_owner=yyy
# postfix set-permissions upgrade-configuration \
setgid_group=xxx mail_owner=yyy
</pre>
<p> This will also update the main.cf and master.cf files if
necessary. </p>
<p> With Postfix versions before 2.1 you achieve the same result
by invoking the post-install script directly. </p>
</ul>

28
postfix/proto/QSHAPE_README.html
View File

@ -19,16 +19,18 @@
<h2>Purpose of this document </h2>
<p> This document describes the "qshape" program which helps the
<p> This document describes the qshape(1) program which helps the
administrator understand the Postfix queue message distribution
sorted by time and by sender or recipient domain. qshape is bundled
with the Postfix 2.1 source under the "auxiliary" directory. In
order to understand the output of qshape, it useful to understand
the various Postfix queues. To this end the role of each Postfix
queue directory is described briefly in the "Background info:
Postfix queue directories" section near the end of this document.
sorted by time and by sender or recipient domain. qshape(1) is
bundled with the Postfix 2.1 source under the "auxiliary" directory.
</p>
<p> In order to understand the output of qshape(1), it useful to
understand the various Postfix queues. To this end the role of each
Postfix queue directory is described briefly in the "Background
info: Postfix queue directories" section near the end of this
document. </p>
<p> This document covers the following topics: </p>
<ul>
@ -71,8 +73,8 @@ queue</a></li>
<p> When mail is draining slowly or the queue is unexpectedly large,
run "qshape" as the super-user (root) to help zero in on the problem.
The "qshape" program displays a tabular view of the Postfix queue
run qshape(1) as the super-user (root) to help zero in on the problem.
The qshape(1) program displays a tabular view of the Postfix queue
contents. </p>
<ul>
@ -217,7 +219,7 @@ $ egrep 'qmgr.*(panic|fatal|error|warning):' /var/log/maillog
</blockquote>
<p> When all else fails try the Postfix mailing list for help, but
please don't forget to include the top 10 or 20 lines of "qshape"
please don't forget to include the top 10 or 20 lines of qshape(1)
output. </p>
<h2><a name="healthy">Example 1: Healthy queue</a></h2>
@ -290,7 +292,7 @@ is the tail end of the time distribution, showing that short term
arrival rates are moderate. Larger numbers and lower message ages
are more indicative of current trouble. Old mail still going nowhere
is largely harmless so long as the active and incoming queues are
short. We can also see that the groups.msg.com undeliverables are
short. We can also see that the groups.msn.com undeliverables are
low rate steady stream rather than a concentrated dictionary attack
that is now over. </p>
@ -322,7 +324,7 @@ queues large and not shrinking despite very large delivery agent
process limits. The thread is archived at:
http://groups.google.com/groups?th=636626c645f5bbde </p>
<p> Using an older version of "qshape" it was quickly determined
<p> Using an older version of qshape(1) it was quickly determined
that all the messages were for just a few destinations: </p>
<blockquote>
@ -780,7 +782,7 @@ queue flushes. </p>
<h2><a name="credits">Credits</a></h2>
<p> The "qshape" program was developed by Victor Duchovni of Morgan
<p> The qshape(1) program was developed by Victor Duchovni of Morgan
Stanley, who also wrote the initial version of this document. </p>
</body>

3
postfix/proto/RESTRICTION_CLASS_README.html
View File

@ -105,7 +105,8 @@ to IP spoofing. </p>
<i>...the usual stuff...</i>
/etc/postfix/access:
all permit_mynetworks,reject
all@my.domain permit_mynetworks,reject
all@my.hostname permit_mynetworks,reject
</pre>
</blockquote>

12
postfix/proto/SMTPD_ACCESS_README.html
View File

@ -122,13 +122,13 @@ the incoming queue. </p>
in the SMTPD_PROXY_README document. This happens while Postfix
receives mail, before it is stored in the incoming queue. </p>
<li> <p> Require that the client sends the HELO or EHLO command
<li> <p> Requiring that the client sends the HELO or EHLO command
before sending the MAIL FROM or ETRN command. This may cause problems
with home-grown applications that send mail. For this reason, the
requirement is disabled by default ("smtpd_helo_required = no").
</p>
<li> <p> Disallow illegal syntax in MAIL FROM or RCPT TO commands.
<li> <p> Disallowing illegal syntax in MAIL FROM or RCPT TO commands.
This may cause problems with home-grown applications that send
mail, and with ancient PC mail clients. For this reason, the
requirement is disabled by default ("strict_rfc821_envelopes =
@ -136,21 +136,21 @@ no"). </p>
<ul>
<li> <p> Disallow RFC 822 address syntax (example: "MAIL FROM: the
<li> <p> Disallowing RFC 822 address syntax (example: "MAIL FROM: the
dude &lt;dude@example.com&gt;"). </p>
<li> <p> Disallow addresses that are not enclosed with &lt;&gt;
<li> <p> Disallowing addresses that are not enclosed with &lt;&gt;
(example: "MAIL FROM: dude@example.com"). </p>
</ul>
<li> <p> Reject mail from a non-existent sender address. This form
<li> <p> Rejecting mail from a non-existent sender address. This form
of egress filtering helps to slow down worms and other malware, but
may cause problems with home-grown software that sends out mail
software with an unreplyable address. For this reason the requirement
is disabled by default ("smtpd_reject_unlisted_sender = no"). </p>
<li> <p> Reject mail for a non-existent recipient address. This
<li> <p> Rejecting mail for a non-existent recipient address. This
form of ingress filtering helps to keep the mail queue free of
undeliverable MAILER-DAEMON messages. This requirement is enabled
by default ("smtpd_reject_unlisted_recipient = yes"). </p>

30
postfix/proto/postconf.proto
View File

@ -1364,11 +1364,9 @@ is bounced, in order to stop a mailer loop.
%PARAM ignore_mx_lookup_error no
<p>
Ignore DNS MX lookups that produce no response. By default,
Postfix defers delivery and tries again after some delay. This
behavior is required by the SMTP standard.
</p>
<p> Ignore DNS MX lookups that produce no response. By default,
the Postfix SMTP client defers delivery and tries again after some
delay. This behavior is required by the SMTP standard. </p>
<p>
Specify "<b>ignore_mx_lookup_error = yes</b>" to force a DNS A record
@ -3565,12 +3563,10 @@ Skip SMTP servers that greet with a 5XX status code (go away, do
not try again later).
</p>
<p>
By default, Postfix moves on the next mail exchanger. Specify
"smtp_skip_5xx_greeting = no" if Postfix should bounce the mail
immediately. The default setting is incorrect, but it is what a
lot of people expect to happen.
</p>
<p> By default, the Postfix SMTP client moves on the next mail
exchanger. Specify "smtp_skip_5xx_greeting = no" if Postfix should
bounce the mail immediately. The default setting is incorrect, but
it is what a lot of people expect to happen. </p>
%PARAM smtp_skip_quit_response yes
@ -4443,7 +4439,8 @@ code for rejected requests (default: 554). </dd>
<dt><b><a name="reject_unknown_recipient_domain">reject_unknown_recipient_domain</a></b></dt>
<dd>Reject the request when the RCPT TO address has no DNS A or MX
record. <br> The unknown_address_reject_code parameter specifies
record and Postfix is not final destination for the recipient
address. <br> The unknown_address_reject_code parameter specifies
the response code for rejected requests (default: 450). The response
is always 450 in case of a temporary DNS error.</dd>
@ -4767,10 +4764,11 @@ Postfix version 2.1 and later. </dd>
<dt><b><a name="reject_unknown_sender_domain">reject_unknown_sender_domain</a></b></dt>
<dd>Reject the request when the MAIL FROM address has no DNS A
or MX record. <br> The unknown_address_reject_code parameter
specifies the response code for rejected requests (default: 450).
The response is always 450 in case of a temporary DNS error. </dd>
<dd>Reject the request when the MAIL FROM address has no DNS A or
MX record and Postfix is not final destination for the sender
address. <br> The unknown_address_reject_code parameter specifies
the response code for rejected requests (default: 450). The response
is always 450 in case of a temporary DNS error. </dd>
<dt><b><a name="reject_unlisted_sender">reject_unlisted_sender</a></b></dt>

60
postfix/proto/transport
View File

@ -62,11 +62,9 @@
# The \fIpattern\fR specifies an email address, a domain name, or
# a domain name hierarchy, as described in section "TABLE LOOKUP".
#
# The \fIresult\fR is of the form \fItransport\fB:\fInexthop\fR.
# The \fItransport\fR field specifies a mail delivery transport
# such as \fBsmtp\fR or \fBlocal\fR. The \fInexthop\fR field
# specifies where and how to deliver mail. More details are given
# in section "RESULT FORMAT".
# The \fIresult\fR is of the form \fItransport:nexthop\fR and
# specifies how or where to deliver mail. This is described in
# section "RESULT FORMAT".
# TABLE LOOKUP
# .ad
# .fi
@ -99,14 +97,19 @@
# RESULT FORMAT
# .ad
# .fi
# The lookup result is of the form \fItransport\fB:\fInexthop\fR.
# The \fItransport\fR field specifies a mail delivery transport
# such as \fBsmtp\fR or \fBlocal\fR. The \fInexthop\fR field
# specifies where and how to deliver mail.
#
# The transport field specifies the name of a mail delivery transport
# (the first name of a mail delivery service entry in the Postfix
# \fBmaster.cf\fR file).
#
# The interpretation of the nexthop field is transport
# dependent. In the case of SMTP, specify \fIhost\fR:\fIservice\fR for a
# non-default server port, and use [\fIhost\fR] or [\fIhost\fR]:\fIport\fR
# in order to disable MX (mail exchanger) DNS lookups. The [] form
# dependent. In the case of SMTP, specify a service on a non-default
# port as \fIhost\fR:\fIservice\fR, and disable MX (mail exchanger)
# DNS lookups with [\fIhost\fR] or [\fIhost\fR]:\fIport\fR. The [] form
# is required when you specify an IP address instead of a hostname.
#
# A null \fItransport\fR and null \fInexthop\fR result means "do
@ -134,52 +137,53 @@
# .ti +5
# \fB* smtp:outbound-relay.my.domain\fR
#
# In order to send mail for \fBfoo.org\fR and its subdomains
# via the \fBuucp\fR transport to the UUCP host named \fBfoo\fR:
# In order to send mail for \fBexample.com\fR and its subdomains
# via the \fBuucp\fR transport to the UUCP host named \fBexample\fR:
#
# .ti +5
# \fBfoo.org uucp:foo\fR
# \fBexample.com uucp:example\fR
# .ti +5
# \fB\&.foo.org uucp:foo\fR
# \fB\&.example.com uucp:example\fR
#
# When no nexthop host name is specified, the destination domain
# name is used instead. For example, the following directs mail for
# \fIuser\fR@\fBfoo.org\fR via the \fBslow\fR transport to a mail
# exchanger for \fBfoo.org\fR. The \fBslow\fR transport could be
# something that runs at most one delivery process at a time:
# \fIuser\fR@\fBexample.com\fR via the \fBslow\fR transport to a mail
# exchanger for \fBexample.com\fR. The \fBslow\fR transport could be
# configured to run at most one delivery process at a time:
#
# .ti +5
# \fBfoo.org slow:\fR
# \fBexample.com slow:\fR
#
# When no transport is specified, Postfix uses the transport that
# matches the address domain class (see TRANSPORT FIELD discussion
# above). The following sends all mail for \fBfoo.org\fR and its
# subdomains to host \fBgateway.foo.org\fR:
# matches the address domain class (see DESCRIPTION
# above). The following sends all mail for \fBexample.com\fR and its
# subdomains to host \fBgateway.example.com\fR:
#
# .ti +5
# \fBfoo.org :[gateway.foo.org]\fR
# \fBexample.com :[gateway.example.com]\fR
# .ti +5
# \fB\&.foo.org :[gateway.foo.org]\fR
# \fB\&.example.com :[gateway.example.com]\fR
#
# In the above example, the [] are used to suppress MX lookups.
# The result would likely point to your local machine.
# In the above example, the [] suppress MX lookups.
# This prevents mail routing loops when your machine is primary MX
# host for \fBexample.com\fR.
#
# In the case of delivery via SMTP, one may specify
# \fIhostname\fR:\fIservice\fR instead of just a host:
#
# .ti +5
# \fBfoo.org smtp:bar.org:2025\fR
# \fBexample.com smtp:bar.example:2025\fR
#
# This directs mail for \fIuser\fR@\fBfoo.org\fR to host \fBbar.org\fR
# This directs mail for \fIuser\fR@\fBexample.com\fR to host \fBbar.example\fR
# port \fB2025\fR. Instead of a numerical port a symbolic name may be
# used. Specify [] around the hostname in order to disable MX lookups.
# used. Specify [] around the hostname if MX lookups must be disabled.
#
# The error mailer can be used to bounce mail:
#
# .ti +5
# \fB\&.foo.org error:mail for *.foo.org is not deliverable\fR
# \fB\&.example.com error:mail for *.example.com is not deliverable\fR
#
# This causes all mail for \fIuser\fR@\fIanything\fB.foo.org\fR
# This causes all mail for \fIuser\fR@\fIanything\fB.example.com\fR
# to be bounced.
# REGULAR EXPRESSION TABLES
# .ad

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
#define MAIL_RELEASE_DATE "20040421"
#define MAIL_RELEASE_DATE "20040422"
#define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version"

4
postfix/src/postconf/postconf.c
View File

@ -93,6 +93,10 @@
/* A table that always returns its name as lookup result. For example,
/* \fBstatic:foobar\fR always returns the string \fBfoobar\fR as lookup
/* result.
/* .IP "\fBtcp\fR (read-only)"
/* Perform lookups using a simple request-reply protocol that is
/* described in tcp_table(5).
/* This feature is not included with Postfix 2.1.
/* .IP "\fBunix\fR (read-only)"
/* A limited way to query the UNIX authentication database. The
/* following tables are implemented:

3
postfix/src/smtpd/Makefile.in
View File

@ -149,6 +149,8 @@ smtpd.o: ../../include/quote_flags.h
smtpd.o: ../../include/lex_822.h
smtpd.o: ../../include/namadr_list.h
smtpd.o: ../../include/input_transp.h
smtpd.o: ../../include/anvil_clnt.h
smtpd.o: ../../include/attr_clnt.h
smtpd.o: ../../include/mail_server.h
smtpd.o: smtpd_token.h
smtpd.o: smtpd.h
@ -230,6 +232,7 @@ smtpd_check.o: ../../include/verify_clnt.h
smtpd_check.o: ../../include/deliver_request.h
smtpd_check.o: ../../include/recipient_list.h
smtpd_check.o: ../../include/input_transp.h
smtpd_check.o: ../../include/is_header.h
smtpd_check.o: smtpd.h
smtpd_check.o: ../../include/mail_stream.h
smtpd_check.o: smtpd_sasl_glue.h