1CLEANUP(8) System Manager's Manual CLEANUP(8)
2
3
4
6 cleanup - canonicalize and enqueue Postfix message
7
9 cleanup [generic Postfix daemon options]
10
12 The cleanup(8) daemon processes inbound mail, inserts it into the
13 incoming mail queue, and informs the queue manager of its arrival.
14
15 The cleanup(8) daemon always performs the following transformations:
16
17 · Insert missing message headers: (Resent-) From:, To:, Message-
18 Id:, and Date:.
19
20 · Transform envelope and header addresses to the standard
21 user@fully-qualified-domain form that is expected by other Post‐
22 fix programs. This task is delegated to the trivial-rewrite(8)
23 daemon.
24
25 · Eliminate duplicate envelope recipient addresses.
26
27 The following address transformations are optional:
28
29 · Optionally, rewrite all envelope and header addresses according
30 to the mappings specified in the canonical(5) lookup tables.
31
32 · Optionally, masquerade envelope sender addresses and message
33 header addresses (i.e. strip host or domain information below
34 all domains listed in the masquerade_domains parameter, except
35 for user names listed in masquerade_exceptions). By default,
36 address masquerading does not affect envelope recipients.
37
38 · Optionally, expand envelope recipients according to information
39 found in the virtual(5) lookup tables.
40
41 The cleanup(8) daemon performs sanity checks on the content of each
42 message. When it finds a problem, by default it returns a diagnostic
43 status to the client, and leaves it up to the client to deal with the
44 problem. Alternatively, the client can request the cleanup(8) daemon to
45 bounce the message back to the sender in case of trouble.
46
48 RFC 822 (ARPA Internet Text Messages)
49 RFC 2045 (MIME: Format of Internet Message Bodies)
50 RFC 2046 (MIME: Media Types)
51 RFC 3463 (Enhanced Status Codes)
52 RFC 3464 (Delivery status notifications)
53
55 Problems and transactions are logged to syslogd(8).
56
58 Table-driven rewriting rules make it hard to express if then else and
59 other logical relationships.
60
62 Changes to main.cf are picked up automatically, as cleanup(8) processes
63 run for only a limited amount of time. Use the command "postfix reload"
64 to speed up a change.
65
66 The text below provides only a parameter summary. See postconf(5) for
67 more details including examples.
68
70 undisclosed_recipients_header (To: undisclosed-recipients:;)
71 Message header that the Postfix cleanup(8) server inserts when a
72 message contains no To: or Cc: message header.
73
74 Available in Postfix version 2.1 only:
75
76 enable_errors_to (no)
77 Report mail delivery errors to the address specified with the
78 non-standard Errors-To: message header, instead of the envelope
79 sender address (this feature is removed with Postfix version
80 2.2, is turned off by default with Postfix version 2.1, and is
81 always turned on with older Postfix versions).
82
83 Available in Postfix version 2.6 and later:
84
85 always_add_missing_headers (no)
86 Always add (Resent-) From:, To:, Date: or Message-ID: headers
87 when not present.
88
90 Postfix built-in content filtering is meant to stop a flood of worms or
91 viruses. It is not a general content filter.
92
93 body_checks (empty)
94 Optional lookup tables for content inspection as specified in
95 the body_checks(5) manual page.
96
97 header_checks (empty)
98 Optional lookup tables for content inspection of primary non-
99 MIME message headers, as specified in the header_checks(5) man‐
100 ual page.
101
102 Available in Postfix version 2.0 and later:
103
104 body_checks_size_limit (51200)
105 How much text in a message body segment (or attachment, if you
106 prefer to use that term) is subjected to body_checks inspection.
107
108 mime_header_checks ($header_checks)
109 Optional lookup tables for content inspection of MIME related
110 message headers, as described in the header_checks(5) manual
111 page.
112
113 nested_header_checks ($header_checks)
114 Optional lookup tables for content inspection of non-MIME mes‐
115 sage headers in attached messages, as described in the
116 header_checks(5) manual page.
117
118 Available in Postfix version 2.3 and later:
119
120 message_reject_characters (empty)
121 The set of characters that Postfix will reject in message con‐
122 tent.
123
124 message_strip_characters (empty)
125 The set of characters that Postfix will remove from message con‐
126 tent.
127
129 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
130 filter) protocol. When mail is not received via the smtpd(8) server,
131 the cleanup(8) server will simulate SMTP events to the extent that this
132 is possible. For details see the MILTER_README document.
133
134 non_smtpd_milters (empty)
135 A list of Milter (mail filter) applications for new mail that
136 does not arrive via the Postfix smtpd(8) server.
137
138 milter_protocol (6)
139 The mail filter protocol version and optional protocol exten‐
140 sions for communication with a Milter application; prior to
141 Postfix 2.6 the default protocol is 2.
142
143 milter_default_action (tempfail)
144 The default action when a Milter (mail filter) application is
145 unavailable or mis-configured.
146
147 milter_macro_daemon_name ($myhostname)
148 The {daemon_name} macro value for Milter (mail filter) applica‐
149 tions.
150
151 milter_macro_v ($mail_name $mail_version)
152 The {v} macro value for Milter (mail filter) applications.
153
154 milter_connect_timeout (30s)
155 The time limit for connecting to a Milter (mail filter) applica‐
156 tion, and for negotiating protocol options.
157
158 milter_command_timeout (30s)
159 The time limit for sending an SMTP command to a Milter (mail
160 filter) application, and for receiving the response.
161
162 milter_content_timeout (300s)
163 The time limit for sending message content to a Milter (mail
164 filter) application, and for receiving the response.
165
166 milter_connect_macros (see 'postconf -d' output)
167 The macros that are sent to Milter (mail filter) applications
168 after completion of an SMTP connection.
169
170 milter_helo_macros (see 'postconf -d' output)
171 The macros that are sent to Milter (mail filter) applications
172 after the SMTP HELO or EHLO command.
173
174 milter_mail_macros (see 'postconf -d' output)
175 The macros that are sent to Milter (mail filter) applications
176 after the SMTP MAIL FROM command.
177
178 milter_rcpt_macros (see 'postconf -d' output)
179 The macros that are sent to Milter (mail filter) applications
180 after the SMTP RCPT TO command.
181
182 milter_data_macros (see 'postconf -d' output)
183 The macros that are sent to version 4 or higher Milter (mail
184 filter) applications after the SMTP DATA command.
185
186 milter_unknown_command_macros (see 'postconf -d' output)
187 The macros that are sent to version 3 or higher Milter (mail
188 filter) applications after an unknown SMTP command.
189
190 milter_end_of_data_macros (see 'postconf -d' output)
191 The macros that are sent to Milter (mail filter) applications
192 after the message end-of-data.
193
194 Available in Postfix version 2.5 and later:
195
196 milter_end_of_header_macros (see 'postconf -d' output)
197 The macros that are sent to Milter (mail filter) applications
198 after the end of the message header.
199
201 Available in Postfix version 2.0 and later:
202
203 disable_mime_input_processing (no)
204 Turn off MIME processing while receiving mail.
205
206 mime_boundary_length_limit (2048)
207 The maximal length of MIME multipart boundary strings.
208
209 mime_nesting_limit (100)
210 The maximal recursion level that the MIME processor will handle.
211
212 strict_8bitmime (no)
213 Enable both strict_7bit_headers and strict_8bitmime_body.
214
215 strict_7bit_headers (no)
216 Reject mail with 8-bit text in message headers.
217
218 strict_8bitmime_body (no)
219 Reject 8-bit message body text without 8-bit MIME content encod‐
220 ing information.
221
222 strict_mime_encoding_domain (no)
223 Reject mail with invalid Content-Transfer-Encoding: information
224 for the message/* or multipart/* MIME content types.
225
226 Available in Postfix version 2.5 and later:
227
228 detect_8bit_encoding_header (yes)
229 Automatically detect 8BITMIME body content by looking at Con‐
230 tent-Transfer-Encoding: message headers; historically, this
231 behavior was hard-coded to be "always on".
232
234 Postfix can automatically add BCC (blind carbon copy) when mail enters
235 the mail system:
236
237 always_bcc (empty)
238 Optional address that receives a "blind carbon copy" of each
239 message that is received by the Postfix mail system.
240
241 Available in Postfix version 2.1 and later:
242
243 sender_bcc_maps (empty)
244 Optional BCC (blind carbon-copy) address lookup tables, indexed
245 by sender address.
246
247 recipient_bcc_maps (empty)
248 Optional BCC (blind carbon-copy) address lookup tables, indexed
249 by recipient address.
250
252 Address rewriting is delegated to the trivial-rewrite(8) daemon. The
253 cleanup(8) server implements table driven address mapping.
254
255 empty_address_recipient (MAILER-DAEMON)
256 The recipient of mail addressed to the null address.
257
258 canonical_maps (empty)
259 Optional address mapping lookup tables for message headers and
260 envelopes.
261
262 recipient_canonical_maps (empty)
263 Optional address mapping lookup tables for envelope and header
264 recipient addresses.
265
266 sender_canonical_maps (empty)
267 Optional address mapping lookup tables for envelope and header
268 sender addresses.
269
270 masquerade_classes (envelope_sender, header_sender, header_recipient)
271 What addresses are subject to address masquerading.
272
273 masquerade_domains (empty)
274 Optional list of domains whose subdomain structure will be
275 stripped off in email addresses.
276
277 masquerade_exceptions (empty)
278 Optional list of user names that are not subjected to address
279 masquerading, even when their address matches $masquer‐
280 ade_domains.
281
282 propagate_unmatched_extensions (canonical, virtual)
283 What address lookup tables copy an address extension from the
284 lookup key to the lookup result.
285
286 Available before Postfix version 2.0:
287
288 virtual_maps (empty)
289 Optional lookup tables with a) names of domains for which all
290 addresses are aliased to addresses in other local or remote
291 domains, and b) addresses that are aliased to addresses in other
292 local or remote domains.
293
294 Available in Postfix version 2.0 and later:
295
296 virtual_alias_maps ($virtual_maps)
297 Optional lookup tables that alias specific mail addresses or
298 domains to other local or remote address.
299
300 Available in Postfix version 2.2 and later:
301
302 canonical_classes (envelope_sender, envelope_recipient, header_sender,
303 header_recipient)
304 What addresses are subject to canonical_maps address mapping.
305
306 recipient_canonical_classes (envelope_recipient, header_recipient)
307 What addresses are subject to recipient_canonical_maps address
308 mapping.
309
310 sender_canonical_classes (envelope_sender, header_sender)
311 What addresses are subject to sender_canonical_maps address map‐
312 ping.
313
314 remote_header_rewrite_domain (empty)
315 Don't rewrite message headers from remote clients at all when
316 this parameter is empty; otherwise, rewrite message headers and
317 append the specified domain name to incomplete addresses.
318
320 duplicate_filter_limit (1000)
321 The maximal number of addresses remembered by the address dupli‐
322 cate filter for aliases(5) or virtual(5) alias expansion, or for
323 showq(8) queue displays.
324
325 header_size_limit (102400)
326 The maximal amount of memory in bytes for storing a message
327 header.
328
329 hopcount_limit (50)
330 The maximal number of Received: message headers that is allowed
331 in the primary message headers.
332
333 in_flow_delay (1s)
334 Time to pause before accepting a new message, when the message
335 arrival rate exceeds the message delivery rate.
336
337 message_size_limit (10240000)
338 The maximal size in bytes of a message, including envelope
339 information.
340
341 Available in Postfix version 2.0 and later:
342
343 header_address_token_limit (10240)
344 The maximal number of address tokens are allowed in an address
345 message header.
346
347 mime_boundary_length_limit (2048)
348 The maximal length of MIME multipart boundary strings.
349
350 mime_nesting_limit (100)
351 The maximal recursion level that the MIME processor will handle.
352
353 queue_file_attribute_count_limit (100)
354 The maximal number of (name=value) attributes that may be stored
355 in a Postfix queue file.
356
357 Available in Postfix version 2.1 and later:
358
359 virtual_alias_expansion_limit (1000)
360 The maximal number of addresses that virtual alias expansion
361 produces from each original recipient.
362
363 virtual_alias_recursion_limit (1000)
364 The maximal nesting depth of virtual alias expansion.
365
367 config_directory (see 'postconf -d' output)
368 The default location of the Postfix main.cf and master.cf con‐
369 figuration files.
370
371 daemon_timeout (18000s)
372 How much time a Postfix daemon process may take to handle a
373 request before it is terminated by a built-in watchdog timer.
374
375 delay_logging_resolution_limit (2)
376 The maximal number of digits after the decimal point when log‐
377 ging sub-second delay values.
378
379 delay_warning_time (0h)
380 The time after which the sender receives the message headers of
381 mail that is still queued.
382
383 ipc_timeout (3600s)
384 The time limit for sending or receiving information over an
385 internal communication channel.
386
387 max_idle (100s)
388 The maximum amount of time that an idle Postfix daemon process
389 waits for an incoming connection before terminating voluntarily.
390
391 max_use (100)
392 The maximal number of incoming connections that a Postfix daemon
393 process will service before terminating voluntarily.
394
395 myhostname (see 'postconf -d' output)
396 The internet hostname of this mail system.
397
398 myorigin ($myhostname)
399 The domain name that locally-posted mail appears to come from,
400 and that locally posted mail is delivered to.
401
402 process_id (read-only)
403 The process ID of a Postfix command or daemon process.
404
405 process_name (read-only)
406 The process name of a Postfix command or daemon process.
407
408 queue_directory (see 'postconf -d' output)
409 The location of the Postfix top-level queue directory.
410
411 soft_bounce (no)
412 Safety net to keep mail queued that would otherwise be returned
413 to the sender.
414
415 syslog_facility (mail)
416 The syslog facility of Postfix logging.
417
418 syslog_name (see 'postconf -d' output)
419 The mail system name that is prepended to the process name in
420 syslog records, so that "smtpd" becomes, for example, "post‐
421 fix/smtpd".
422
423 Available in Postfix version 2.1 and later:
424
425 enable_original_recipient (yes)
426 Enable support for the X-Original-To message header.
427
429 /etc/postfix/canonical*, canonical mapping table
430 /etc/postfix/virtual*, virtual mapping table
431
433 trivial-rewrite(8), address rewriting
434 qmgr(8), queue manager
435 header_checks(5), message header content inspection
436 body_checks(5), body parts content inspection
437 canonical(5), canonical address lookup table format
438 virtual(5), virtual alias lookup table format
439 postconf(5), configuration parameters
440 master(5), generic daemon options
441 master(8), process manager
442 syslogd(8), system logging
443
445 Use "postconf readme_directory" or "postconf html_directory" to locate
446 this information.
447 ADDRESS_REWRITING_README Postfix address manipulation
448 CONTENT_INSPECTION_README content inspection
449
451 The Secure Mailer license must be distributed with this software.
452
454 Wietse Venema
455 IBM T.J. Watson Research
456 P.O. Box 704
457 Yorktown Heights, NY 10598, USA
458
459
460
461 CLEANUP(8)