1CLEANUP(8)                  System Manager's Manual                 CLEANUP(8)
2
3
4

NAME

6       cleanup - canonicalize and enqueue Postfix message
7

SYNOPSIS

9       cleanup [generic Postfix daemon options]
10

DESCRIPTION

12       The  cleanup(8)  daemon processes inbound mail, inserts it into the in‐
13       coming mail queue, and informs the queue manager of its arrival.
14
15       The cleanup(8) daemon performs the following transformations:
16
17       •      Insert missing  message  headers:  (Resent-)  From:,  To:,  Mes‐
18              sage-Id:, and Date:.
19              This  is  enabled  with the local_header_rewrite_clients and al‐
20              ways_add_missing_headers parameter settings.
21
22       •      Transform  envelope  and  header  addresses  to   the   standard
23              user@fully-qualified-domain form that is expected by other Post‐
24              fix programs.  This task depends on the trivial-rewrite(8)  dae‐
25              mon.
26              The  header  transformation is enabled with the local_header_re‐
27              write_clients parameter setting.
28
29       •      Eliminate duplicate envelope recipient addresses.
30              This is enabled with the duplicate_filter_limit  parameter  set‐
31              ting.
32
33       •      Remove  message  headers:  Bcc,  Content-Length, Resent-Bcc, Re‐
34              turn-Path.
35              This is enabled with the message_drop_headers parameter setting.
36
37       •      Optionally, rewrite all envelope and header addresses  according
38              to the mappings specified in the canonical(5) lookup tables.
39              The  header  transformation is enabled with the local_header_re‐
40              write_clients parameter setting.
41
42       •      Optionally, masquerade envelope  sender  addresses  and  message
43              header  addresses  (i.e.  strip host or domain information below
44              all domains listed in the masquerade_domains  parameter,  except
45              for  user  names  listed in masquerade_exceptions).  By default,
46              address masquerading does not affect envelope recipients.
47              The header transformation is enabled with  the  local_header_re‐
48              write_clients parameter setting.
49
50       •      Optionally,  expand envelope recipients according to information
51              found in the virtual_alias_maps lookup tables.
52
53       The cleanup(8) daemon performs sanity checks on  the  content  of  each
54       message.  When  it  finds a problem, by default it returns a diagnostic
55       status to the cleanup service client, and leaves it up to the client to
56       deal  with  the  problem.  Alternatively,  the  client  can request the
57       cleanup(8) daemon to bounce the message back to the sender in  case  of
58       trouble.
59

STANDARDS

61       RFC 822 (ARPA Internet Text Messages)
62       RFC 2045 (MIME: Format of Internet Message Bodies)
63       RFC 2046 (MIME: Media Types)
64       RFC 2822 (Internet Message Format)
65       RFC 3463 (Enhanced Status Codes)
66       RFC 3464 (Delivery status notifications)
67       RFC 5322 (Internet Message Format)
68

DIAGNOSTICS

70       Problems and transactions are logged to syslogd(8) or postlogd(8).
71

BUGS

73       Table-driven  rewriting  rules make it hard to express if then else and
74       other logical relationships.
75

CONFIGURATION PARAMETERS

77       Changes to main.cf are picked up automatically, as cleanup(8) processes
78       run for only a limited amount of time. Use the command "postfix reload"
79       to speed up a change.
80
81       The text below provides only a parameter summary. See  postconf(5)  for
82       more details including examples.
83

COMPATIBILITY CONTROLS

85       undisclosed_recipients_header (see 'postconf -d' output)
86              Message header that the Postfix cleanup(8) server inserts when a
87              message contains no To: or Cc: message header.
88
89       Available in Postfix version 2.1 only:
90
91       enable_errors_to (no)
92              Report mail delivery errors to the address  specified  with  the
93              non-standard  Errors-To: message header, instead of the envelope
94              sender address (this feature is  removed  with  Postfix  version
95              2.2,  is  turned off by default with Postfix version 2.1, and is
96              always turned on with older Postfix versions).
97
98       Available in Postfix version 2.6 and later:
99
100       always_add_missing_headers (no)
101              Always add (Resent-) From:, To:, Date:  or  Message-ID:  headers
102              when not present.
103
104       Available in Postfix version 2.9 and later:
105
106       enable_long_queue_ids (no)
107              Enable long, non-repeating, queue IDs (queue file names).
108
109       Available in Postfix version 3.0 and later:
110
111       message_drop_headers (bcc, content-length, resent-bcc, return-path)
112              Names  of message headers that the cleanup(8) daemon will remove
113              after applying header_checks(5) and before invoking  Milter  ap‐
114              plications.
115

BUILT-IN CONTENT FILTERING CONTROLS

117       Postfix built-in content filtering is meant to stop a flood of worms or
118       viruses. It is not a general content filter.
119
120       body_checks (empty)
121              Optional lookup tables for content inspection  as  specified  in
122              the body_checks(5) manual page.
123
124       header_checks (empty)
125              Optional   lookup  tables  for  content  inspection  of  primary
126              non-MIME message headers, as specified in  the  header_checks(5)
127              manual page.
128
129       Available in Postfix version 2.0 and later:
130
131       body_checks_size_limit (51200)
132              How  much  text in a message body segment (or attachment, if you
133              prefer to use that term) is subjected to body_checks inspection.
134
135       mime_header_checks ($header_checks)
136              Optional lookup tables for content inspection  of  MIME  related
137              message  headers,  as  described  in the header_checks(5) manual
138              page.
139
140       nested_header_checks ($header_checks)
141              Optional lookup tables for content inspection of  non-MIME  mes‐
142              sage   headers   in  attached  messages,  as  described  in  the
143              header_checks(5) manual page.
144
145       Available in Postfix version 2.3 and later:
146
147       message_reject_characters (empty)
148              The set of characters that Postfix will reject in  message  con‐
149              tent.
150
151       message_strip_characters (empty)
152              The set of characters that Postfix will remove from message con‐
153              tent.
154

BEFORE QUEUE MILTER CONTROLS

156       As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
157       filter)  protocol.  When  mail is not received via the smtpd(8) server,
158       the cleanup(8) server will simulate SMTP events to the extent that this
159       is possible. For details see the MILTER_README document.
160
161       non_smtpd_milters (empty)
162              A  list  of  Milter (mail filter) applications for new mail that
163              does not arrive via the Postfix smtpd(8) server.
164
165       milter_protocol (6)
166              The mail filter protocol version and  optional  protocol  exten‐
167              sions  for  communication  with  a  Milter application; prior to
168              Postfix 2.6 the default protocol is 2.
169
170       milter_default_action (tempfail)
171              The default action when a Milter (mail filter) response  is  un‐
172              available  (for  example,  bad  Postfix  configuration or Milter
173              failure).
174
175       milter_macro_daemon_name ($myhostname)
176              The {daemon_name} macro value for Milter (mail filter)  applica‐
177              tions.
178
179       milter_macro_v ($mail_name $mail_version)
180              The {v} macro value for Milter (mail filter) applications.
181
182       milter_connect_timeout (30s)
183              The time limit for connecting to a Milter (mail filter) applica‐
184              tion, and for negotiating protocol options.
185
186       milter_command_timeout (30s)
187              The time limit for sending an SMTP command  to  a  Milter  (mail
188              filter) application, and for receiving the response.
189
190       milter_content_timeout (300s)
191              The  time  limit  for  sending message content to a Milter (mail
192              filter) application, and for receiving the response.
193
194       milter_connect_macros (see 'postconf -d' output)
195              The macros that are sent to Milter  (mail  filter)  applications
196              after completion of an SMTP connection.
197
198       milter_helo_macros (see 'postconf -d' output)
199              The  macros  that  are sent to Milter (mail filter) applications
200              after the SMTP HELO or EHLO command.
201
202       milter_mail_macros (see 'postconf -d' output)
203              The macros that are sent to Milter  (mail  filter)  applications
204              after the SMTP MAIL FROM command.
205
206       milter_rcpt_macros (see 'postconf -d' output)
207              The  macros  that  are sent to Milter (mail filter) applications
208              after the SMTP RCPT TO command.
209
210       milter_data_macros (see 'postconf -d' output)
211              The macros that are sent to version 4  or  higher  Milter  (mail
212              filter) applications after the SMTP DATA command.
213
214       milter_unknown_command_macros (see 'postconf -d' output)
215              The  macros  that  are  sent to version 3 or higher Milter (mail
216              filter) applications after an unknown SMTP command.
217
218       milter_end_of_data_macros (see 'postconf -d' output)
219              The macros that are sent to Milter  (mail  filter)  applications
220              after the message end-of-data.
221
222       Available in Postfix version 2.5 and later:
223
224       milter_end_of_header_macros (see 'postconf -d' output)
225              The  macros  that  are sent to Milter (mail filter) applications
226              after the end of the message header.
227
228       Available in Postfix version 2.7 and later:
229
230       milter_header_checks (empty)
231              Optional lookup tables for content inspection of message headers
232              that are produced by Milter applications.
233
234       Available in Postfix version 3.1 and later:
235
236       milter_macro_defaults (empty)
237              Optional  list  of  name=value pairs that specify default values
238              for arbitrary macros that Postfix may send  to  Milter  applica‐
239              tions.
240

MIME PROCESSING CONTROLS

242       Available in Postfix version 2.0 and later:
243
244       disable_mime_input_processing (no)
245              Turn off MIME processing while receiving mail.
246
247       mime_boundary_length_limit (2048)
248              The maximal length of MIME multipart boundary strings.
249
250       mime_nesting_limit (100)
251              The maximal recursion level that the MIME processor will handle.
252
253       strict_8bitmime (no)
254              Enable both strict_7bit_headers and strict_8bitmime_body.
255
256       strict_7bit_headers (no)
257              Reject mail with 8-bit text in message headers.
258
259       strict_8bitmime_body (no)
260              Reject 8-bit message body text without 8-bit MIME content encod‐
261              ing information.
262
263       strict_mime_encoding_domain (no)
264              Reject mail with invalid Content-Transfer-Encoding:  information
265              for the message/* or multipart/* MIME content types.
266
267       Available in Postfix version 2.5 and later:
268
269       detect_8bit_encoding_header (yes)
270              Automatically  detect  8BITMIME  body content by looking at Con‐
271              tent-Transfer-Encoding: message headers; historically, this  be‐
272              havior was hard-coded to be "always on".
273

AUTOMATIC BCC RECIPIENT CONTROLS

275       Postfix  can automatically add BCC (blind carbon copy) when mail enters
276       the mail system:
277
278       always_bcc (empty)
279              Optional address that receives a "blind  carbon  copy"  of  each
280              message that is received by the Postfix mail system.
281
282       Available in Postfix version 2.1 and later:
283
284       sender_bcc_maps (empty)
285              Optional  BCC (blind carbon-copy) address lookup tables, indexed
286              by sender address.
287
288       recipient_bcc_maps (empty)
289              Optional BCC (blind carbon-copy) address lookup tables,  indexed
290              by recipient address.
291

ADDRESS TRANSFORMATION CONTROLS

293       Address  rewriting  is delegated to the trivial-rewrite(8) daemon.  The
294       cleanup(8) server implements table driven address mapping.
295
296       empty_address_recipient (MAILER-DAEMON)
297              The recipient of mail addressed to the null address.
298
299       canonical_maps (empty)
300              Optional address mapping lookup tables for message  headers  and
301              envelopes.
302
303       recipient_canonical_maps (empty)
304              Optional  address  mapping lookup tables for envelope and header
305              recipient addresses.
306
307       sender_canonical_maps (empty)
308              Optional address mapping lookup tables for envelope  and  header
309              sender addresses.
310
311       masquerade_classes (envelope_sender, header_sender, header_recipient)
312              What addresses are subject to address masquerading.
313
314       masquerade_domains (empty)
315              Optional  list  of  domains  whose  subdomain  structure will be
316              stripped off in email addresses.
317
318       masquerade_exceptions (empty)
319              Optional list of user names that are not  subjected  to  address
320              masquerading,  even  when  their addresses match $masquerade_do‐
321              mains.
322
323       propagate_unmatched_extensions (canonical, virtual)
324              What address lookup tables copy an address  extension  from  the
325              lookup key to the lookup result.
326
327       Available before Postfix version 2.0:
328
329       virtual_maps (empty)
330              Optional  lookup  tables  with a) names of domains for which all
331              addresses are aliased to addresses in other local or remote  do‐
332              mains,  and  b) addresses that are aliased to addresses in other
333              local or remote domains.
334
335       Available in Postfix version 2.0 and later:
336
337       virtual_alias_maps ($virtual_maps)
338              Optional lookup tables that alias specific mail addresses or do‐
339              mains to other local or remote address.
340
341       Available in Postfix version 2.2 and later:
342
343       canonical_classes  (envelope_sender, envelope_recipient, header_sender,
344       header_recipient)
345              What addresses are subject to canonical_maps address mapping.
346
347       recipient_canonical_classes (envelope_recipient, header_recipient)
348              What addresses are subject to  recipient_canonical_maps  address
349              mapping.
350
351       sender_canonical_classes (envelope_sender, header_sender)
352              What addresses are subject to sender_canonical_maps address map‐
353              ping.
354
355       remote_header_rewrite_domain (empty)
356              Don't rewrite message headers from remote clients  at  all  when
357              this  parameter is empty; otherwise, rewrite message headers and
358              append the specified domain name to incomplete addresses.
359

RESOURCE AND RATE CONTROLS

361       duplicate_filter_limit (1000)
362              The maximal number of addresses remembered by the address dupli‐
363              cate filter for aliases(5) or virtual(5) alias expansion, or for
364              showq(8) queue displays.
365
366       header_size_limit (102400)
367              The maximal amount of memory in  bytes  for  storing  a  message
368              header.
369
370       hopcount_limit (50)
371              The maximal number of Received:  message headers that is allowed
372              in the primary message headers.
373
374       in_flow_delay (1s)
375              Time to pause before accepting a new message, when  the  message
376              arrival rate exceeds the message delivery rate.
377
378       message_size_limit (10240000)
379              The  maximal  size in bytes of a message, including envelope in‐
380              formation.
381
382       Available in Postfix version 2.0 and later:
383
384       header_address_token_limit (10240)
385              The maximal number of address tokens are allowed in  an  address
386              message header.
387
388       mime_boundary_length_limit (2048)
389              The maximal length of MIME multipart boundary strings.
390
391       mime_nesting_limit (100)
392              The maximal recursion level that the MIME processor will handle.
393
394       queue_file_attribute_count_limit (100)
395              The maximal number of (name=value) attributes that may be stored
396              in a Postfix queue file.
397
398       Available in Postfix version 2.1 and later:
399
400       virtual_alias_expansion_limit (1000)
401              The maximal number of addresses  that  virtual  alias  expansion
402              produces from each original recipient.
403
404       virtual_alias_recursion_limit (1000)
405              The maximal nesting depth of virtual alias expansion.
406
407       Available in Postfix version 3.0 and later:
408
409       virtual_alias_address_length_limit (1000)
410              The  maximal  length of an email address after virtual alias ex‐
411              pansion.
412

SMTPUTF8 CONTROLS

414       Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
415
416       smtputf8_enable (yes)
417              Enable preliminary SMTPUTF8 support for the protocols  described
418              in RFC 6531..6533.
419
420       smtputf8_autodetect_classes (sendmail, verify)
421              Detect  that  a message requires SMTPUTF8 support for the speci‐
422              fied mail origin classes.
423
424       Available in Postfix version 3.2 and later:
425
426       enable_idna2003_compatibility (no)
427              Enable  'transitional'  compatibility   between   IDNA2003   and
428              IDNA2008,  when  converting UTF-8 domain names to/from the ASCII
429              form that is used for DNS lookups.
430

MISCELLANEOUS CONTROLS

432       config_directory (see 'postconf -d' output)
433              The default location of the Postfix main.cf and  master.cf  con‐
434              figuration files.
435
436       daemon_timeout (18000s)
437              How  much time a Postfix daemon process may take to handle a re‐
438              quest before it is terminated by a built-in watchdog timer.
439
440       delay_logging_resolution_limit (2)
441              The maximal number of digits after the decimal point  when  log‐
442              ging sub-second delay values.
443
444       delay_warning_time (0h)
445              The  time  after which the sender receives a copy of the message
446              headers of mail that is still queued.
447
448       ipc_timeout (3600s)
449              The time limit for sending or receiving information over an  in‐
450              ternal communication channel.
451
452       max_idle (100s)
453              The  maximum  amount of time that an idle Postfix daemon process
454              waits for an incoming connection before terminating voluntarily.
455
456       max_use (100)
457              The maximal number of incoming connections that a Postfix daemon
458              process will service before terminating voluntarily.
459
460       myhostname (see 'postconf -d' output)
461              The internet hostname of this mail system.
462
463       myorigin ($myhostname)
464              The  domain  name that locally-posted mail appears to come from,
465              and that locally posted mail is delivered to.
466
467       process_id (read-only)
468              The process ID of a Postfix command or daemon process.
469
470       process_name (read-only)
471              The process name of a Postfix command or daemon process.
472
473       queue_directory (see 'postconf -d' output)
474              The location of the Postfix top-level queue directory.
475
476       soft_bounce (no)
477              Safety net to keep mail queued that would otherwise be  returned
478              to the sender.
479
480       syslog_facility (mail)
481              The syslog facility of Postfix logging.
482
483       syslog_name (see 'postconf -d' output)
484              A  prefix  that  is  prepended  to  the  process  name in syslog
485              records, so that, for example, "smtpd" becomes "prefix/smtpd".
486
487       Available in Postfix version 2.1 and later:
488
489       enable_original_recipient (yes)
490              Enable support for the original recipient address after  an  ad‐
491              dress  is  rewritten  to  a  different address (for example with
492              aliasing or with canonical mapping).
493
494       Available in Postfix 3.3 and later:
495
496       service_name (read-only)
497              The master.cf service name of a Postfix daemon process.
498
499       Available in Postfix 3.5 and later:
500
501       info_log_address_format (external)
502              The email address form that will be used  in  non-debug  logging
503              (info, warning, etc.).
504

FILES

506       /etc/postfix/canonical*, canonical mapping table
507       /etc/postfix/virtual*, virtual mapping table
508

SEE ALSO

510       trivial-rewrite(8), address rewriting
511       qmgr(8), queue manager
512       header_checks(5), message header content inspection
513       body_checks(5), body parts content inspection
514       canonical(5), canonical address lookup table format
515       virtual(5), virtual alias lookup table format
516       postconf(5), configuration parameters
517       master(5), generic daemon options
518       master(8), process manager
519       postlogd(8), Postfix logging
520       syslogd(8), system logging
521

README FILES

523       Use  "postconf readme_directory" or "postconf html_directory" to locate
524       this information.
525       ADDRESS_REWRITING_README Postfix address manipulation
526       CONTENT_INSPECTION_README content inspection
527

LICENSE

529       The Secure Mailer license must be distributed with this software.
530

AUTHOR(S)

532       Wietse Venema
533       IBM T.J. Watson Research
534       P.O. Box 704
535       Yorktown Heights, NY 10598, USA
536
537       Wietse Venema
538       Google, Inc.
539       111 8th Avenue
540       New York, NY 10011, USA
541
542
543
544                                                                    CLEANUP(8)
Impressum