1SMTPD(8) System Manager's Manual SMTPD(8)
2
6 smtpd - Postfix SMTP server
7
9 smtpd [generic Postfix daemon options]
10 sendmail -bs
12
14 The SMTP server accepts network connection requests and performs zero
15 or more SMTP transactions per connection. Each received message is
16 piped through the cleanup(8) daemon, and is placed into the incoming
17 queue as one single queue file. For this mode of operation, the pro‐
18 gram expects to be run from the master(8) process manager.
19 Alternatively, the SMTP server be can run in stand-alone mode; this is
21 traditionally obtained with "sendmail -bs". When the SMTP server runs
22 stand-alone with non $mail_owner privileges, it receives mail even
23 while the mail system is not running, deposits messages directly into
24 the maildrop queue, and disables the SMTP server's access policies. As
25 of Postfix version 2.3, the SMTP server refuses to receive mail from
26 the network when it runs with non $mail_owner privileges.
27 The SMTP server implements a variety of policies for connection re‐
29 quests, and for parameters given to HELO, ETRN, MAIL FROM, VRFY and
30 RCPT TO commands. They are detailed below and in the main.cf configura‐
31 tion file.
32
34 The SMTP server is moderately security-sensitive. It talks to SMTP
35 clients and to DNS servers on the network. The SMTP server can be run
36 chrooted at fixed low privilege.
37
39 RFC 821 (SMTP protocol)
40 RFC 1123 (Host requirements)
41 RFC 1652 (8bit-MIME transport)
42 RFC 1869 (SMTP service extensions)
43 RFC 1870 (Message size declaration)
44 RFC 1985 (ETRN command)
45 RFC 2034 (SMTP enhanced status codes)
46 RFC 2554 (AUTH command)
47 RFC 2821 (SMTP protocol)
48 RFC 2920 (SMTP pipelining)
49 RFC 3030 (CHUNKING without BINARYMIME)
50 RFC 3207 (STARTTLS command)
51 RFC 3461 (SMTP DSN extension)
52 RFC 3463 (Enhanced status codes)
53 RFC 3848 (ESMTP transmission types)
54 RFC 4409 (Message submission)
55 RFC 4954 (AUTH command)
56 RFC 5321 (SMTP protocol)
57 RFC 6531 (Internationalized SMTP)
58 RFC 6533 (Internationalized Delivery Status Notifications)
59 RFC 7505 ("Null MX" No Service Resource Record)
60
62 Problems and transactions are logged to syslogd(8) or postlogd(8).
63 Depending on the setting of the notify_classes parameter, the postmas‐
65 ter is notified of bounces, protocol problems, policy violations, and
66 of other trouble.
67
69 Changes to main.cf are picked up automatically, as smtpd(8) processes
70 run for only a limited amount of time. Use the command "postfix reload"
71 to speed up a change.
72 The text below provides only a parameter summary. See postconf(5) for
74 more details including examples.
75
77 The following parameters work around implementation errors in other
78 software, and/or allow you to override standards in order to prevent
79 undesirable use.
80 broken_sasl_auth_clients (no)
82 Enable interoperability with remote SMTP clients that implement
83 an obsolete version of the AUTH command (RFC 4954).
84 disable_vrfy_command (no)
86 Disable the SMTP VRFY command.
87 smtpd_noop_commands (empty)
89 List of commands that the Postfix SMTP server replies to with
90 "250 Ok", without doing any syntax checks and without changing
91 state.
92 strict_rfc821_envelopes (no)
94 Require that addresses received in SMTP MAIL FROM and RCPT TO
95 commands are enclosed with <>, and that those addresses do not
96 contain RFC 822 style comments or phrases.
97 Available in Postfix version 2.1 and later:
99 smtpd_reject_unlisted_sender (no)
101 Request that the Postfix SMTP server rejects mail from unknown
102 sender addresses, even when no explicit reject_unlisted_sender
103 access restriction is specified.
104 smtpd_sasl_exceptions_networks (empty)
106 What remote SMTP clients the Postfix SMTP server will not offer
107 AUTH support to.
108 Available in Postfix version 2.2 and later:
110 smtpd_discard_ehlo_keyword_address_maps (empty)
112 Lookup tables, indexed by the remote SMTP client address, with
113 case insensitive lists of EHLO keywords (pipelining, starttls,
114 auth, etc.) that the Postfix SMTP server will not send in the
115 EHLO response to a remote SMTP client.
116 smtpd_discard_ehlo_keywords (empty)
118 A case insensitive list of EHLO keywords (pipelining, starttls,
119 auth, etc.) that the Postfix SMTP server will not send in the
120 EHLO response to a remote SMTP client.
121 smtpd_delay_open_until_valid_rcpt (yes)
123 Postpone the start of an SMTP mail transaction until a valid
124 RCPT TO command is received.
125 Available in Postfix version 2.3 and later:
127 smtpd_tls_always_issue_session_ids (yes)
129 Force the Postfix SMTP server to issue a TLS session id, even
130 when TLS session caching is turned off (smtpd_tls_ses‐
131 sion_cache_database is empty).
132 Available in Postfix version 2.6 and later:
134 tcp_windowsize (0)
136 An optional workaround for routers that break TCP window scal‐
137 ing.
138 Available in Postfix version 2.7 and later:
140 smtpd_command_filter (empty)
142 A mechanism to transform commands from remote SMTP clients.
143 Available in Postfix version 2.9 - 3.6:
145 smtpd_per_record_deadline (normal: no, overload: yes)
147 Change the behavior of the smtpd_timeout and smtpd_start‐
148 tls_timeout time limits, from a time limit per read or write
149 system call, to a time limit to send or receive a complete
150 record (an SMTP command line, SMTP response line, SMTP message
151 content line, or TLS protocol message).
152 Available in Postfix version 3.0 and later:
154 smtpd_dns_reply_filter (empty)
156 Optional filter for Postfix SMTP server DNS lookup results.
157 Available in Postfix 3.5 and later:
159 info_log_address_format (external)
161 The email address form that will be used in non-debug logging
162 (info, warning, etc.).
163 Available in Postfix version 3.6 and later:
165 smtpd_relay_before_recipient_restrictions (see 'postconf -d' output)
167 Evaluate smtpd_relay_restrictions before smtpd_recipient_re‐
168 strictions.
169 known_tcp_ports (lmtp=24, smtp=25, smtps=submissions=465, submis‐
171 sion=587)
172 Optional setting that avoids lookups in the services(5) data‐
173 base.
174 Available in Postfix version 3.7 and later:
176 smtpd_per_request_deadline (normal: no, overload: yes)
178 Change the behavior of the smtpd_timeout and smtpd_start‐
179 tls_timeout time limits, from a time limit per plaintext or TLS
180 read or write call, to a combined time limit for receiving a
181 complete SMTP request and for sending a complete SMTP response.
182 smtpd_min_data_rate (500)
184 The minimum plaintext data transfer rate in bytes/second for
185 DATA and BDAT requests, when deadlines are enabled with
186 smtpd_per_request_deadline.
187
189 See the ADDRESS_REWRITING_README document for a detailed discussion of
190 Postfix address rewriting.
191 receive_override_options (empty)
193 Enable or disable recipient validation, built-in content filter‐
194 ing, or address mapping.
195 Available in Postfix version 2.2 and later:
197 local_header_rewrite_clients (permit_inet_interfaces)
199 Rewrite or add message headers in mail from these clients, up‐
200 dating incomplete addresses with the domain name in $myorigin or
201 $mydomain, and adding missing headers.
202
204 Available in Postfix version 2.10 and later:
205 smtpd_upstream_proxy_protocol (empty)
207 The name of the proxy protocol used by an optional before-smtpd
208 proxy agent.
209 smtpd_upstream_proxy_timeout (5s)
211 The time limit for the proxy protocol specified with the
212 smtpd_upstream_proxy_protocol parameter.
213
215 As of version 1.0, Postfix can be configured to send new mail to an ex‐
216 ternal content filter AFTER the mail is queued. This content filter is
217 expected to inject mail back into a (Postfix or other) MTA for further
218 delivery. See the FILTER_README document for details.
219 content_filter (empty)
221 After the message is queued, send the entire message to the
222 specified transport:destination.
223
225 As of version 2.1, the Postfix SMTP server can be configured to send
226 incoming mail to a real-time SMTP-based content filter BEFORE mail is
227 queued. This content filter is expected to inject mail back into Post‐
228 fix. See the SMTPD_PROXY_README document for details on how to config‐
229 ure and operate this feature.
230 smtpd_proxy_filter (empty)
232 The hostname and TCP port of the mail filtering proxy server.
233 smtpd_proxy_ehlo ($myhostname)
235 How the Postfix SMTP server announces itself to the proxy fil‐
236 ter.
237 smtpd_proxy_options (empty)
239 List of options that control how the Postfix SMTP server commu‐
240 nicates with a before-queue content filter.
241 smtpd_proxy_timeout (100s)
243 The time limit for connecting to a proxy filter and for sending
244 or receiving information.
245
247 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
248 filter) protocol. These content filters run outside Postfix. They can
249 inspect the SMTP command stream and the message content, and can re‐
250 quest modifications before mail is queued. For details see the MIL‐
251 TER_README document.
252 smtpd_milters (empty)
254 A list of Milter (mail filter) applications for new mail that
255 arrives via the Postfix smtpd(8) server.
256 milter_protocol (6)
258 The mail filter protocol version and optional protocol exten‐
259 sions for communication with a Milter application; prior to
260 Postfix 2.6 the default protocol is 2.
261 milter_default_action (tempfail)
263 The default action when a Milter (mail filter) response is un‐
264 available (for example, bad Postfix configuration or Milter
265 failure).
266 milter_macro_daemon_name ($myhostname)
268 The {daemon_name} macro value for Milter (mail filter) applica‐
269 tions.
270 milter_macro_v ($mail_name $mail_version)
272 The {v} macro value for Milter (mail filter) applications.
273 milter_connect_timeout (30s)
275 The time limit for connecting to a Milter (mail filter) applica‐
276 tion, and for negotiating protocol options.
277 milter_command_timeout (30s)
279 The time limit for sending an SMTP command to a Milter (mail
280 filter) application, and for receiving the response.
281 milter_content_timeout (300s)
283 The time limit for sending message content to a Milter (mail
284 filter) application, and for receiving the response.
285 milter_connect_macros (see 'postconf -d' output)
287 The macros that are sent to Milter (mail filter) applications
288 after completion of an SMTP connection.
289 milter_helo_macros (see 'postconf -d' output)
291 The macros that are sent to Milter (mail filter) applications
292 after the SMTP HELO or EHLO command.
293 milter_mail_macros (see 'postconf -d' output)
295 The macros that are sent to Milter (mail filter) applications
296 after the SMTP MAIL FROM command.
297 milter_rcpt_macros (see 'postconf -d' output)
299 The macros that are sent to Milter (mail filter) applications
300 after the SMTP RCPT TO command.
301 milter_data_macros (see 'postconf -d' output)
303 The macros that are sent to version 4 or higher Milter (mail
304 filter) applications after the SMTP DATA command.
305 milter_unknown_command_macros (see 'postconf -d' output)
307 The macros that are sent to version 3 or higher Milter (mail
308 filter) applications after an unknown SMTP command.
309 milter_end_of_header_macros (see 'postconf -d' output)
311 The macros that are sent to Milter (mail filter) applications
312 after the end of the message header.
313 milter_end_of_data_macros (see 'postconf -d' output)
315 The macros that are sent to Milter (mail filter) applications
316 after the message end-of-data.
317 Available in Postfix version 3.1 and later:
319 milter_macro_defaults (empty)
321 Optional list of name=value pairs that specify default values
322 for arbitrary macros that Postfix may send to Milter applica‐
323 tions.
324 Available in Postfix version 3.2 and later:
326 smtpd_milter_maps (empty)
328 Lookup tables with Milter settings per remote SMTP client IP ad‐
329 dress.
330
332 The following parameters are applicable for both built-in and external
333 content filters.
334 Available in Postfix version 2.1 and later:
336 receive_override_options (empty)
338 Enable or disable recipient validation, built-in content filter‐
339 ing, or address mapping.
340
342 The following parameters are applicable for both before-queue and af‐
343 ter-queue content filtering.
344 Available in Postfix version 2.1 and later:
346 smtpd_authorized_xforward_hosts (empty)
348 What remote SMTP clients are allowed to use the XFORWARD fea‐
349 ture.
350
352 Postfix SASL support (RFC 4954) can be used to authenticate remote SMTP
353 clients to the Postfix SMTP server, and to authenticate the Postfix
354 SMTP client to a remote SMTP server. See the SASL_README document for
355 details.
356 broken_sasl_auth_clients (no)
358 Enable interoperability with remote SMTP clients that implement
359 an obsolete version of the AUTH command (RFC 4954).
360 smtpd_sasl_auth_enable (no)
362 Enable SASL authentication in the Postfix SMTP server.
363 smtpd_sasl_local_domain (empty)
365 The name of the Postfix SMTP server's local SASL authentication
366 realm.
367 smtpd_sasl_security_options (noanonymous)
369 Postfix SMTP server SASL security options; as of Postfix 2.3 the
370 list of available features depends on the SASL server implemen‐
371 tation that is selected with smtpd_sasl_type.
372 smtpd_sender_login_maps (empty)
374 Optional lookup table with the SASL login names that own the
375 sender (MAIL FROM) addresses.
376 Available in Postfix version 2.1 and later:
378 smtpd_sasl_exceptions_networks (empty)
380 What remote SMTP clients the Postfix SMTP server will not offer
381 AUTH support to.
382 Available in Postfix version 2.1 and 2.2:
384 smtpd_sasl_application_name (smtpd)
386 The application name that the Postfix SMTP server uses for SASL
387 server initialization.
388 Available in Postfix version 2.3 and later:
390 smtpd_sasl_authenticated_header (no)
392 Report the SASL authenticated user name in the smtpd(8) Received
393 message header.
394 smtpd_sasl_path (smtpd)
396 Implementation-specific information that the Postfix SMTP server
397 passes through to the SASL plug-in implementation that is se‐
398 lected with smtpd_sasl_type.
399 smtpd_sasl_type (cyrus)
401 The SASL plug-in type that the Postfix SMTP server should use
402 for authentication.
403 Available in Postfix version 2.5 and later:
405 cyrus_sasl_config_path (empty)
407 Search path for Cyrus SASL application configuration files, cur‐
408 rently used only to locate the $smtpd_sasl_path.conf file.
409 Available in Postfix version 2.11 and later:
411 smtpd_sasl_service (smtp)
413 The service name that is passed to the SASL plug-in that is se‐
414 lected with smtpd_sasl_type and smtpd_sasl_path.
415 Available in Postfix version 3.4 and later:
417 smtpd_sasl_response_limit (12288)
419 The maximum length of a SASL client's response to a server chal‐
420 lenge.
421 Available in Postfix 3.6 and later:
423 smtpd_sasl_mechanism_filter (!external, static:rest)
425 If non-empty, a filter for the SASL mechanism names that the
426 Postfix SMTP server will announce in the EHLO response.
427
429 Detailed information about STARTTLS configuration may be found in the
430 TLS_README document.
431 smtpd_tls_security_level (empty)
433 The SMTP TLS security level for the Postfix SMTP server; when a
434 non-empty value is specified, this overrides the obsolete param‐
435 eters smtpd_use_tls and smtpd_enforce_tls.
436 smtpd_sasl_tls_security_options ($smtpd_sasl_security_options)
438 The SASL authentication security options that the Postfix SMTP
439 server uses for TLS encrypted SMTP sessions.
440 smtpd_starttls_timeout (see 'postconf -d' output)
442 The time limit for Postfix SMTP server write and read operations
443 during TLS startup and shutdown handshake procedures.
444 smtpd_tls_CAfile (empty)
446 A file containing (PEM format) CA certificates of root CAs
447 trusted to sign either remote SMTP client certificates or inter‐
448 mediate CA certificates.
449 smtpd_tls_CApath (empty)
451 A directory containing (PEM format) CA certificates of root CAs
452 trusted to sign either remote SMTP client certificates or inter‐
453 mediate CA certificates.
454 smtpd_tls_always_issue_session_ids (yes)
456 Force the Postfix SMTP server to issue a TLS session id, even
457 when TLS session caching is turned off (smtpd_tls_ses‐
458 sion_cache_database is empty).
459 smtpd_tls_ask_ccert (no)
461 Ask a remote SMTP client for a client certificate.
462 smtpd_tls_auth_only (no)
464 When TLS encryption is optional in the Postfix SMTP server, do
465 not announce or accept SASL authentication over unencrypted con‐
466 nections.
467 smtpd_tls_ccert_verifydepth (9)
469 The verification depth for remote SMTP client certificates.
470 smtpd_tls_cert_file (empty)
472 File with the Postfix SMTP server RSA certificate in PEM format.
473 smtpd_tls_exclude_ciphers (empty)
475 List of ciphers or cipher types to exclude from the SMTP server
476 cipher list at all TLS security levels.
477 smtpd_tls_dcert_file (empty)
479 File with the Postfix SMTP server DSA certificate in PEM format.
480 smtpd_tls_dh1024_param_file (empty)
482 File with DH parameters that the Postfix SMTP server should use
483 with non-export EDH ciphers.
484 smtpd_tls_dh512_param_file (empty)
486 File with DH parameters that the Postfix SMTP server should use
487 with export-grade EDH ciphers.
488 smtpd_tls_dkey_file ($smtpd_tls_dcert_file)
490 File with the Postfix SMTP server DSA private key in PEM format.
491 smtpd_tls_key_file ($smtpd_tls_cert_file)
493 File with the Postfix SMTP server RSA private key in PEM format.
494 smtpd_tls_loglevel (0)
496 Enable additional Postfix SMTP server logging of TLS activity.
497 smtpd_tls_mandatory_ciphers (medium)
499 The minimum TLS cipher grade that the Postfix SMTP server will
500 use with mandatory TLS encryption.
501 smtpd_tls_mandatory_exclude_ciphers (empty)
503 Additional list of ciphers or cipher types to exclude from the
504 Postfix SMTP server cipher list at mandatory TLS security lev‐
505 els.
506 smtpd_tls_mandatory_protocols (see 'postconf -d' output)
508 TLS protocols accepted by the Postfix SMTP server with mandatory
509 TLS encryption.
510 smtpd_tls_received_header (no)
512 Request that the Postfix SMTP server produces Received: message
513 headers that include information about the protocol and cipher
514 used, as well as the remote SMTP client CommonName and client
515 certificate issuer CommonName.
516 smtpd_tls_req_ccert (no)
518 With mandatory TLS encryption, require a trusted remote SMTP
519 client certificate in order to allow TLS connections to proceed.
520 smtpd_tls_wrappermode (no)
522 Run the Postfix SMTP server in TLS "wrapper" mode, instead of
523 using the STARTTLS command.
524 tls_daemon_random_bytes (32)
526 The number of pseudo-random bytes that an smtp(8) or smtpd(8)
527 process requests from the tlsmgr(8) server in order to seed its
528 internal pseudo random number generator (PRNG).
529 tls_high_cipherlist (see 'postconf -d' output)
531 The OpenSSL cipherlist for "high" grade ciphers.
532 tls_medium_cipherlist (see 'postconf -d' output)
534 The OpenSSL cipherlist for "medium" or higher grade ciphers.
535 tls_null_cipherlist (eNULL:!aNULL)
537 The OpenSSL cipherlist for "NULL" grade ciphers that provide au‐
538 thentication without encryption.
539 Available in Postfix version 2.3..3.7:
541 tls_low_cipherlist (see 'postconf -d' output)
543 The OpenSSL cipherlist for "low" or higher grade ciphers.
544 tls_export_cipherlist (see 'postconf -d' output)
546 The OpenSSL cipherlist for "export" or higher grade ciphers.
547 Available in Postfix version 2.5 and later:
549 smtpd_tls_fingerprint_digest (see 'postconf -d' output)
551 The message digest algorithm to construct remote SMTP
552 client-certificate fingerprints or public key fingerprints
553 (Postfix 2.9 and later) for check_ccert_access and per‐
554 mit_tls_clientcerts.
555 Available in Postfix version 2.6 and later:
557 smtpd_tls_protocols (see postconf -d output)
559 TLS protocols accepted by the Postfix SMTP server with oppor‐
560 tunistic TLS encryption.
561 smtpd_tls_ciphers (medium)
563 The minimum TLS cipher grade that the Postfix SMTP server will
564 use with opportunistic TLS encryption.
565 smtpd_tls_eccert_file (empty)
567 File with the Postfix SMTP server ECDSA certificate in PEM for‐
568 mat.
569 smtpd_tls_eckey_file ($smtpd_tls_eccert_file)
571 File with the Postfix SMTP server ECDSA private key in PEM for‐
572 mat.
573 smtpd_tls_eecdh_grade (see 'postconf -d' output)
575 The Postfix SMTP server security grade for ephemeral ellip‐
576 tic-curve Diffie-Hellman (EECDH) key exchange.
577 tls_eecdh_strong_curve (prime256v1)
579 The elliptic curve used by the Postfix SMTP server for sensibly
580 strong ephemeral ECDH key exchange.
581 tls_eecdh_ultra_curve (secp384r1)
583 The elliptic curve used by the Postfix SMTP server for maximally
584 strong ephemeral ECDH key exchange.
585 Available in Postfix version 2.8 and later:
587 tls_preempt_cipherlist (no)
589 With SSLv3 and later, use the Postfix SMTP server's cipher pref‐
590 erence order instead of the remote client's cipher preference
591 order.
592 tls_disable_workarounds (see 'postconf -d' output)
594 List or bit-mask of OpenSSL bug work-arounds to disable.
595 Available in Postfix version 2.11 and later:
597 tlsmgr_service_name (tlsmgr)
599 The name of the tlsmgr(8) service entry in master.cf.
600 Available in Postfix version 3.0 and later:
602 tls_session_ticket_cipher (Postfix >= 3.0: aes-256-cbc, Postfix < 3.0:
604 aes-128-cbc)
605 Algorithm used to encrypt RFC5077 TLS session tickets.
606 Available in Postfix version 3.2 and later:
608 tls_eecdh_auto_curves (see 'postconf -d' output)
610 The prioritized list of elliptic curves supported by the Postfix
611 SMTP client and server.
612 Available in Postfix version 3.4 and later:
614 smtpd_tls_chain_files (empty)
616 List of one or more PEM files, each holding one or more private
617 keys directly followed by a corresponding certificate chain.
618 tls_server_sni_maps (empty)
620 Optional lookup tables that map names received from remote SMTP
621 clients via the TLS Server Name Indication (SNI) extension to
622 the appropriate keys and certificate chains.
623 Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
625 tls_fast_shutdown_enable (yes)
627 A workaround for implementations that hang Postfix while shut‐
628 ting down a TLS session, until Postfix times out.
629 Available in Postfix version 3.8 and later:
631 tls_ffdhe_auto_groups (see 'postconf -d' output)
633 The prioritized list of finite-field Diffie-Hellman ephemeral
634 (FFDHE) key exchange groups supported by the Postfix SMTP client
635 and server.
636 Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:
638 tls_config_file (default)
640 Optional configuration file with baseline OpenSSL settings.
641 tls_config_name (empty)
643 The application name passed by Postfix to OpenSSL library ini‐
644 tialization functions.
645
647 The following configuration parameters exist for compatibility with
648 Postfix versions before 2.3. Support for these will be removed in a fu‐
649 ture release.
650 smtpd_use_tls (no)
652 Opportunistic TLS: announce STARTTLS support to remote SMTP
653 clients, but do not require that clients use TLS encryption.
654 smtpd_enforce_tls (no)
656 Mandatory TLS: announce STARTTLS support to remote SMTP clients,
657 and require that clients use TLS encryption.
658 smtpd_tls_cipherlist (empty)
660 Obsolete Postfix < 2.3 control for the Postfix SMTP server TLS
661 cipher list.
662
664 Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
665 smtputf8_enable (yes)
667 Enable preliminary SMTPUTF8 support for the protocols described
668 in RFC 6531, RFC 6532, and RFC 6533.
669 strict_smtputf8 (no)
671 Enable stricter enforcement of the SMTPUTF8 protocol.
672 smtputf8_autodetect_classes (sendmail, verify)
674 Detect that a message requires SMTPUTF8 support for the speci‐
675 fied mail origin classes.
676 Available in Postfix version 3.2 and later:
678 enable_idna2003_compatibility (no)
680 Enable 'transitional' compatibility between IDNA2003 and
681 IDNA2008, when converting UTF-8 domain names to/from the ASCII
682 form that is used for DNS lookups.
683
685 With VERP style delivery, each recipient of a message receives a cus‐
686 tomized copy of the message with his/her own recipient address encoded
687 in the envelope sender address. The VERP_README file describes config‐
688 uration and operation details of Postfix support for variable envelope
689 return path addresses. VERP style delivery is requested with the SMTP
690 XVERP command or with the "sendmail -V" command-line option and is
691 available in Postfix version 1.1 and later.
692 default_verp_delimiters (+=)
694 The two default VERP delimiter characters.
695 verp_delimiter_filter (-=+)
697 The characters Postfix accepts as VERP delimiter characters on
698 the Postfix sendmail(1) command line and in SMTP commands.
699 Available in Postfix version 1.1 and 2.0:
701 authorized_verp_clients ($mynetworks)
703 What remote SMTP clients are allowed to specify the XVERP com‐
704 mand.
705 Available in Postfix version 2.1 and later:
707 smtpd_authorized_verp_clients ($authorized_verp_clients)
709 What remote SMTP clients are allowed to specify the XVERP com‐
710 mand.
711
713 The DEBUG_README document describes how to debug parts of the Postfix
714 mail system. The methods vary from making the software log a lot of de‐
715 tail, to running some daemon processes under control of a call tracer
716 or debugger.
717 debug_peer_level (2)
719 The increment in verbose logging level when a nexthop destina‐
720 tion, remote client or server name or network address matches a
721 pattern given with the debug_peer_list parameter.
722 debug_peer_list (empty)
724 Optional list of nexthop destination, remote client or server
725 name or network address patterns that, if matched, cause the
726 verbose logging level to increase by the amount specified in
727 $debug_peer_level.
728 error_notice_recipient (postmaster)
730 The recipient of postmaster notifications about mail delivery
731 problems that are caused by policy, resource, software or proto‐
732 col errors.
733 internal_mail_filter_classes (empty)
735 What categories of Postfix-generated mail are subject to be‐
736 fore-queue content inspection by non_smtpd_milters,
737 header_checks and body_checks.
738 notify_classes (resource, software)
740 The list of error classes that are reported to the postmaster.
741 smtpd_reject_footer (empty)
743 Optional information that is appended after each Postfix SMTP
744 server 4XX or 5XX response.
745 soft_bounce (no)
747 Safety net to keep mail queued that would otherwise be returned
748 to the sender.
749 Available in Postfix version 2.1 and later:
751 smtpd_authorized_xclient_hosts (empty)
753 What remote SMTP clients are allowed to use the XCLIENT feature.
754 Available in Postfix version 2.10 and later:
756 smtpd_log_access_permit_actions (empty)
758 Enable logging of the named "permit" actions in SMTP server ac‐
759 cess lists (by default, the SMTP server logs "reject" actions
760 but not "permit" actions).
761
763 As of Postfix version 2.0, the SMTP server rejects mail for unknown re‐
764 cipients. This prevents the mail queue from clogging up with undeliver‐
765 able MAILER-DAEMON messages. Additional information on this topic is in
766 the LOCAL_RECIPIENT_README and ADDRESS_CLASS_README documents.
767 show_user_unknown_table_name (yes)
769 Display the name of the recipient table in the "User unknown"
770 responses.
771 canonical_maps (empty)
773 Optional address mapping lookup tables for message headers and
774 envelopes.
775 recipient_canonical_maps (empty)
777 Optional address mapping lookup tables for envelope and header
778 recipient addresses.
779 sender_canonical_maps (empty)
781 Optional address mapping lookup tables for envelope and header
782 sender addresses.
783 Parameters concerning known/unknown local recipients:
785 mydestination ($myhostname, localhost.$mydomain, localhost)
787 The list of domains that are delivered via the $local_transport
788 mail delivery transport.
789 inet_interfaces (all)
791 The local network interface addresses that this mail system re‐
792 ceives mail on.
793 proxy_interfaces (empty)
795 The remote network interface addresses that this mail system re‐
796 ceives mail on by way of a proxy or network address translation
797 unit.
798 inet_protocols (see 'postconf -d output')
800 The Internet protocols Postfix will attempt to use when making
801 or accepting connections.
802 local_recipient_maps (proxy:unix:passwd.byname $alias_maps)
804 Lookup tables with all names or addresses of local recipients: a
805 recipient address is local when its domain matches $mydestina‐
806 tion, $inet_interfaces or $proxy_interfaces.
807 unknown_local_recipient_reject_code (550)
809 The numerical Postfix SMTP server response code when a recipient
810 address is local, and $local_recipient_maps specifies a list of
811 lookup tables that does not match the recipient.
812 Parameters concerning known/unknown recipients of relay destinations:
814 relay_domains (Postfix >= 3.0: empty, Postfix < 3.0: $mydestination)
816 What destination domains (and subdomains thereof) this system
817 will relay mail to.
818 relay_recipient_maps (empty)
820 Optional lookup tables with all valid addresses in the domains
821 that match $relay_domains.
822 unknown_relay_recipient_reject_code (550)
824 The numerical Postfix SMTP server reply code when a recipient
825 address matches $relay_domains, and relay_recipient_maps speci‐
826 fies a list of lookup tables that does not match the recipient
827 address.
828 Parameters concerning known/unknown recipients in virtual alias do‐
830 mains:
831 virtual_alias_domains ($virtual_alias_maps)
833 Postfix is the final destination for the specified list of vir‐
834 tual alias domains, that is, domains for which all addresses are
835 aliased to addresses in other local or remote domains.
836 virtual_alias_maps ($virtual_maps)
838 Optional lookup tables that alias specific mail addresses or do‐
839 mains to other local or remote addresses.
840 unknown_virtual_alias_reject_code (550)
842 The Postfix SMTP server reply code when a recipient address
843 matches $virtual_alias_domains, and $virtual_alias_maps speci‐
844 fies a list of lookup tables that does not match the recipient
845 address.
846 Parameters concerning known/unknown recipients in virtual mailbox do‐
848 mains:
849 virtual_mailbox_domains ($virtual_mailbox_maps)
851 Postfix is the final destination for the specified list of do‐
852 mains; mail is delivered via the $virtual_transport mail deliv‐
853 ery transport.
854 virtual_mailbox_maps (empty)
856 Optional lookup tables with all valid addresses in the domains
857 that match $virtual_mailbox_domains.
858 unknown_virtual_mailbox_reject_code (550)
860 The Postfix SMTP server reply code when a recipient address
861 matches $virtual_mailbox_domains, and $virtual_mailbox_maps
862 specifies a list of lookup tables that does not match the recip‐
863 ient address.
864
866 The following parameters limit resource usage by the SMTP server and/or
867 control client request rates.
868 line_length_limit (2048)
870 Upon input, long lines are chopped up into pieces of at most
871 this length; upon delivery, long lines are reconstructed.
872 queue_minfree (0)
874 The minimal amount of free space in bytes in the queue file sys‐
875 tem that is needed to receive mail.
876 message_size_limit (10240000)
878 The maximal size in bytes of a message, including envelope in‐
879 formation.
880 smtpd_recipient_limit (1000)
882 The maximal number of recipients that the Postfix SMTP server
883 accepts per message delivery request.
884 smtpd_timeout (normal: 300s, overload: 10s)
886 When the Postfix SMTP server wants to send an SMTP server re‐
887 sponse, how long the Postfix SMTP server will wait for an under‐
888 lying network write operation to complete; and when the Postfix
889 SMTP server Postfix wants to receive an SMTP client request, how
890 long the Postfix SMTP server will wait for an underlying network
891 read operation to complete.
892 smtpd_history_flush_threshold (100)
894 The maximal number of lines in the Postfix SMTP server command
895 history before it is flushed upon receipt of EHLO, RSET, or end
896 of DATA.
897 Available in Postfix version 2.3 and later:
899 smtpd_peername_lookup (yes)
901 Attempt to look up the remote SMTP client hostname, and verify
902 that the name matches the client IP address.
903 The per SMTP client connection count and request rate limits are imple‐
905 mented in co-operation with the anvil(8) service, and are available in
906 Postfix version 2.2 and later.
907 smtpd_client_connection_count_limit (50)
909 How many simultaneous connections any client is allowed to make
910 to this service.
911 smtpd_client_connection_rate_limit (0)
913 The maximal number of connection attempts any client is allowed
914 to make to this service per time unit.
915 smtpd_client_message_rate_limit (0)
917 The maximal number of message delivery requests that any client
918 is allowed to make to this service per time unit, regardless of
919 whether or not Postfix actually accepts those messages.
920 smtpd_client_recipient_rate_limit (0)
922 The maximal number of recipient addresses that any client is al‐
923 lowed to send to this service per time unit, regardless of
924 whether or not Postfix actually accepts those recipients.
925 smtpd_client_event_limit_exceptions ($mynetworks)
927 Clients that are excluded from smtpd_client_*_count/rate_limit
928 restrictions.
929 Available in Postfix version 2.3 and later:
931 smtpd_client_new_tls_session_rate_limit (0)
933 The maximal number of new (i.e., uncached) TLS sessions that a
934 remote SMTP client is allowed to negotiate with this service per
935 time unit.
936 Available in Postfix version 2.9 - 3.6:
938 smtpd_per_record_deadline (normal: no, overload: yes)
940 Change the behavior of the smtpd_timeout and smtpd_start‐
941 tls_timeout time limits, from a time limit per read or write
942 system call, to a time limit to send or receive a complete
943 record (an SMTP command line, SMTP response line, SMTP message
944 content line, or TLS protocol message).
945 Available in Postfix version 3.1 and later:
947 smtpd_client_auth_rate_limit (0)
949 The maximal number of AUTH commands that any client is allowed
950 to send to this service per time unit, regardless of whether or
951 not Postfix actually accepts those commands.
952 Available in Postfix version 3.7 and later:
954 smtpd_per_request_deadline (normal: no, overload: yes)
956 Change the behavior of the smtpd_timeout and smtpd_start‐
957 tls_timeout time limits, from a time limit per plaintext or TLS
958 read or write call, to a combined time limit for receiving a
959 complete SMTP request and for sending a complete SMTP response.
960 smtpd_min_data_rate (500)
962 The minimum plaintext data transfer rate in bytes/second for
963 DATA and BDAT requests, when deadlines are enabled with
964 smtpd_per_request_deadline.
965 header_from_format (standard)
967 The format of the Postfix-generated From: header.
968 Available in Postfix version 3.8 and later:
970 smtpd_client_ipv4_prefix_length (32)
972 Aggregate smtpd_client_*_count and smtpd_client_*_rate statis‐
973 tics by IPv4 network blocks with the specified network prefix.
974 smtpd_client_ipv6_prefix_length (84)
976 Aggregate smtpd_client_*_count and smtpd_client_*_rate statis‐
977 tics by IPv6 network blocks with the specified network prefix.
978 Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:
980 smtpd_forbid_unauth_pipelining (Postfix >= 3.9: yes)
982 Disconnect remote SMTP clients that violate RFC 2920 (or 5321)
983 command pipelining constraints.
984
986 When a remote SMTP client makes errors, the Postfix SMTP server can in‐
987 sert delays before responding. This can help to slow down run-away
988 software. The behavior is controlled by an error counter that counts
989 the number of errors within an SMTP session that a client makes without
990 delivering mail.
991 smtpd_error_sleep_time (1s)
993 With Postfix version 2.1 and later: the SMTP server response de‐
994 lay after a client has made more than $smtpd_soft_error_limit
995 errors, and fewer than $smtpd_hard_error_limit errors, without
996 delivering mail.
997 smtpd_soft_error_limit (10)
999 The number of errors a remote SMTP client is allowed to make
1000 without delivering mail before the Postfix SMTP server slows
1001 down all its responses.
1002 smtpd_hard_error_limit (normal: 20, overload: 1)
1004 The maximal number of errors a remote SMTP client is allowed to
1005 make without delivering mail.
1006 smtpd_junk_command_limit (normal: 100, overload: 1)
1008 The number of junk commands (NOOP, VRFY, ETRN or RSET) that a
1009 remote SMTP client can send before the Postfix SMTP server
1010 starts to increment the error counter with each junk command.
1011 Available in Postfix version 2.1 and later:
1013 smtpd_recipient_overshoot_limit (1000)
1015 The number of recipients that a remote SMTP client can send in
1016 excess of the limit specified with $smtpd_recipient_limit, be‐
1017 fore the Postfix SMTP server increments the per-session error
1018 count for each excess recipient.
1019
1021 As of version 2.1, Postfix can be configured to delegate access policy
1022 decisions to an external server that runs outside Postfix. See the
1023 file SMTPD_POLICY_README for more information.
1024 smtpd_policy_service_max_idle (300s)
1026 The time after which an idle SMTPD policy service connection is
1027 closed.
1028 smtpd_policy_service_max_ttl (1000s)
1030 The time after which an active SMTPD policy service connection
1031 is closed.
1032 smtpd_policy_service_timeout (100s)
1034 The time limit for connecting to, writing to, or receiving from
1035 a delegated SMTPD policy server.
1036 Available in Postfix version 3.0 and later:
1038 smtpd_policy_service_default_action (451 4.3.5 Server configuration
1040 problem)
1041 The default action when an SMTPD policy service request fails.
1042 smtpd_policy_service_request_limit (0)
1044 The maximal number of requests per SMTPD policy service connec‐
1045 tion, or zero (no limit).
1046 smtpd_policy_service_try_limit (2)
1048 The maximal number of attempts to send an SMTPD policy service
1049 request before giving up.
1050 smtpd_policy_service_retry_delay (1s)
1052 The delay between attempts to resend a failed SMTPD policy ser‐
1053 vice request.
1054 Available in Postfix version 3.1 and later:
1056 smtpd_policy_service_policy_context (empty)
1058 Optional information that the Postfix SMTP server specifies in
1059 the "policy_context" attribute of a policy service request
1060 (originally, to share the same service endpoint among multiple
1061 check_policy_service clients).
1062
1064 The SMTPD_ACCESS_README document gives an introduction to all the SMTP
1065 server access control features.
1066 smtpd_delay_reject (yes)
1068 Wait until the RCPT TO command before evaluating
1069 $smtpd_client_restrictions, $smtpd_helo_restrictions and
1070 $smtpd_sender_restrictions, or wait until the ETRN command be‐
1071 fore evaluating $smtpd_client_restrictions and $smtpd_helo_re‐
1072 strictions.
1073 parent_domain_matches_subdomains (see 'postconf -d' output)
1075 A list of Postfix features where the pattern "example.com" also
1076 matches subdomains of example.com, instead of requiring an ex‐
1077 plicit ".example.com" pattern.
1078 smtpd_client_restrictions (empty)
1080 Optional restrictions that the Postfix SMTP server applies in
1081 the context of a client connection request.
1082 smtpd_helo_required (no)
1084 Require that a remote SMTP client introduces itself with the
1085 HELO or EHLO command before sending the MAIL command or other
1086 commands that require EHLO negotiation.
1087 smtpd_helo_restrictions (empty)
1089 Optional restrictions that the Postfix SMTP server applies in
1090 the context of a client HELO command.
1091 smtpd_sender_restrictions (empty)
1093 Optional restrictions that the Postfix SMTP server applies in
1094 the context of a client MAIL FROM command.
1095 smtpd_recipient_restrictions (see 'postconf -d' output)
1097 Optional restrictions that the Postfix SMTP server applies in
1098 the context of a client RCPT TO command, after smtpd_relay_re‐
1099 strictions.
1100 smtpd_etrn_restrictions (empty)
1102 Optional restrictions that the Postfix SMTP server applies in
1103 the context of a client ETRN command.
1104 allow_untrusted_routing (no)
1106 Forward mail with sender-specified routing (user[@%!]re‐
1107 mote[@%!]site) from untrusted clients to destinations matching
1108 $relay_domains.
1109 smtpd_restriction_classes (empty)
1111 User-defined aliases for groups of access restrictions.
1112 smtpd_null_access_lookup_key (<>)
1114 The lookup key to be used in SMTP access(5) tables instead of
1115 the null sender address.
1116 permit_mx_backup_networks (empty)
1118 Restrict the use of the permit_mx_backup SMTP access feature to
1119 only domains whose primary MX hosts match the listed networks.
1120 Available in Postfix version 2.0 and later:
1122 smtpd_data_restrictions (empty)
1124 Optional access restrictions that the Postfix SMTP server ap‐
1125 plies in the context of the SMTP DATA command.
1126 smtpd_expansion_filter (see 'postconf -d' output)
1128 What characters are allowed in $name expansions of RBL reply
1129 templates.
1130 Available in Postfix version 2.1 and later:
1132 smtpd_reject_unlisted_sender (no)
1134 Request that the Postfix SMTP server rejects mail from unknown
1135 sender addresses, even when no explicit reject_unlisted_sender
1136 access restriction is specified.
1137 smtpd_reject_unlisted_recipient (yes)
1139 Request that the Postfix SMTP server rejects mail for unknown
1140 recipient addresses, even when no explicit reject_unlisted_re‐
1141 cipient access restriction is specified.
1142 Available in Postfix version 2.2 and later:
1144 smtpd_end_of_data_restrictions (empty)
1146 Optional access restrictions that the Postfix SMTP server ap‐
1147 plies in the context of the SMTP END-OF-DATA command.
1148 Available in Postfix version 2.10 and later:
1150 smtpd_relay_restrictions (permit_mynetworks, permit_sasl_authenticated,
1152 defer_unauth_destination)
1153 Access restrictions for mail relay control that the Postfix SMTP
1154 server applies in the context of the RCPT TO command, before
1155 smtpd_recipient_restrictions.
1156
1158 Postfix version 2.1 introduces sender and recipient address verifica‐
1159 tion. This feature is implemented by sending probe email messages that
1160 are not actually delivered. This feature is requested via the re‐
1161 ject_unverified_sender and reject_unverified_recipient access restric‐
1162 tions. The status of verification probes is maintained by the ver‐
1163 ify(8) server. See the file ADDRESS_VERIFICATION_README for informa‐
1164 tion about how to configure and operate the Postfix sender/recipient
1165 address verification service.
1166 address_verify_poll_count (normal: 3, overload: 1)
1168 How many times to query the verify(8) service for the completion
1169 of an address verification request in progress.
1170 address_verify_poll_delay (3s)
1172 The delay between queries for the completion of an address veri‐
1173 fication request in progress.
1174 address_verify_sender ($double_bounce_sender)
1176 The sender address to use in address verification probes; prior
1177 to Postfix 2.5 the default was "postmaster".
1178 unverified_sender_reject_code (450)
1180 The numerical Postfix SMTP server response code when a recipient
1181 address is rejected by the reject_unverified_sender restriction.
1182 unverified_recipient_reject_code (450)
1184 The numerical Postfix SMTP server response when a recipient ad‐
1185 dress is rejected by the reject_unverified_recipient restric‐
1186 tion.
1187 Available in Postfix version 2.6 and later:
1189 unverified_sender_defer_code (450)
1191 The numerical Postfix SMTP server response code when a sender
1192 address probe fails due to a temporary error condition.
1193 unverified_recipient_defer_code (450)
1195 The numerical Postfix SMTP server response when a recipient ad‐
1196 dress probe fails due to a temporary error condition.
1197 unverified_sender_reject_reason (empty)
1199 The Postfix SMTP server's reply when rejecting mail with re‐
1200 ject_unverified_sender.
1201 unverified_recipient_reject_reason (empty)
1203 The Postfix SMTP server's reply when rejecting mail with re‐
1204 ject_unverified_recipient.
1205 unverified_sender_tempfail_action ($reject_tempfail_action)
1207 The Postfix SMTP server's action when reject_unverified_sender
1208 fails due to a temporary error condition.
1209 unverified_recipient_tempfail_action ($reject_tempfail_action)
1211 The Postfix SMTP server's action when reject_unverified_recipi‐
1212 ent fails due to a temporary error condition.
1213 Available with Postfix 2.9 and later:
1215 address_verify_sender_ttl (0s)
1217 The time between changes in the time-dependent portion of ad‐
1218 dress verification probe sender addresses.
1219
1221 The following parameters control numerical SMTP reply codes and/or text
1222 responses.
1223 access_map_reject_code (554)
1225 The numerical Postfix SMTP server response code for an access(5)
1226 map "reject" action.
1227 defer_code (450)
1229 The numerical Postfix SMTP server response code when a remote
1230 SMTP client request is rejected by the "defer" restriction.
1231 invalid_hostname_reject_code (501)
1233 The numerical Postfix SMTP server response code when the client
1234 HELO or EHLO command parameter is rejected by the reject_in‐
1235 valid_helo_hostname restriction.
1236 maps_rbl_reject_code (554)
1238 The numerical Postfix SMTP server response code when a remote
1239 SMTP client request is blocked by the reject_rbl_client, re‐
1240 ject_rhsbl_client, reject_rhsbl_reverse_client, re‐
1241 ject_rhsbl_sender or reject_rhsbl_recipient restriction.
1242 non_fqdn_reject_code (504)
1244 The numerical Postfix SMTP server reply code when a client re‐
1245 quest is rejected by the reject_non_fqdn_helo_hostname, re‐
1246 ject_non_fqdn_sender or reject_non_fqdn_recipient restriction.
1247 plaintext_reject_code (450)
1249 The numerical Postfix SMTP server response code when a request
1250 is rejected by the reject_plaintext_session restriction.
1251 reject_code (554)
1253 The numerical Postfix SMTP server response code when a remote
1254 SMTP client request is rejected by the "reject" restriction.
1255 relay_domains_reject_code (554)
1257 The numerical Postfix SMTP server response code when a client
1258 request is rejected by the reject_unauth_destination recipient
1259 restriction.
1260 unknown_address_reject_code (450)
1262 The numerical response code when the Postfix SMTP server rejects
1263 a sender or recipient address because its domain is unknown.
1264 unknown_client_reject_code (450)
1266 The numerical Postfix SMTP server response code when a client
1267 without valid address <=> name mapping is rejected by the re‐
1268 ject_unknown_client_hostname restriction.
1269 unknown_hostname_reject_code (450)
1271 The numerical Postfix SMTP server response code when the host‐
1272 name specified with the HELO or EHLO command is rejected by the
1273 reject_unknown_helo_hostname restriction.
1274 Available in Postfix version 2.0 and later:
1276 default_rbl_reply (see 'postconf -d' output)
1278 The default Postfix SMTP server response template for a request
1279 that is rejected by an RBL-based restriction.
1280 multi_recipient_bounce_reject_code (550)
1282 The numerical Postfix SMTP server response code when a remote
1283 SMTP client request is blocked by the reject_multi_recipi‐
1284 ent_bounce restriction.
1285 rbl_reply_maps (empty)
1287 Optional lookup tables with RBL response templates.
1288 Available in Postfix version 2.6 and later:
1290 access_map_defer_code (450)
1292 The numerical Postfix SMTP server response code for an access(5)
1293 map "defer" action, including "defer_if_permit" or "defer_if_re‐
1294 ject".
1295 reject_tempfail_action (defer_if_permit)
1297 The Postfix SMTP server's action when a reject-type restriction
1298 fails due to a temporary error condition.
1299 unknown_helo_hostname_tempfail_action ($reject_tempfail_action)
1301 The Postfix SMTP server's action when reject_unknown_helo_host‐
1302 name fails due to a temporary error condition.
1303 unknown_address_tempfail_action ($reject_tempfail_action)
1305 The Postfix SMTP server's action when reject_unknown_sender_do‐
1306 main or reject_unknown_recipient_domain fail due to a temporary
1307 error condition.
1308
1310 config_directory (see 'postconf -d' output)
1311 The default location of the Postfix main.cf and master.cf con‐
1312 figuration files.
1313 daemon_timeout (18000s)
1315 How much time a Postfix daemon process may take to handle a re‐
1316 quest before it is terminated by a built-in watchdog timer.
1317 command_directory (see 'postconf -d' output)
1319 The location of all postfix administrative commands.
1320 double_bounce_sender (double-bounce)
1322 The sender address of postmaster notifications that are gener‐
1323 ated by the mail system.
1324 ipc_timeout (3600s)
1326 The time limit for sending or receiving information over an in‐
1327 ternal communication channel.
1328 mail_name (Postfix)
1330 The mail system name that is displayed in Received: headers, in
1331 the SMTP greeting banner, and in bounced mail.
1332 mail_owner (postfix)
1334 The UNIX system account that owns the Postfix queue and most
1335 Postfix daemon processes.
1336 max_idle (100s)
1338 The maximum amount of time that an idle Postfix daemon process
1339 waits for an incoming connection before terminating voluntarily.
1340 max_use (100)
1342 The maximal number of incoming connections that a Postfix daemon
1343 process will service before terminating voluntarily.
1344 myhostname (see 'postconf -d' output)
1346 The internet hostname of this mail system.
1347 mynetworks (see 'postconf -d' output)
1349 The list of "trusted" remote SMTP clients that have more privi‐
1350 leges than "strangers".
1351 myorigin ($myhostname)
1353 The domain name that locally-posted mail appears to come from,
1354 and that locally posted mail is delivered to.
1355 process_id (read-only)
1357 The process ID of a Postfix command or daemon process.
1358 process_name (read-only)
1360 The process name of a Postfix command or daemon process.
1361 queue_directory (see 'postconf -d' output)
1363 The location of the Postfix top-level queue directory.
1364 recipient_delimiter (empty)
1366 The set of characters that can separate an email address local‐
1367 part, user name, or a .forward file name from its extension.
1368 smtpd_banner ($myhostname ESMTP $mail_name)
1370 The text that follows the 220 status code in the SMTP greeting
1371 banner.
1372 syslog_facility (mail)
1374 The syslog facility of Postfix logging.
1375 syslog_name (see 'postconf -d' output)
1377 A prefix that is prepended to the process name in syslog
1378 records, so that, for example, "smtpd" becomes "prefix/smtpd".
1379 Available in Postfix version 2.2 and later:
1381 smtpd_forbidden_commands (CONNECT GET POST regexp:{{/^[^A-Z]/ Bogus}})
1383 List of commands that cause the Postfix SMTP server to immedi‐
1384 ately terminate the session with a 221 code.
1385 Available in Postfix version 2.5 and later:
1387 smtpd_client_port_logging (no)
1389 Enable logging of the remote SMTP client port in addition to the
1390 hostname and IP address.
1391 Available in Postfix 3.3 and later:
1393 service_name (read-only)
1395 The master.cf service name of a Postfix daemon process.
1396 Available in Postfix 3.4 and later:
1398 smtpd_reject_footer_maps (empty)
1400 Lookup tables, indexed by the complete Postfix SMTP server 4xx
1401 or 5xx response, with reject footer templates.
1402
1404 anvil(8), connection/rate limiting
1405 cleanup(8), message canonicalization
1406 tlsmgr(8), TLS session and PRNG management
1407 trivial-rewrite(8), address resolver
1408 verify(8), address verification service
1409 postconf(5), configuration parameters
1410 master(5), generic daemon options
1411 master(8), process manager
1412 postlogd(8), Postfix logging
1413 syslogd(8), system logging
1414
1416 Use "postconf readme_directory" or "postconf html_directory" to locate
1417 this information.
1418 ADDRESS_CLASS_README, blocking unknown hosted or relay recipients
1419 ADDRESS_REWRITING_README, Postfix address manipulation
1420 BDAT_README, Postfix CHUNKING support
1421 FILTER_README, external after-queue content filter
1422 LOCAL_RECIPIENT_README, blocking unknown local recipients
1423 MILTER_README, before-queue mail filter applications
1424 SMTPD_ACCESS_README, built-in access policies
1425 SMTPD_POLICY_README, external policy server
1426 SMTPD_PROXY_README, external before-queue content filter
1427 SASL_README, Postfix SASL howto
1428 TLS_README, Postfix STARTTLS howto
1429 VERP_README, Postfix XVERP extension
1430 XCLIENT_README, Postfix XCLIENT extension
1431 XFORWARD_README, Postfix XFORWARD extension
1432
1434 The Secure Mailer license must be distributed with this software.
1435
1437 Wietse Venema
1438 IBM T.J. Watson Research
1439 P.O. Box 704
1440 Yorktown Heights, NY 10598, USA
1441 Wietse Venema
1443 Google, Inc.
1444 111 8th Avenue
1445 New York, NY 10011, USA
1446 SASL support originally by:
1448 Till Franke
1449 SuSE Rhein/Main AG
1450 65760 Eschborn, Germany
1451 TLS support originally by:
1453 Lutz Jaenicke
1454 BTU Cottbus
1455 Allgemeine Elektrotechnik
1456 Universitaetsplatz 3-4
1457 D-03044 Cottbus, Germany
1458 Revised TLS support by:
1460 Victor Duchovni
1461 Morgan Stanley
1462 SMTPD(8)