1CLEANUP(8) System Manager's Manual CLEANUP(8)
2
6 cleanup - canonicalize and enqueue Postfix message
7
9 cleanup [generic Postfix daemon options]
10
12 The cleanup(8) daemon processes inbound mail, inserts it into the
13 incoming mail queue, and informs the queue manager of its arrival.
14 The cleanup(8) daemon always performs the following transformations:
16 · Insert missing message headers: (Resent-) From:, To:, Message-
18 Id:, and Date:.
19 · Transform envelope and header addresses to the standard
21 user@fully-qualified-domain form that is expected by other Post‐
22 fix programs. This task is delegated to the trivial-rewrite(8)
23 daemon.
24 · Eliminate duplicate envelope recipient addresses.
26 The following address transformations are optional:
28 · Optionally, rewrite all envelope and header addresses according
30 to the mappings specified in the canonical(5) lookup tables.
31 · Optionally, masquerade envelope sender addresses and message
33 header addresses (i.e. strip host or domain information below
34 all domains listed in the masquerade_domains parameter, except
35 for user names listed in masquerade_exceptions). By default,
36 address masquerading does not affect envelope recipients.
37 · Optionally, expand envelope recipients according to information
39 found in the virtual(5) lookup tables.
40 The cleanup(8) daemon performs sanity checks on the content of each
42 message. When it finds a problem, by default it returns a diagnostic
43 status to the client, and leaves it up to the client to deal with the
44 problem. Alternatively, the client can request the cleanup(8) daemon to
45 bounce the message back to the sender in case of trouble.
46
48 RFC 822 (ARPA Internet Text Messages)
49 RFC 2045 (MIME: Format of Internet Message Bodies)
50 RFC 2046 (MIME: Media Types)
51 RFC 2822 (Internet Message Format)
52 RFC 3463 (Enhanced Status Codes)
53 RFC 3464 (Delivery status notifications)
54 RFC 5322 (Internet Message Format)
55
57 Problems and transactions are logged to syslogd(8).
58
60 Table-driven rewriting rules make it hard to express if then else and
61 other logical relationships.
62
64 Changes to main.cf are picked up automatically, as cleanup(8) processes
65 run for only a limited amount of time. Use the command "postfix reload"
66 to speed up a change.
67 The text below provides only a parameter summary. See postconf(5) for
69 more details including examples.
70
72 undisclosed_recipients_header (see 'postconf -d' output)
73 Message header that the Postfix cleanup(8) server inserts when a
74 message contains no To: or Cc: message header.
75 Available in Postfix version 2.1 only:
77 enable_errors_to (no)
79 Report mail delivery errors to the address specified with the
80 non-standard Errors-To: message header, instead of the envelope
81 sender address (this feature is removed with Postfix version
82 2.2, is turned off by default with Postfix version 2.1, and is
83 always turned on with older Postfix versions).
84 Available in Postfix version 2.6 and later:
86 always_add_missing_headers (no)
88 Always add (Resent-) From:, To:, Date: or Message-ID: headers
89 when not present.
90 Available in Postfix version 2.9 and later:
92 enable_long_queue_ids (no)
94 Enable long, non-repeating, queue IDs (queue file names).
95
97 Postfix built-in content filtering is meant to stop a flood of worms or
98 viruses. It is not a general content filter.
99 body_checks (empty)
101 Optional lookup tables for content inspection as specified in
102 the body_checks(5) manual page.
103 header_checks (empty)
105 Optional lookup tables for content inspection of primary non-
106 MIME message headers, as specified in the header_checks(5) man‐
107 ual page.
108 Available in Postfix version 2.0 and later:
110 body_checks_size_limit (51200)
112 How much text in a message body segment (or attachment, if you
113 prefer to use that term) is subjected to body_checks inspection.
114 mime_header_checks ($header_checks)
116 Optional lookup tables for content inspection of MIME related
117 message headers, as described in the header_checks(5) manual
118 page.
119 nested_header_checks ($header_checks)
121 Optional lookup tables for content inspection of non-MIME mes‐
122 sage headers in attached messages, as described in the
123 header_checks(5) manual page.
124 Available in Postfix version 2.3 and later:
126 message_reject_characters (empty)
128 The set of characters that Postfix will reject in message con‐
129 tent.
130 message_strip_characters (empty)
132 The set of characters that Postfix will remove from message con‐
133 tent.
134
136 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
137 filter) protocol. When mail is not received via the smtpd(8) server,
138 the cleanup(8) server will simulate SMTP events to the extent that this
139 is possible. For details see the MILTER_README document.
140 non_smtpd_milters (empty)
142 A list of Milter (mail filter) applications for new mail that
143 does not arrive via the Postfix smtpd(8) server.
144 milter_protocol (6)
146 The mail filter protocol version and optional protocol exten‐
147 sions for communication with a Milter application; prior to
148 Postfix 2.6 the default protocol is 2.
149 milter_default_action (tempfail)
151 The default action when a Milter (mail filter) application is
152 unavailable or mis-configured.
153 milter_macro_daemon_name ($myhostname)
155 The {daemon_name} macro value for Milter (mail filter) applica‐
156 tions.
157 milter_macro_v ($mail_name $mail_version)
159 The {v} macro value for Milter (mail filter) applications.
160 milter_connect_timeout (30s)
162 The time limit for connecting to a Milter (mail filter) applica‐
163 tion, and for negotiating protocol options.
164 milter_command_timeout (30s)
166 The time limit for sending an SMTP command to a Milter (mail
167 filter) application, and for receiving the response.
168 milter_content_timeout (300s)
170 The time limit for sending message content to a Milter (mail
171 filter) application, and for receiving the response.
172 milter_connect_macros (see 'postconf -d' output)
174 The macros that are sent to Milter (mail filter) applications
175 after completion of an SMTP connection.
176 milter_helo_macros (see 'postconf -d' output)
178 The macros that are sent to Milter (mail filter) applications
179 after the SMTP HELO or EHLO command.
180 milter_mail_macros (see 'postconf -d' output)
182 The macros that are sent to Milter (mail filter) applications
183 after the SMTP MAIL FROM command.
184 milter_rcpt_macros (see 'postconf -d' output)
186 The macros that are sent to Milter (mail filter) applications
187 after the SMTP RCPT TO command.
188 milter_data_macros (see 'postconf -d' output)
190 The macros that are sent to version 4 or higher Milter (mail
191 filter) applications after the SMTP DATA command.
192 milter_unknown_command_macros (see 'postconf -d' output)
194 The macros that are sent to version 3 or higher Milter (mail
195 filter) applications after an unknown SMTP command.
196 milter_end_of_data_macros (see 'postconf -d' output)
198 The macros that are sent to Milter (mail filter) applications
199 after the message end-of-data.
200 Available in Postfix version 2.5 and later:
202 milter_end_of_header_macros (see 'postconf -d' output)
204 The macros that are sent to Milter (mail filter) applications
205 after the end of the message header.
206 Available in Postfix version 2.7 and later:
208 milter_header_checks (empty)
210 Optional lookup tables for content inspection of message headers
211 that are produced by Milter applications.
212
214 Available in Postfix version 2.0 and later:
215 disable_mime_input_processing (no)
217 Turn off MIME processing while receiving mail.
218 mime_boundary_length_limit (2048)
220 The maximal length of MIME multipart boundary strings.
221 mime_nesting_limit (100)
223 The maximal recursion level that the MIME processor will handle.
224 strict_8bitmime (no)
226 Enable both strict_7bit_headers and strict_8bitmime_body.
227 strict_7bit_headers (no)
229 Reject mail with 8-bit text in message headers.
230 strict_8bitmime_body (no)
232 Reject 8-bit message body text without 8-bit MIME content encod‐
233 ing information.
234 strict_mime_encoding_domain (no)
236 Reject mail with invalid Content-Transfer-Encoding: information
237 for the message/* or multipart/* MIME content types.
238 Available in Postfix version 2.5 and later:
240 detect_8bit_encoding_header (yes)
242 Automatically detect 8BITMIME body content by looking at Con‐
243 tent-Transfer-Encoding: message headers; historically, this
244 behavior was hard-coded to be "always on".
245
247 Postfix can automatically add BCC (blind carbon copy) when mail enters
248 the mail system:
249 always_bcc (empty)
251 Optional address that receives a "blind carbon copy" of each
252 message that is received by the Postfix mail system.
253 Available in Postfix version 2.1 and later:
255 sender_bcc_maps (empty)
257 Optional BCC (blind carbon-copy) address lookup tables, indexed
258 by sender address.
259 recipient_bcc_maps (empty)
261 Optional BCC (blind carbon-copy) address lookup tables, indexed
262 by recipient address.
263
265 Address rewriting is delegated to the trivial-rewrite(8) daemon. The
266 cleanup(8) server implements table driven address mapping.
267 empty_address_recipient (MAILER-DAEMON)
269 The recipient of mail addressed to the null address.
270 canonical_maps (empty)
272 Optional address mapping lookup tables for message headers and
273 envelopes.
274 recipient_canonical_maps (empty)
276 Optional address mapping lookup tables for envelope and header
277 recipient addresses.
278 sender_canonical_maps (empty)
280 Optional address mapping lookup tables for envelope and header
281 sender addresses.
282 masquerade_classes (envelope_sender, header_sender, header_recipient)
284 What addresses are subject to address masquerading.
285 masquerade_domains (empty)
287 Optional list of domains whose subdomain structure will be
288 stripped off in email addresses.
289 masquerade_exceptions (empty)
291 Optional list of user names that are not subjected to address
292 masquerading, even when their address matches $masquer‐
293 ade_domains.
294 propagate_unmatched_extensions (canonical, virtual)
296 What address lookup tables copy an address extension from the
297 lookup key to the lookup result.
298 Available before Postfix version 2.0:
300 virtual_maps (empty)
302 Optional lookup tables with a) names of domains for which all
303 addresses are aliased to addresses in other local or remote
304 domains, and b) addresses that are aliased to addresses in other
305 local or remote domains.
306 Available in Postfix version 2.0 and later:
308 virtual_alias_maps ($virtual_maps)
310 Optional lookup tables that alias specific mail addresses or
311 domains to other local or remote address.
312 Available in Postfix version 2.2 and later:
314 canonical_classes (envelope_sender, envelope_recipient, header_sender,
316 header_recipient)
317 What addresses are subject to canonical_maps address mapping.
318 recipient_canonical_classes (envelope_recipient, header_recipient)
320 What addresses are subject to recipient_canonical_maps address
321 mapping.
322 sender_canonical_classes (envelope_sender, header_sender)
324 What addresses are subject to sender_canonical_maps address map‐
325 ping.
326 remote_header_rewrite_domain (empty)
328 Don't rewrite message headers from remote clients at all when
329 this parameter is empty; otherwise, rewrite message headers and
330 append the specified domain name to incomplete addresses.
331
333 duplicate_filter_limit (1000)
334 The maximal number of addresses remembered by the address dupli‐
335 cate filter for aliases(5) or virtual(5) alias expansion, or for
336 showq(8) queue displays.
337 header_size_limit (102400)
339 The maximal amount of memory in bytes for storing a message
340 header.
341 hopcount_limit (50)
343 The maximal number of Received: message headers that is allowed
344 in the primary message headers.
345 in_flow_delay (1s)
347 Time to pause before accepting a new message, when the message
348 arrival rate exceeds the message delivery rate.
349 message_size_limit (10240000)
351 The maximal size in bytes of a message, including envelope
352 information.
353 Available in Postfix version 2.0 and later:
355 header_address_token_limit (10240)
357 The maximal number of address tokens are allowed in an address
358 message header.
359 mime_boundary_length_limit (2048)
361 The maximal length of MIME multipart boundary strings.
362 mime_nesting_limit (100)
364 The maximal recursion level that the MIME processor will handle.
365 queue_file_attribute_count_limit (100)
367 The maximal number of (name=value) attributes that may be stored
368 in a Postfix queue file.
369 Available in Postfix version 2.1 and later:
371 virtual_alias_expansion_limit (1000)
373 The maximal number of addresses that virtual alias expansion
374 produces from each original recipient.
375 virtual_alias_recursion_limit (1000)
377 The maximal nesting depth of virtual alias expansion.
378
380 config_directory (see 'postconf -d' output)
381 The default location of the Postfix main.cf and master.cf con‐
382 figuration files.
383 daemon_timeout (18000s)
385 How much time a Postfix daemon process may take to handle a
386 request before it is terminated by a built-in watchdog timer.
387 delay_logging_resolution_limit (2)
389 The maximal number of digits after the decimal point when log‐
390 ging sub-second delay values.
391 delay_warning_time (0h)
393 The time after which the sender receives a copy of the message
394 headers of mail that is still queued.
395 ipc_timeout (3600s)
397 The time limit for sending or receiving information over an
398 internal communication channel.
399 max_idle (100s)
401 The maximum amount of time that an idle Postfix daemon process
402 waits for an incoming connection before terminating voluntarily.
403 max_use (100)
405 The maximal number of incoming connections that a Postfix daemon
406 process will service before terminating voluntarily.
407 myhostname (see 'postconf -d' output)
409 The internet hostname of this mail system.
410 myorigin ($myhostname)
412 The domain name that locally-posted mail appears to come from,
413 and that locally posted mail is delivered to.
414 process_id (read-only)
416 The process ID of a Postfix command or daemon process.
417 process_name (read-only)
419 The process name of a Postfix command or daemon process.
420 queue_directory (see 'postconf -d' output)
422 The location of the Postfix top-level queue directory.
423 soft_bounce (no)
425 Safety net to keep mail queued that would otherwise be returned
426 to the sender.
427 syslog_facility (mail)
429 The syslog facility of Postfix logging.
430 syslog_name (see 'postconf -d' output)
432 The mail system name that is prepended to the process name in
433 syslog records, so that "smtpd" becomes, for example, "post‐
434 fix/smtpd".
435 Available in Postfix version 2.1 and later:
437 enable_original_recipient (yes)
439 Enable support for the X-Original-To message header.
440
442 /etc/postfix/canonical*, canonical mapping table
443 /etc/postfix/virtual*, virtual mapping table
444
446 trivial-rewrite(8), address rewriting
447 qmgr(8), queue manager
448 header_checks(5), message header content inspection
449 body_checks(5), body parts content inspection
450 canonical(5), canonical address lookup table format
451 virtual(5), virtual alias lookup table format
452 postconf(5), configuration parameters
453 master(5), generic daemon options
454 master(8), process manager
455 syslogd(8), system logging
456
458 Use "postconf readme_directory" or "postconf html_directory" to locate
459 this information.
460 ADDRESS_REWRITING_README Postfix address manipulation
461 CONTENT_INSPECTION_README content inspection
462
464 The Secure Mailer license must be distributed with this software.
465
467 Wietse Venema
468 IBM T.J. Watson Research
469 P.O. Box 704
470 Yorktown Heights, NY 10598, USA
471 CLEANUP(8)