1SMTPD(8) System Manager's Manual SMTPD(8)
2
6 smtpd - Postfix SMTP server
7
9 smtpd [generic Postfix daemon options]
10 sendmail -bs
12
14 The SMTP server accepts network connection requests and performs zero
15 or more SMTP transactions per connection. Each received message is
16 piped through the cleanup(8) daemon, and is placed into the incoming
17 queue as one single queue file. For this mode of operation, the pro‐
18 gram expects to be run from the master(8) process manager.
19 Alternatively, the SMTP server be can run in stand-alone mode; this is
21 traditionally obtained with "sendmail -bs". When the SMTP server runs
22 stand-alone with non $mail_owner privileges, it receives mail even
23 while the mail system is not running, deposits messages directly into
24 the maildrop queue, and disables the SMTP server's access policies. As
25 of Postfix version 2.3, the SMTP server refuses to receive mail from
26 the network when it runs with non $mail_owner privileges.
27 The SMTP server implements a variety of policies for connection
29 requests, and for parameters given to HELO, ETRN, MAIL FROM, VRFY and
30 RCPT TO commands. They are detailed below and in the main.cf configura‐
31 tion file.
32
34 The SMTP server is moderately security-sensitive. It talks to SMTP
35 clients and to DNS servers on the network. The SMTP server can be run
36 chrooted at fixed low privilege.
37
39 RFC 821 (SMTP protocol)
40 RFC 1123 (Host requirements)
41 RFC 1652 (8bit-MIME transport)
42 RFC 1869 (SMTP service extensions)
43 RFC 1870 (Message size declaration)
44 RFC 1985 (ETRN command)
45 RFC 2034 (SMTP enhanced status codes)
46 RFC 2554 (AUTH command)
47 RFC 2821 (SMTP protocol)
48 RFC 2920 (SMTP pipelining)
49 RFC 3207 (STARTTLS command)
50 RFC 3461 (SMTP DSN extension)
51 RFC 3463 (Enhanced status codes)
52 RFC 3848 (ESMTP transmission types)
53 RFC 4409 (Message submission)
54 RFC 4954 (AUTH command)
55 RFC 5321 (SMTP protocol)
56
58 Problems and transactions are logged to syslogd(8).
59 Depending on the setting of the notify_classes parameter, the postmas‐
61 ter is notified of bounces, protocol problems, policy violations, and
62 of other trouble.
63
65 Changes to main.cf are picked up automatically, as smtpd(8) processes
66 run for only a limited amount of time. Use the command "postfix reload"
67 to speed up a change.
68 The text below provides only a parameter summary. See postconf(5) for
70 more details including examples.
71
73 The following parameters work around implementation errors in other
74 software, and/or allow you to override standards in order to prevent
75 undesirable use.
76 broken_sasl_auth_clients (no)
78 Enable inter-operability with remote SMTP clients that implement
79 an obsolete version of the AUTH command (RFC 4954).
80 disable_vrfy_command (no)
82 Disable the SMTP VRFY command.
83 smtpd_noop_commands (empty)
85 List of commands that the Postfix SMTP server replies to with
86 "250 Ok", without doing any syntax checks and without changing
87 state.
88 strict_rfc821_envelopes (no)
90 Require that addresses received in SMTP MAIL FROM and RCPT TO
91 commands are enclosed with <>, and that those addresses do not
92 contain RFC 822 style comments or phrases.
93 Available in Postfix version 2.1 and later:
95 resolve_null_domain (no)
97 Resolve an address that ends in the "@" null domain as if the
98 local hostname were specified, instead of rejecting the address
99 as invalid.
100 smtpd_reject_unlisted_sender (no)
102 Request that the Postfix SMTP server rejects mail from unknown
103 sender addresses, even when no explicit reject_unlisted_sender
104 access restriction is specified.
105 smtpd_sasl_exceptions_networks (empty)
107 What remote SMTP clients the Postfix SMTP server will not offer
108 AUTH support to.
109 Available in Postfix version 2.2 and later:
111 smtpd_discard_ehlo_keyword_address_maps (empty)
113 Lookup tables, indexed by the remote SMTP client address, with
114 case insensitive lists of EHLO keywords (pipelining, starttls,
115 auth, etc.) that the Postfix SMTP server will not send in the
116 EHLO response to a remote SMTP client.
117 smtpd_discard_ehlo_keywords (empty)
119 A case insensitive list of EHLO keywords (pipelining, starttls,
120 auth, etc.) that the Postfix SMTP server will not send in the
121 EHLO response to a remote SMTP client.
122 smtpd_delay_open_until_valid_rcpt (yes)
124 Postpone the start of an SMTP mail transaction until a valid
125 RCPT TO command is received.
126 Available in Postfix version 2.3 and later:
128 smtpd_tls_always_issue_session_ids (yes)
130 Force the Postfix SMTP server to issue a TLS session id, even
131 when TLS session caching is turned off (smtpd_tls_ses‐
132 sion_cache_database is empty).
133 Available in Postfix version 2.6 and later:
135 tcp_windowsize (0)
137 An optional workaround for routers that break TCP window scal‐
138 ing.
139 Available in Postfix version 2.7 and later:
141 smtpd_command_filter (empty)
143 A mechanism to transform commands from remote SMTP clients.
144 Available in Postfix version 2.9 and later:
146 smtpd_per_record_deadline (normal: no, overload: yes)
148 Change the behavior of the smtpd_timeout time limit, from a time
149 limit per read or write system call, to a time limit to send or
150 receive a complete record (an SMTP command line, SMTP response
151 line, SMTP message content line, or TLS protocol message).
152
154 See the ADDRESS_REWRITING_README document for a detailed discussion of
155 Postfix address rewriting.
156 receive_override_options (empty)
158 Enable or disable recipient validation, built-in content filter‐
159 ing, or address mapping.
160 Available in Postfix version 2.2 and later:
162 local_header_rewrite_clients (permit_inet_interfaces)
164 Rewrite message header addresses in mail from these clients and
165 update incomplete addresses with the domain name in $myorigin or
166 $mydomain; either don't rewrite message headers from other
167 clients at all, or rewrite message headers and update incomplete
168 addresses with the domain specified in the remote_header_re‐
169 write_domain parameter.
170
172 Available in Postfix version 2.10 and later:
173 smtpd_upstream_proxy_protocol (empty)
175 The name of the proxy protocol used by an optional before-smtpd
176 proxy agent.
177 smtpd_upstream_proxy_timeout (5s)
179 The time limit for the proxy protocol specified with the
180 smtpd_upstream_proxy_protocol parameter.
181
183 As of version 1.0, Postfix can be configured to send new mail to an
184 external content filter AFTER the mail is queued. This content filter
185 is expected to inject mail back into a (Postfix or other) MTA for fur‐
186 ther delivery. See the FILTER_README document for details.
187 content_filter (empty)
189 After the message is queued, send the entire message to the
190 specified transport:destination.
191
193 As of version 2.1, the Postfix SMTP server can be configured to send
194 incoming mail to a real-time SMTP-based content filter BEFORE mail is
195 queued. This content filter is expected to inject mail back into Post‐
196 fix. See the SMTPD_PROXY_README document for details on how to config‐
197 ure and operate this feature.
198 smtpd_proxy_filter (empty)
200 The hostname and TCP port of the mail filtering proxy server.
201 smtpd_proxy_ehlo ($myhostname)
203 How the Postfix SMTP server announces itself to the proxy fil‐
204 ter.
205 smtpd_proxy_options (empty)
207 List of options that control how the Postfix SMTP server commu‐
208 nicates with a before-queue content filter.
209 smtpd_proxy_timeout (100s)
211 The time limit for connecting to a proxy filter and for sending
212 or receiving information.
213
215 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
216 filter) protocol. These content filters run outside Postfix. They can
217 inspect the SMTP command stream and the message content, and can
218 request modifications before mail is queued. For details see the MIL‐
219 TER_README document.
220 smtpd_milters (empty)
222 A list of Milter (mail filter) applications for new mail that
223 arrives via the Postfix smtpd(8) server.
224 milter_protocol (6)
226 The mail filter protocol version and optional protocol exten‐
227 sions for communication with a Milter application; prior to
228 Postfix 2.6 the default protocol is 2.
229 milter_default_action (tempfail)
231 The default action when a Milter (mail filter) application is
232 unavailable or mis-configured.
233 milter_macro_daemon_name ($myhostname)
235 The {daemon_name} macro value for Milter (mail filter) applica‐
236 tions.
237 milter_macro_v ($mail_name $mail_version)
239 The {v} macro value for Milter (mail filter) applications.
240 milter_connect_timeout (30s)
242 The time limit for connecting to a Milter (mail filter) applica‐
243 tion, and for negotiating protocol options.
244 milter_command_timeout (30s)
246 The time limit for sending an SMTP command to a Milter (mail
247 filter) application, and for receiving the response.
248 milter_content_timeout (300s)
250 The time limit for sending message content to a Milter (mail
251 filter) application, and for receiving the response.
252 milter_connect_macros (see 'postconf -d' output)
254 The macros that are sent to Milter (mail filter) applications
255 after completion of an SMTP connection.
256 milter_helo_macros (see 'postconf -d' output)
258 The macros that are sent to Milter (mail filter) applications
259 after the SMTP HELO or EHLO command.
260 milter_mail_macros (see 'postconf -d' output)
262 The macros that are sent to Milter (mail filter) applications
263 after the SMTP MAIL FROM command.
264 milter_rcpt_macros (see 'postconf -d' output)
266 The macros that are sent to Milter (mail filter) applications
267 after the SMTP RCPT TO command.
268 milter_data_macros (see 'postconf -d' output)
270 The macros that are sent to version 4 or higher Milter (mail
271 filter) applications after the SMTP DATA command.
272 milter_unknown_command_macros (see 'postconf -d' output)
274 The macros that are sent to version 3 or higher Milter (mail
275 filter) applications after an unknown SMTP command.
276 milter_end_of_header_macros (see 'postconf -d' output)
278 The macros that are sent to Milter (mail filter) applications
279 after the end of the message header.
280 milter_end_of_data_macros (see 'postconf -d' output)
282 The macros that are sent to Milter (mail filter) applications
283 after the message end-of-data.
284
286 The following parameters are applicable for both built-in and external
287 content filters.
288 Available in Postfix version 2.1 and later:
290 receive_override_options (empty)
292 Enable or disable recipient validation, built-in content filter‐
293 ing, or address mapping.
294
296 The following parameters are applicable for both before-queue and
297 after-queue content filtering.
298 Available in Postfix version 2.1 and later:
300 smtpd_authorized_xforward_hosts (empty)
302 What remote SMTP clients are allowed to use the XFORWARD fea‐
303 ture.
304
306 Postfix SASL support (RFC 4954) can be used to authenticate remote SMTP
307 clients to the Postfix SMTP server, and to authenticate the Postfix
308 SMTP client to a remote SMTP server. See the SASL_README document for
309 details.
310 broken_sasl_auth_clients (no)
312 Enable inter-operability with remote SMTP clients that implement
313 an obsolete version of the AUTH command (RFC 4954).
314 smtpd_sasl_auth_enable (no)
316 Enable SASL authentication in the Postfix SMTP server.
317 smtpd_sasl_local_domain (empty)
319 The name of the Postfix SMTP server's local SASL authentication
320 realm.
321 smtpd_sasl_security_options (noanonymous)
323 Postfix SMTP server SASL security options; as of Postfix 2.3 the
324 list of available features depends on the SASL server implemen‐
325 tation that is selected with smtpd_sasl_type.
326 smtpd_sender_login_maps (empty)
328 Optional lookup table with the SASL login names that own sender
329 (MAIL FROM) addresses.
330 Available in Postfix version 2.1 and later:
332 smtpd_sasl_exceptions_networks (empty)
334 What remote SMTP clients the Postfix SMTP server will not offer
335 AUTH support to.
336 Available in Postfix version 2.1 and 2.2:
338 smtpd_sasl_application_name (smtpd)
340 The application name that the Postfix SMTP server uses for SASL
341 server initialization.
342 Available in Postfix version 2.3 and later:
344 smtpd_sasl_authenticated_header (no)
346 Report the SASL authenticated user name in the smtpd(8) Received
347 message header.
348 smtpd_sasl_path (smtpd)
350 Implementation-specific information that the Postfix SMTP server
351 passes through to the SASL plug-in implementation that is
352 selected with smtpd_sasl_type.
353 smtpd_sasl_type (cyrus)
355 The SASL plug-in type that the Postfix SMTP server should use
356 for authentication.
357 Available in Postfix version 2.5 and later:
359 cyrus_sasl_config_path (empty)
361 Search path for Cyrus SASL application configuration files, cur‐
362 rently used only to locate the $smtpd_sasl_path.conf file.
363
365 Detailed information about STARTTLS configuration may be found in the
366 TLS_README document.
367 smtpd_tls_security_level (empty)
369 The SMTP TLS security level for the Postfix SMTP server; when a
370 non-empty value is specified, this overrides the obsolete param‐
371 eters smtpd_use_tls and smtpd_enforce_tls.
372 smtpd_sasl_tls_security_options ($smtpd_sasl_security_options)
374 The SASL authentication security options that the Postfix SMTP
375 server uses for TLS encrypted SMTP sessions.
376 smtpd_starttls_timeout (see 'postconf -d' output)
378 The time limit for Postfix SMTP server write and read operations
379 during TLS startup and shutdown handshake procedures.
380 smtpd_tls_CAfile (empty)
382 A file containing (PEM format) CA certificates of root CAs
383 trusted to sign either remote SMTP client certificates or inter‐
384 mediate CA certificates.
385 smtpd_tls_CApath (empty)
387 A directory containing (PEM format) CA certificates of root CAs
388 trusted to sign either remote SMTP client certificates or inter‐
389 mediate CA certificates.
390 smtpd_tls_always_issue_session_ids (yes)
392 Force the Postfix SMTP server to issue a TLS session id, even
393 when TLS session caching is turned off (smtpd_tls_ses‐
394 sion_cache_database is empty).
395 smtpd_tls_ask_ccert (no)
397 Ask a remote SMTP client for a client certificate.
398 smtpd_tls_auth_only (no)
400 When TLS encryption is optional in the Postfix SMTP server, do
401 not announce or accept SASL authentication over unencrypted con‐
402 nections.
403 smtpd_tls_ccert_verifydepth (9)
405 The verification depth for remote SMTP client certificates.
406 smtpd_tls_cert_file (empty)
408 File with the Postfix SMTP server RSA certificate in PEM format.
409 smtpd_tls_exclude_ciphers (empty)
411 List of ciphers or cipher types to exclude from the SMTP server
412 cipher list at all TLS security levels.
413 smtpd_tls_dcert_file (empty)
415 File with the Postfix SMTP server DSA certificate in PEM format.
416 smtpd_tls_dh1024_param_file (empty)
418 File with DH parameters that the Postfix SMTP server should use
419 with EDH ciphers.
420 smtpd_tls_dh512_param_file (empty)
422 File with DH parameters that the Postfix SMTP server should use
423 with EDH ciphers.
424 smtpd_tls_dkey_file ($smtpd_tls_dcert_file)
426 File with the Postfix SMTP server DSA private key in PEM format.
427 smtpd_tls_key_file ($smtpd_tls_cert_file)
429 File with the Postfix SMTP server RSA private key in PEM format.
430 smtpd_tls_loglevel (0)
432 Enable additional Postfix SMTP server logging of TLS activity.
433 smtpd_tls_mandatory_ciphers (medium)
435 The minimum TLS cipher grade that the Postfix SMTP server will
436 use with mandatory TLS encryption.
437 smtpd_tls_mandatory_exclude_ciphers (empty)
439 Additional list of ciphers or cipher types to exclude from the
440 Postfix SMTP server cipher list at mandatory TLS security lev‐
441 els.
442 smtpd_tls_mandatory_protocols (!SSLv2)
444 The SSL/TLS protocols accepted by the Postfix SMTP server with
445 mandatory TLS encryption.
446 smtpd_tls_received_header (no)
448 Request that the Postfix SMTP server produces Received: message
449 headers that include information about the protocol and cipher
450 used, as well as the remote SMTP client CommonName and client
451 certificate issuer CommonName.
452 smtpd_tls_req_ccert (no)
454 With mandatory TLS encryption, require a trusted remote SMTP
455 client certificate in order to allow TLS connections to proceed.
456 smtpd_tls_session_cache_database (empty)
458 Name of the file containing the optional Postfix SMTP server TLS
459 session cache.
460 smtpd_tls_session_cache_timeout (3600s)
462 The expiration time of Postfix SMTP server TLS session cache
463 information.
464 smtpd_tls_wrappermode (no)
466 Run the Postfix SMTP server in the non-standard "wrapper" mode,
467 instead of using the STARTTLS command.
468 tls_daemon_random_bytes (32)
470 The number of pseudo-random bytes that an smtp(8) or smtpd(8)
471 process requests from the tlsmgr(8) server in order to seed its
472 internal pseudo random number generator (PRNG).
473 tls_high_cipherlist (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)
475 The OpenSSL cipherlist for "HIGH" grade ciphers.
476 tls_medium_cipherlist (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)
478 The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers.
479 tls_low_cipherlist (ALL:!EXPORT:+RC4:@STRENGTH)
481 The OpenSSL cipherlist for "LOW" or higher grade ciphers.
482 tls_export_cipherlist (ALL:+RC4:@STRENGTH)
484 The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.
485 tls_null_cipherlist (eNULL:!aNULL)
487 The OpenSSL cipherlist for "NULL" grade ciphers that provide
488 authentication without encryption.
489 Available in Postfix version 2.5 and later:
491 smtpd_tls_fingerprint_digest (md5)
493 The message digest algorithm to construct remote SMTP client-
494 certificate fingerprints or public key fingerprints (Postfix 2.9
495 and later) for check_ccert_access and permit_tls_clientcerts.
496 Available in Postfix version 2.6 and later:
498 smtpd_tls_protocols (empty)
500 List of TLS protocols that the Postfix SMTP server will exclude
501 or include with opportunistic TLS encryption.
502 smtpd_tls_ciphers (export)
504 The minimum TLS cipher grade that the Postfix SMTP server will
505 use with opportunistic TLS encryption.
506 smtpd_tls_eccert_file (empty)
508 File with the Postfix SMTP server ECDSA certificate in PEM for‐
509 mat.
510 smtpd_tls_eckey_file ($smtpd_tls_eccert_file)
512 File with the Postfix SMTP server ECDSA private key in PEM for‐
513 mat.
514 smtpd_tls_eecdh_grade (see 'postconf -d' output)
516 The Postfix SMTP server security grade for ephemeral elliptic-
517 curve Diffie-Hellman (EECDH) key exchange.
518 tls_eecdh_strong_curve (prime256v1)
520 The elliptic curve used by the Postfix SMTP server for sensibly
521 strong ephemeral ECDH key exchange.
522 tls_eecdh_ultra_curve (secp384r1)
524 The elliptic curve used by the Postfix SMTP server for maximally
525 strong ephemeral ECDH key exchange.
526 Available in Postfix version 2.8 and later:
528 tls_preempt_cipherlist (no)
530 With SSLv3 and later, use the Postfix SMTP server's cipher pref‐
531 erence order instead of the remote client's cipher preference
532 order.
533 tls_disable_workarounds (see 'postconf -d' output)
535 List or bit-mask of OpenSSL bug work-arounds to disable.
536
538 The following configuration parameters exist for compatibility with
539 Postfix versions before 2.3. Support for these will be removed in a
540 future release.
541 smtpd_use_tls (no)
543 Opportunistic TLS: announce STARTTLS support to remote SMTP
544 clients, but do not require that clients use TLS encryption.
545 smtpd_enforce_tls (no)
547 Mandatory TLS: announce STARTTLS support to remote SMTP clients,
548 and require that clients use TLS encryption.
549 smtpd_tls_cipherlist (empty)
551 Obsolete Postfix < 2.3 control for the Postfix SMTP server TLS
552 cipher list.
553
555 With VERP style delivery, each recipient of a message receives a cus‐
556 tomized copy of the message with his/her own recipient address encoded
557 in the envelope sender address. The VERP_README file describes config‐
558 uration and operation details of Postfix support for variable envelope
559 return path addresses. VERP style delivery is requested with the SMTP
560 XVERP command or with the "sendmail -V" command-line option and is
561 available in Postfix version 1.1 and later.
562 default_verp_delimiters (+=)
564 The two default VERP delimiter characters.
565 verp_delimiter_filter (-=+)
567 The characters Postfix accepts as VERP delimiter characters on
568 the Postfix sendmail(1) command line and in SMTP commands.
569 Available in Postfix version 1.1 and 2.0:
571 authorized_verp_clients ($mynetworks)
573 What remote SMTP clients are allowed to specify the XVERP com‐
574 mand.
575 Available in Postfix version 2.1 and later:
577 smtpd_authorized_verp_clients ($authorized_verp_clients)
579 What remote SMTP clients are allowed to specify the XVERP com‐
580 mand.
581
583 The DEBUG_README document describes how to debug parts of the Postfix
584 mail system. The methods vary from making the software log a lot of
585 detail, to running some daemon processes under control of a call tracer
586 or debugger.
587 debug_peer_level (2)
589 The increment in verbose logging level when a remote client or
590 server matches a pattern in the debug_peer_list parameter.
591 debug_peer_list (empty)
593 Optional list of remote client or server hostname or network
594 address patterns that cause the verbose logging level to
595 increase by the amount specified in $debug_peer_level.
596 error_notice_recipient (postmaster)
598 The recipient of postmaster notifications about mail delivery
599 problems that are caused by policy, resource, software or proto‐
600 col errors.
601 internal_mail_filter_classes (empty)
603 What categories of Postfix-generated mail are subject to before-
604 queue content inspection by non_smtpd_milters, header_checks and
605 body_checks.
606 notify_classes (resource, software)
608 The list of error classes that are reported to the postmaster.
609 smtpd_reject_footer (empty)
611 Optional information that is appended after each Postfix SMTP
612 server 4XX or 5XX response.
613 soft_bounce (no)
615 Safety net to keep mail queued that would otherwise be returned
616 to the sender.
617 Available in Postfix version 2.1 and later:
619 smtpd_authorized_xclient_hosts (empty)
621 What remote SMTP clients are allowed to use the XCLIENT feature.
622 Available in Postfix version 2.10 and later:
624 smtpd_log_access_permit_actions (empty)
626 Enable logging of the named "permit" actions in SMTP server
627 access lists.
628
630 As of Postfix version 2.0, the SMTP server rejects mail for unknown
631 recipients. This prevents the mail queue from clogging up with undeliv‐
632 erable MAILER-DAEMON messages. Additional information on this topic is
633 in the LOCAL_RECIPIENT_README and ADDRESS_CLASS_README documents.
634 show_user_unknown_table_name (yes)
636 Display the name of the recipient table in the "User unknown"
637 responses.
638 canonical_maps (empty)
640 Optional address mapping lookup tables for message headers and
641 envelopes.
642 recipient_canonical_maps (empty)
644 Optional address mapping lookup tables for envelope and header
645 recipient addresses.
646 Parameters concerning known/unknown local recipients:
648 mydestination ($myhostname, localhost.$mydomain, localhost)
650 The list of domains that are delivered via the $local_transport
651 mail delivery transport.
652 inet_interfaces (all)
654 The network interface addresses that this mail system receives
655 mail on.
656 proxy_interfaces (empty)
658 The network interface addresses that this mail system receives
659 mail on by way of a proxy or network address translation unit.
660 inet_protocols (all)
662 The Internet protocols Postfix will attempt to use when making
663 or accepting connections.
664 local_recipient_maps (proxy:unix:passwd.byname $alias_maps)
666 Lookup tables with all names or addresses of local recipients: a
667 recipient address is local when its domain matches $mydestina‐
668 tion, $inet_interfaces or $proxy_interfaces.
669 unknown_local_recipient_reject_code (550)
671 The numerical Postfix SMTP server response code when a recipient
672 address is local, and $local_recipient_maps specifies a list of
673 lookup tables that does not match the recipient.
674 Parameters concerning known/unknown recipients of relay destinations:
676 relay_domains ($mydestination)
678 What destination domains (and subdomains thereof) this system
679 will relay mail to.
680 relay_recipient_maps (empty)
682 Optional lookup tables with all valid addresses in the domains
683 that match $relay_domains.
684 unknown_relay_recipient_reject_code (550)
686 The numerical Postfix SMTP server reply code when a recipient
687 address matches $relay_domains, and relay_recipient_maps speci‐
688 fies a list of lookup tables that does not match the recipient
689 address.
690 Parameters concerning known/unknown recipients in virtual alias
692 domains:
693 virtual_alias_domains ($virtual_alias_maps)
695 Postfix is final destination for the specified list of virtual
696 alias domains, that is, domains for which all addresses are
697 aliased to addresses in other local or remote domains.
698 virtual_alias_maps ($virtual_maps)
700 Optional lookup tables that alias specific mail addresses or
701 domains to other local or remote address.
702 unknown_virtual_alias_reject_code (550)
704 The Postfix SMTP server reply code when a recipient address
705 matches $virtual_alias_domains, and $virtual_alias_maps speci‐
706 fies a list of lookup tables that does not match the recipient
707 address.
708 Parameters concerning known/unknown recipients in virtual mailbox
710 domains:
711 virtual_mailbox_domains ($virtual_mailbox_maps)
713 Postfix is final destination for the specified list of domains;
714 mail is delivered via the $virtual_transport mail delivery
715 transport.
716 virtual_mailbox_maps (empty)
718 Optional lookup tables with all valid addresses in the domains
719 that match $virtual_mailbox_domains.
720 unknown_virtual_mailbox_reject_code (550)
722 The Postfix SMTP server reply code when a recipient address
723 matches $virtual_mailbox_domains, and $virtual_mailbox_maps
724 specifies a list of lookup tables that does not match the recip‐
725 ient address.
726
728 The following parameters limit resource usage by the SMTP server and/or
729 control client request rates.
730 line_length_limit (2048)
732 Upon input, long lines are chopped up into pieces of at most
733 this length; upon delivery, long lines are reconstructed.
734 queue_minfree (0)
736 The minimal amount of free space in bytes in the queue file sys‐
737 tem that is needed to receive mail.
738 message_size_limit (10240000)
740 The maximal size in bytes of a message, including envelope
741 information.
742 smtpd_recipient_limit (1000)
744 The maximal number of recipients that the Postfix SMTP server
745 accepts per message delivery request.
746 smtpd_timeout (normal: 300s, overload: 10s)
748 The time limit for sending a Postfix SMTP server response and
749 for receiving a remote SMTP client request.
750 smtpd_history_flush_threshold (100)
752 The maximal number of lines in the Postfix SMTP server command
753 history before it is flushed upon receipt of EHLO, RSET, or end
754 of DATA.
755 Available in Postfix version 2.3 and later:
757 smtpd_peername_lookup (yes)
759 Attempt to look up the remote SMTP client hostname, and verify
760 that the name matches the client IP address.
761 The per SMTP client connection count and request rate limits are imple‐
763 mented in co-operation with the anvil(8) service, and are available in
764 Postfix version 2.2 and later.
765 smtpd_client_connection_count_limit (50)
767 How many simultaneous connections any client is allowed to make
768 to this service.
769 smtpd_client_connection_rate_limit (0)
771 The maximal number of connection attempts any client is allowed
772 to make to this service per time unit.
773 smtpd_client_message_rate_limit (0)
775 The maximal number of message delivery requests that any client
776 is allowed to make to this service per time unit, regardless of
777 whether or not Postfix actually accepts those messages.
778 smtpd_client_recipient_rate_limit (0)
780 The maximal number of recipient addresses that any client is
781 allowed to send to this service per time unit, regardless of
782 whether or not Postfix actually accepts those recipients.
783 smtpd_client_event_limit_exceptions ($mynetworks)
785 Clients that are excluded from smtpd_client_*_count/rate_limit
786 restrictions.
787 Available in Postfix version 2.3 and later:
789 smtpd_client_new_tls_session_rate_limit (0)
791 The maximal number of new (i.e., uncached) TLS sessions that a
792 remote SMTP client is allowed to negotiate with this service per
793 time unit.
794 Available in Postfix version 2.9 and later:
796 smtpd_per_record_deadline (normal: no, overload: yes)
798 Change the behavior of the smtpd_timeout time limit, from a time
799 limit per read or write system call, to a time limit to send or
800 receive a complete record (an SMTP command line, SMTP response
801 line, SMTP message content line, or TLS protocol message).
802
804 When a remote SMTP client makes errors, the Postfix SMTP server can
805 insert delays before responding. This can help to slow down run-away
806 software. The behavior is controlled by an error counter that counts
807 the number of errors within an SMTP session that a client makes without
808 delivering mail.
809 smtpd_error_sleep_time (1s)
811 With Postfix version 2.1 and later: the SMTP server response
812 delay after a client has made more than $smtpd_soft_error_limit
813 errors, and fewer than $smtpd_hard_error_limit errors, without
814 delivering mail.
815 smtpd_soft_error_limit (10)
817 The number of errors a remote SMTP client is allowed to make
818 without delivering mail before the Postfix SMTP server slows
819 down all its responses.
820 smtpd_hard_error_limit (normal: 20, overload: 1)
822 The maximal number of errors a remote SMTP client is allowed to
823 make without delivering mail.
824 smtpd_junk_command_limit (normal: 100, overload: 1)
826 The number of junk commands (NOOP, VRFY, ETRN or RSET) that a
827 remote SMTP client can send before the Postfix SMTP server
828 starts to increment the error counter with each junk command.
829 Available in Postfix version 2.1 and later:
831 smtpd_recipient_overshoot_limit (1000)
833 The number of recipients that a remote SMTP client can send in
834 excess of the limit specified with $smtpd_recipient_limit,
835 before the Postfix SMTP server increments the per-session error
836 count for each excess recipient.
837
839 As of version 2.1, Postfix can be configured to delegate access policy
840 decisions to an external server that runs outside Postfix. See the
841 file SMTPD_POLICY_README for more information.
842 smtpd_policy_service_max_idle (300s)
844 The time after which an idle SMTPD policy service connection is
845 closed.
846 smtpd_policy_service_max_ttl (1000s)
848 The time after which an active SMTPD policy service connection
849 is closed.
850 smtpd_policy_service_timeout (100s)
852 The time limit for connecting to, writing to or receiving from a
853 delegated SMTPD policy server.
854
856 The SMTPD_ACCESS_README document gives an introduction to all the SMTP
857 server access control features.
858 smtpd_delay_reject (yes)
860 Wait until the RCPT TO command before evaluating
861 $smtpd_client_restrictions, $smtpd_helo_restrictions and
862 $smtpd_sender_restrictions, or wait until the ETRN command
863 before evaluating $smtpd_client_restrictions and
864 $smtpd_helo_restrictions.
865 parent_domain_matches_subdomains (see 'postconf -d' output)
867 What Postfix features match subdomains of "domain.tld" automati‐
868 cally, instead of requiring an explicit ".domain.tld" pattern.
869 smtpd_client_restrictions (empty)
871 Optional restrictions that the Postfix SMTP server applies in
872 the context of a client connection request.
873 smtpd_helo_required (no)
875 Require that a remote SMTP client introduces itself with the
876 HELO or EHLO command before sending the MAIL command or other
877 commands that require EHLO negotiation.
878 smtpd_helo_restrictions (empty)
880 Optional restrictions that the Postfix SMTP server applies in
881 the context of a client HELO command.
882 smtpd_sender_restrictions (empty)
884 Optional restrictions that the Postfix SMTP server applies in
885 the context of a client MAIL FROM command.
886 smtpd_recipient_restrictions (see 'postconf -d' output)
888 Optional restrictions that the Postfix SMTP server applies in
889 the context of a client RCPT TO command, after
890 smtpd_relay_restrictions.
891 smtpd_etrn_restrictions (empty)
893 Optional restrictions that the Postfix SMTP server applies in
894 the context of a client ETRN command.
895 allow_untrusted_routing (no)
897 Forward mail with sender-specified routing
898 (user[@%!]remote[@%!]site) from untrusted clients to destina‐
899 tions matching $relay_domains.
900 smtpd_restriction_classes (empty)
902 User-defined aliases for groups of access restrictions.
903 smtpd_null_access_lookup_key (<>)
905 The lookup key to be used in SMTP access(5) tables instead of
906 the null sender address.
907 permit_mx_backup_networks (empty)
909 Restrict the use of the permit_mx_backup SMTP access feature to
910 only domains whose primary MX hosts match the listed networks.
911 Available in Postfix version 2.0 and later:
913 smtpd_data_restrictions (empty)
915 Optional access restrictions that the Postfix SMTP server
916 applies in the context of the SMTP DATA command.
917 smtpd_expansion_filter (see 'postconf -d' output)
919 What characters are allowed in $name expansions of RBL reply
920 templates.
921 Available in Postfix version 2.1 and later:
923 smtpd_reject_unlisted_sender (no)
925 Request that the Postfix SMTP server rejects mail from unknown
926 sender addresses, even when no explicit reject_unlisted_sender
927 access restriction is specified.
928 smtpd_reject_unlisted_recipient (yes)
930 Request that the Postfix SMTP server rejects mail for unknown
931 recipient addresses, even when no explicit
932 reject_unlisted_recipient access restriction is specified.
933 Available in Postfix version 2.2 and later:
935 smtpd_end_of_data_restrictions (empty)
937 Optional access restrictions that the Postfix SMTP server
938 applies in the context of the SMTP END-OF-DATA command.
939 Available in Postfix version 2.10 and later:
941 smtpd_relay_restrictions (permit_mynetworks, reject_unauth_destination)
943 Access restrictions for mail relay control that the Postfix SMTP
944 server applies in the context of the RCPT TO command, before
945 smtpd_recipient_restrictions.
946
948 Postfix version 2.1 introduces sender and recipient address verifica‐
949 tion. This feature is implemented by sending probe email messages that
950 are not actually delivered. This feature is requested via the
951 reject_unverified_sender and reject_unverified_recipient access
952 restrictions. The status of verification probes is maintained by the
953 verify(8) server. See the file ADDRESS_VERIFICATION_README for infor‐
954 mation about how to configure and operate the Postfix sender/recipient
955 address verification service.
956 address_verify_poll_count (normal: 3, overload: 1)
958 How many times to query the verify(8) service for the completion
959 of an address verification request in progress.
960 address_verify_poll_delay (3s)
962 The delay between queries for the completion of an address veri‐
963 fication request in progress.
964 address_verify_sender ($double_bounce_sender)
966 The sender address to use in address verification probes; prior
967 to Postfix 2.5 the default was "postmaster".
968 unverified_sender_reject_code (450)
970 The numerical Postfix SMTP server response code when a recipient
971 address is rejected by the reject_unverified_sender restriction.
972 unverified_recipient_reject_code (450)
974 The numerical Postfix SMTP server response when a recipient
975 address is rejected by the reject_unverified_recipient restric‐
976 tion.
977 Available in Postfix version 2.6 and later:
979 unverified_sender_defer_code (450)
981 The numerical Postfix SMTP server response code when a sender
982 address probe fails due to a temporary error condition.
983 unverified_recipient_defer_code (450)
985 The numerical Postfix SMTP server response when a recipient
986 address probe fails due to a temporary error condition.
987 unverified_sender_reject_reason (empty)
989 The Postfix SMTP server's reply when rejecting mail with
990 reject_unverified_sender.
991 unverified_recipient_reject_reason (empty)
993 The Postfix SMTP server's reply when rejecting mail with
994 reject_unverified_recipient.
995 unverified_sender_tempfail_action ($reject_tempfail_action)
997 The Postfix SMTP server's action when reject_unverified_sender
998 fails due to a temporary error condition.
999 unverified_recipient_tempfail_action ($reject_tempfail_action)
1001 The Postfix SMTP server's action when reject_unverified_recipi‐
1002 ent fails due to a temporary error condition.
1003 Available with Postfix 2.9 and later:
1005 address_verify_sender_ttl (0s)
1007 The time between changes in the time-dependent portion of
1008 address verification probe sender addresses.
1009
1011 The following parameters control numerical SMTP reply codes and/or text
1012 responses.
1013 access_map_reject_code (554)
1015 The numerical Postfix SMTP server response code for an access(5)
1016 map "reject" action.
1017 defer_code (450)
1019 The numerical Postfix SMTP server response code when a remote
1020 SMTP client request is rejected by the "defer" restriction.
1021 invalid_hostname_reject_code (501)
1023 The numerical Postfix SMTP server response code when the client
1024 HELO or EHLO command parameter is rejected by the
1025 reject_invalid_helo_hostname restriction.
1026 maps_rbl_reject_code (554)
1028 The numerical Postfix SMTP server response code when a remote
1029 SMTP client request is blocked by the reject_rbl_client,
1030 reject_rhsbl_client, reject_rhsbl_reverse_client,
1031 reject_rhsbl_sender or reject_rhsbl_recipient restriction.
1032 non_fqdn_reject_code (504)
1034 The numerical Postfix SMTP server reply code when a client
1035 request is rejected by the reject_non_fqdn_helo_hostname,
1036 reject_non_fqdn_sender or reject_non_fqdn_recipient restriction.
1037 plaintext_reject_code (450)
1039 The numerical Postfix SMTP server response code when a request
1040 is rejected by the reject_plaintext_session restriction.
1041 reject_code (554)
1043 The numerical Postfix SMTP server response code when a remote
1044 SMTP client request is rejected by the "reject" restriction.
1045 relay_domains_reject_code (554)
1047 The numerical Postfix SMTP server response code when a client
1048 request is rejected by the reject_unauth_destination recipient
1049 restriction.
1050 unknown_address_reject_code (450)
1052 The numerical Postfix SMTP server response code when a sender or
1053 recipient address is rejected by the
1054 reject_unknown_sender_domain or reject_unknown_recipient_domain
1055 restriction.
1056 unknown_client_reject_code (450)
1058 The numerical Postfix SMTP server response code when a client
1059 without valid address <=> name mapping is rejected by the
1060 reject_unknown_client_hostname restriction.
1061 unknown_hostname_reject_code (450)
1063 The numerical Postfix SMTP server response code when the host‐
1064 name specified with the HELO or EHLO command is rejected by the
1065 reject_unknown_helo_hostname restriction.
1066 Available in Postfix version 2.0 and later:
1068 default_rbl_reply (see 'postconf -d' output)
1070 The default Postfix SMTP server response template for a request
1071 that is rejected by an RBL-based restriction.
1072 multi_recipient_bounce_reject_code (550)
1074 The numerical Postfix SMTP server response code when a remote
1075 SMTP client request is blocked by the reject_multi_recipi‐
1076 ent_bounce restriction.
1077 rbl_reply_maps (empty)
1079 Optional lookup tables with RBL response templates.
1080 Available in Postfix version 2.6 and later:
1082 access_map_defer_code (450)
1084 The numerical Postfix SMTP server response code for an access(5)
1085 map "defer" action, including "defer_if_permit" or
1086 "defer_if_reject".
1087 reject_tempfail_action (defer_if_permit)
1089 The Postfix SMTP server's action when a reject-type restriction
1090 fails due to a temporary error condition.
1091 unknown_helo_hostname_tempfail_action ($reject_tempfail_action)
1093 The Postfix SMTP server's action when reject_unknown_helo_host‐
1094 name fails due to an temporary error condition.
1095 unknown_address_tempfail_action ($reject_tempfail_action)
1097 The Postfix SMTP server's action when
1098 reject_unknown_sender_domain or reject_unknown_recipient_domain
1099 fail due to a temporary error condition.
1100
1102 config_directory (see 'postconf -d' output)
1103 The default location of the Postfix main.cf and master.cf con‐
1104 figuration files.
1105 daemon_timeout (18000s)
1107 How much time a Postfix daemon process may take to handle a
1108 request before it is terminated by a built-in watchdog timer.
1109 command_directory (see 'postconf -d' output)
1111 The location of all postfix administrative commands.
1112 double_bounce_sender (double-bounce)
1114 The sender address of postmaster notifications that are gener‐
1115 ated by the mail system.
1116 ipc_timeout (3600s)
1118 The time limit for sending or receiving information over an
1119 internal communication channel.
1120 mail_name (Postfix)
1122 The mail system name that is displayed in Received: headers, in
1123 the SMTP greeting banner, and in bounced mail.
1124 mail_owner (postfix)
1126 The UNIX system account that owns the Postfix queue and most
1127 Postfix daemon processes.
1128 max_idle (100s)
1130 The maximum amount of time that an idle Postfix daemon process
1131 waits for an incoming connection before terminating voluntarily.
1132 max_use (100)
1134 The maximal number of incoming connections that a Postfix daemon
1135 process will service before terminating voluntarily.
1136 myhostname (see 'postconf -d' output)
1138 The internet hostname of this mail system.
1139 mynetworks (see 'postconf -d' output)
1141 The list of "trusted" remote SMTP clients that have more privi‐
1142 leges than "strangers".
1143 myorigin ($myhostname)
1145 The domain name that locally-posted mail appears to come from,
1146 and that locally posted mail is delivered to.
1147 process_id (read-only)
1149 The process ID of a Postfix command or daemon process.
1150 process_name (read-only)
1152 The process name of a Postfix command or daemon process.
1153 queue_directory (see 'postconf -d' output)
1155 The location of the Postfix top-level queue directory.
1156 recipient_delimiter (empty)
1158 The separator between user names and address extensions
1159 (user+foo).
1160 smtpd_banner ($myhostname ESMTP $mail_name)
1162 The text that follows the 220 status code in the SMTP greeting
1163 banner.
1164 syslog_facility (mail)
1166 The syslog facility of Postfix logging.
1167 syslog_name (see 'postconf -d' output)
1169 The mail system name that is prepended to the process name in
1170 syslog records, so that "smtpd" becomes, for example, "post‐
1171 fix/smtpd".
1172 Available in Postfix version 2.2 and later:
1174 smtpd_forbidden_commands (CONNECT, GET, POST)
1176 List of commands that cause the Postfix SMTP server to immedi‐
1177 ately terminate the session with a 221 code.
1178 Available in Postfix version 2.5 and later:
1180 smtpd_client_port_logging (no)
1182 Enable logging of the remote SMTP client port in addition to the
1183 hostname and IP address.
1184
1186 anvil(8), connection/rate limiting
1187 cleanup(8), message canonicalization
1188 tlsmgr(8), TLS session and PRNG management
1189 trivial-rewrite(8), address resolver
1190 verify(8), address verification service
1191 postconf(5), configuration parameters
1192 master(5), generic daemon options
1193 master(8), process manager
1194 syslogd(8), system logging
1195
1197 Use "postconf readme_directory" or "postconf html_directory" to locate
1198 this information.
1199 ADDRESS_CLASS_README, blocking unknown hosted or relay recipients
1200 ADDRESS_REWRITING_README Postfix address manipulation
1201 FILTER_README, external after-queue content filter
1202 LOCAL_RECIPIENT_README, blocking unknown local recipients
1203 MILTER_README, before-queue mail filter applications
1204 SMTPD_ACCESS_README, built-in access policies
1205 SMTPD_POLICY_README, external policy server
1206 SMTPD_PROXY_README, external before-queue content filter
1207 SASL_README, Postfix SASL howto
1208 TLS_README, Postfix STARTTLS howto
1209 VERP_README, Postfix XVERP extension
1210 XCLIENT_README, Postfix XCLIENT extension
1211 XFORWARD_README, Postfix XFORWARD extension
1212
1214 The Secure Mailer license must be distributed with this software.
1215
1217 Wietse Venema
1218 IBM T.J. Watson Research
1219 P.O. Box 704
1220 Yorktown Heights, NY 10598, USA
1221 SASL support originally by:
1223 Till Franke
1224 SuSE Rhein/Main AG
1225 65760 Eschborn, Germany
1226 TLS support originally by:
1228 Lutz Jaenicke
1229 BTU Cottbus
1230 Allgemeine Elektrotechnik
1231 Universitaetsplatz 3-4
1232 D-03044 Cottbus, Germany
1233 Revised TLS support by:
1235 Victor Duchovni
1236 Morgan Stanley
1237 SMTPD(8)