1SMTPD(8)                    System Manager's Manual                   SMTPD(8)
2
3
4

NAME

6       smtpd - Postfix SMTP server
7

SYNOPSIS

9       smtpd [generic Postfix daemon options]
10
11       sendmail -bs
12

DESCRIPTION

14       The  SMTP  server accepts network connection requests and performs zero
15       or more SMTP transactions per connection.   Each  received  message  is
16       piped  through  the  cleanup(8) daemon, and is placed into the incoming
17       queue as one single queue file.  For this mode of operation,  the  pro‐
18       gram expects to be run from the master(8) process manager.
19
20       Alternatively,  the SMTP server be can run in stand-alone mode; this is
21       traditionally obtained with "sendmail -bs".  When the SMTP server  runs
22       stand-alone  with  non  $mail_owner  privileges,  it receives mail even
23       while the mail system is not running, deposits messages  directly  into
24       the  maildrop queue, and disables the SMTP server's access policies. As
25       of Postfix version 2.3, the SMTP server refuses to  receive  mail  from
26       the network when it runs with non $mail_owner privileges.
27
28       The  SMTP  server  implements  a  variety  of  policies  for connection
29       requests, and for parameters given to HELO, ETRN, MAIL FROM,  VRFY  and
30       RCPT TO commands. They are detailed below and in the main.cf configura‐
31       tion file.
32

SECURITY

34       The SMTP server is moderately  security-sensitive.  It  talks  to  SMTP
35       clients  and  to DNS servers on the network. The SMTP server can be run
36       chrooted at fixed low privilege.
37

STANDARDS

39       RFC 821 (SMTP protocol)
40       RFC 1123 (Host requirements)
41       RFC 1652 (8bit-MIME transport)
42       RFC 1869 (SMTP service extensions)
43       RFC 1870 (Message size declaration)
44       RFC 1985 (ETRN command)
45       RFC 2034 (SMTP enhanced status codes)
46       RFC 2554 (AUTH command)
47       RFC 2821 (SMTP protocol)
48       RFC 2920 (SMTP pipelining)
49       RFC 3207 (STARTTLS command)
50       RFC 3461 (SMTP DSN extension)
51       RFC 3463 (Enhanced status codes)
52       RFC 3848 (ESMTP transmission types)
53       RFC 4409 (Message submission)
54       RFC 4954 (AUTH command)
55       RFC 5321 (SMTP protocol)
56       RFC 6531 (Internationalized SMTP)
57       RFC 6533 (Internationalized Delivery Status Notifications)
58       RFC 7505 ("Null MX" No Service Resource Record)
59

DIAGNOSTICS

61       Problems and transactions are logged to syslogd(8).
62
63       Depending on the setting of the notify_classes parameter, the  postmas‐
64       ter  is  notified of bounces, protocol problems, policy violations, and
65       of other trouble.
66

CONFIGURATION PARAMETERS

68       Changes to main.cf are picked up automatically, as  smtpd(8)  processes
69       run for only a limited amount of time. Use the command "postfix reload"
70       to speed up a change.
71
72       The text below provides only a parameter summary. See  postconf(5)  for
73       more details including examples.
74

COMPATIBILITY CONTROLS

76       The  following  parameters  work  around implementation errors in other
77       software, and/or allow you to override standards in  order  to  prevent
78       undesirable use.
79
80       broken_sasl_auth_clients (no)
81              Enable  interoperability with remote SMTP clients that implement
82              an obsolete version of the AUTH command (RFC 4954).
83
84       disable_vrfy_command (no)
85              Disable the SMTP VRFY command.
86
87       smtpd_noop_commands (empty)
88              List of commands that the Postfix SMTP server  replies  to  with
89              "250  Ok",  without doing any syntax checks and without changing
90              state.
91
92       strict_rfc821_envelopes (no)
93              Require that addresses received in SMTP MAIL FROM  and  RCPT  TO
94              commands  are  enclosed with <>, and that those addresses do not
95              contain RFC 822 style comments or phrases.
96
97       Available in Postfix version 2.1 and later:
98
99       smtpd_reject_unlisted_sender (no)
100              Request that the Postfix SMTP server rejects mail  from  unknown
101              sender  addresses,  even when no explicit reject_unlisted_sender
102              access restriction is specified.
103
104       smtpd_sasl_exceptions_networks (empty)
105              What remote SMTP clients the Postfix SMTP server will not  offer
106              AUTH support to.
107
108       Available in Postfix version 2.2 and later:
109
110       smtpd_discard_ehlo_keyword_address_maps (empty)
111              Lookup  tables,  indexed by the remote SMTP client address, with
112              case insensitive lists of EHLO keywords  (pipelining,  starttls,
113              auth,  etc.)  that  the Postfix SMTP server will not send in the
114              EHLO response to a remote SMTP client.
115
116       smtpd_discard_ehlo_keywords (empty)
117              A case insensitive list of EHLO keywords (pipelining,  starttls,
118              auth,  etc.)  that  the Postfix SMTP server will not send in the
119              EHLO response to a remote SMTP client.
120
121       smtpd_delay_open_until_valid_rcpt (yes)
122              Postpone the start of an SMTP mail  transaction  until  a  valid
123              RCPT TO command is received.
124
125       Available in Postfix version 2.3 and later:
126
127       smtpd_tls_always_issue_session_ids (yes)
128              Force  the  Postfix  SMTP server to issue a TLS session id, even
129              when  TLS  session  caching  is   turned   off   (smtpd_tls_ses‐
130              sion_cache_database is empty).
131
132       Available in Postfix version 2.6 and later:
133
134       tcp_windowsize (0)
135              An  optional  workaround for routers that break TCP window scal‐
136              ing.
137
138       Available in Postfix version 2.7 and later:
139
140       smtpd_command_filter (empty)
141              A mechanism to transform commands from remote SMTP clients.
142
143       Available in Postfix version 2.9 and later:
144
145       smtpd_per_record_deadline (normal: no, overload: yes)
146              Change  the  behavior  of  the  smtpd_timeout  and  smtpd_start‐
147              tls_timeout  time  limits,  from  a time limit per read or write
148              system call, to a time limit  to  send  or  receive  a  complete
149              record  (an  SMTP command line, SMTP response line, SMTP message
150              content line, or TLS protocol message).
151
152       Available in Postfix version 3.0 and later:
153
154       smtpd_dns_reply_filter (empty)
155              Optional filter for Postfix SMTP server DNS lookup results.
156

ADDRESS REWRITING CONTROLS

158       See the ADDRESS_REWRITING_README document for a detailed discussion  of
159       Postfix address rewriting.
160
161       receive_override_options (empty)
162              Enable or disable recipient validation, built-in content filter‐
163              ing, or address mapping.
164
165       Available in Postfix version 2.2 and later:
166
167       local_header_rewrite_clients (permit_inet_interfaces)
168              Rewrite message header addresses in mail from these clients  and
169              update incomplete addresses with the domain name in $myorigin or
170              $mydomain; either  don't  rewrite  message  headers  from  other
171              clients at all, or rewrite message headers and update incomplete
172              addresses with the domain  specified  in  the  remote_header_re‐
173              write_domain parameter.
174

BEFORE-SMTPD PROXY AGENT

176       Available in Postfix version 2.10 and later:
177
178       smtpd_upstream_proxy_protocol (empty)
179              The  name of the proxy protocol used by an optional before-smtpd
180              proxy agent.
181
182       smtpd_upstream_proxy_timeout (5s)
183              The time  limit  for  the  proxy  protocol  specified  with  the
184              smtpd_upstream_proxy_protocol parameter.
185

AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS

187       As  of  version  1.0,  Postfix can be configured to send new mail to an
188       external content filter AFTER the mail is queued. This  content  filter
189       is  expected to inject mail back into a (Postfix or other) MTA for fur‐
190       ther delivery. See the FILTER_README document for details.
191
192       content_filter (empty)
193              After the message is queued, send  the  entire  message  to  the
194              specified transport:destination.
195

BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS

197       As  of  version  2.1, the Postfix SMTP server can be configured to send
198       incoming mail to a real-time SMTP-based content filter BEFORE  mail  is
199       queued.  This content filter is expected to inject mail back into Post‐
200       fix.  See the SMTPD_PROXY_README document for details on how to config‐
201       ure and operate this feature.
202
203       smtpd_proxy_filter (empty)
204              The hostname and TCP port of the mail filtering proxy server.
205
206       smtpd_proxy_ehlo ($myhostname)
207              How  the  Postfix SMTP server announces itself to the proxy fil‐
208              ter.
209
210       smtpd_proxy_options (empty)
211              List of options that control how the Postfix SMTP server  commu‐
212              nicates with a before-queue content filter.
213
214       smtpd_proxy_timeout (100s)
215              The  time limit for connecting to a proxy filter and for sending
216              or receiving information.
217

BEFORE QUEUE MILTER CONTROLS

219       As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
220       filter)  protocol.  These content filters run outside Postfix. They can
221       inspect the SMTP command  stream  and  the  message  content,  and  can
222       request  modifications  before mail is queued. For details see the MIL‐
223       TER_README document.
224
225       smtpd_milters (empty)
226              A list of Milter (mail filter) applications for  new  mail  that
227              arrives via the Postfix smtpd(8) server.
228
229       milter_protocol (6)
230              The  mail  filter  protocol version and optional protocol exten‐
231              sions for communication with  a  Milter  application;  prior  to
232              Postfix 2.6 the default protocol is 2.
233
234       milter_default_action (tempfail)
235              The  default  action  when a Milter (mail filter) application is
236              unavailable or mis-configured.
237
238       milter_macro_daemon_name ($myhostname)
239              The {daemon_name} macro value for Milter (mail filter)  applica‐
240              tions.
241
242       milter_macro_v ($mail_name $mail_version)
243              The {v} macro value for Milter (mail filter) applications.
244
245       milter_connect_timeout (30s)
246              The time limit for connecting to a Milter (mail filter) applica‐
247              tion, and for negotiating protocol options.
248
249       milter_command_timeout (30s)
250              The time limit for sending an SMTP command  to  a  Milter  (mail
251              filter) application, and for receiving the response.
252
253       milter_content_timeout (300s)
254              The  time  limit  for  sending message content to a Milter (mail
255              filter) application, and for receiving the response.
256
257       milter_connect_macros (see 'postconf -d' output)
258              The macros that are sent to Milter  (mail  filter)  applications
259              after completion of an SMTP connection.
260
261       milter_helo_macros (see 'postconf -d' output)
262              The  macros  that  are sent to Milter (mail filter) applications
263              after the SMTP HELO or EHLO command.
264
265       milter_mail_macros (see 'postconf -d' output)
266              The macros that are sent to Milter  (mail  filter)  applications
267              after the SMTP MAIL FROM command.
268
269       milter_rcpt_macros (see 'postconf -d' output)
270              The  macros  that  are sent to Milter (mail filter) applications
271              after the SMTP RCPT TO command.
272
273       milter_data_macros (see 'postconf -d' output)
274              The macros that are sent to version 4  or  higher  Milter  (mail
275              filter) applications after the SMTP DATA command.
276
277       milter_unknown_command_macros (see 'postconf -d' output)
278              The  macros  that  are  sent to version 3 or higher Milter (mail
279              filter) applications after an unknown SMTP command.
280
281       milter_end_of_header_macros (see 'postconf -d' output)
282              The macros that are sent to Milter  (mail  filter)  applications
283              after the end of the message header.
284
285       milter_end_of_data_macros (see 'postconf -d' output)
286              The  macros  that  are sent to Milter (mail filter) applications
287              after the message end-of-data.
288
289       Available in Postfix version 3.1 and later:
290
291       milter_macro_defaults (empty)
292              Optional list of name=value pairs that  specify  default  values
293              for  arbitrary  macros  that Postfix may send to Milter applica‐
294              tions.
295
296       Available in Postfix version 3.2 and later:
297
298       smtpd_milter_maps (empty)
299              Lookup tables with Milter settings per  remote  SMTP  client  IP
300              address.
301

GENERAL CONTENT INSPECTION CONTROLS

303       The  following parameters are applicable for both built-in and external
304       content filters.
305
306       Available in Postfix version 2.1 and later:
307
308       receive_override_options (empty)
309              Enable or disable recipient validation, built-in content filter‐
310              ing, or address mapping.
311

EXTERNAL CONTENT INSPECTION CONTROLS

313       The  following  parameters  are  applicable  for  both before-queue and
314       after-queue content filtering.
315
316       Available in Postfix version 2.1 and later:
317
318       smtpd_authorized_xforward_hosts (empty)
319              What remote SMTP clients are allowed to use  the  XFORWARD  fea‐
320              ture.
321

SASL AUTHENTICATION CONTROLS

323       Postfix SASL support (RFC 4954) can be used to authenticate remote SMTP
324       clients to the Postfix SMTP server, and  to  authenticate  the  Postfix
325       SMTP  client to a remote SMTP server.  See the SASL_README document for
326       details.
327
328       broken_sasl_auth_clients (no)
329              Enable interoperability with remote SMTP clients that  implement
330              an obsolete version of the AUTH command (RFC 4954).
331
332       smtpd_sasl_auth_enable (no)
333              Enable SASL authentication in the Postfix SMTP server.
334
335       smtpd_sasl_local_domain (empty)
336              The  name of the Postfix SMTP server's local SASL authentication
337              realm.
338
339       smtpd_sasl_security_options (noanonymous)
340              Postfix SMTP server SASL security options; as of Postfix 2.3 the
341              list  of available features depends on the SASL server implemen‐
342              tation that is selected with smtpd_sasl_type.
343
344       smtpd_sender_login_maps (empty)
345              Optional lookup table with the SASL login  names  that  own  the
346              sender (MAIL FROM) addresses.
347
348       Available in Postfix version 2.1 and later:
349
350       smtpd_sasl_exceptions_networks (empty)
351              What  remote SMTP clients the Postfix SMTP server will not offer
352              AUTH support to.
353
354       Available in Postfix version 2.1 and 2.2:
355
356       smtpd_sasl_application_name (smtpd)
357              The application name that the Postfix SMTP server uses for  SASL
358              server initialization.
359
360       Available in Postfix version 2.3 and later:
361
362       smtpd_sasl_authenticated_header (no)
363              Report the SASL authenticated user name in the smtpd(8) Received
364              message header.
365
366       smtpd_sasl_path (smtpd)
367              Implementation-specific information that the Postfix SMTP server
368              passes  through  to  the  SASL  plug-in  implementation  that is
369              selected with smtpd_sasl_type.
370
371       smtpd_sasl_type (cyrus)
372              The SASL plug-in type that the Postfix SMTP  server  should  use
373              for authentication.
374
375       Available in Postfix version 2.5 and later:
376
377       cyrus_sasl_config_path (empty)
378              Search path for Cyrus SASL application configuration files, cur‐
379              rently used only to locate the $smtpd_sasl_path.conf file.
380
381       Available in Postfix version 2.11 and later:
382
383       smtpd_sasl_service (smtp)
384              The service name that is passed to  the  SASL  plug-in  that  is
385              selected with smtpd_sasl_type and smtpd_sasl_path.
386

STARTTLS SUPPORT CONTROLS

388       Detailed  information  about STARTTLS configuration may be found in the
389       TLS_README document.
390
391       smtpd_tls_security_level (empty)
392              The SMTP TLS security level for the Postfix SMTP server; when  a
393              non-empty value is specified, this overrides the obsolete param‐
394              eters smtpd_use_tls and smtpd_enforce_tls.
395
396       smtpd_sasl_tls_security_options ($smtpd_sasl_security_options)
397              The SASL authentication security options that the  Postfix  SMTP
398              server uses for TLS encrypted SMTP sessions.
399
400       smtpd_starttls_timeout (see 'postconf -d' output)
401              The time limit for Postfix SMTP server write and read operations
402              during TLS startup and shutdown handshake procedures.
403
404       smtpd_tls_CAfile (empty)
405              A file containing (PEM  format)  CA  certificates  of  root  CAs
406              trusted to sign either remote SMTP client certificates or inter‐
407              mediate CA certificates.
408
409       smtpd_tls_CApath (empty)
410              A directory containing (PEM format) CA certificates of root  CAs
411              trusted to sign either remote SMTP client certificates or inter‐
412              mediate CA certificates.
413
414       smtpd_tls_always_issue_session_ids (yes)
415              Force the Postfix SMTP server to issue a TLS  session  id,  even
416              when   TLS   session   caching  is  turned  off  (smtpd_tls_ses‐
417              sion_cache_database is empty).
418
419       smtpd_tls_ask_ccert (no)
420              Ask a remote SMTP client for a client certificate.
421
422       smtpd_tls_auth_only (no)
423              When TLS encryption is optional in the Postfix SMTP  server,  do
424              not announce or accept SASL authentication over unencrypted con‐
425              nections.
426
427       smtpd_tls_ccert_verifydepth (9)
428              The verification depth for remote SMTP client certificates.
429
430       smtpd_tls_cert_file (empty)
431              File with the Postfix SMTP server RSA certificate in PEM format.
432
433       smtpd_tls_exclude_ciphers (empty)
434              List of ciphers or cipher types to exclude from the SMTP  server
435              cipher list at all TLS security levels.
436
437       smtpd_tls_dcert_file (empty)
438              File with the Postfix SMTP server DSA certificate in PEM format.
439
440       smtpd_tls_dh1024_param_file (empty)
441              File  with DH parameters that the Postfix SMTP server should use
442              with non-export EDH ciphers.
443
444       smtpd_tls_dh512_param_file (empty)
445              File with DH parameters that the Postfix SMTP server should  use
446              with export-grade EDH ciphers.
447
448       smtpd_tls_dkey_file ($smtpd_tls_dcert_file)
449              File with the Postfix SMTP server DSA private key in PEM format.
450
451       smtpd_tls_key_file ($smtpd_tls_cert_file)
452              File with the Postfix SMTP server RSA private key in PEM format.
453
454       smtpd_tls_loglevel (0)
455              Enable additional Postfix SMTP server logging of TLS activity.
456
457       smtpd_tls_mandatory_ciphers (medium)
458              The  minimum  TLS cipher grade that the Postfix SMTP server will
459              use with mandatory TLS encryption.
460
461       smtpd_tls_mandatory_exclude_ciphers (empty)
462              Additional list of ciphers or cipher types to exclude  from  the
463              Postfix  SMTP  server cipher list at mandatory TLS security lev‐
464              els.
465
466       smtpd_tls_mandatory_protocols (!SSLv2, !SSLv3)
467              The SSL/TLS protocols accepted by the Postfix SMTP  server  with
468              mandatory TLS encryption.
469
470       smtpd_tls_received_header (no)
471              Request that the Postfix SMTP server produces Received:  message
472              headers that include information about the protocol  and  cipher
473              used,  as  well  as the remote SMTP client CommonName and client
474              certificate issuer CommonName.
475
476       smtpd_tls_req_ccert (no)
477              With mandatory TLS encryption, require  a  trusted  remote  SMTP
478              client certificate in order to allow TLS connections to proceed.
479
480       smtpd_tls_wrappermode (no)
481              Run  the Postfix SMTP server in the non-standard "wrapper" mode,
482              instead of using the STARTTLS command.
483
484       tls_daemon_random_bytes (32)
485              The number of pseudo-random bytes that an  smtp(8)  or  smtpd(8)
486              process  requests from the tlsmgr(8) server in order to seed its
487              internal pseudo random number generator (PRNG).
488
489       tls_high_cipherlist (see 'postconf -d' output)
490              The OpenSSL cipherlist for "high" grade ciphers.
491
492       tls_medium_cipherlist (see 'postconf -d' output)
493              The OpenSSL cipherlist for "medium" or higher grade ciphers.
494
495       tls_low_cipherlist (see 'postconf -d' output)
496              The OpenSSL cipherlist for "low" or higher grade ciphers.
497
498       tls_export_cipherlist (see 'postconf -d' output)
499              The OpenSSL cipherlist for "export" or higher grade ciphers.
500
501       tls_null_cipherlist (eNULL:!aNULL)
502              The OpenSSL cipherlist for "NULL"  grade  ciphers  that  provide
503              authentication without encryption.
504
505       Available in Postfix version 2.5 and later:
506
507       smtpd_tls_fingerprint_digest (md5)
508              The   message   digest   algorithm   to  construct  remote  SMTP
509              client-certificate  fingerprints  or  public  key   fingerprints
510              (Postfix   2.9   and  later)  for  check_ccert_access  and  per‐
511              mit_tls_clientcerts.
512
513       Available in Postfix version 2.6 and later:
514
515       smtpd_tls_protocols (!SSLv2, !SSLv3)
516              List of TLS protocols that the Postfix SMTP server will  exclude
517              or include with opportunistic TLS encryption.
518
519       smtpd_tls_ciphers (medium)
520              The  minimum  TLS cipher grade that the Postfix SMTP server will
521              use with opportunistic TLS encryption.
522
523       smtpd_tls_eccert_file (empty)
524              File with the Postfix SMTP server ECDSA certificate in PEM  for‐
525              mat.
526
527       smtpd_tls_eckey_file ($smtpd_tls_eccert_file)
528              File  with the Postfix SMTP server ECDSA private key in PEM for‐
529              mat.
530
531       smtpd_tls_eecdh_grade (see 'postconf -d' output)
532              The Postfix SMTP server  security  grade  for  ephemeral  ellip‐
533              tic-curve Diffie-Hellman (EECDH) key exchange.
534
535       tls_eecdh_strong_curve (prime256v1)
536              The  elliptic curve used by the Postfix SMTP server for sensibly
537              strong ephemeral ECDH key exchange.
538
539       tls_eecdh_ultra_curve (secp384r1)
540              The elliptic curve used by the Postfix SMTP server for maximally
541              strong ephemeral ECDH key exchange.
542
543       Available in Postfix version 2.8 and later:
544
545       tls_preempt_cipherlist (no)
546              With SSLv3 and later, use the Postfix SMTP server's cipher pref‐
547              erence order instead of the remote  client's  cipher  preference
548              order.
549
550       tls_disable_workarounds (see 'postconf -d' output)
551              List or bit-mask of OpenSSL bug work-arounds to disable.
552
553       Available in Postfix version 2.11 and later:
554
555       tlsmgr_service_name (tlsmgr)
556              The name of the tlsmgr(8) service entry in master.cf.
557
558       Available in Postfix version 3.0 and later:
559
560       tls_session_ticket_cipher  (Postfix >= 3.0: aes-256-cbc, Postfix < 3.0:
561       aes-128-cbc)
562              Algorithm used to encrypt RFC5077 TLS session tickets.
563
564       Available in Postfix version 3.2 and later:
565
566       tls_eecdh_auto_curves (see 'postconf -d' output)
567              The prioritized list of elliptic curves supported by the Postfix
568              SMTP client and server.
569

OBSOLETE STARTTLS CONTROLS

571       The  following  configuration  parameters  exist for compatibility with
572       Postfix versions before 2.3. Support for these will  be  removed  in  a
573       future release.
574
575       smtpd_use_tls (no)
576              Opportunistic  TLS:  announce  STARTTLS  support  to remote SMTP
577              clients, but do not require that clients use TLS encryption.
578
579       smtpd_enforce_tls (no)
580              Mandatory TLS: announce STARTTLS support to remote SMTP clients,
581              and require that clients use TLS encryption.
582
583       smtpd_tls_cipherlist (empty)
584              Obsolete  Postfix  < 2.3 control for the Postfix SMTP server TLS
585              cipher list.
586

SMTPUTF8 CONTROLS

588       Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
589
590       smtputf8_enable (yes)
591              Enable preliminary SMTPUTF8 support for the protocols  described
592              in RFC 6531..6533.
593
594       strict_smtputf8 (no)
595              Enable stricter enforcement of the SMTPUTF8 protocol.
596
597       smtputf8_autodetect_classes (sendmail, verify)
598              Detect  that  a message requires SMTPUTF8 support for the speci‐
599              fied mail origin classes.
600
601       Available in Postfix version 3.2 and later:
602
603       enable_idna2003_compatibility (no)
604              Enable  'transitional'  compatibility   between   IDNA2003   and
605              IDNA2008,  when  converting UTF-8 domain names to/from the ASCII
606              form that is used for DNS lookups.
607

VERP SUPPORT CONTROLS

609       With VERP style delivery, each recipient of a message receives  a  cus‐
610       tomized  copy of the message with his/her own recipient address encoded
611       in the envelope sender address.  The VERP_README file describes config‐
612       uration  and operation details of Postfix support for variable envelope
613       return path addresses.  VERP style delivery is requested with the  SMTP
614       XVERP  command  or  with  the  "sendmail -V" command-line option and is
615       available in Postfix version 1.1 and later.
616
617       default_verp_delimiters (+=)
618              The two default VERP delimiter characters.
619
620       verp_delimiter_filter (-=+)
621              The characters Postfix accepts as VERP delimiter  characters  on
622              the Postfix sendmail(1) command line and in SMTP commands.
623
624       Available in Postfix version 1.1 and 2.0:
625
626       authorized_verp_clients ($mynetworks)
627              What  remote  SMTP clients are allowed to specify the XVERP com‐
628              mand.
629
630       Available in Postfix version 2.1 and later:
631
632       smtpd_authorized_verp_clients ($authorized_verp_clients)
633              What remote SMTP clients are allowed to specify the  XVERP  com‐
634              mand.
635

TROUBLE SHOOTING CONTROLS

637       The  DEBUG_README  document describes how to debug parts of the Postfix
638       mail system. The methods vary from making the software  log  a  lot  of
639       detail, to running some daemon processes under control of a call tracer
640       or debugger.
641
642       debug_peer_level (2)
643              The increment in verbose logging level when a remote  client  or
644              server matches a pattern in the debug_peer_list parameter.
645
646       debug_peer_list (empty)
647              Optional  list  of  remote  client or server hostname or network
648              address  patterns  that  cause  the  verbose  logging  level  to
649              increase by the amount specified in $debug_peer_level.
650
651       error_notice_recipient (postmaster)
652              The  recipient  of  postmaster notifications about mail delivery
653              problems that are caused by policy, resource, software or proto‐
654              col errors.
655
656       internal_mail_filter_classes (empty)
657              What   categories  of  Postfix-generated  mail  are  subject  to
658              before-queue   content    inspection    by    non_smtpd_milters,
659              header_checks and body_checks.
660
661       notify_classes (resource, software)
662              The list of error classes that are reported to the postmaster.
663
664       smtpd_reject_footer (empty)
665              Optional  information  that  is appended after each Postfix SMTP
666              server 4XX or 5XX response.
667
668       soft_bounce (no)
669              Safety net to keep mail queued that would otherwise be  returned
670              to the sender.
671
672       Available in Postfix version 2.1 and later:
673
674       smtpd_authorized_xclient_hosts (empty)
675              What remote SMTP clients are allowed to use the XCLIENT feature.
676
677       Available in Postfix version 2.10 and later:
678
679       smtpd_log_access_permit_actions (empty)
680              Enable  logging  of  the  named  "permit" actions in SMTP server
681              access lists (by default, the SMTP server logs "reject"  actions
682              but not "permit" actions).
683

KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS

685       As  of  Postfix  version  2.0, the SMTP server rejects mail for unknown
686       recipients. This prevents the mail queue from clogging up with undeliv‐
687       erable  MAILER-DAEMON messages. Additional information on this topic is
688       in the LOCAL_RECIPIENT_README and ADDRESS_CLASS_README documents.
689
690       show_user_unknown_table_name (yes)
691              Display the name of the recipient table in  the  "User  unknown"
692              responses.
693
694       canonical_maps (empty)
695              Optional  address  mapping lookup tables for message headers and
696              envelopes.
697
698       recipient_canonical_maps (empty)
699              Optional address mapping lookup tables for envelope  and  header
700              recipient addresses.
701
702       sender_canonical_maps (empty)
703              Optional  address  mapping lookup tables for envelope and header
704              sender addresses.
705
706       Parameters concerning known/unknown local recipients:
707
708       mydestination ($myhostname, localhost.$mydomain, localhost)
709              The list of domains that are delivered via the  $local_transport
710              mail delivery transport.
711
712       inet_interfaces (all)
713              The  network  interface addresses that this mail system receives
714              mail on.
715
716       proxy_interfaces (empty)
717              The network interface addresses that this mail  system  receives
718              mail on by way of a proxy or network address translation unit.
719
720       inet_protocols (all)
721              The  Internet  protocols Postfix will attempt to use when making
722              or accepting connections.
723
724       local_recipient_maps (proxy:unix:passwd.byname $alias_maps)
725              Lookup tables with all names or addresses of local recipients: a
726              recipient  address  is local when its domain matches $mydestina‐
727              tion, $inet_interfaces or $proxy_interfaces.
728
729       unknown_local_recipient_reject_code (550)
730              The numerical Postfix SMTP server response code when a recipient
731              address  is local, and $local_recipient_maps specifies a list of
732              lookup tables that does not match the recipient.
733
734       Parameters concerning known/unknown recipients of relay destinations:
735
736       relay_domains (Postfix >= 3.0: empty, Postfix < 3.0: $mydestination)
737              What destination domains (and subdomains  thereof)  this  system
738              will relay mail to.
739
740       relay_recipient_maps (empty)
741              Optional  lookup  tables with all valid addresses in the domains
742              that match $relay_domains.
743
744       unknown_relay_recipient_reject_code (550)
745              The numerical Postfix SMTP server reply code  when  a  recipient
746              address  matches $relay_domains, and relay_recipient_maps speci‐
747              fies a list of lookup tables that does not match  the  recipient
748              address.
749
750       Parameters   concerning   known/unknown  recipients  in  virtual  alias
751       domains:
752
753       virtual_alias_domains ($virtual_alias_maps)
754              Postfix is final destination for the specified list  of  virtual
755              alias  domains,  that  is,  domains  for which all addresses are
756              aliased to addresses in other local or remote domains.
757
758       virtual_alias_maps ($virtual_maps)
759              Optional lookup tables that alias  specific  mail  addresses  or
760              domains to other local or remote address.
761
762       unknown_virtual_alias_reject_code (550)
763              The  Postfix  SMTP  server  reply  code when a recipient address
764              matches $virtual_alias_domains, and  $virtual_alias_maps  speci‐
765              fies  a  list of lookup tables that does not match the recipient
766              address.
767
768       Parameters  concerning  known/unknown  recipients  in  virtual  mailbox
769       domains:
770
771       virtual_mailbox_domains ($virtual_mailbox_maps)
772              Postfix  is final destination for the specified list of domains;
773              mail is  delivered  via  the  $virtual_transport  mail  delivery
774              transport.
775
776       virtual_mailbox_maps (empty)
777              Optional  lookup  tables with all valid addresses in the domains
778              that match $virtual_mailbox_domains.
779
780       unknown_virtual_mailbox_reject_code (550)
781              The Postfix SMTP server reply  code  when  a  recipient  address
782              matches   $virtual_mailbox_domains,   and  $virtual_mailbox_maps
783              specifies a list of lookup tables that does not match the recip‐
784              ient address.
785

RESOURCE AND RATE CONTROLS

787       The following parameters limit resource usage by the SMTP server and/or
788       control client request rates.
789
790       line_length_limit (2048)
791              Upon input, long lines are chopped up into  pieces  of  at  most
792              this length; upon delivery, long lines are reconstructed.
793
794       queue_minfree (0)
795              The minimal amount of free space in bytes in the queue file sys‐
796              tem that is needed to receive mail.
797
798       message_size_limit (10240000)
799              The maximal size in  bytes  of  a  message,  including  envelope
800              information.
801
802       smtpd_recipient_limit (1000)
803              The  maximal  number  of recipients that the Postfix SMTP server
804              accepts per message delivery request.
805
806       smtpd_timeout (normal: 300s, overload: 10s)
807              The time limit for sending a Postfix SMTP  server  response  and
808              for receiving a remote SMTP client request.
809
810       smtpd_history_flush_threshold (100)
811              The  maximal  number of lines in the Postfix SMTP server command
812              history before it is flushed upon receipt of EHLO, RSET, or  end
813              of DATA.
814
815       Available in Postfix version 2.3 and later:
816
817       smtpd_peername_lookup (yes)
818              Attempt  to  look up the remote SMTP client hostname, and verify
819              that the name matches the client IP address.
820
821       The per SMTP client connection count and request rate limits are imple‐
822       mented  in co-operation with the anvil(8) service, and are available in
823       Postfix version 2.2 and later.
824
825       smtpd_client_connection_count_limit (50)
826              How many simultaneous connections any client is allowed to  make
827              to this service.
828
829       smtpd_client_connection_rate_limit (0)
830              The  maximal number of connection attempts any client is allowed
831              to make to this service per time unit.
832
833       smtpd_client_message_rate_limit (0)
834              The maximal number of message delivery requests that any  client
835              is  allowed to make to this service per time unit, regardless of
836              whether or not Postfix actually accepts those messages.
837
838       smtpd_client_recipient_rate_limit (0)
839              The maximal number of recipient addresses  that  any  client  is
840              allowed  to  send  to  this service per time unit, regardless of
841              whether or not Postfix actually accepts those recipients.
842
843       smtpd_client_event_limit_exceptions ($mynetworks)
844              Clients that are excluded  from  smtpd_client_*_count/rate_limit
845              restrictions.
846
847       Available in Postfix version 2.3 and later:
848
849       smtpd_client_new_tls_session_rate_limit (0)
850              The  maximal  number of new (i.e., uncached) TLS sessions that a
851              remote SMTP client is allowed to negotiate with this service per
852              time unit.
853
854       Available in Postfix version 2.9 and later:
855
856       smtpd_per_record_deadline (normal: no, overload: yes)
857              Change  the  behavior  of  the  smtpd_timeout  and  smtpd_start‐
858              tls_timeout time limits, from a time limit  per  read  or  write
859              system  call,  to  a  time  limit  to send or receive a complete
860              record (an SMTP command line, SMTP response line,  SMTP  message
861              content line, or TLS protocol message).
862
863       Available in Postfix version 3.1 and later:
864
865       smtpd_client_auth_rate_limit (0)
866              The  maximal  number of AUTH commands that any client is allowed
867              to send to this service per time unit, regardless of whether  or
868              not Postfix actually accepts those commands.
869

TARPIT CONTROLS

871       When  a  remote  SMTP  client makes errors, the Postfix SMTP server can
872       insert delays before responding. This can help to  slow  down  run-away
873       software.   The  behavior is controlled by an error counter that counts
874       the number of errors within an SMTP session that a client makes without
875       delivering mail.
876
877       smtpd_error_sleep_time (1s)
878              With  Postfix  version  2.1  and later: the SMTP server response
879              delay after a client has made more than  $smtpd_soft_error_limit
880              errors,  and  fewer than $smtpd_hard_error_limit errors, without
881              delivering mail.
882
883       smtpd_soft_error_limit (10)
884              The number of errors a remote SMTP client  is  allowed  to  make
885              without  delivering  mail  before  the Postfix SMTP server slows
886              down all its responses.
887
888       smtpd_hard_error_limit (normal: 20, overload: 1)
889              The maximal number of errors a remote SMTP client is allowed  to
890              make without delivering mail.
891
892       smtpd_junk_command_limit (normal: 100, overload: 1)
893              The  number  of  junk commands (NOOP, VRFY, ETRN or RSET) that a
894              remote SMTP client can  send  before  the  Postfix  SMTP  server
895              starts to increment the error counter with each junk command.
896
897       Available in Postfix version 2.1 and later:
898
899       smtpd_recipient_overshoot_limit (1000)
900              The  number  of recipients that a remote SMTP client can send in
901              excess  of  the  limit  specified  with  $smtpd_recipient_limit,
902              before  the Postfix SMTP server increments the per-session error
903              count for each excess recipient.
904

ACCESS POLICY DELEGATION CONTROLS

906       As of version 2.1, Postfix can be configured to delegate access  policy
907       decisions  to  an  external  server that runs outside Postfix.  See the
908       file SMTPD_POLICY_README for more information.
909
910       smtpd_policy_service_max_idle (300s)
911              The time after which an idle SMTPD policy service connection  is
912              closed.
913
914       smtpd_policy_service_max_ttl (1000s)
915              The  time  after which an active SMTPD policy service connection
916              is closed.
917
918       smtpd_policy_service_timeout (100s)
919              The time limit for connecting to, writing to, or receiving  from
920              a delegated SMTPD policy server.
921
922       Available in Postfix version 3.0 and later:
923
924       smtpd_policy_service_default_action  (451  4.3.5  Server  configuration
925       problem)
926              The default action when an SMTPD policy service request fails.
927
928       smtpd_policy_service_request_limit (0)
929              The maximal number of requests per SMTPD policy service  connec‐
930              tion, or zero (no limit).
931
932       smtpd_policy_service_try_limit (2)
933              The  maximal  number of attempts to send an SMTPD policy service
934              request before giving up.
935
936       smtpd_policy_service_retry_delay (1s)
937              The delay between attempts to resend a failed SMTPD policy  ser‐
938              vice request.
939
940       Available in Postfix version 3.1 and later:
941
942       smtpd_policy_service_policy_context (empty)
943              Optional  information  that the Postfix SMTP server specifies in
944              the "policy_context"  attribute  of  a  policy  service  request
945              (originally,  to  share the same service endpoint among multiple
946              check_policy_service clients).
947

ACCESS CONTROLS

949       The SMTPD_ACCESS_README document gives an introduction to all the  SMTP
950       server access control features.
951
952       smtpd_delay_reject (yes)
953              Wait    until    the   RCPT   TO   command   before   evaluating
954              $smtpd_client_restrictions,     $smtpd_helo_restrictions     and
955              $smtpd_sender_restrictions,  or  wait  until  the  ETRN  command
956              before      evaluating      $smtpd_client_restrictions       and
957              $smtpd_helo_restrictions.
958
959       parent_domain_matches_subdomains (see 'postconf -d' output)
960              A  list of Postfix features where the pattern "example.com" also
961              matches subdomains  of  example.com,  instead  of  requiring  an
962              explicit ".example.com" pattern.
963
964       smtpd_client_restrictions (empty)
965              Optional  restrictions  that  the Postfix SMTP server applies in
966              the context of a client connection request.
967
968       smtpd_helo_required (no)
969              Require that a remote SMTP client  introduces  itself  with  the
970              HELO  or  EHLO  command before sending the MAIL command or other
971              commands that require EHLO negotiation.
972
973       smtpd_helo_restrictions (empty)
974              Optional restrictions that the Postfix SMTP  server  applies  in
975              the context of a client HELO command.
976
977       smtpd_sender_restrictions (empty)
978              Optional  restrictions  that  the Postfix SMTP server applies in
979              the context of a client MAIL FROM command.
980
981       smtpd_recipient_restrictions (see 'postconf -d' output)
982              Optional restrictions that the Postfix SMTP  server  applies  in
983              the    context    of   a   client   RCPT   TO   command,   after
984              smtpd_relay_restrictions.
985
986       smtpd_etrn_restrictions (empty)
987              Optional restrictions that the Postfix SMTP  server  applies  in
988              the context of a client ETRN command.
989
990       allow_untrusted_routing (no)
991              Forward       mail       with      sender-specified      routing
992              (user[@%!]remote[@%!]site) from untrusted  clients  to  destina‐
993              tions matching $relay_domains.
994
995       smtpd_restriction_classes (empty)
996              User-defined aliases for groups of access restrictions.
997
998       smtpd_null_access_lookup_key (<>)
999              The  lookup  key  to be used in SMTP access(5) tables instead of
1000              the null sender address.
1001
1002       permit_mx_backup_networks (empty)
1003              Restrict the use of the permit_mx_backup SMTP access feature  to
1004              only domains whose primary MX hosts match the listed networks.
1005
1006       Available in Postfix version 2.0 and later:
1007
1008       smtpd_data_restrictions (empty)
1009              Optional  access  restrictions  that  the  Postfix  SMTP  server
1010              applies in the context of the SMTP DATA command.
1011
1012       smtpd_expansion_filter (see 'postconf -d' output)
1013              What characters are allowed in $name  expansions  of  RBL  reply
1014              templates.
1015
1016       Available in Postfix version 2.1 and later:
1017
1018       smtpd_reject_unlisted_sender (no)
1019              Request  that  the Postfix SMTP server rejects mail from unknown
1020              sender addresses, even when no  explicit  reject_unlisted_sender
1021              access restriction is specified.
1022
1023       smtpd_reject_unlisted_recipient (yes)
1024              Request  that  the  Postfix SMTP server rejects mail for unknown
1025              recipient     addresses,     even     when      no      explicit
1026              reject_unlisted_recipient access restriction is specified.
1027
1028       Available in Postfix version 2.2 and later:
1029
1030       smtpd_end_of_data_restrictions (empty)
1031              Optional  access  restrictions  that  the  Postfix  SMTP  server
1032              applies in the context of the SMTP END-OF-DATA command.
1033
1034       Available in Postfix version 2.10 and later:
1035
1036       smtpd_relay_restrictions (permit_mynetworks, permit_sasl_authenticated,
1037       defer_unauth_destination)
1038              Access restrictions for mail relay control that the Postfix SMTP
1039              server applies in the context of the  RCPT  TO  command,  before
1040              smtpd_recipient_restrictions.
1041

SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS

1043       Postfix  version  2.1 introduces sender and recipient address verifica‐
1044       tion.  This feature is implemented by sending probe email messages that
1045       are  not  actually  delivered.   This  feature  is  requested  via  the
1046       reject_unverified_sender   and    reject_unverified_recipient    access
1047       restrictions.   The  status of verification probes is maintained by the
1048       verify(8) server.  See the file ADDRESS_VERIFICATION_README for  infor‐
1049       mation  about how to configure and operate the Postfix sender/recipient
1050       address verification service.
1051
1052       address_verify_poll_count (normal: 3, overload: 1)
1053              How many times to query the verify(8) service for the completion
1054              of an address verification request in progress.
1055
1056       address_verify_poll_delay (3s)
1057              The delay between queries for the completion of an address veri‐
1058              fication request in progress.
1059
1060       address_verify_sender ($double_bounce_sender)
1061              The sender address to use in address verification probes;  prior
1062              to Postfix 2.5 the default was "postmaster".
1063
1064       unverified_sender_reject_code (450)
1065              The numerical Postfix SMTP server response code when a recipient
1066              address is rejected by the reject_unverified_sender restriction.
1067
1068       unverified_recipient_reject_code (450)
1069              The numerical Postfix SMTP  server  response  when  a  recipient
1070              address  is rejected by the reject_unverified_recipient restric‐
1071              tion.
1072
1073       Available in Postfix version 2.6 and later:
1074
1075       unverified_sender_defer_code (450)
1076              The numerical Postfix SMTP server response code  when  a  sender
1077              address probe fails due to a temporary error condition.
1078
1079       unverified_recipient_defer_code (450)
1080              The  numerical  Postfix  SMTP  server  response when a recipient
1081              address probe fails due to a temporary error condition.
1082
1083       unverified_sender_reject_reason (empty)
1084              The  Postfix  SMTP  server's  reply  when  rejecting  mail  with
1085              reject_unverified_sender.
1086
1087       unverified_recipient_reject_reason (empty)
1088              The  Postfix  SMTP  server's  reply  when  rejecting  mail  with
1089              reject_unverified_recipient.
1090
1091       unverified_sender_tempfail_action ($reject_tempfail_action)
1092              The Postfix SMTP server's action  when  reject_unverified_sender
1093              fails due to a temporary error condition.
1094
1095       unverified_recipient_tempfail_action ($reject_tempfail_action)
1096              The  Postfix SMTP server's action when reject_unverified_recipi‐
1097              ent fails due to a temporary error condition.
1098
1099       Available with Postfix 2.9 and later:
1100
1101       address_verify_sender_ttl (0s)
1102              The time  between  changes  in  the  time-dependent  portion  of
1103              address verification probe sender addresses.
1104

ACCESS CONTROL RESPONSES

1106       The following parameters control numerical SMTP reply codes and/or text
1107       responses.
1108
1109       access_map_reject_code (554)
1110              The numerical Postfix SMTP server response code for an access(5)
1111              map "reject" action.
1112
1113       defer_code (450)
1114              The  numerical  Postfix  SMTP server response code when a remote
1115              SMTP client request is rejected by the "defer" restriction.
1116
1117       invalid_hostname_reject_code (501)
1118              The numerical Postfix SMTP server response code when the  client
1119              HELO   or   EHLO   command   parameter   is   rejected   by  the
1120              reject_invalid_helo_hostname restriction.
1121
1122       maps_rbl_reject_code (554)
1123              The numerical Postfix SMTP server response code  when  a  remote
1124              SMTP   client  request  is  blocked  by  the  reject_rbl_client,
1125              reject_rhsbl_client,                reject_rhsbl_reverse_client,
1126              reject_rhsbl_sender or reject_rhsbl_recipient restriction.
1127
1128       non_fqdn_reject_code (504)
1129              The  numerical  Postfix  SMTP  server  reply  code when a client
1130              request  is  rejected  by   the   reject_non_fqdn_helo_hostname,
1131              reject_non_fqdn_sender or reject_non_fqdn_recipient restriction.
1132
1133       plaintext_reject_code (450)
1134              The  numerical  Postfix SMTP server response code when a request
1135              is rejected by the reject_plaintext_session restriction.
1136
1137       reject_code (554)
1138              The numerical Postfix SMTP server response code  when  a  remote
1139              SMTP client request is rejected by the "reject" restriction.
1140
1141       relay_domains_reject_code (554)
1142              The  numerical  Postfix  SMTP server response code when a client
1143              request is rejected by the  reject_unauth_destination  recipient
1144              restriction.
1145
1146       unknown_address_reject_code (450)
1147              The numerical response code when the Postfix SMTP server rejects
1148              a sender or recipient address because its domain is unknown.
1149
1150       unknown_client_reject_code (450)
1151              The numerical Postfix SMTP server response code  when  a  client
1152              without  valid  address  <=>  name  mapping  is  rejected by the
1153              reject_unknown_client_hostname restriction.
1154
1155       unknown_hostname_reject_code (450)
1156              The numerical Postfix SMTP server response code when  the  host‐
1157              name  specified with the HELO or EHLO command is rejected by the
1158              reject_unknown_helo_hostname restriction.
1159
1160       Available in Postfix version 2.0 and later:
1161
1162       default_rbl_reply (see 'postconf -d' output)
1163              The default Postfix SMTP server response template for a  request
1164              that is rejected by an RBL-based restriction.
1165
1166       multi_recipient_bounce_reject_code (550)
1167              The  numerical  Postfix  SMTP server response code when a remote
1168              SMTP client  request  is  blocked  by  the  reject_multi_recipi‐
1169              ent_bounce restriction.
1170
1171       rbl_reply_maps (empty)
1172              Optional lookup tables with RBL response templates.
1173
1174       Available in Postfix version 2.6 and later:
1175
1176       access_map_defer_code (450)
1177              The numerical Postfix SMTP server response code for an access(5)
1178              map   "defer"    action,    including    "defer_if_permit"    or
1179              "defer_if_reject".
1180
1181       reject_tempfail_action (defer_if_permit)
1182              The  Postfix SMTP server's action when a reject-type restriction
1183              fails due to a temporary error condition.
1184
1185       unknown_helo_hostname_tempfail_action ($reject_tempfail_action)
1186              The Postfix SMTP server's action when  reject_unknown_helo_host‐
1187              name fails due to an temporary error condition.
1188
1189       unknown_address_tempfail_action ($reject_tempfail_action)
1190              The       Postfix       SMTP      server's      action      when
1191              reject_unknown_sender_domain or  reject_unknown_recipient_domain
1192              fail due to a temporary error condition.
1193

MISCELLANEOUS CONTROLS

1195       config_directory (see 'postconf -d' output)
1196              The  default  location of the Postfix main.cf and master.cf con‐
1197              figuration files.
1198
1199       daemon_timeout (18000s)
1200              How much time a Postfix daemon process  may  take  to  handle  a
1201              request before it is terminated by a built-in watchdog timer.
1202
1203       command_directory (see 'postconf -d' output)
1204              The location of all postfix administrative commands.
1205
1206       double_bounce_sender (double-bounce)
1207              The  sender  address of postmaster notifications that are gener‐
1208              ated by the mail system.
1209
1210       ipc_timeout (3600s)
1211              The time limit for sending  or  receiving  information  over  an
1212              internal communication channel.
1213
1214       mail_name (Postfix)
1215              The  mail system name that is displayed in Received: headers, in
1216              the SMTP greeting banner, and in bounced mail.
1217
1218       mail_owner (postfix)
1219              The UNIX system account that owns the  Postfix  queue  and  most
1220              Postfix daemon processes.
1221
1222       max_idle (100s)
1223              The  maximum  amount of time that an idle Postfix daemon process
1224              waits for an incoming connection before terminating voluntarily.
1225
1226       max_use (100)
1227              The maximal number of incoming connections that a Postfix daemon
1228              process will service before terminating voluntarily.
1229
1230       myhostname (see 'postconf -d' output)
1231              The internet hostname of this mail system.
1232
1233       mynetworks (see 'postconf -d' output)
1234              The  list of "trusted" remote SMTP clients that have more privi‐
1235              leges than "strangers".
1236
1237       myorigin ($myhostname)
1238              The domain name that locally-posted mail appears to  come  from,
1239              and that locally posted mail is delivered to.
1240
1241       process_id (read-only)
1242              The process ID of a Postfix command or daemon process.
1243
1244       process_name (read-only)
1245              The process name of a Postfix command or daemon process.
1246
1247       queue_directory (see 'postconf -d' output)
1248              The location of the Postfix top-level queue directory.
1249
1250       recipient_delimiter (empty)
1251              The  set  of  characters  that can separate a user name from its
1252              extension (example: user+foo), or a .forward file name from  its
1253              extension (example: .forward+foo).
1254
1255       smtpd_banner ($myhostname ESMTP $mail_name)
1256              The  text  that follows the 220 status code in the SMTP greeting
1257              banner.
1258
1259       syslog_facility (mail)
1260              The syslog facility of Postfix logging.
1261
1262       syslog_name (see 'postconf -d' output)
1263              A prefix that  is  prepended  to  the  process  name  in  syslog
1264              records, so that, for example, "smtpd" becomes "prefix/smtpd".
1265
1266       Available in Postfix version 2.2 and later:
1267
1268       smtpd_forbidden_commands (CONNECT, GET, POST)
1269              List  of  commands that cause the Postfix SMTP server to immedi‐
1270              ately terminate the session with a 221 code.
1271
1272       Available in Postfix version 2.5 and later:
1273
1274       smtpd_client_port_logging (no)
1275              Enable logging of the remote SMTP client port in addition to the
1276              hostname and IP address.
1277
1278       Available in Postfix 3.3 and later:
1279
1280       service_name (read-only)
1281              The master.cf service name of a Postfix daemon process.
1282

SEE ALSO

1284       anvil(8), connection/rate limiting
1285       cleanup(8), message canonicalization
1286       tlsmgr(8), TLS session and PRNG management
1287       trivial-rewrite(8), address resolver
1288       verify(8), address verification service
1289       postconf(5), configuration parameters
1290       master(5), generic daemon options
1291       master(8), process manager
1292       syslogd(8), system logging
1293

README FILES

1295       Use  "postconf readme_directory" or "postconf html_directory" to locate
1296       this information.
1297       ADDRESS_CLASS_README, blocking unknown hosted or relay recipients
1298       ADDRESS_REWRITING_README Postfix address manipulation
1299       FILTER_README, external after-queue content filter
1300       LOCAL_RECIPIENT_README, blocking unknown local recipients
1301       MILTER_README, before-queue mail filter applications
1302       SMTPD_ACCESS_README, built-in access policies
1303       SMTPD_POLICY_README, external policy server
1304       SMTPD_PROXY_README, external before-queue content filter
1305       SASL_README, Postfix SASL howto
1306       TLS_README, Postfix STARTTLS howto
1307       VERP_README, Postfix XVERP extension
1308       XCLIENT_README, Postfix XCLIENT extension
1309       XFORWARD_README, Postfix XFORWARD extension
1310

LICENSE

1312       The Secure Mailer license must be distributed with this software.
1313

AUTHOR(S)

1315       Wietse Venema
1316       IBM T.J. Watson Research
1317       P.O. Box 704
1318       Yorktown Heights, NY 10598, USA
1319
1320       Wietse Venema
1321       Google, Inc.
1322       111 8th Avenue
1323       New York, NY 10011, USA
1324
1325       SASL support originally by:
1326       Till Franke
1327       SuSE Rhein/Main AG
1328       65760 Eschborn, Germany
1329
1330       TLS support originally by:
1331       Lutz Jaenicke
1332       BTU Cottbus
1333       Allgemeine Elektrotechnik
1334       Universitaetsplatz 3-4
1335       D-03044 Cottbus, Germany
1336
1337       Revised TLS support by:
1338       Victor Duchovni
1339       Morgan Stanley
1340
1341
1342
1343                                                                      SMTPD(8)
Impressum