1VIRTUAL(8)                  System Manager's Manual                 VIRTUAL(8)
2
3
4

NAME

6       virtual - Postfix virtual domain mail delivery agent
7

SYNOPSIS

9       virtual [generic Postfix daemon options]
10

DESCRIPTION

12       The virtual(8) delivery agent is designed for virtual mail hosting ser‐
13       vices. Originally based on the Postfix local(8)  delivery  agent,  this
14       agent  looks  up  recipients  with  map lookups of their full recipient
15       address, instead of using hard-coded unix password file lookups of  the
16       address local part only.
17
18       This  delivery  agent  only delivers mail.  Other features such as mail
19       forwarding, out-of-office notifications, etc., must be  configured  via
20       virtual_alias maps or via similar lookup mechanisms.
21

MAILBOX LOCATION

23       The mailbox location is controlled by the virtual_mailbox_base and vir‐
24       tual_mailbox_maps  configuration  parameters  (see  below).   The  vir‐
25       tual_mailbox_maps   table  is  indexed  by  the  recipient  address  as
26       described under TABLE SEARCH ORDER below.
27
28       The mailbox pathname is constructed as follows:
29
30         $virtual_mailbox_base/$virtual_mailbox_maps(recipient)
31
32       where recipient is the full recipient address.
33

UNIX MAILBOX FORMAT

35       When the mailbox location does not end in /, the message  is  delivered
36       in  UNIX  mailbox format.   This format stores multiple messages in one
37       textfile.
38
39       The virtual(8) delivery agent prepends a "From sender time_stamp" enve‐
40       lope  header  to  each message, prepends a Delivered-To: message header
41       with the envelope recipient address, prepends an X-Original-To:  header
42       with the recipient address as given to Postfix, prepends a Return-Path:
43       message header with the envelope sender address, prepends a > character
44       to lines beginning with "From ", and appends an empty line.
45
46       The  mailbox  is  locked  for  exclusive  access  while  delivery is in
47       progress. In case of problems, an attempt is made to truncate the mail‐
48       box to its original length.
49

QMAIL MAILDIR FORMAT

51       When  the mailbox location ends in /, the message is delivered in qmail
52       maildir format. This format stores one message per file.
53
54       The virtual(8) delivery agent prepends a Delivered-To:  message  header
55       with  the  final envelope recipient address, prepends an X-Original-To:
56       header with the recipient address as given to Postfix, and  prepends  a
57       Return-Path: message header with the envelope sender address.
58
59       By  definition,  maildir format does not require application-level file
60       locking during mail delivery or retrieval.
61

MAILBOX OWNERSHIP

63       Mailbox ownership  is  controlled  by  the  virtual_uid_maps  and  vir‐
64       tual_gid_maps  lookup tables, which are indexed with the full recipient
65       address. Each table provides a string with the numerical user and group
66       ID, respectively.
67
68       The  virtual_minimum_uid  parameter  imposes a lower bound on numerical
69       user ID values that may be specified in any virtual_uid_maps.
70

CASE FOLDING

72       All delivery decisions are  made  using  the  full  recipient  address,
73       folded  to  lower  case. See also the next section for a few exceptions
74       with optional address extensions.
75

TABLE SEARCH ORDER

77       Normally, a lookup table is specified as a text  file  that  serves  as
78       input  to the postmap(1) command. The result, an indexed file in dbm or
79       db format, is used for fast searching by the mail system.
80
81       The search order is as follows. The search stops upon  the  first  suc‐
82       cessful lookup.
83
84       ·      When  the  recipient  has  an  optional  address  extension  the
85              user+extension@domain.tld address is looked up first.
86
87              With Postfix versions before 2.1, the optional address extension
88              is always ignored.
89
90       ·      The  user@domain.tld  address,  without  address  extension,  is
91              looked up next.
92
93       ·      Finally, the recipient @domain is looked up.
94
95       When the table is provided via other means such as NIS,  LDAP  or  SQL,
96       the same lookups are done as for ordinary indexed files.
97
98       Alternatively,  a  table  can  be  provided as a regular-expression map
99       where patterns are given as regular expressions. In that case, only the
100       full recipient address is given to the regular-expression map.
101

SECURITY

103       The  virtual(8) delivery agent is not security sensitive, provided that
104       the lookup tables with recipient user/group  ID  information  are  ade‐
105       quately protected. This program is not designed to run chrooted.
106
107       The virtual(8) delivery agent disallows regular expression substitution
108       of $1 etc. in regular expression lookup tables, because that would open
109       a security hole.
110
111       The  virtual(8) delivery agent will silently ignore requests to use the
112       proxymap(8) server. Instead it will open  the  table  directly.  Before
113       Postfix  version  2.2, the virtual delivery agent will terminate with a
114       fatal error.
115

STANDARDS

117       RFC 822 (ARPA Internet Text Messages)
118

DIAGNOSTICS

120       Mail bounces when the recipient has no mailbox or when the recipient is
121       over  disk quota. In all other cases, mail for an existing recipient is
122       deferred and a warning is logged.
123
124       Problems and transactions are logged to syslogd(8).  Corrupted  message
125       files are marked so that the queue manager can move them to the corrupt
126       queue afterwards.
127
128       Depending on the setting of the notify_classes parameter, the  postmas‐
129       ter is notified of bounces and of other trouble.
130

BUGS

132       This  delivery agent supports address extensions in email addresses and
133       in lookup table keys, but does not propagate address extension informa‐
134       tion to the result of table lookup.
135
136       Postfix  should  have  lookup  tables  that  can return multiple result
137       attributes. In order to avoid the inconvenience  of  maintaining  three
138       tables, use an LDAP or MYSQL database.
139

CONFIGURATION PARAMETERS

141       Changes to main.cf are picked up automatically, as virtual(8) processes
142       run for only a limited amount of time. Use the command "postfix reload"
143       to speed up a change.
144
145       The  text  below provides only a parameter summary. See postconf(5) for
146       more details including examples.
147

MAILBOX DELIVERY CONTROLS

149       virtual_mailbox_base (empty)
150              A prefix that the virtual(8)  delivery  agent  prepends  to  all
151              pathname results from $virtual_mailbox_maps table lookups.
152
153       virtual_mailbox_maps (empty)
154              Optional  lookup  tables with all valid addresses in the domains
155              that match $virtual_mailbox_domains.
156
157       virtual_minimum_uid (100)
158              The minimum user ID value that  the  virtual(8)  delivery  agent
159              accepts as a result from $virtual_uid_maps table lookup.
160
161       virtual_uid_maps (empty)
162              Lookup tables with the per-recipient user ID that the virtual(8)
163              delivery agent uses while writing to the recipient's mailbox.
164
165       virtual_gid_maps (empty)
166              Lookup tables with the per-recipient  group  ID  for  virtual(8)
167              mailbox delivery.
168
169       Available in Postfix version 2.0 and later:
170
171       virtual_mailbox_domains ($virtual_mailbox_maps)
172              Postfix  is final destination for the specified list of domains;
173              mail is  delivered  via  the  $virtual_transport  mail  delivery
174              transport.
175
176       virtual_transport (virtual)
177              The default mail delivery transport and next-hop destination for
178              final delivery to domains listed with $virtual_mailbox_domains.
179
180       Available in Postfix version 2.5.3 and later:
181
182       strict_mailbox_ownership (yes)
183              Defer delivery when a mailbox file is not owned by  its  recipi‐
184              ent.
185

LOCKING CONTROLS

187       virtual_mailbox_lock (see 'postconf -d' output)
188              How  to  lock  a UNIX-style virtual(8) mailbox before attempting
189              delivery.
190
191       deliver_lock_attempts (20)
192              The maximal number of attempts to acquire an exclusive lock on a
193              mailbox file or bounce(8) logfile.
194
195       deliver_lock_delay (1s)
196              The  time  between  attempts  to  acquire an exclusive lock on a
197              mailbox file or bounce(8) logfile.
198
199       stale_lock_time (500s)
200              The time after which  a  stale  exclusive  mailbox  lockfile  is
201              removed.
202

RESOURCE AND RATE CONTROLS

204       virtual_mailbox_limit (51200000)
205              The maximal size in bytes of an individual virtual(8) mailbox or
206              maildir file, or zero (no limit).
207
208       Implemented in the qmgr(8) daemon:
209
210       virtual_destination_concurrency_limit     ($default_destination_concur‐
211       rency_limit)
212              The  maximal  number of parallel deliveries to the same destina‐
213              tion via the virtual message delivery transport.
214
215       virtual_destination_recipient_limit       ($default_destination_recipi‐
216       ent_limit)
217              The  maximal  number  of  recipients per message for the virtual
218              message delivery transport.
219

MISCELLANEOUS CONTROLS

221       config_directory (see 'postconf -d' output)
222              The default location of the Postfix main.cf and  master.cf  con‐
223              figuration files.
224
225       daemon_timeout (18000s)
226              How  much  time  a  Postfix  daemon process may take to handle a
227              request before it is terminated by a built-in watchdog timer.
228
229       delay_logging_resolution_limit (2)
230              The maximal number of digits after the decimal point  when  log‐
231              ging sub-second delay values.
232
233       ipc_timeout (3600s)
234              The  time  limit  for  sending  or receiving information over an
235              internal communication channel.
236
237       max_idle (100s)
238              The maximum amount of time that an idle Postfix  daemon  process
239              waits for an incoming connection before terminating voluntarily.
240
241       max_use (100)
242              The maximal number of incoming connections that a Postfix daemon
243              process will service before terminating voluntarily.
244
245       process_id (read-only)
246              The process ID of a Postfix command or daemon process.
247
248       process_name (read-only)
249              The process name of a Postfix command or daemon process.
250
251       queue_directory (see 'postconf -d' output)
252              The location of the Postfix top-level queue directory.
253
254       syslog_facility (mail)
255              The syslog facility of Postfix logging.
256
257       syslog_name (see 'postconf -d' output)
258              A prefix that  is  prepended  to  the  process  name  in  syslog
259              records, so that, for example, "smtpd" becomes "prefix/smtpd".
260
261       Available in Postfix version 3.0 and later:
262
263       virtual_delivery_status_filter ($default_delivery_status_filter)
264              Optional  filter for the virtual(8) delivery agent to change the
265              delivery status code or explanatory text of successful or unsuc‐
266              cessful deliveries.
267
268       Available in Postfix version 3.3 and later:
269
270       enable_original_recipient (yes)
271              Enable  support  for  the  original  recipient  address after an
272              address is rewritten to a different address  (for  example  with
273              aliasing or with canonical mapping).
274
275       service_name (read-only)
276              The master.cf service name of a Postfix daemon process.
277

SEE ALSO

279       qmgr(8), queue manager
280       bounce(8), delivery status reports
281       postconf(5), configuration parameters
282       syslogd(8), system logging
283

README_FILES

285       Use "postconf readme_directory" or
286       "postconf html_directory" to locate this information.
287       VIRTUAL_README, domain hosting howto
288

LICENSE

290       The Secure Mailer license must be distributed with this software.
291

HISTORY

293       This  delivery agent was originally based on the Postfix local delivery
294       agent. Modifications mainly consisted of removing code that either  was
295       not  applicable  or  that  was  not  safe  in  this  context:  aliases,
296       ~user/.forward files, delivery to "|command" or to /file/name.
297
298       The Delivered-To: message header appears in the qmail system by  Daniel
299       Bernstein.
300
301       The maildir structure appears in the qmail system by Daniel Bernstein.
302

AUTHOR(S)

304       Wietse Venema
305       IBM T.J. Watson Research
306       P.O. Box 704
307       Yorktown Heights, NY 10598, USA
308
309       Wietse Venema
310       Google, Inc.
311       111 8th Avenue
312       New York, NY 10011, USA
313
314       Andrew McNamara
315       andrewm@connect.com.au
316       connect.com.au Pty. Ltd.
317       Level 3, 213 Miller St
318       North Sydney 2060, NSW, Australia
319
320
321
322                                                                    VIRTUAL(8)
Impressum