1CLEANUP(8) System Manager's Manual CLEANUP(8)
2
6 cleanup - canonicalize and enqueue Postfix message
7
9 cleanup [generic Postfix daemon options]
10
12 The cleanup(8) daemon processes inbound mail, inserts it into the
13 incoming mail queue, and informs the queue manager of its arrival.
14 The cleanup(8) daemon always performs the following transformations:
16 · Insert missing message headers: (Resent-) From:, To:, Message-
18 Id:, and Date:.
19 · Transform envelope and header addresses to the standard
21 user@fully-qualified-domain form that is expected by other Post‐
22 fix programs. This task is delegated to the trivial-rewrite(8)
23 daemon.
24 · Eliminate duplicate envelope recipient addresses.
26 The following address transformations are optional:
28 · Optionally, rewrite all envelope and header addresses according
30 to the mappings specified in the canonical(5) lookup tables.
31 · Optionally, masquerade envelope sender addresses and message
33 header addresses (i.e. strip host or domain information below
34 all domains listed in the masquerade_domains parameter, except
35 for user names listed in masquerade_exceptions). By default,
36 address masquerading does not affect envelope recipients.
37 · Optionally, expand envelope recipients according to information
39 found in the virtual(5) lookup tables.
40 The cleanup(8) daemon performs sanity checks on the content of each
42 message. When it finds a problem, by default it returns a diagnostic
43 status to the client, and leaves it up to the client to deal with the
44 problem. Alternatively, the client can request the cleanup(8) daemon to
45 bounce the message back to the sender in case of trouble.
46
48 RFC 822 (ARPA Internet Text Messages)
49 RFC 2045 (MIME: Format of Internet Message Bodies)
50 RFC 2046 (MIME: Media Types)
51 RFC 2822 (Internet Message Format)
52 RFC 3463 (Enhanced Status Codes)
53 RFC 3464 (Delivery status notifications)
54 RFC 5322 (Internet Message Format)
55
57 Problems and transactions are logged to syslogd(8).
58
60 Table-driven rewriting rules make it hard to express if then else and
61 other logical relationships.
62
64 Changes to main.cf are picked up automatically, as cleanup(8) processes
65 run for only a limited amount of time. Use the command "postfix reload"
66 to speed up a change.
67 The text below provides only a parameter summary. See postconf(5) for
69 more details including examples.
70
72 undisclosed_recipients_header (To: undisclosed-recipients:;)
73 Message header that the Postfix cleanup(8) server inserts when a
74 message contains no To: or Cc: message header.
75 Available in Postfix version 2.1 only:
77 enable_errors_to (no)
79 Report mail delivery errors to the address specified with the
80 non-standard Errors-To: message header, instead of the envelope
81 sender address (this feature is removed with Postfix version
82 2.2, is turned off by default with Postfix version 2.1, and is
83 always turned on with older Postfix versions).
84 Available in Postfix version 2.6 and later:
86 always_add_missing_headers (no)
88 Always add (Resent-) From:, To:, Date: or Message-ID: headers
89 when not present.
90
92 Postfix built-in content filtering is meant to stop a flood of worms or
93 viruses. It is not a general content filter.
94 body_checks (empty)
96 Optional lookup tables for content inspection as specified in
97 the body_checks(5) manual page.
98 header_checks (empty)
100 Optional lookup tables for content inspection of primary non-
101 MIME message headers, as specified in the header_checks(5) man‐
102 ual page.
103 Available in Postfix version 2.0 and later:
105 body_checks_size_limit (51200)
107 How much text in a message body segment (or attachment, if you
108 prefer to use that term) is subjected to body_checks inspection.
109 mime_header_checks ($header_checks)
111 Optional lookup tables for content inspection of MIME related
112 message headers, as described in the header_checks(5) manual
113 page.
114 nested_header_checks ($header_checks)
116 Optional lookup tables for content inspection of non-MIME mes‐
117 sage headers in attached messages, as described in the
118 header_checks(5) manual page.
119 Available in Postfix version 2.3 and later:
121 message_reject_characters (empty)
123 The set of characters that Postfix will reject in message con‐
124 tent.
125 message_strip_characters (empty)
127 The set of characters that Postfix will remove from message con‐
128 tent.
129
131 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
132 filter) protocol. When mail is not received via the smtpd(8) server,
133 the cleanup(8) server will simulate SMTP events to the extent that this
134 is possible. For details see the MILTER_README document.
135 non_smtpd_milters (empty)
137 A list of Milter (mail filter) applications for new mail that
138 does not arrive via the Postfix smtpd(8) server.
139 milter_protocol (6)
141 The mail filter protocol version and optional protocol exten‐
142 sions for communication with a Milter application; prior to
143 Postfix 2.6 the default protocol is 2.
144 milter_default_action (tempfail)
146 The default action when a Milter (mail filter) application is
147 unavailable or mis-configured.
148 milter_macro_daemon_name ($myhostname)
150 The {daemon_name} macro value for Milter (mail filter) applica‐
151 tions.
152 milter_macro_v ($mail_name $mail_version)
154 The {v} macro value for Milter (mail filter) applications.
155 milter_connect_timeout (30s)
157 The time limit for connecting to a Milter (mail filter) applica‐
158 tion, and for negotiating protocol options.
159 milter_command_timeout (30s)
161 The time limit for sending an SMTP command to a Milter (mail
162 filter) application, and for receiving the response.
163 milter_content_timeout (300s)
165 The time limit for sending message content to a Milter (mail
166 filter) application, and for receiving the response.
167 milter_connect_macros (see 'postconf -d' output)
169 The macros that are sent to Milter (mail filter) applications
170 after completion of an SMTP connection.
171 milter_helo_macros (see 'postconf -d' output)
173 The macros that are sent to Milter (mail filter) applications
174 after the SMTP HELO or EHLO command.
175 milter_mail_macros (see 'postconf -d' output)
177 The macros that are sent to Milter (mail filter) applications
178 after the SMTP MAIL FROM command.
179 milter_rcpt_macros (see 'postconf -d' output)
181 The macros that are sent to Milter (mail filter) applications
182 after the SMTP RCPT TO command.
183 milter_data_macros (see 'postconf -d' output)
185 The macros that are sent to version 4 or higher Milter (mail
186 filter) applications after the SMTP DATA command.
187 milter_unknown_command_macros (see 'postconf -d' output)
189 The macros that are sent to version 3 or higher Milter (mail
190 filter) applications after an unknown SMTP command.
191 milter_end_of_data_macros (see 'postconf -d' output)
193 The macros that are sent to Milter (mail filter) applications
194 after the message end-of-data.
195 Available in Postfix version 2.5 and later:
197 milter_end_of_header_macros (see 'postconf -d' output)
199 The macros that are sent to Milter (mail filter) applications
200 after the end of the message header.
201 Available in Postfix version 2.7 and later:
203 milter_header_checks (empty)
205 Optional lookup tables for content inspection of message headers
206 that are produced by Milter applications.
207
209 Available in Postfix version 2.0 and later:
210 disable_mime_input_processing (no)
212 Turn off MIME processing while receiving mail.
213 mime_boundary_length_limit (2048)
215 The maximal length of MIME multipart boundary strings.
216 mime_nesting_limit (100)
218 The maximal recursion level that the MIME processor will handle.
219 strict_8bitmime (no)
221 Enable both strict_7bit_headers and strict_8bitmime_body.
222 strict_7bit_headers (no)
224 Reject mail with 8-bit text in message headers.
225 strict_8bitmime_body (no)
227 Reject 8-bit message body text without 8-bit MIME content encod‐
228 ing information.
229 strict_mime_encoding_domain (no)
231 Reject mail with invalid Content-Transfer-Encoding: information
232 for the message/* or multipart/* MIME content types.
233 Available in Postfix version 2.5 and later:
235 detect_8bit_encoding_header (yes)
237 Automatically detect 8BITMIME body content by looking at Con‐
238 tent-Transfer-Encoding: message headers; historically, this
239 behavior was hard-coded to be "always on".
240
242 Postfix can automatically add BCC (blind carbon copy) when mail enters
243 the mail system:
244 always_bcc (empty)
246 Optional address that receives a "blind carbon copy" of each
247 message that is received by the Postfix mail system.
248 Available in Postfix version 2.1 and later:
250 sender_bcc_maps (empty)
252 Optional BCC (blind carbon-copy) address lookup tables, indexed
253 by sender address.
254 recipient_bcc_maps (empty)
256 Optional BCC (blind carbon-copy) address lookup tables, indexed
257 by recipient address.
258
260 Address rewriting is delegated to the trivial-rewrite(8) daemon. The
261 cleanup(8) server implements table driven address mapping.
262 empty_address_recipient (MAILER-DAEMON)
264 The recipient of mail addressed to the null address.
265 canonical_maps (empty)
267 Optional address mapping lookup tables for message headers and
268 envelopes.
269 recipient_canonical_maps (empty)
271 Optional address mapping lookup tables for envelope and header
272 recipient addresses.
273 sender_canonical_maps (empty)
275 Optional address mapping lookup tables for envelope and header
276 sender addresses.
277 masquerade_classes (envelope_sender, header_sender, header_recipient)
279 What addresses are subject to address masquerading.
280 masquerade_domains (empty)
282 Optional list of domains whose subdomain structure will be
283 stripped off in email addresses.
284 masquerade_exceptions (empty)
286 Optional list of user names that are not subjected to address
287 masquerading, even when their address matches $masquer‐
288 ade_domains.
289 propagate_unmatched_extensions (canonical, virtual)
291 What address lookup tables copy an address extension from the
292 lookup key to the lookup result.
293 Available before Postfix version 2.0:
295 virtual_maps (empty)
297 Optional lookup tables with a) names of domains for which all
298 addresses are aliased to addresses in other local or remote
299 domains, and b) addresses that are aliased to addresses in other
300 local or remote domains.
301 Available in Postfix version 2.0 and later:
303 virtual_alias_maps ($virtual_maps)
305 Optional lookup tables that alias specific mail addresses or
306 domains to other local or remote address.
307 Available in Postfix version 2.2 and later:
309 canonical_classes (envelope_sender, envelope_recipient, header_sender,
311 header_recipient)
312 What addresses are subject to canonical_maps address mapping.
313 recipient_canonical_classes (envelope_recipient, header_recipient)
315 What addresses are subject to recipient_canonical_maps address
316 mapping.
317 sender_canonical_classes (envelope_sender, header_sender)
319 What addresses are subject to sender_canonical_maps address map‐
320 ping.
321 remote_header_rewrite_domain (empty)
323 Don't rewrite message headers from remote clients at all when
324 this parameter is empty; otherwise, rewrite message headers and
325 append the specified domain name to incomplete addresses.
326
328 duplicate_filter_limit (1000)
329 The maximal number of addresses remembered by the address dupli‐
330 cate filter for aliases(5) or virtual(5) alias expansion, or for
331 showq(8) queue displays.
332 header_size_limit (102400)
334 The maximal amount of memory in bytes for storing a message
335 header.
336 hopcount_limit (50)
338 The maximal number of Received: message headers that is allowed
339 in the primary message headers.
340 in_flow_delay (1s)
342 Time to pause before accepting a new message, when the message
343 arrival rate exceeds the message delivery rate.
344 message_size_limit (10240000)
346 The maximal size in bytes of a message, including envelope
347 information.
348 Available in Postfix version 2.0 and later:
350 header_address_token_limit (10240)
352 The maximal number of address tokens are allowed in an address
353 message header.
354 mime_boundary_length_limit (2048)
356 The maximal length of MIME multipart boundary strings.
357 mime_nesting_limit (100)
359 The maximal recursion level that the MIME processor will handle.
360 queue_file_attribute_count_limit (100)
362 The maximal number of (name=value) attributes that may be stored
363 in a Postfix queue file.
364 Available in Postfix version 2.1 and later:
366 virtual_alias_expansion_limit (1000)
368 The maximal number of addresses that virtual alias expansion
369 produces from each original recipient.
370 virtual_alias_recursion_limit (1000)
372 The maximal nesting depth of virtual alias expansion.
373
375 config_directory (see 'postconf -d' output)
376 The default location of the Postfix main.cf and master.cf con‐
377 figuration files.
378 daemon_timeout (18000s)
380 How much time a Postfix daemon process may take to handle a
381 request before it is terminated by a built-in watchdog timer.
382 delay_logging_resolution_limit (2)
384 The maximal number of digits after the decimal point when log‐
385 ging sub-second delay values.
386 delay_warning_time (0h)
388 The time after which the sender receives the message headers of
389 mail that is still queued.
390 ipc_timeout (3600s)
392 The time limit for sending or receiving information over an
393 internal communication channel.
394 max_idle (100s)
396 The maximum amount of time that an idle Postfix daemon process
397 waits for an incoming connection before terminating voluntarily.
398 max_use (100)
400 The maximal number of incoming connections that a Postfix daemon
401 process will service before terminating voluntarily.
402 myhostname (see 'postconf -d' output)
404 The internet hostname of this mail system.
405 myorigin ($myhostname)
407 The domain name that locally-posted mail appears to come from,
408 and that locally posted mail is delivered to.
409 process_id (read-only)
411 The process ID of a Postfix command or daemon process.
412 process_name (read-only)
414 The process name of a Postfix command or daemon process.
415 queue_directory (see 'postconf -d' output)
417 The location of the Postfix top-level queue directory.
418 soft_bounce (no)
420 Safety net to keep mail queued that would otherwise be returned
421 to the sender.
422 syslog_facility (mail)
424 The syslog facility of Postfix logging.
425 syslog_name (see 'postconf -d' output)
427 The mail system name that is prepended to the process name in
428 syslog records, so that "smtpd" becomes, for example, "post‐
429 fix/smtpd".
430 Available in Postfix version 2.1 and later:
432 enable_original_recipient (yes)
434 Enable support for the X-Original-To message header.
435
437 /etc/postfix/canonical*, canonical mapping table
438 /etc/postfix/virtual*, virtual mapping table
439
441 trivial-rewrite(8), address rewriting
442 qmgr(8), queue manager
443 header_checks(5), message header content inspection
444 body_checks(5), body parts content inspection
445 canonical(5), canonical address lookup table format
446 virtual(5), virtual alias lookup table format
447 postconf(5), configuration parameters
448 master(5), generic daemon options
449 master(8), process manager
450 syslogd(8), system logging
451
453 Use "postconf readme_directory" or "postconf html_directory" to locate
454 this information.
455 ADDRESS_REWRITING_README Postfix address manipulation
456 CONTENT_INSPECTION_README content inspection
457
459 The Secure Mailer license must be distributed with this software.
460
462 Wietse Venema
463 IBM T.J. Watson Research
464 P.O. Box 704
465 Yorktown Heights, NY 10598, USA
466 CLEANUP(8)