1CLEANUP(8) System Manager's Manual CLEANUP(8)
2
3
4
6 cleanup - canonicalize and enqueue Postfix message
7
9 cleanup [generic Postfix daemon options]
10
12 The cleanup(8) daemon processes inbound mail, inserts it into the
13 incoming mail queue, and informs the queue manager of its arrival.
14
15 The cleanup(8) daemon always performs the following transformations:
16
17 · Insert missing message headers: (Resent-) From:, To:, Mes‐
18 sage-Id:, and Date:.
19
20 · Transform envelope and header addresses to the standard
21 user@fully-qualified-domain form that is expected by other Post‐
22 fix programs. This task is delegated to the trivial-rewrite(8)
23 daemon.
24
25 · Eliminate duplicate envelope recipient addresses.
26
27 · Remove message headers: Bcc, Content-Length, Resent-Bcc,
28 Return-Path.
29
30 The following address transformations are optional:
31
32 · Optionally, rewrite all envelope and header addresses according
33 to the mappings specified in the canonical(5) lookup tables.
34
35 · Optionally, masquerade envelope sender addresses and message
36 header addresses (i.e. strip host or domain information below
37 all domains listed in the masquerade_domains parameter, except
38 for user names listed in masquerade_exceptions). By default,
39 address masquerading does not affect envelope recipients.
40
41 · Optionally, expand envelope recipients according to information
42 found in the virtual(5) lookup tables.
43
44 The cleanup(8) daemon performs sanity checks on the content of each
45 message. When it finds a problem, by default it returns a diagnostic
46 status to the client, and leaves it up to the client to deal with the
47 problem. Alternatively, the client can request the cleanup(8) daemon to
48 bounce the message back to the sender in case of trouble.
49
51 RFC 822 (ARPA Internet Text Messages)
52 RFC 2045 (MIME: Format of Internet Message Bodies)
53 RFC 2046 (MIME: Media Types)
54 RFC 2822 (Internet Message Format)
55 RFC 3463 (Enhanced Status Codes)
56 RFC 3464 (Delivery status notifications)
57 RFC 5322 (Internet Message Format)
58
60 Problems and transactions are logged to syslogd(8).
61
63 Table-driven rewriting rules make it hard to express if then else and
64 other logical relationships.
65
67 Changes to main.cf are picked up automatically, as cleanup(8) processes
68 run for only a limited amount of time. Use the command "postfix reload"
69 to speed up a change.
70
71 The text below provides only a parameter summary. See postconf(5) for
72 more details including examples.
73
75 undisclosed_recipients_header (see 'postconf -d' output)
76 Message header that the Postfix cleanup(8) server inserts when a
77 message contains no To: or Cc: message header.
78
79 Available in Postfix version 2.1 only:
80
81 enable_errors_to (no)
82 Report mail delivery errors to the address specified with the
83 non-standard Errors-To: message header, instead of the envelope
84 sender address (this feature is removed with Postfix version
85 2.2, is turned off by default with Postfix version 2.1, and is
86 always turned on with older Postfix versions).
87
88 Available in Postfix version 2.6 and later:
89
90 always_add_missing_headers (no)
91 Always add (Resent-) From:, To:, Date: or Message-ID: headers
92 when not present.
93
94 Available in Postfix version 2.9 and later:
95
96 enable_long_queue_ids (no)
97 Enable long, non-repeating, queue IDs (queue file names).
98
99 Available in Postfix version 3.0 and later:
100
101 message_drop_headers (bcc, content-length, resent-bcc, return-path)
102 Names of message headers that the cleanup(8) daemon will remove
103 after applying header_checks(5) and before invoking Milter
104 applications.
105
107 Postfix built-in content filtering is meant to stop a flood of worms or
108 viruses. It is not a general content filter.
109
110 body_checks (empty)
111 Optional lookup tables for content inspection as specified in
112 the body_checks(5) manual page.
113
114 header_checks (empty)
115 Optional lookup tables for content inspection of primary
116 non-MIME message headers, as specified in the header_checks(5)
117 manual page.
118
119 Available in Postfix version 2.0 and later:
120
121 body_checks_size_limit (51200)
122 How much text in a message body segment (or attachment, if you
123 prefer to use that term) is subjected to body_checks inspection.
124
125 mime_header_checks ($header_checks)
126 Optional lookup tables for content inspection of MIME related
127 message headers, as described in the header_checks(5) manual
128 page.
129
130 nested_header_checks ($header_checks)
131 Optional lookup tables for content inspection of non-MIME mes‐
132 sage headers in attached messages, as described in the
133 header_checks(5) manual page.
134
135 Available in Postfix version 2.3 and later:
136
137 message_reject_characters (empty)
138 The set of characters that Postfix will reject in message con‐
139 tent.
140
141 message_strip_characters (empty)
142 The set of characters that Postfix will remove from message con‐
143 tent.
144
146 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
147 filter) protocol. When mail is not received via the smtpd(8) server,
148 the cleanup(8) server will simulate SMTP events to the extent that this
149 is possible. For details see the MILTER_README document.
150
151 non_smtpd_milters (empty)
152 A list of Milter (mail filter) applications for new mail that
153 does not arrive via the Postfix smtpd(8) server.
154
155 milter_protocol (6)
156 The mail filter protocol version and optional protocol exten‐
157 sions for communication with a Milter application; prior to
158 Postfix 2.6 the default protocol is 2.
159
160 milter_default_action (tempfail)
161 The default action when a Milter (mail filter) application is
162 unavailable or mis-configured.
163
164 milter_macro_daemon_name ($myhostname)
165 The {daemon_name} macro value for Milter (mail filter) applica‐
166 tions.
167
168 milter_macro_v ($mail_name $mail_version)
169 The {v} macro value for Milter (mail filter) applications.
170
171 milter_connect_timeout (30s)
172 The time limit for connecting to a Milter (mail filter) applica‐
173 tion, and for negotiating protocol options.
174
175 milter_command_timeout (30s)
176 The time limit for sending an SMTP command to a Milter (mail
177 filter) application, and for receiving the response.
178
179 milter_content_timeout (300s)
180 The time limit for sending message content to a Milter (mail
181 filter) application, and for receiving the response.
182
183 milter_connect_macros (see 'postconf -d' output)
184 The macros that are sent to Milter (mail filter) applications
185 after completion of an SMTP connection.
186
187 milter_helo_macros (see 'postconf -d' output)
188 The macros that are sent to Milter (mail filter) applications
189 after the SMTP HELO or EHLO command.
190
191 milter_mail_macros (see 'postconf -d' output)
192 The macros that are sent to Milter (mail filter) applications
193 after the SMTP MAIL FROM command.
194
195 milter_rcpt_macros (see 'postconf -d' output)
196 The macros that are sent to Milter (mail filter) applications
197 after the SMTP RCPT TO command.
198
199 milter_data_macros (see 'postconf -d' output)
200 The macros that are sent to version 4 or higher Milter (mail
201 filter) applications after the SMTP DATA command.
202
203 milter_unknown_command_macros (see 'postconf -d' output)
204 The macros that are sent to version 3 or higher Milter (mail
205 filter) applications after an unknown SMTP command.
206
207 milter_end_of_data_macros (see 'postconf -d' output)
208 The macros that are sent to Milter (mail filter) applications
209 after the message end-of-data.
210
211 Available in Postfix version 2.5 and later:
212
213 milter_end_of_header_macros (see 'postconf -d' output)
214 The macros that are sent to Milter (mail filter) applications
215 after the end of the message header.
216
217 Available in Postfix version 2.7 and later:
218
219 milter_header_checks (empty)
220 Optional lookup tables for content inspection of message headers
221 that are produced by Milter applications.
222
223 Available in Postfix version 3.1 and later:
224
225 milter_macro_defaults (empty)
226 Optional list of name=value pairs that specify default values
227 for arbitrary macros that Postfix may send to Milter applica‐
228 tions.
229
231 Available in Postfix version 2.0 and later:
232
233 disable_mime_input_processing (no)
234 Turn off MIME processing while receiving mail.
235
236 mime_boundary_length_limit (2048)
237 The maximal length of MIME multipart boundary strings.
238
239 mime_nesting_limit (100)
240 The maximal recursion level that the MIME processor will handle.
241
242 strict_8bitmime (no)
243 Enable both strict_7bit_headers and strict_8bitmime_body.
244
245 strict_7bit_headers (no)
246 Reject mail with 8-bit text in message headers.
247
248 strict_8bitmime_body (no)
249 Reject 8-bit message body text without 8-bit MIME content encod‐
250 ing information.
251
252 strict_mime_encoding_domain (no)
253 Reject mail with invalid Content-Transfer-Encoding: information
254 for the message/* or multipart/* MIME content types.
255
256 Available in Postfix version 2.5 and later:
257
258 detect_8bit_encoding_header (yes)
259 Automatically detect 8BITMIME body content by looking at Con‐
260 tent-Transfer-Encoding: message headers; historically, this
261 behavior was hard-coded to be "always on".
262
264 Postfix can automatically add BCC (blind carbon copy) when mail enters
265 the mail system:
266
267 always_bcc (empty)
268 Optional address that receives a "blind carbon copy" of each
269 message that is received by the Postfix mail system.
270
271 Available in Postfix version 2.1 and later:
272
273 sender_bcc_maps (empty)
274 Optional BCC (blind carbon-copy) address lookup tables, indexed
275 by sender address.
276
277 recipient_bcc_maps (empty)
278 Optional BCC (blind carbon-copy) address lookup tables, indexed
279 by recipient address.
280
282 Address rewriting is delegated to the trivial-rewrite(8) daemon. The
283 cleanup(8) server implements table driven address mapping.
284
285 empty_address_recipient (MAILER-DAEMON)
286 The recipient of mail addressed to the null address.
287
288 canonical_maps (empty)
289 Optional address mapping lookup tables for message headers and
290 envelopes.
291
292 recipient_canonical_maps (empty)
293 Optional address mapping lookup tables for envelope and header
294 recipient addresses.
295
296 sender_canonical_maps (empty)
297 Optional address mapping lookup tables for envelope and header
298 sender addresses.
299
300 masquerade_classes (envelope_sender, header_sender, header_recipient)
301 What addresses are subject to address masquerading.
302
303 masquerade_domains (empty)
304 Optional list of domains whose subdomain structure will be
305 stripped off in email addresses.
306
307 masquerade_exceptions (empty)
308 Optional list of user names that are not subjected to address
309 masquerading, even when their address matches $masquer‐
310 ade_domains.
311
312 propagate_unmatched_extensions (canonical, virtual)
313 What address lookup tables copy an address extension from the
314 lookup key to the lookup result.
315
316 Available before Postfix version 2.0:
317
318 virtual_maps (empty)
319 Optional lookup tables with a) names of domains for which all
320 addresses are aliased to addresses in other local or remote
321 domains, and b) addresses that are aliased to addresses in other
322 local or remote domains.
323
324 Available in Postfix version 2.0 and later:
325
326 virtual_alias_maps ($virtual_maps)
327 Optional lookup tables that alias specific mail addresses or
328 domains to other local or remote address.
329
330 Available in Postfix version 2.2 and later:
331
332 canonical_classes (envelope_sender, envelope_recipient, header_sender,
333 header_recipient)
334 What addresses are subject to canonical_maps address mapping.
335
336 recipient_canonical_classes (envelope_recipient, header_recipient)
337 What addresses are subject to recipient_canonical_maps address
338 mapping.
339
340 sender_canonical_classes (envelope_sender, header_sender)
341 What addresses are subject to sender_canonical_maps address map‐
342 ping.
343
344 remote_header_rewrite_domain (empty)
345 Don't rewrite message headers from remote clients at all when
346 this parameter is empty; otherwise, rewrite message headers and
347 append the specified domain name to incomplete addresses.
348
350 duplicate_filter_limit (1000)
351 The maximal number of addresses remembered by the address dupli‐
352 cate filter for aliases(5) or virtual(5) alias expansion, or for
353 showq(8) queue displays.
354
355 header_size_limit (102400)
356 The maximal amount of memory in bytes for storing a message
357 header.
358
359 hopcount_limit (50)
360 The maximal number of Received: message headers that is allowed
361 in the primary message headers.
362
363 in_flow_delay (1s)
364 Time to pause before accepting a new message, when the message
365 arrival rate exceeds the message delivery rate.
366
367 message_size_limit (10240000)
368 The maximal size in bytes of a message, including envelope
369 information.
370
371 Available in Postfix version 2.0 and later:
372
373 header_address_token_limit (10240)
374 The maximal number of address tokens are allowed in an address
375 message header.
376
377 mime_boundary_length_limit (2048)
378 The maximal length of MIME multipart boundary strings.
379
380 mime_nesting_limit (100)
381 The maximal recursion level that the MIME processor will handle.
382
383 queue_file_attribute_count_limit (100)
384 The maximal number of (name=value) attributes that may be stored
385 in a Postfix queue file.
386
387 Available in Postfix version 2.1 and later:
388
389 virtual_alias_expansion_limit (1000)
390 The maximal number of addresses that virtual alias expansion
391 produces from each original recipient.
392
393 virtual_alias_recursion_limit (1000)
394 The maximal nesting depth of virtual alias expansion.
395
396 Available in Postfix version 3.0 and later:
397
398 virtual_alias_address_length_limit (1000)
399 The maximal length of an email address after virtual alias
400 expansion.
401
403 Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
404
405 smtputf8_enable (yes)
406 Enable preliminary SMTPUTF8 support for the protocols described
407 in RFC 6531..6533.
408
409 smtputf8_autodetect_classes (sendmail, verify)
410 Detect that a message requires SMTPUTF8 support for the speci‐
411 fied mail origin classes.
412
413 Available in Postfix version 3.2 and later:
414
415 enable_idna2003_compatibility (no)
416 Enable 'transitional' compatibility between IDNA2003 and
417 IDNA2008, when converting UTF-8 domain names to/from the ASCII
418 form that is used for DNS lookups.
419
421 config_directory (see 'postconf -d' output)
422 The default location of the Postfix main.cf and master.cf con‐
423 figuration files.
424
425 daemon_timeout (18000s)
426 How much time a Postfix daemon process may take to handle a
427 request before it is terminated by a built-in watchdog timer.
428
429 delay_logging_resolution_limit (2)
430 The maximal number of digits after the decimal point when log‐
431 ging sub-second delay values.
432
433 delay_warning_time (0h)
434 The time after which the sender receives a copy of the message
435 headers of mail that is still queued.
436
437 ipc_timeout (3600s)
438 The time limit for sending or receiving information over an
439 internal communication channel.
440
441 max_idle (100s)
442 The maximum amount of time that an idle Postfix daemon process
443 waits for an incoming connection before terminating voluntarily.
444
445 max_use (100)
446 The maximal number of incoming connections that a Postfix daemon
447 process will service before terminating voluntarily.
448
449 myhostname (see 'postconf -d' output)
450 The internet hostname of this mail system.
451
452 myorigin ($myhostname)
453 The domain name that locally-posted mail appears to come from,
454 and that locally posted mail is delivered to.
455
456 process_id (read-only)
457 The process ID of a Postfix command or daemon process.
458
459 process_name (read-only)
460 The process name of a Postfix command or daemon process.
461
462 queue_directory (see 'postconf -d' output)
463 The location of the Postfix top-level queue directory.
464
465 soft_bounce (no)
466 Safety net to keep mail queued that would otherwise be returned
467 to the sender.
468
469 syslog_facility (mail)
470 The syslog facility of Postfix logging.
471
472 syslog_name (see 'postconf -d' output)
473 A prefix that is prepended to the process name in syslog
474 records, so that, for example, "smtpd" becomes "prefix/smtpd".
475
476 Available in Postfix version 2.1 and later:
477
478 enable_original_recipient (yes)
479 Enable support for the original recipient address after an
480 address is rewritten to a different address (for example with
481 aliasing or with canonical mapping).
482
483 Available in Postfix 3.3 and later:
484
485 service_name (read-only)
486 The master.cf service name of a Postfix daemon process.
487
489 /etc/postfix/canonical*, canonical mapping table
490 /etc/postfix/virtual*, virtual mapping table
491
493 trivial-rewrite(8), address rewriting
494 qmgr(8), queue manager
495 header_checks(5), message header content inspection
496 body_checks(5), body parts content inspection
497 canonical(5), canonical address lookup table format
498 virtual(5), virtual alias lookup table format
499 postconf(5), configuration parameters
500 master(5), generic daemon options
501 master(8), process manager
502 syslogd(8), system logging
503
505 Use "postconf readme_directory" or "postconf html_directory" to locate
506 this information.
507 ADDRESS_REWRITING_README Postfix address manipulation
508 CONTENT_INSPECTION_README content inspection
509
511 The Secure Mailer license must be distributed with this software.
512
514 Wietse Venema
515 IBM T.J. Watson Research
516 P.O. Box 704
517 Yorktown Heights, NY 10598, USA
518
519 Wietse Venema
520 Google, Inc.
521 111 8th Avenue
522 New York, NY 10011, USA
523
524
525
526 CLEANUP(8)