1MYSQL_TABLE(5) File Formats Manual MYSQL_TABLE(5)
2
6 mysql_table - Postfix MySQL client configuration
7
9 postmap -q "string" mysql:/etc/postfix/filename
10 postmap -q - mysql:/etc/postfix/filename <inputfile
12
14 The Postfix mail system uses optional tables for address rewriting or
15 mail routing. These tables are usually in dbm or db format.
16 Alternatively, lookup tables can be specified as MySQL databases. In
18 order to use MySQL lookups, define a MySQL source as a lookup table in
19 main.cf, for example:
20 alias_maps = mysql:/etc/mysql-aliases.cf
21 The file /etc/postfix/mysql-aliases.cf has the same format as the Post‐
23 fix main.cf file, and can specify the parameters described below.
24
26 When using SQL to store lists such as $mynetworks, $mydestination,
27 $relay_domains, $local_recipient_maps, etc., it is important to under‐
28 stand that the table must store each list member as a separate key. The
29 table lookup verifies the *existence* of the key. See "Postfix lists
30 versus tables" in the DATABASE_README document for a discussion.
31 Do NOT create tables that return the full list of domains in $mydesti‐
33 nation or $relay_domains etc., or IP addresses in $mynetworks.
34 DO create tables with each matching item as a key and with an arbitrary
36 value. With SQL databases it is not uncommon to return the key itself
37 or a constant value.
38
40 hosts The hosts that Postfix will try to connect to and query from.
41 Specify unix: for UNIX domain sockets, inet: for TCP connections
42 (default). Example:
43 hosts = host1.some.domain host2.some.domain:port
44 hosts = unix:/file/name
45 The hosts are tried in random order, with all connections over
47 UNIX domain sockets being tried before those over TCP. The con‐
48 nections are automatically closed after being idle for about 1
49 minute, and are re-opened as necessary. Postfix versions 2.0 and
50 earlier do not randomize the host order.
51 NOTE: if you specify localhost as a hostname (even if you prefix
53 it with inet:), MySQL will connect to the default UNIX domain
54 socket. In order to instruct MySQL to connect to localhost over
55 TCP you have to specify
56 hosts = 127.0.0.1
57 user, password
59 The user name and password to log into the mysql server. Exam‐
60 ple:
61 user = someone
62 password = some_password
63 dbname The database name on the servers. Example:
65 dbname = customer_database
66 query The SQL query template used to search the database, where %s is
68 a substitute for the address Postfix is trying to resolve, e.g.
69 query = SELECT replacement FROM aliases WHERE mailbox = '%s'
70 By default, every query must return a result set (instead of
72 storing its results in a table); with "require_result_set = no"
73 (Postfix 3.2 and later), the absence of a result set is treated
74 as "not found".
75 This parameter supports the following '%' expansions:
77 %% This is replaced by a literal '%' character.
79 %s This is replaced by the input key. SQL quoting is used
81 to make sure that the input key does not add unexpected
82 metacharacters.
83 %u When the input key is an address of the form user@domain,
85 %u is replaced by the SQL quoted local part of the
86 address. Otherwise, %u is replaced by the entire search
87 string. If the localpart is empty, the query is sup‐
88 pressed and returns no results.
89 %d When the input key is an address of the form user@domain,
91 %d is replaced by the SQL quoted domain part of the
92 address. Otherwise, the query is suppressed and returns
93 no results.
94 %[SUD] The upper-case equivalents of the above expansions behave
96 in the query parameter identically to their lower-case
97 counter-parts. With the result_format parameter (see
98 below), they expand the input key rather than the result
99 value.
100 %[1-9] The patterns %1, %2, ... %9 are replaced by the corre‐
102 sponding most significant component of the input key's
103 domain. If the input key is user@mail.example.com, then
104 %1 is com, %2 is example and %3 is mail. If the input key
105 is unqualified or does not have enough domain components
106 to satisfy all the specified patterns, the query is sup‐
107 pressed and returns no results.
108 The domain parameter described below limits the input keys to
110 addresses in matching domains. When the domain parameter is
111 non-empty, SQL queries for unqualified addresses or addresses in
112 non-matching domains are suppressed and return no results.
113 This parameter is available with Postfix 2.2. In prior releases
115 the SQL query was built from the separate parameters:
116 select_field, table, where_field and additional_conditions. The
117 mapping from the old parameters to the equivalent query is:
118 SELECT [select_field]
120 FROM [table]
121 WHERE [where_field] = '%s'
122 [additional_conditions]
123 The '%s' in the WHERE clause expands to the escaped search
125 string. With Postfix 2.2 these legacy parameters are used if
126 the query parameter is not specified.
127 NOTE: DO NOT put quotes around the query parameter.
129 result_format (default: %s)
131 Format template applied to result attributes. Most commonly used
132 to append (or prepend) text to the result. This parameter sup‐
133 ports the following '%' expansions:
134 %% This is replaced by a literal '%' character.
136 %s This is replaced by the value of the result attribute.
138 When result is empty it is skipped.
139 %u When the result attribute value is an address of the form
141 user@domain, %u is replaced by the local part of the
142 address. When the result has an empty localpart it is
143 skipped.
144 %d When a result attribute value is an address of the form
146 user@domain, %d is replaced by the domain part of the
147 attribute value. When the result is unqualified it is
148 skipped.
149 %[SUD1-9]
151 The upper-case and decimal digit expansions interpolate
152 the parts of the input key rather than the result. Their
153 behavior is identical to that described with query, and
154 in fact because the input key is known in advance,
155 queries whose key does not contain all the information
156 specified in the result template are suppressed and
157 return no results.
158 For example, using "result_format = smtp:[%s]" allows one to use
160 a mailHost attribute as the basis of a transport(5) table. After
161 applying the result format, multiple values are concatenated as
162 comma separated strings. The expansion_limit and parameter
163 explained below allows one to restrict the number of values in
164 the result, which is especially useful for maps that must return
165 at most one value.
166 The default value %s specifies that each result value should be
168 used as is.
169 This parameter is available with Postfix 2.2 and later.
171 NOTE: DO NOT put quotes around the result format!
173 domain (default: no domain list)
175 This is a list of domain names, paths to files, or dictionaries.
176 When specified, only fully qualified search keys with a
177 *non-empty* localpart and a matching domain are eligible for
178 lookup: 'user' lookups, bare domain lookups and "@domain"
179 lookups are not performed. This can significantly reduce the
180 query load on the MySQL server.
181 domain = postfix.org, hash:/etc/postfix/searchdomains
182 It is best not to use SQL to store the domains eligible for SQL
184 lookups.
185 This parameter is available with Postfix 2.2 and later.
187 NOTE: DO NOT define this parameter for local(8) aliases, because
189 the input keys are always unqualified.
190 expansion_limit (default: 0)
192 A limit on the total number of result elements returned (as a
193 comma separated list) by a lookup against the map. A setting of
194 zero disables the limit. Lookups fail with a temporary error if
195 the limit is exceeded. Setting the limit to 1 ensures that
196 lookups do not return multiple values.
197 option_file
199 Read options from the given file instead of the default my.cnf
200 location. This reads options from the [client] option group,
201 optionally followed by options from the group given with
202 option_group.
203 This parameter is available with Postfix 2.11 and later.
205 option_group (default: Postfix >=3.2: client, <= 3.1: empty)
207 Read options from the given group of the mysql options file,
208 after reading options from the [client] group.
209 Postfix 3.2 and later read [client] option group settings by
211 default. To disable this specify no option_file and specify
212 "option_group =" (i.e. an empty value).
213 Postfix 3.1 and earlier don't read [client] option group set‐
215 tings unless a non-empty option_file or option_group value are
216 specified. To enable this, specify, for example, "option_group =
217 client".
218 This parameter is available with Postfix 2.11 and later.
220 require_result_set (default: yes)
222 If "yes", require that every query returns a result set. If
223 "no", treat the absence of a result set as "not found".
224 This parameter is available with Postfix 3.2 and later.
226 tls_cert_file
228 File containing client's X509 certificate.
229 This parameter is available with Postfix 2.11 and later.
231 tls_key_file
233 File containing the private key corresponding to tls_cert_file.
234 This parameter is available with Postfix 2.11 and later.
236 tls_CAfile
238 File containing certificates for all of the X509 Certification
239 Authorities the client will recognize. Takes precedence over
240 tls_CApath.
241 This parameter is available with Postfix 2.11 and later.
243 tls_CApath
245 Directory containing X509 Certification Authority certificates
246 in separate individual files.
247 This parameter is available with Postfix 2.11 and later.
249 tls_verify_cert (default: no)
251 Verify that the server's name matches the common name in the
252 certificate.
253 This parameter is available with Postfix 2.11 and later.
255
257 Postfix 3.2 and later support calling a stored procedure instead of
258 using a SELECT statement in the query, e.g.
259 query = CALL lookup('%s')
261 The previously described '%' expansions can be used in the parameter(s)
263 to the stored procedure.
264 By default, every stored procedure call must return a result set, i.e.
266 every code path must execute a SELECT statement that returns a result
267 set (instead of storing its results in a table). With
268 "require_result_set = no", the absence of a result set is treated as
269 "not found".
270 A stored procedure must not return multiple result sets. That is,
272 there must be no code path that executes multiple SELECT statements
273 that return a result (instead of storing their results in a table).
274 The following is an example of a stored procedure returning a single
276 result set:
277 CREATE [DEFINER=`user`@`host`] PROCEDURE
279 `lookup`(IN `param` VARCHAR(255))
280 READS SQL DATA
281 SQL SECURITY INVOKER
282 BEGIN
283 select goto from alias where address=param;
284 END
285
287 For compatibility with other Postfix lookup tables, MySQL parameters
288 can also be defined in main.cf. In order to do that, specify as MySQL
289 source a name that doesn't begin with a slash or a dot. The MySQL
290 parameters will then be accessible as the name you've given the source
291 in its definition, an underscore, and the name of the parameter. For
292 example, if the map is specified as "mysql:mysqlname", the parameter
293 "hosts" would be defined in main.cf as "mysqlname_hosts".
294 Note: with this form, the passwords for the MySQL sources are written
296 in main.cf, which is normally world-readable. Support for this form
297 will be removed in a future Postfix version.
298
300 This section describes an interface that is deprecated as of Postfix
301 2.2. It is replaced by the more general query interface described
302 above. If the query parameter is defined, the legacy parameters
303 described here ignored. Please migrate to the new interface as the
304 legacy interface may be removed in a future release.
305 The following parameters can be used to fill in a SELECT template
307 statement of the form:
308 SELECT [select_field]
310 FROM [table]
311 WHERE [where_field] = '%s'
312 [additional_conditions]
313 The specifier %s is replaced by the search string, and is escaped so if
315 it contains single quotes or other odd characters, it will not cause a
316 parse error, or worse, a security problem.
317 select_field
319 The SQL "select" parameter. Example:
320 select_field = forw_addr
321 table The SQL "select .. from" table name. Example:
323 table = mxaliases
324 where_field
326 The SQL "select .. where" parameter. Example:
327 where_field = alias
328 additional_conditions
330 Additional conditions to the SQL query. Example:
331 additional_conditions = AND status = 'paid'
332
334 postmap(1), Postfix lookup table maintenance
335 postconf(5), configuration parameters
336 ldap_table(5), LDAP lookup tables
337 pgsql_table(5), PostgreSQL lookup tables
338 sqlite_table(5), SQLite lookup tables
339
341 Use "postconf readme_directory" or "postconf html_directory" to locate
342 this information.
343 DATABASE_README, Postfix lookup table overview
344 MYSQL_README, Postfix MYSQL client guide
345
347 The Secure Mailer license must be distributed with this software.
348
350 MySQL support was introduced with Postfix version 1.0.
351
353 Original implementation by:
354 Scott Cotton, Joshua Marcus
355 IC Group, Inc.
356 Further enhancements by:
358 Liviu Daia
359 Institute of Mathematics of the Romanian Academy
360 P.O. BOX 1-764
361 RO-014700 Bucharest, ROMANIA
362 Stored-procedure support by John Fawcett.
364 Wietse Venema
366 Google, Inc.
367 111 8th Avenue
368 New York, NY 10011, USA
369 MYSQL_TABLE(5)