1VERIFY(8)                   System Manager's Manual                  VERIFY(8)
2
3
4

NAME

6       verify - Postfix address verification server
7

SYNOPSIS

9       verify [generic Postfix daemon options]
10

DESCRIPTION

12       The  verify(8)  address  verification server maintains a record of what
13       recipient addresses are known to be deliverable or undeliverable.
14
15       Addresses are verified by injecting probe  messages  into  the  Postfix
16       queue. Probe messages are run through all the routing and rewriting ma‐
17       chinery except for final delivery, and are discarded rather than  being
18       deferred or bounced.
19
20       Address  verification relies on the answer from the nearest MTA for the
21       specified address, and will therefore not detect all undeliverable  ad‐
22       dresses.
23
24       The  verify(8)  server  is designed to run under control by the Postfix
25       master server. It maintains an optional persistent database.  To  avoid
26       being interrupted by "postfix stop" in the middle of a database update,
27       the process runs in a separate process group.
28
29       The verify(8) server implements the following requests:
30
31       update address status text
32              Update the status and text of the specified address.
33
34       query address
35              Look up the status and text for the specified address.   If  the
36              status  is  unknown, a probe is sent and an "in progress" status
37              is returned.
38

SECURITY

40       The address verification server is not security-sensitive. It does  not
41       talk  to  the network, and it does not talk to local users.  The verify
42       server can run chrooted at fixed low privilege.
43
44       The address verification server  can  be  coerced  to  store  unlimited
45       amounts  of  garbage. Limiting the cache expiry time trades one problem
46       (disk space exhaustion) for another one (poor response time  to  client
47       requests).
48
49       With Postfix version 2.5 and later, the verify(8) server no longer uses
50       root privileges when opening the  address_verify_map  cache  file.  The
51       file should now be stored under the Postfix-owned data_directory.  As a
52       migration aid, an attempt to open a cache file under a non-Postfix  di‐
53       rectory  is redirected to the Postfix-owned data_directory, and a warn‐
54       ing is logged.
55

DIAGNOSTICS

57       Problems and transactions are logged to syslogd(8) or postlogd(8).
58

BUGS

60       Address verification probe messages add additional traffic to the  mail
61       queue.    Recipient   verification  may  cause  an  increased  load  on
62       down-stream servers in the case of a dictionary attack or  a  flood  of
63       backscatter  bounces.   Sender address verification may cause your site
64       to be denylisted by some providers.
65
66       If the persistent database ever gets corrupted then the world comes  to
67       an  end and human intervention is needed. This violates a basic Postfix
68       principle.
69

CONFIGURATION PARAMETERS

71       Changes to main.cf are not picked up automatically, as  verify(8)  pro‐
72       cesses are long-lived. Use the command "postfix reload" after a config‐
73       uration change.
74
75       The text below provides only a parameter summary. See  postconf(5)  for
76       more details including examples.
77

PROBE MESSAGE CONTROLS

79       address_verify_sender ($double_bounce_sender)
80              The  sender address to use in address verification probes; prior
81              to Postfix 2.5 the default was "postmaster".
82
83       Available with Postfix 2.9 and later:
84
85       address_verify_sender_ttl (0s)
86              The time between changes in the time-dependent  portion  of  ad‐
87              dress verification probe sender addresses.
88

CACHE CONTROLS

90       address_verify_map (see 'postconf -d' output)
91              Lookup table for persistent address verification status storage.
92
93       address_verify_positive_expire_time (31d)
94              The time after which a successful probe expires from the address
95              verification cache.
96
97       address_verify_positive_refresh_time (7d)
98              The time after which a  successful  address  verification  probe
99              needs to be refreshed.
100
101       address_verify_negative_cache (yes)
102              Enable caching of failed address verification probe results.
103
104       address_verify_negative_expire_time (3d)
105              The  time  after  which  a failed probe expires from the address
106              verification cache.
107
108       address_verify_negative_refresh_time (3h)
109              The time after which a failed address verification  probe  needs
110              to be refreshed.
111
112       Available with Postfix 2.7 and later:
113
114       address_verify_cache_cleanup_interval (12h)
115              The  amount of time between verify(8) address verification data‐
116              base cleanup runs.
117

PROBE MESSAGE ROUTING CONTROLS

119       By default, probe messages are delivered via the same route as  regular
120       messages.   The  following  parameters can be used to override specific
121       message routing mechanisms.
122
123       address_verify_relayhost ($relayhost)
124              Overrides the relayhost parameter setting for address  verifica‐
125              tion probes.
126
127       address_verify_transport_maps ($transport_maps)
128              Overrides the transport_maps parameter setting for address veri‐
129              fication probes.
130
131       address_verify_local_transport ($local_transport)
132              Overrides the local_transport parameter setting for address ver‐
133              ification probes.
134
135       address_verify_virtual_transport ($virtual_transport)
136              Overrides  the  virtual_transport  parameter setting for address
137              verification probes.
138
139       address_verify_relay_transport ($relay_transport)
140              Overrides the relay_transport parameter setting for address ver‐
141              ification probes.
142
143       address_verify_default_transport ($default_transport)
144              Overrides  the  default_transport  parameter setting for address
145              verification probes.
146
147       Available in Postfix 2.3 and later:
148
149       address_verify_sender_dependent_relayhost_maps   ($sender_dependent_re‐
150       layhost_maps)
151              Overrides  the sender_dependent_relayhost_maps parameter setting
152              for address verification probes.
153
154       Available in Postfix 2.7 and later:
155
156       address_verify_sender_dependent_default_transport_maps  ($sender_depen‐
157       dent_default_transport_maps)
158              Overrides  the sender_dependent_default_transport_maps parameter
159              setting for address verification probes.
160

SMTPUTF8 CONTROLS

162       Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
163
164       smtputf8_autodetect_classes (sendmail, verify)
165              Detect that a message requires SMTPUTF8 support for  the  speci‐
166              fied mail origin classes.
167
168       Available in Postfix version 3.2 and later:
169
170       enable_idna2003_compatibility (no)
171              Enable   'transitional'   compatibility   between  IDNA2003  and
172              IDNA2008, when converting UTF-8 domain names to/from  the  ASCII
173              form that is used for DNS lookups.
174

MISCELLANEOUS CONTROLS

176       config_directory (see 'postconf -d' output)
177              The  default  location of the Postfix main.cf and master.cf con‐
178              figuration files.
179
180       daemon_timeout (18000s)
181              How much time a Postfix daemon process may take to handle a  re‐
182              quest before it is terminated by a built-in watchdog timer.
183
184       ipc_timeout (3600s)
185              The  time limit for sending or receiving information over an in‐
186              ternal communication channel.
187
188       process_id (read-only)
189              The process ID of a Postfix command or daemon process.
190
191       process_name (read-only)
192              The process name of a Postfix command or daemon process.
193
194       queue_directory (see 'postconf -d' output)
195              The location of the Postfix top-level queue directory.
196
197       syslog_facility (mail)
198              The syslog facility of Postfix logging.
199
200       syslog_name (see 'postconf -d' output)
201              A prefix that  is  prepended  to  the  process  name  in  syslog
202              records, so that, for example, "smtpd" becomes "prefix/smtpd".
203
204       Available in Postfix 3.3 and later:
205
206       service_name (read-only)
207              The master.cf service name of a Postfix daemon process.
208

SEE ALSO

210       smtpd(8), Postfix SMTP server
211       cleanup(8), enqueue Postfix message
212       postconf(5), configuration parameters
213       postlogd(8), Postfix logging
214       syslogd(8), system logging
215

README FILES

217       Use  "postconf readme_directory" or "postconf html_directory" to locate
218       this information.
219       ADDRESS_VERIFICATION_README, address verification howto
220

LICENSE

222       The Secure Mailer license must be distributed with this software.
223

HISTORY

225       This service was introduced with Postfix version 2.1.
226

AUTHOR(S)

228       Wietse Venema
229       IBM T.J. Watson Research
230       P.O. Box 704
231       Yorktown Heights, NY 10598, USA
232
233       Wietse Venema
234       Google, Inc.
235       111 8th Avenue
236       New York, NY 10011, USA
237
238
239
240                                                                     VERIFY(8)
Impressum