1MYSQL_TABLE(5) File Formats Manual MYSQL_TABLE(5)
2
6 mysql_table - Postfix MySQL client configuration
7
9 postmap -q "string" mysql:/etc/postfix/filename
10 postmap -q - mysql:/etc/postfix/filename <inputfile
12
14 The Postfix mail system uses optional tables for address rewriting or
15 mail routing. These tables are usually in dbm or db format.
16 Alternatively, lookup tables can be specified as MySQL databases. In
18 order to use MySQL lookups, define a MySQL source as a lookup table in
19 main.cf, for example:
20 alias_maps = mysql:/etc/postfix/mysql-aliases.cf
21 The file /etc/postfix/mysql-aliases.cf has the same format as the Post‐
23 fix main.cf file, and can specify the parameters described below.
24
26 When using SQL to store lists such as $mynetworks, $mydestination, $re‐
27 lay_domains, $local_recipient_maps, etc., it is important to understand
28 that the table must store each list member as a separate key. The table
29 lookup verifies the *existence* of the key. See "Postfix lists versus
30 tables" in the DATABASE_README document for a discussion.
31 Do NOT create tables that return the full list of domains in $mydesti‐
33 nation or $relay_domains etc., or IP addresses in $mynetworks.
34 DO create tables with each matching item as a key and with an arbitrary
36 value. With SQL databases it is not uncommon to return the key itself
37 or a constant value.
38
40 hosts The hosts that Postfix will try to connect to and query from.
41 Specify unix: for UNIX domain sockets, inet: for TCP connections
42 (default). Examples:
43 hosts = inet:host1.some.domain inet:host2.some.domain:port
44 hosts = host1.some.domain host2.some.domain:port
45 hosts = unix:/file/name
46 The hosts are tried in random order, with all connections over
48 UNIX domain sockets being tried before those over TCP. The con‐
49 nections are automatically closed after being idle for about 1
50 minute, and are re-opened as necessary. Postfix versions 2.0 and
51 earlier do not randomize the host order.
52 NOTE: if you specify localhost as a hostname (even if you prefix
54 it with inet:), MySQL will connect to the default UNIX domain
55 socket. In order to instruct MySQL to connect to localhost over
56 TCP you have to specify
57 hosts = 127.0.0.1
58 user, password
60 The user name and password to log into the mysql server. Exam‐
61 ple:
62 user = someone
63 password = some_password
64 dbname The database name on the servers. Example:
66 dbname = customer_database
67 query The SQL query template used to search the database, where %s is
69 a substitute for the address Postfix is trying to resolve, e.g.
70 query = SELECT replacement FROM aliases WHERE mailbox = '%s'
71 By default, every query must return a result set (instead of
73 storing its results in a table); with "require_result_set = no"
74 (Postfix 3.2 and later), the absence of a result set is treated
75 as "not found".
76 This parameter supports the following '%' expansions:
78 %% This is replaced by a literal '%' character.
80 %s This is replaced by the input key. SQL quoting is used
82 to make sure that the input key does not add unexpected
83 metacharacters.
84 %u When the input key is an address of the form user@domain,
86 %u is replaced by the SQL quoted local part of the ad‐
87 dress. Otherwise, %u is replaced by the entire search
88 string. If the localpart is empty, the query is sup‐
89 pressed and returns no results.
90 %d When the input key is an address of the form user@domain,
92 %d is replaced by the SQL quoted domain part of the ad‐
93 dress. Otherwise, the query is suppressed and returns no
94 results.
95 %[SUD] The upper-case equivalents of the above expansions behave
97 in the query parameter identically to their lower-case
98 counter-parts. With the result_format parameter (see be‐
99 low), they expand the input key rather than the result
100 value.
101 %[1-9] The patterns %1, %2, ... %9 are replaced by the corre‐
103 sponding most significant component of the input key's
104 domain. If the input key is user@mail.example.com, then
105 %1 is com, %2 is example and %3 is mail. If the input key
106 is unqualified or does not have enough domain components
107 to satisfy all the specified patterns, the query is sup‐
108 pressed and returns no results.
109 The domain parameter described below limits the input keys to
111 addresses in matching domains. When the domain parameter is
112 non-empty, SQL queries for unqualified addresses or addresses in
113 non-matching domains are suppressed and return no results.
114 This parameter is available with Postfix 2.2. In prior releases
116 the SQL query was built from the separate parameters: se‐
117 lect_field, table, where_field and additional_conditions. The
118 mapping from the old parameters to the equivalent query is:
119 SELECT [select_field]
121 FROM [table]
122 WHERE [where_field] = '%s'
123 [additional_conditions]
124 The '%s' in the WHERE clause expands to the escaped search
126 string. With Postfix 2.2 these legacy parameters are used if
127 the query parameter is not specified.
128 NOTE: DO NOT put quotes around the query parameter.
130 result_format (default: %s)
132 Format template applied to result attributes. Most commonly used
133 to append (or prepend) text to the result. This parameter sup‐
134 ports the following '%' expansions:
135 %% This is replaced by a literal '%' character.
137 %s This is replaced by the value of the result attribute.
139 When result is empty it is skipped.
140 %u When the result attribute value is an address of the form
142 user@domain, %u is replaced by the local part of the ad‐
143 dress. When the result has an empty localpart it is
144 skipped.
145 %d When a result attribute value is an address of the form
147 user@domain, %d is replaced by the domain part of the at‐
148 tribute value. When the result is unqualified it is
149 skipped.
150 %[SUD1-9]
152 The upper-case and decimal digit expansions interpolate
153 the parts of the input key rather than the result. Their
154 behavior is identical to that described with query, and
155 in fact because the input key is known in advance,
156 queries whose key does not contain all the information
157 specified in the result template are suppressed and re‐
158 turn no results.
159 For example, using "result_format = smtp:[%s]" allows one to use
161 a mailHost attribute as the basis of a transport(5) table. After
162 applying the result format, multiple values are concatenated as
163 comma separated strings. The expansion_limit and parameter ex‐
164 plained below allows one to restrict the number of values in the
165 result, which is especially useful for maps that must return at
166 most one value.
167 The default value %s specifies that each result value should be
169 used as is.
170 This parameter is available with Postfix 2.2 and later.
172 NOTE: DO NOT put quotes around the result format!
174 domain (default: no domain list)
176 This is a list of domain names, paths to files, or "type:table"
177 databases. When specified, only fully qualified search keys with
178 a *non-empty* localpart and a matching domain are eligible for
179 lookup: 'user' lookups, bare domain lookups and "@domain"
180 lookups are not performed. This can significantly reduce the
181 query load on the MySQL server.
182 domain = postfix.org, hash:/etc/postfix/searchdomains
183 It is best not to use SQL to store the domains eligible for SQL
185 lookups.
186 This parameter is available with Postfix 2.2 and later.
188 NOTE: DO NOT define this parameter for local(8) aliases, because
190 the input keys are always unqualified.
191 expansion_limit (default: 0)
193 A limit on the total number of result elements returned (as a
194 comma separated list) by a lookup against the map. A setting of
195 zero disables the limit. Lookups fail with a temporary error if
196 the limit is exceeded. Setting the limit to 1 ensures that
197 lookups do not return multiple values.
198 option_file
200 Read options from the given file instead of the default my.cnf
201 location. This reads options from the [client] option group, op‐
202 tionally followed by options from the group given with op‐
203 tion_group.
204 This parameter is available with Postfix 2.11 and later.
206 option_group (default: Postfix >=3.2: client, <= 3.1: empty)
208 Read options from the given group of the mysql options file, af‐
209 ter reading options from the [client] group.
210 Postfix 3.2 and later read [client] option group settings by de‐
212 fault. To disable this specify no option_file and specify "op‐
213 tion_group =" (i.e. an empty value).
214 Postfix 3.1 and earlier don't read [client] option group set‐
216 tings unless a non-empty option_file or option_group value are
217 specified. To enable this, specify, for example, "option_group =
218 client".
219 This parameter is available with Postfix 2.11 and later.
221 require_result_set (default: yes)
223 If "yes", require that every query returns a result set. If
224 "no", treat the absence of a result set as "not found".
225 This parameter is available with Postfix 3.2 and later.
227 tls_cert_file
229 File containing client's X509 certificate.
230 This parameter is available with Postfix 2.11 and later.
232 tls_key_file
234 File containing the private key corresponding to tls_cert_file.
235 This parameter is available with Postfix 2.11 and later.
237 tls_CAfile
239 File containing certificates for all of the X509 Certification
240 Authorities the client will recognize. Takes precedence over
241 tls_CApath.
242 This parameter is available with Postfix 2.11 and later.
244 tls_CApath
246 Directory containing X509 Certification Authority certificates
247 in separate individual files.
248 This parameter is available with Postfix 2.11 and later.
250 tls_verify_cert (default: no)
252 Verify that the server's name matches the common name in the
253 certificate.
254 This parameter is available with Postfix 2.11 and later.
256
258 Postfix 3.2 and later support calling a stored procedure instead of us‐
259 ing a SELECT statement in the query, e.g.
260 query = CALL lookup('%s')
262 The previously described '%' expansions can be used in the parameter(s)
264 to the stored procedure.
265 By default, every stored procedure call must return a result set, i.e.
267 every code path must execute a SELECT statement that returns a result
268 set (instead of storing its results in a table). With "require_re‐
269 sult_set = no", the absence of a result set is treated as "not found".
270 A stored procedure must not return multiple result sets. That is,
272 there must be no code path that executes multiple SELECT statements
273 that return a result (instead of storing their results in a table).
274 The following is an example of a stored procedure returning a single
276 result set:
277 CREATE [DEFINER=`user`@`host`] PROCEDURE
279 `lookup`(IN `param` VARCHAR(255))
280 READS SQL DATA
281 SQL SECURITY INVOKER
282 BEGIN
283 select goto from alias where address=param;
284 END
285
287 For compatibility with other Postfix lookup tables, MySQL parameters
288 can also be defined in main.cf. In order to do that, specify as MySQL
289 source a name that doesn't begin with a slash or a dot. The MySQL pa‐
290 rameters will then be accessible as the name you've given the source in
291 its definition, an underscore, and the name of the parameter. For ex‐
292 ample, if the map is specified as "mysql:mysqlname", the parameter
293 "hosts" would be defined in main.cf as "mysqlname_hosts".
294 Note: with this form, the passwords for the MySQL sources are written
296 in main.cf, which is normally world-readable. Support for this form
297 will be removed in a future Postfix version.
298
300 This section describes an interface that is deprecated as of Postfix
301 2.2. It is replaced by the more general query interface described
302 above. If the query parameter is defined, the legacy parameters de‐
303 scribed here ignored. Please migrate to the new interface as the
304 legacy interface may be removed in a future release.
305 The following parameters can be used to fill in a SELECT template
307 statement of the form:
308 SELECT [select_field]
310 FROM [table]
311 WHERE [where_field] = '%s'
312 [additional_conditions]
313 The specifier %s is replaced by the search string, and is escaped so if
315 it contains single quotes or other odd characters, it will not cause a
316 parse error, or worse, a security problem.
317 select_field
319 The SQL "select" parameter. Example:
320 select_field = forw_addr
321 table The SQL "select .. from" table name. Example:
323 table = mxaliases
324 where_field
326 The SQL "select .. where" parameter. Example:
327 where_field = alias
328 additional_conditions
330 Additional conditions to the SQL query. Example:
331 additional_conditions = AND status = 'paid'
332
334 postmap(1), Postfix lookup table maintenance
335 postconf(5), configuration parameters
336 ldap_table(5), LDAP lookup tables
337 pgsql_table(5), PostgreSQL lookup tables
338 sqlite_table(5), SQLite lookup tables
339
341 Use "postconf readme_directory" or "postconf html_directory" to locate
342 this information.
343 DATABASE_README, Postfix lookup table overview
344 MYSQL_README, Postfix MYSQL client guide
345
347 The Secure Mailer license must be distributed with this software.
348
350 MySQL support was introduced with Postfix version 1.0.
351
353 Original implementation by:
354 Scott Cotton, Joshua Marcus
355 IC Group, Inc.
356 Further enhancements by:
358 Liviu Daia
359 Institute of Mathematics of the Romanian Academy
360 P.O. BOX 1-764
361 RO-014700 Bucharest, ROMANIA
362 Stored-procedure support by John Fawcett.
364 Wietse Venema
366 Google, Inc.
367 111 8th Avenue
368 New York, NY 10011, USA
369 MYSQL_TABLE(5)