1CLEANUP(8) System Manager's Manual CLEANUP(8)
2
3
4
6 cleanup - canonicalize and enqueue Postfix message
7
9 cleanup [generic Postfix daemon options]
10
12 The cleanup(8) daemon processes inbound mail, inserts it into the
13 incoming mail queue, and informs the queue manager of its arrival.
14
15 The cleanup(8) daemon always performs the following transformations:
16
17 · Insert missing message headers: (Resent-) From:, To:, Message-
18 Id:, and Date:.
19
20 · Transform envelope and header addresses to the standard
21 user@fully-qualified-domain form that is expected by other Post‐
22 fix programs. This task is delegated to the trivial-rewrite(8)
23 daemon.
24
25 · Eliminate duplicate envelope recipient addresses.
26
27 The following address transformations are optional:
28
29 · Optionally, rewrite all envelope and header addresses according
30 to the mappings specified in the canonical(5) lookup tables.
31
32 · Optionally, masquerade envelope sender addresses and message
33 header addresses (i.e. strip host or domain information below
34 all domains listed in the masquerade_domains parameter, except
35 for user names listed in masquerade_exceptions). By default,
36 address masquerading does not affect envelope recipients.
37
38 · Optionally, expand envelope recipients according to information
39 found in the virtual(5) lookup tables.
40
41 The cleanup(8) daemon performs sanity checks on the content of each
42 message. When it finds a problem, by default it returns a diagnostic
43 status to the client, and leaves it up to the client to deal with the
44 problem. Alternatively, the client can request the cleanup(8) daemon to
45 bounce the message back to the sender in case of trouble.
46
48 RFC 822 (ARPA Internet Text Messages)
49 RFC 2045 (MIME: Format of Internet Message Bodies)
50 RFC 2046 (MIME: Media Types)
51 RFC 3463 (Enhanced Status Codes)
52 RFC 3464 (Delivery status notifications)
53
55 Problems and transactions are logged to syslogd(8).
56
58 Table-driven rewriting rules make it hard to express if then else and
59 other logical relationships.
60
62 Changes to main.cf are picked up automatically, as cleanup(8) processes
63 run for only a limited amount of time. Use the command "postfix reload"
64 to speed up a change.
65
66 The text below provides only a parameter summary. See postconf(5) for
67 more details including examples.
68
70 undisclosed_recipients_header (To: undisclosed-recipients:;)
71 Message header that the Postfix cleanup(8) server inserts when a
72 message contains no To: or Cc: message header.
73
74 Available in Postfix version 2.1 only:
75
76 enable_errors_to (no)
77 Report mail delivery errors to the address specified with the
78 non-standard Errors-To: message header, instead of the envelope
79 sender address (this feature is removed with Postfix version
80 2.2, is turned off by default with Postfix version 2.1, and is
81 always turned on with older Postfix versions).
82
84 Postfix built-in content filtering is meant to stop a flood of worms or
85 viruses. It is not a general content filter.
86
87 body_checks (empty)
88 Optional lookup tables for content inspection as specified in
89 the body_checks(5) manual page.
90
91 header_checks (empty)
92 Optional lookup tables for content inspection of primary non-
93 MIME message headers, as specified in the header_checks(5) man‐
94 ual page.
95
96 Available in Postfix version 2.0 and later:
97
98 body_checks_size_limit (51200)
99 How much text in a message body segment (or attachment, if you
100 prefer to use that term) is subjected to body_checks inspection.
101
102 mime_header_checks ($header_checks)
103 Optional lookup tables for content inspection of MIME related
104 message headers, as described in the header_checks(5) manual
105 page.
106
107 nested_header_checks ($header_checks)
108 Optional lookup tables for content inspection of non-MIME mes‐
109 sage headers in attached messages, as described in the
110 header_checks(5) manual page.
111
112 Available in Postfix version 2.3 and later:
113
114 message_reject_characters (empty)
115 The set of characters that Postfix will reject in message con‐
116 tent.
117
118 message_strip_characters (empty)
119 The set of characters that Postfix will remove from message con‐
120 tent.
121
123 As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
124 filter) protocol. When mail is not received via the smtpd(8) server,
125 the cleanup(8) server will simulate SMTP events to the extent that this
126 is possible. For details see the MILTER_README document.
127
128 non_smtpd_milters (empty)
129 A list of Milter (mail filter) applications for new mail that
130 does not arrive via the Postfix smtpd(8) server.
131
132 milter_protocol (2)
133 The mail filter protocol version and optional protocol exten‐
134 sions for communication with a Milter (mail filter) application.
135
136 milter_default_action (tempfail)
137 The default action when a Milter (mail filter) application is
138 unavailable or mis-configured.
139
140 milter_macro_daemon_name ($myhostname)
141 The {daemon_name} macro value for Milter (mail filter) applica‐
142 tions.
143
144 milter_macro_v ($mail_name $mail_version)
145 The {v} macro value for Milter (mail filter) applications.
146
147 milter_connect_timeout (30s)
148 The time limit for connecting to a Milter (mail filter) applica‐
149 tion, and for negotiating protocol options.
150
151 milter_command_timeout (30s)
152 The time limit for sending an SMTP command to a Milter (mail
153 filter) application, and for receiving the response.
154
155 milter_content_timeout (300s)
156 The time limit for sending message content to a Milter (mail
157 filter) application, and for receiving the response.
158
159 milter_connect_macros (see postconf -n output)
160 The macros that are sent to Milter (mail filter) applications
161 after completion of an SMTP connection.
162
163 milter_helo_macros (see postconf -n output)
164 The macros that are sent to Milter (mail filter) applications
165 after the SMTP HELO or EHLO command.
166
167 milter_mail_macros (see postconf -n output)
168 The macros that are sent to Milter (mail filter) applications
169 after the SMTP MAIL FROM command.
170
171 milter_rcpt_macros (see postconf -n output)
172 The macros that are sent to Milter (mail filter) applications
173 after the SMTP RCPT TO command.
174
175 milter_data_macros (see postconf -n output)
176 The macros that are sent to version 4 or higher Milter (mail
177 filter) applications after the SMTP DATA command.
178
179 milter_unknown_command_macros (see postconf -n output)
180 The macros that are sent to version 3 or higher Milter (mail
181 filter) applications after an unknown SMTP command.
182
183 milter_end_of_data_macros (see postconf -n output)
184 The macros that are sent to Milter (mail filter) applications
185 after the message end-of-data.
186
188 Available in Postfix version 2.0 and later:
189
190 disable_mime_input_processing (no)
191 Turn off MIME processing while receiving mail.
192
193 mime_boundary_length_limit (2048)
194 The maximal length of MIME multipart boundary strings.
195
196 mime_nesting_limit (100)
197 The maximal recursion level that the MIME processor will handle.
198
199 strict_8bitmime (no)
200 Enable both strict_7bit_headers and strict_8bitmime_body.
201
202 strict_7bit_headers (no)
203 Reject mail with 8-bit text in message headers.
204
205 strict_8bitmime_body (no)
206 Reject 8-bit message body text without 8-bit MIME content encod‐
207 ing information.
208
209 strict_mime_encoding_domain (no)
210 Reject mail with invalid Content-Transfer-Encoding: information
211 for the message/* or multipart/* MIME content types.
212
214 Postfix can automatically add BCC (blind carbon copy) when mail enters
215 the mail system:
216
217 always_bcc (empty)
218 Optional address that receives a "blind carbon copy" of each
219 message that is received by the Postfix mail system.
220
221 Available in Postfix version 2.1 and later:
222
223 sender_bcc_maps (empty)
224 Optional BCC (blind carbon-copy) address lookup tables, indexed
225 by sender address.
226
227 recipient_bcc_maps (empty)
228 Optional BCC (blind carbon-copy) address lookup tables, indexed
229 by recipient address.
230
232 Address rewriting is delegated to the trivial-rewrite(8) daemon. The
233 cleanup(8) server implements table driven address mapping.
234
235 empty_address_recipient (MAILER-DAEMON)
236 The recipient of mail addressed to the null address.
237
238 canonical_maps (empty)
239 Optional address mapping lookup tables for message headers and
240 envelopes.
241
242 recipient_canonical_maps (empty)
243 Optional address mapping lookup tables for envelope and header
244 recipient addresses.
245
246 sender_canonical_maps (empty)
247 Optional address mapping lookup tables for envelope and header
248 sender addresses.
249
250 masquerade_classes (envelope_sender, header_sender, header_recipient)
251 What addresses are subject to address masquerading.
252
253 masquerade_domains (empty)
254 Optional list of domains whose subdomain structure will be
255 stripped off in email addresses.
256
257 masquerade_exceptions (empty)
258 Optional list of user names that are not subjected to address
259 masquerading, even when their address matches $masquer‐
260 ade_domains.
261
262 propagate_unmatched_extensions (canonical, virtual)
263 What address lookup tables copy an address extension from the
264 lookup key to the lookup result.
265
266 Available before Postfix version 2.0:
267
268 virtual_maps (empty)
269 Optional lookup tables with a) names of domains for which all
270 addresses are aliased to addresses in other local or remote
271 domains, and b) addresses that are aliased to addresses in other
272 local or remote domains.
273
274 Available in Postfix version 2.0 and later:
275
276 virtual_alias_maps ($virtual_maps)
277 Optional lookup tables that alias specific mail addresses or
278 domains to other local or remote address.
279
280 Available in Postfix version 2.2 and later:
281
282 canonical_classes (envelope_sender, envelope_recipient, header_sender,
283 header_recipient)
284 What addresses are subject to canonical_maps address mapping.
285
286 recipient_canonical_classes (envelope_recipient, header_recipient)
287 What addresses are subject to recipient_canonical_maps address
288 mapping.
289
290 sender_canonical_classes (envelope_sender, header_sender)
291 What addresses are subject to sender_canonical_maps address map‐
292 ping.
293
294 remote_header_rewrite_domain (empty)
295 Don't rewrite message headers from remote clients at all when
296 this parameter is empty; otherwise, rewrite message headers and
297 append the specified domain name to incomplete addresses.
298
300 duplicate_filter_limit (1000)
301 The maximal number of addresses remembered by the address dupli‐
302 cate filter for aliases(5) or virtual(5) alias expansion, or for
303 showq(8) queue displays.
304
305 header_size_limit (102400)
306 The maximal amount of memory in bytes for storing a message
307 header.
308
309 hopcount_limit (50)
310 The maximal number of Received: message headers that is allowed
311 in the primary message headers.
312
313 in_flow_delay (1s)
314 Time to pause before accepting a new message, when the message
315 arrival rate exceeds the message delivery rate.
316
317 message_size_limit (10240000)
318 The maximal size in bytes of a message, including envelope
319 information.
320
321 Available in Postfix version 2.0 and later:
322
323 header_address_token_limit (10240)
324 The maximal number of address tokens are allowed in an address
325 message header.
326
327 mime_boundary_length_limit (2048)
328 The maximal length of MIME multipart boundary strings.
329
330 mime_nesting_limit (100)
331 The maximal recursion level that the MIME processor will handle.
332
333 queue_file_attribute_count_limit (100)
334 The maximal number of (name=value) attributes that may be stored
335 in a Postfix queue file.
336
337 Available in Postfix version 2.1 and later:
338
339 virtual_alias_expansion_limit (1000)
340 The maximal number of addresses that virtual alias expansion
341 produces from each original recipient.
342
343 virtual_alias_recursion_limit (1000)
344 The maximal nesting depth of virtual alias expansion.
345
347 config_directory (see 'postconf -d' output)
348 The default location of the Postfix main.cf and master.cf con‐
349 figuration files.
350
351 daemon_timeout (18000s)
352 How much time a Postfix daemon process may take to handle a
353 request before it is terminated by a built-in watchdog timer.
354
355 delay_logging_resolution_limit (2)
356 The maximal number of digits after the decimal point when log‐
357 ging sub-second delay values.
358
359 delay_warning_time (0h)
360 The time after which the sender receives the message headers of
361 mail that is still queued.
362
363 ipc_timeout (3600s)
364 The time limit for sending or receiving information over an
365 internal communication channel.
366
367 max_idle (100s)
368 The maximum amount of time that an idle Postfix daemon process
369 waits for an incoming connection before terminating voluntarily.
370
371 max_use (100)
372 The maximal number of incoming connections that a Postfix daemon
373 process will service before terminating voluntarily.
374
375 myhostname (see 'postconf -d' output)
376 The internet hostname of this mail system.
377
378 myorigin ($myhostname)
379 The domain name that locally-posted mail appears to come from,
380 and that locally posted mail is delivered to.
381
382 process_id (read-only)
383 The process ID of a Postfix command or daemon process.
384
385 process_name (read-only)
386 The process name of a Postfix command or daemon process.
387
388 queue_directory (see 'postconf -d' output)
389 The location of the Postfix top-level queue directory.
390
391 soft_bounce (no)
392 Safety net to keep mail queued that would otherwise be returned
393 to the sender.
394
395 syslog_facility (mail)
396 The syslog facility of Postfix logging.
397
398 syslog_name (postfix)
399 The mail system name that is prepended to the process name in
400 syslog records, so that "smtpd" becomes, for example, "post‐
401 fix/smtpd".
402
403 Available in Postfix version 2.1 and later:
404
405 enable_original_recipient (yes)
406 Enable support for the X-Original-To message header.
407
409 /etc/postfix/canonical*, canonical mapping table
410 /etc/postfix/virtual*, virtual mapping table
411
413 trivial-rewrite(8), address rewriting
414 qmgr(8), queue manager
415 header_checks(5), message header content inspection
416 body_checks(5), body parts content inspection
417 canonical(5), canonical address lookup table format
418 virtual(5), virtual alias lookup table format
419 postconf(5), configuration parameters
420 master(5), generic daemon options
421 master(8), process manager
422 syslogd(8), system logging
423
425 Use "postconf readme_directory" or "postconf html_directory" to locate
426 this information.
427 ADDRESS_REWRITING_README Postfix address manipulation
428 CONTENT_INSPECTION_README content inspection
429
431 The Secure Mailer license must be distributed with this software.
432
434 Wietse Venema
435 IBM T.J. Watson Research
436 P.O. Box 704
437 Yorktown Heights, NY 10598, USA
438
439
440
441 CLEANUP(8)