1VIRTUAL(8) System Manager's Manual VIRTUAL(8)
2
6 virtual - Postfix virtual domain mail delivery agent
7
9 virtual [generic Postfix daemon options]
10
12 The virtual(8) delivery agent is designed for virtual mail hosting ser‐
13 vices. Originally based on the Postfix local(8) delivery agent, this
14 agent looks up recipients with map lookups of their full recipient
15 address, instead of using hard-coded unix password file lookups of the
16 address local part only.
17 This delivery agent only delivers mail. Other features such as mail
19 forwarding, out-of-office notifications, etc., must be configured via
20 virtual_alias maps or via similar lookup mechanisms.
21
23 The mailbox location is controlled by the virtual_mailbox_base and vir‐
24 tual_mailbox_maps configuration parameters (see below). The vir‐
25 tual_mailbox_maps table is indexed by the recipient address as
26 described under TABLE SEARCH ORDER below.
27 The mailbox pathname is constructed as follows:
29 $virtual_mailbox_base/$virtual_mailbox_maps(recipient)
31 where recipient is the full recipient address.
33
35 When the mailbox location does not end in /, the message is delivered
36 in UNIX mailbox format. This format stores multiple messages in one
37 textfile.
38 The virtual(8) delivery agent prepends a "From sender time_stamp" enve‐
40 lope header to each message, prepends a Delivered-To: message header
41 with the envelope recipient address, prepends an X-Original-To: header
42 with the recipient address as given to Postfix, prepends a Return-Path:
43 message header with the envelope sender address, prepends a > character
44 to lines beginning with "From ", and appends an empty line.
45 The mailbox is locked for exclusive access while delivery is in
47 progress. In case of problems, an attempt is made to truncate the mail‐
48 box to its original length.
49
51 When the mailbox location ends in /, the message is delivered in qmail
52 maildir format. This format stores one message per file.
53 The virtual(8) delivery agent prepends a Delivered-To: message header
55 with the final envelope recipient address, prepends an X-Original-To:
56 header with the recipient address as given to Postfix, and prepends a
57 Return-Path: message header with the envelope sender address.
58 By definition, maildir format does not require application-level file
60 locking during mail delivery or retrieval.
61
63 Mailbox ownership is controlled by the virtual_uid_maps and vir‐
64 tual_gid_maps lookup tables, which are indexed with the full recipient
65 address. Each table provides a string with the numerical user and group
66 ID, respectively.
67 The virtual_minimum_uid parameter imposes a lower bound on numerical
69 user ID values that may be specified in any virtual_uid_maps.
70
72 All delivery decisions are made using the full recipient address,
73 folded to lower case. See also the next section for a few exceptions
74 with optional address extensions.
75
77 Normally, a lookup table is specified as a text file that serves as
78 input to the postmap(1) command. The result, an indexed file in dbm or
79 db format, is used for fast searching by the mail system.
80 The search order is as follows. The search stops upon the first suc‐
82 cessful lookup.
83 · When the recipient has an optional address extension the
85 user+extension@domain.tld address is looked up first.
86 With Postfix versions before 2.1, the optional address extension
88 is always ignored.
89 · The user@domain.tld address, without address extension, is
91 looked up next.
92 · Finally, the recipient @domain is looked up.
94 When the table is provided via other means such as NIS, LDAP or SQL,
96 the same lookups are done as for ordinary indexed files.
97 Alternatively, a table can be provided as a regular-expression map
99 where patterns are given as regular expressions. In that case, only the
100 full recipient address is given to the regular-expression map.
101
103 The virtual(8) delivery agent is not security sensitive, provided that
104 the lookup tables with recipient user/group ID information are ade‐
105 quately protected. This program is not designed to run chrooted.
106 The virtual(8) delivery agent disallows regular expression substitution
108 of $1 etc. in regular expression lookup tables, because that would open
109 a security hole.
110 The virtual(8) delivery agent will silently ignore requests to use the
112 proxymap(8) server. Instead it will open the table directly. Before
113 Postfix version 2.2, the virtual delivery agent will terminate with a
114 fatal error.
115
117 RFC 822 (ARPA Internet Text Messages)
118
120 Mail bounces when the recipient has no mailbox or when the recipient is
121 over disk quota. In all other cases, mail for an existing recipient is
122 deferred and a warning is logged.
123 Problems and transactions are logged to syslogd(8). Corrupted message
125 files are marked so that the queue manager can move them to the corrupt
126 queue afterwards.
127 Depending on the setting of the notify_classes parameter, the postmas‐
129 ter is notified of bounces and of other trouble.
130
132 This delivery agent supports address extensions in email addresses and
133 in lookup table keys, but does not propagate address extension informa‐
134 tion to the result of table lookup.
135 Postfix should have lookup tables that can return multiple result
137 attributes. In order to avoid the inconvenience of maintaining three
138 tables, use an LDAP or MYSQL database.
139
141 Changes to main.cf are picked up automatically, as virtual(8) processes
142 run for only a limited amount of time. Use the command "postfix reload"
143 to speed up a change.
144 The text below provides only a parameter summary. See postconf(5) for
146 more details including examples.
147
149 virtual_mailbox_base (empty)
150 A prefix that the virtual(8) delivery agent prepends to all
151 pathname results from $virtual_mailbox_maps table lookups.
152 virtual_mailbox_maps (empty)
154 Optional lookup tables with all valid addresses in the domains
155 that match $virtual_mailbox_domains.
156 virtual_minimum_uid (100)
158 The minimum user ID value that the virtual(8) delivery agent
159 accepts as a result from $virtual_uid_maps table lookup.
160 virtual_uid_maps (empty)
162 Lookup tables with the per-recipient user ID that the virtual(8)
163 delivery agent uses while writing to the recipient's mailbox.
164 virtual_gid_maps (empty)
166 Lookup tables with the per-recipient group ID for virtual(8)
167 mailbox delivery.
168 Available in Postfix version 2.0 and later:
170 virtual_mailbox_domains ($virtual_mailbox_maps)
172 Postfix is final destination for the specified list of domains;
173 mail is delivered via the $virtual_transport mail delivery
174 transport.
175 virtual_transport (virtual)
177 The default mail delivery transport and next-hop destination for
178 final delivery to domains listed with $virtual_mailbox_domains.
179
181 virtual_mailbox_lock (see 'postconf -d' output)
182 How to lock a UNIX-style virtual(8) mailbox before attempting
183 delivery.
184 deliver_lock_attempts (20)
186 The maximal number of attempts to acquire an exclusive lock on a
187 mailbox file or bounce(8) logfile.
188 deliver_lock_delay (1s)
190 The time between attempts to acquire an exclusive lock on a
191 mailbox file or bounce(8) logfile.
192 stale_lock_time (500s)
194 The time after which a stale exclusive mailbox lockfile is
195 removed.
196
198 virtual_destination_concurrency_limit ($default_destination_concur‐
199 rency_limit)
200 The maximal number of parallel deliveries to the same destina‐
201 tion via the virtual message delivery transport.
202 virtual_destination_recipient_limit ($default_destination_recipi‐
204 ent_limit)
205 The maximal number of recipients per delivery via the virtual
206 message delivery transport.
207 virtual_mailbox_limit (51200000)
209 The maximal size in bytes of an individual mailbox or maildir
210 file, or zero (no limit).
211
213 config_directory (see 'postconf -d' output)
214 The default location of the Postfix main.cf and master.cf con‐
215 figuration files.
216 daemon_timeout (18000s)
218 How much time a Postfix daemon process may take to handle a
219 request before it is terminated by a built-in watchdog timer.
220 delay_logging_resolution_limit (2)
222 The maximal number of digits after the decimal point when log‐
223 ging sub-second delay values.
224 ipc_timeout (3600s)
226 The time limit for sending or receiving information over an
227 internal communication channel.
228 max_idle (100s)
230 The maximum amount of time that an idle Postfix daemon process
231 waits for an incoming connection before terminating voluntarily.
232 max_use (100)
234 The maximal number of incoming connections that a Postfix daemon
235 process will service before terminating voluntarily.
236 process_id (read-only)
238 The process ID of a Postfix command or daemon process.
239 process_name (read-only)
241 The process name of a Postfix command or daemon process.
242 queue_directory (see 'postconf -d' output)
244 The location of the Postfix top-level queue directory.
245 syslog_facility (mail)
247 The syslog facility of Postfix logging.
248 syslog_name (postfix)
250 The mail system name that is prepended to the process name in
251 syslog records, so that "smtpd" becomes, for example, "post‐
252 fix/smtpd".
253
255 qmgr(8), queue manager
256 bounce(8), delivery status reports
257 postconf(5), configuration parameters
258 syslogd(8), system logging
259
261 Use "postconf readme_directory" or
262 "postconf html_directory" to locate this information.
263 VIRTUAL_README, domain hosting howto
264
266 The Secure Mailer license must be distributed with this software.
267
269 This delivery agent was originally based on the Postfix local delivery
270 agent. Modifications mainly consisted of removing code that either was
271 not applicable or that was not safe in this context: aliases,
272 ~user/.forward files, delivery to "|command" or to /file/name.
273 The Delivered-To: message header appears in the qmail system by Daniel
275 Bernstein.
276 The maildir structure appears in the qmail system by Daniel Bernstein.
278
280 Wietse Venema
281 IBM T.J. Watson Research
282 P.O. Box 704
283 Yorktown Heights, NY 10598, USA
284 Andrew McNamara
286 andrewm@connect.com.au
287 connect.com.au Pty. Ltd.
288 Level 3, 213 Miller St
289 North Sydney 2060, NSW, Australia
290 VIRTUAL(8)