442 lines
16 KiB
Text
442 lines
16 KiB
Text
#++
|
|
# NAME
|
|
# mysql_table 5
|
|
# SUMMARY
|
|
# Postfix MySQL client configuration
|
|
# SYNOPSIS
|
|
# \fBpostmap -q "\fIstring\fB" mysql:/etc/postfix/\fIfilename\fR
|
|
#
|
|
# \fBpostmap -q - mysql:/etc/postfix/\fIfilename\fB <\fIinputfile\fR
|
|
# DESCRIPTION
|
|
# The Postfix mail system uses optional tables for address
|
|
# rewriting or mail routing. These tables are usually in
|
|
# \fBdbm\fR or \fBdb\fR format.
|
|
#
|
|
# Alternatively, lookup tables can be specified as MySQL databases.
|
|
# In order to use MySQL lookups, define a MySQL source as a lookup
|
|
# table in main.cf, for example:
|
|
# .nf
|
|
# alias_maps = mysql:/etc/postfix/mysql-aliases.cf
|
|
# .fi
|
|
#
|
|
# The file /etc/postfix/mysql-aliases.cf has the same format as
|
|
# the Postfix main.cf file, and can specify the parameters
|
|
# described below.
|
|
# LIST MEMBERSHIP
|
|
# .ad
|
|
# .fi
|
|
# When using SQL to store lists such as $mynetworks,
|
|
# $mydestination, $relay_domains, $local_recipient_maps,
|
|
# etc., it is important to understand that the table must
|
|
# store each list member as a separate key. The table lookup
|
|
# verifies the *existence* of the key. See "Postfix lists
|
|
# versus tables" in the DATABASE_README document for a
|
|
# discussion.
|
|
#
|
|
# Do NOT create tables that return the full list of domains
|
|
# in $mydestination or $relay_domains etc., or IP addresses
|
|
# in $mynetworks.
|
|
#
|
|
# DO create tables with each matching item as a key and with
|
|
# an arbitrary value. With SQL databases it is not uncommon to
|
|
# return the key itself or a constant value.
|
|
# MYSQL PARAMETERS
|
|
# .ad
|
|
# .fi
|
|
# .IP "\fBhosts\fR"
|
|
# The hosts that Postfix will try to connect to and query from.
|
|
# Specify \fIunix:\fR for UNIX domain sockets, \fIinet:\fR for TCP
|
|
# connections (default). Examples:
|
|
# .nf
|
|
# hosts = inet:host1.some.domain inet:host2.some.domain:port
|
|
# hosts = host1.some.domain host2.some.domain:port
|
|
# hosts = unix:/file/name
|
|
# .fi
|
|
#
|
|
# The hosts are tried in random order, with all connections over
|
|
# UNIX domain sockets being tried before those over TCP. The
|
|
# connections are automatically closed after being idle for about
|
|
# 1 minute, and are re-opened as necessary. Postfix versions 2.0
|
|
# and earlier do not randomize the host order.
|
|
#
|
|
# NOTE: if you specify localhost as a hostname (even if you
|
|
# prefix it with \fIinet:\fR), MySQL will connect to the default
|
|
# UNIX domain socket. In order to instruct MySQL to connect to
|
|
# localhost over TCP you have to specify
|
|
# .nf
|
|
# hosts = 127.0.0.1
|
|
# .fi
|
|
#
|
|
# NOTE: if the \fBhosts\fR setting specifies one server, this client
|
|
# assumes that the target is a load balancer and will reconnect
|
|
# immediately after a single failure, instead of failing all
|
|
# requests temporarily. With older versions of this client,
|
|
# specify the same server twice.
|
|
# .IP "\fBuser\fR"
|
|
# .IP "\fBpassword\fR"
|
|
# The user name and password to log into the mysql server.
|
|
# Example:
|
|
# .nf
|
|
# user = someone
|
|
# password = some_password
|
|
# .fi
|
|
# .IP "\fBdbname\fR"
|
|
# The database name on the servers. Example:
|
|
# .nf
|
|
# dbname = customer_database
|
|
# .fi
|
|
# .IP "\fBcharset (default: utf8mb4)\fR"
|
|
# The default MySQL client character set; this also implies
|
|
# the collation order.
|
|
#
|
|
# This parameter is available with Postfix 3.9 and later.
|
|
# With earlier Postfix versions, the default was chosen by
|
|
# the MySQL implementation (\fButf8mb4\fR as of MySQL 8.0,
|
|
# \fBlatin1\fR historically).
|
|
# .IP "\fBidle_interval (default: 60)\fR"
|
|
# The number of seconds after which an idle database connection
|
|
# will be closed.
|
|
#
|
|
# This feature is available in Postfix 3.9 and later.
|
|
# .IP "\fBretry_interval (default: 60)\fR"
|
|
# The number of seconds that a database connection will be
|
|
# skipped after an error.
|
|
#
|
|
# NOTE: if the \fBhosts\fR setting specifies one server, this client
|
|
# assumes that the target is a load balancer and will reconnect
|
|
# immediately after a single failure, instead of failing all
|
|
# requests temporarily. With older versions of this client,
|
|
# specify the same server twice.
|
|
#
|
|
# This feature is available in Postfix 3.9 and later.
|
|
# .IP "\fBquery\fR"
|
|
# The SQL query template used to search the database, where \fB%s\fR
|
|
# is a substitute for the address Postfix is trying to resolve,
|
|
# e.g.
|
|
# .nf
|
|
# query = SELECT replacement FROM aliases WHERE mailbox = '%s'
|
|
# .fi
|
|
#
|
|
# By default, every query must return a result set (instead
|
|
# of storing its results in a table); with "\fBrequire_result_set
|
|
# = no\fR" (Postfix 3.2 and later), the absence of a result
|
|
# set is treated as "not found".
|
|
#
|
|
# This parameter supports the following '%' expansions:
|
|
# .RS
|
|
# .IP "\fB%%\fR"
|
|
# This is replaced by a literal '%' character.
|
|
# .IP "\fB%s\fR"
|
|
# This is replaced by the input key.
|
|
# SQL quoting is used to make sure that the input key does not
|
|
# add unexpected metacharacters.
|
|
# .IP "\fB%u\fR"
|
|
# When the input key is an address of the form user@domain, \fB%u\fR
|
|
# is replaced by the SQL quoted local part of the address.
|
|
# Otherwise, \fB%u\fR is replaced by the entire search string.
|
|
# If the localpart is empty, the query is suppressed and returns
|
|
# no results.
|
|
# .IP "\fB%d\fR"
|
|
# When the input key is an address of the form user@domain, \fB%d\fR
|
|
# is replaced by the SQL quoted domain part of the address.
|
|
# Otherwise, the query is suppressed and returns no results.
|
|
# .IP "\fB%[SUD]\fR"
|
|
# The upper-case equivalents of the above expansions behave in the
|
|
# \fBquery\fR parameter identically to their lower-case counter-parts.
|
|
# With the \fBresult_format\fR parameter (see below), they expand the
|
|
# input key rather than the result value.
|
|
# .IP "\fB%[1-9]\fR"
|
|
# The patterns %1, %2, ... %9 are replaced by the corresponding
|
|
# most significant component of the input key's domain. If the
|
|
# input key is \fIuser@mail.example.com\fR, then %1 is \fBcom\fR,
|
|
# %2 is \fBexample\fR and %3 is \fBmail\fR. If the input key is
|
|
# unqualified or does not have enough domain components to satisfy
|
|
# all the specified patterns, the query is suppressed and returns
|
|
# no results.
|
|
# .RE
|
|
# .IP
|
|
# The \fBdomain\fR parameter described below limits the input
|
|
# keys to addresses in matching domains. When the \fBdomain\fR
|
|
# parameter is non-empty, SQL queries for unqualified addresses
|
|
# or addresses in non-matching domains are suppressed
|
|
# and return no results.
|
|
#
|
|
# This parameter is available with Postfix 2.2. In prior releases
|
|
# the SQL query was built from the separate parameters:
|
|
# \fBselect_field\fR, \fBtable\fR, \fBwhere_field\fR and
|
|
# \fBadditional_conditions\fR. The mapping from the old parameters
|
|
# to the equivalent query is:
|
|
#
|
|
# .nf
|
|
# SELECT [\fBselect_field\fR]
|
|
# FROM [\fBtable\fR]
|
|
# WHERE [\fBwhere_field\fR] = '%s'
|
|
# [\fBadditional_conditions\fR]
|
|
# .fi
|
|
#
|
|
# The '%s' in the \fBWHERE\fR clause expands to the escaped search string.
|
|
# With Postfix 2.2 these legacy parameters are used if the \fBquery\fR
|
|
# parameter is not specified.
|
|
#
|
|
# NOTE: DO NOT put quotes around the query parameter.
|
|
# .IP "\fBresult_format (default: \fB%s\fR)\fR"
|
|
# Format template applied to result attributes. Most commonly used
|
|
# to append (or prepend) text to the result. This parameter supports
|
|
# the following '%' expansions:
|
|
# .RS
|
|
# .IP "\fB%%\fR"
|
|
# This is replaced by a literal '%' character.
|
|
# .IP "\fB%s\fR"
|
|
# This is replaced by the value of the result attribute. When
|
|
# result is empty it is skipped.
|
|
# .IP "\fB%u\fR
|
|
# When the result attribute value is an address of the form
|
|
# user@domain, \fB%u\fR is replaced by the local part of the
|
|
# address. When the result has an empty localpart it is skipped.
|
|
# .IP "\fB%d\fR"
|
|
# When a result attribute value is an address of the form
|
|
# user@domain, \fB%d\fR is replaced by the domain part of
|
|
# the attribute value. When the result is unqualified it
|
|
# is skipped.
|
|
# .IP "\fB%[SUD1-9]\fR"
|
|
# The upper-case and decimal digit expansions interpolate
|
|
# the parts of the input key rather than the result. Their
|
|
# behavior is identical to that described with \fBquery\fR,
|
|
# and in fact because the input key is known in advance, queries
|
|
# whose key does not contain all the information specified in
|
|
# the result template are suppressed and return no results.
|
|
# .RE
|
|
# .IP
|
|
# For example, using "result_format = smtp:[%s]" allows one
|
|
# to use a mailHost attribute as the basis of a transport(5)
|
|
# table. After applying the result format, multiple values
|
|
# are concatenated as comma separated strings. The expansion_limit
|
|
# and parameter explained below allows one to restrict the number
|
|
# of values in the result, which is especially useful for maps that
|
|
# must return at most one value.
|
|
#
|
|
# The default value \fB%s\fR specifies that each result value should
|
|
# be used as is.
|
|
#
|
|
# This parameter is available with Postfix 2.2 and later.
|
|
#
|
|
# NOTE: DO NOT put quotes around the result format!
|
|
# .IP "\fBdomain (default: no domain list)\fR"
|
|
# This is a list of domain names, paths to files, or "type:table"
|
|
# databases. When specified, only fully qualified search keys
|
|
# with a *non-empty* localpart and a matching domain are
|
|
# eligible for lookup: 'user' lookups, bare domain lookups
|
|
# and "@domain" lookups are not performed. This can significantly
|
|
# reduce the query load on the MySQL server.
|
|
# .nf
|
|
# domain = postfix.org, hash:/etc/postfix/searchdomains
|
|
# .fi
|
|
#
|
|
# It is best not to use SQL to store the domains eligible
|
|
# for SQL lookups.
|
|
#
|
|
# This parameter is available with Postfix 2.2 and later.
|
|
#
|
|
# NOTE: DO NOT define this parameter for local(8) aliases,
|
|
# because the input keys are always unqualified.
|
|
# .IP "\fBexpansion_limit (default: 0)\fR"
|
|
# A limit on the total number of result elements returned
|
|
# (as a comma separated list) by a lookup against the map.
|
|
# A setting of zero disables the limit. Lookups fail with a
|
|
# temporary error if the limit is exceeded. Setting the
|
|
# limit to 1 ensures that lookups do not return multiple
|
|
# values.
|
|
# .IP "\fBoption_file\fR"
|
|
# Read options from the given file instead of the default my.cnf
|
|
# location. This reads options from the \fB[client]\fR option
|
|
# group, optionally followed by options from the group given
|
|
# with \fBoption_group\fR.
|
|
# .sp
|
|
# This parameter is available with Postfix 2.11 and later.
|
|
# .IP "\fBoption_group (default: Postfix >=3.2: client, <= 3.1: empty)\fR"
|
|
# Read options from the given group of the mysql options file,
|
|
# after reading options from the \fB[client]\fR group.
|
|
# .sp
|
|
# Postfix 3.2 and later read \fB[client]\fR option group
|
|
# settings by default. To disable this specify no \fBoption_file\fR
|
|
# and specify "\fBoption_group =\fR" (i.e. an empty value).
|
|
# .sp
|
|
# Postfix 3.1 and earlier don't read \fB[client]\fR option
|
|
# group settings unless a non-empty \fBoption_file\fR or
|
|
# \fBoption_group\fR value are specified. To enable this,
|
|
# specify, for example, "\fBoption_group = client\fR".
|
|
# .sp
|
|
# This parameter is available with Postfix 2.11 and later.
|
|
# .IP "\fBrequire_result_set (default: yes)\fR"
|
|
# If "\fByes\fR", require that every query returns a result
|
|
# set. If "\fBno\fR", treat the absence of a result set as
|
|
# "not found".
|
|
# .sp
|
|
# This parameter is available with Postfix 3.2 and later.
|
|
# TLS-RELATED SETTINGS
|
|
# .ad
|
|
# .fi
|
|
# See https://dev.mysql.com/doc/c-api/en/mysql-options.html
|
|
# or https://mariadb.com/kb/en/mysql_optionsv/ for details of
|
|
# the underlying MYSQL_OPT_SSL_* features.
|
|
# .IP "\fBtls_cert_file\fR"
|
|
# File containing client's X509 certificate.
|
|
# .sp
|
|
# This parameter is available with Postfix 2.11 and later.
|
|
# .IP "\fBtls_key_file\fR"
|
|
# File containing the private key corresponding to \fBtls_cert_file\fR.
|
|
# .sp
|
|
# This parameter is available with Postfix 2.11 and later.
|
|
# .IP "\fBtls_CAfile\fR"
|
|
# File containing X509 certificates for all of the Certification
|
|
# Authorities the client will recognize. Takes precedence over
|
|
# \fBtls_CApath\fR.
|
|
# .sp
|
|
# This parameter is available with Postfix 2.11 and later.
|
|
# .IP "\fBtls_CApath\fR"
|
|
# Directory containing X509 Certification Authority certificates
|
|
# in separate individual files.
|
|
# .sp
|
|
# This parameter is available with Postfix 2.11 and later.
|
|
# .IP "\fBtls_ciphers\fR"
|
|
# The list of permissible ciphers for SSL encryption.
|
|
# .sp
|
|
# This parameter is available with Postfix 2.11 and later.
|
|
# .IP "\fBtls_verify_cert (default: no)\fR"
|
|
# Verify that the server's name matches the common name in the
|
|
# certificate.
|
|
# .sp
|
|
# This parameter is available with Postfix 2.11 and later.
|
|
# USING MYSQL STORED PROCEDURES
|
|
# .ad
|
|
# .fi
|
|
# Postfix 3.2 and later support calling a stored procedure
|
|
# instead of using a SELECT statement in the query, e.g.
|
|
#
|
|
# .nf
|
|
# \fBquery\fR = CALL lookup('%s')
|
|
# .fi
|
|
#
|
|
# The previously described '%' expansions can be used in the
|
|
# parameter(s) to the stored procedure.
|
|
#
|
|
# By default, every stored procedure call must return a result
|
|
# set, i.e. every code path must execute a SELECT statement
|
|
# that returns a result set (instead of storing its results
|
|
# in a table). With "\fBrequire_result_set = no\fR", the
|
|
# absence of a result set is treated as "not found".
|
|
#
|
|
# A stored procedure must not return multiple result sets.
|
|
# That is, there must be no code path that executes multiple
|
|
# SELECT statements that return a result (instead of storing
|
|
# their results in a table).
|
|
#
|
|
# The following is an example of a stored procedure returning
|
|
# a single result set:
|
|
#
|
|
# .nf
|
|
# CREATE [DEFINER=`user`@`host`] PROCEDURE
|
|
# `lookup`(IN `param` VARCHAR(255))
|
|
# READS SQL DATA
|
|
# SQL SECURITY INVOKER
|
|
# BEGIN
|
|
# select goto from alias where address=param;
|
|
# END
|
|
# .fi
|
|
# OBSOLETE MAIN.CF PARAMETERS
|
|
# .ad
|
|
# .fi
|
|
# For compatibility with other Postfix lookup tables, MySQL
|
|
# parameters can also be defined in main.cf. In order to do that,
|
|
# specify as MySQL source a name that doesn't begin with a slash
|
|
# or a dot. The MySQL parameters will then be accessible as the
|
|
# name you've given the source in its definition, an underscore,
|
|
# and the name of the parameter. For example, if the map is
|
|
# specified as "mysql:\fImysqlname\fR", the parameter "hosts"
|
|
# would be defined in main.cf as "\fImysqlname\fR_hosts".
|
|
#
|
|
# Note: with this form, the passwords for the MySQL sources are
|
|
# written in main.cf, which is normally world-readable. Support
|
|
# for this form will be removed in a future Postfix version.
|
|
# OBSOLETE QUERY INTERFACE
|
|
# .ad
|
|
# .fi
|
|
# This section describes an interface that is deprecated as
|
|
# of Postfix 2.2. It is replaced by the more general \fBquery\fR
|
|
# interface described above. If the \fBquery\fR parameter
|
|
# is defined, the legacy parameters described here ignored.
|
|
# Please migrate to the new interface as the legacy interface
|
|
# may be removed in a future release.
|
|
#
|
|
# The following parameters can be used to fill in a
|
|
# SELECT template statement of the form:
|
|
#
|
|
# .nf
|
|
# SELECT [\fBselect_field\fR]
|
|
# FROM [\fBtable\fR]
|
|
# WHERE [\fBwhere_field\fR] = '%s'
|
|
# [\fBadditional_conditions\fR]
|
|
# .fi
|
|
#
|
|
# The specifier %s is replaced by the search string, and is
|
|
# escaped so if it contains single quotes or other odd characters,
|
|
# it will not cause a parse error, or worse, a security problem.
|
|
# .IP "\fBselect_field\fR"
|
|
# The SQL "select" parameter. Example:
|
|
# .nf
|
|
# \fBselect_field\fR = forw_addr
|
|
# .fi
|
|
# .IP "\fBtable\fR"
|
|
# The SQL "select .. from" table name. Example:
|
|
# .nf
|
|
# \fBtable\fR = mxaliases
|
|
# .fi
|
|
# .IP "\fBwhere_field\fR
|
|
# The SQL "select .. where" parameter. Example:
|
|
# .nf
|
|
# \fBwhere_field\fR = alias
|
|
# .fi
|
|
# .IP "\fBadditional_conditions\fR
|
|
# Additional conditions to the SQL query. Example:
|
|
# .nf
|
|
# \fBadditional_conditions\fR = AND status = 'paid'
|
|
# .fi
|
|
# SEE ALSO
|
|
# postmap(1), Postfix lookup table maintenance
|
|
# postconf(5), configuration parameters
|
|
# ldap_table(5), LDAP lookup tables
|
|
# pgsql_table(5), PostgreSQL lookup tables
|
|
# sqlite_table(5), SQLite lookup tables
|
|
# README FILES
|
|
# .ad
|
|
# .fi
|
|
# Use "\fBpostconf readme_directory\fR" or
|
|
# "\fBpostconf html_directory\fR" to locate this information.
|
|
# .na
|
|
# .nf
|
|
# DATABASE_README, Postfix lookup table overview
|
|
# MYSQL_README, Postfix MYSQL client guide
|
|
# LICENSE
|
|
# .ad
|
|
# .fi
|
|
# The Secure Mailer license must be distributed with this software.
|
|
# HISTORY
|
|
# MySQL support was introduced with Postfix version 1.0.
|
|
# AUTHOR(S)
|
|
# Original implementation by:
|
|
# Scott Cotton, Joshua Marcus
|
|
# IC Group, Inc.
|
|
#
|
|
# Further enhancements by:
|
|
# Liviu Daia
|
|
# Institute of Mathematics of the Romanian Academy
|
|
# P.O. BOX 1-764
|
|
# RO-014700 Bucharest, ROMANIA
|
|
#
|
|
# Stored-procedure support by John Fawcett.
|
|
#
|
|
# Wietse Venema
|
|
# Google, Inc.
|
|
# 111 8th Avenue
|
|
# New York, NY 10011, USA
|
|
#--
|