summaryrefslogtreecommitdiffstats
path: root/html/proxymap.8.html
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 01:46:30 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 01:46:30 +0000
commitb5896ba9f6047e7031e2bdee0622d543e11a6734 (patch)
treefd7b460593a2fee1be579bec5697e6d887ea3421 /html/proxymap.8.html
parentInitial commit. (diff)
downloadpostfix-upstream.tar.xz
postfix-upstream.zip
Adding upstream version 3.4.23.upstream/3.4.23upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'html/proxymap.8.html')
-rw-r--r--html/proxymap.8.html222
1 files changed, 222 insertions, 0 deletions
diff --git a/html/proxymap.8.html b/html/proxymap.8.html
new file mode 100644
index 0000000..649d399
--- /dev/null
+++ b/html/proxymap.8.html
@@ -0,0 +1,222 @@
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+<html> <head>
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+<title> Postfix manual - proxymap(8) </title>
+</head> <body> <pre>
+PROXYMAP(8) PROXYMAP(8)
+
+<b>NAME</b>
+ proxymap - Postfix lookup table proxy server
+
+<b>SYNOPSIS</b>
+ <b>proxymap</b> [generic Postfix daemon options]
+
+<b>DESCRIPTION</b>
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server provides read-only or read-write table lookup
+ service to Postfix processes. These services are implemented with dis-
+ tinct service names: <b>proxymap</b> and <b>proxywrite</b>, respectively. The purpose
+ of these services is:
+
+ <b>o</b> To overcome chroot restrictions. For example, a chrooted SMTP
+ server needs access to the system passwd file in order to reject
+ mail for non-existent local addresses, but it is not practical
+ to maintain a copy of the passwd file in the chroot jail. The
+ solution:
+
+ <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =
+ <a href="proxymap.8.html">proxy</a>:unix:passwd.byname $<a href="postconf.5.html#alias_maps">alias_maps</a>
+
+ <b>o</b> To consolidate the number of open lookup tables by sharing one
+ open table among multiple processes. For example, making mysql
+ connections from every Postfix daemon process results in "too
+ many connections" errors. The solution:
+
+ <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> =
+ <a href="proxymap.8.html">proxy</a>:<a href="mysql_table.5.html">mysql</a>:/etc/postfix/virtual_alias.cf
+
+ The total number of connections is limited by the number of
+ proxymap server processes.
+
+ <b>o</b> To provide single-updater functionality for lookup tables that
+ do not reliably support multiple writers (i.e. all file-based
+ tables).
+
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server implements the following requests:
+
+ <b>open</b> <i>maptype:mapname flags</i>
+ Open the table with type <i>maptype</i> and name <i>mapname</i>, as controlled
+ by <i>flags</i>. The reply includes the <i>maptype</i> dependent flags (to
+ distinguish a fixed string table from a regular expression ta-
+ ble).
+
+ <b>lookup</b> <i>maptype:mapname flags key</i>
+ Look up the data stored under the requested key. The reply is
+ the request completion status code and the lookup result value.
+ The <i>maptype:mapname</i> and <i>flags</i> are the same as with the <b>open</b>
+ request.
+
+ <b>update</b> <i>maptype:mapname flags key value</i>
+ Update the data stored under the requested key. The reply is
+ the request completion status code. The <i>maptype:mapname</i> and
+ <i>flags</i> are the same as with the <b>open</b> request.
+
+ To implement single-updater maps, specify a process limit of 1
+ in the <a href="master.5.html">master.cf</a> file entry for the <b>proxywrite</b> service.
+
+ This request is supported in Postfix 2.5 and later.
+
+ <b>delete</b> <i>maptype:mapname flags key</i>
+ Delete the data stored under the requested key. The reply is
+ the request completion status code. The <i>maptype:mapname</i> and
+ <i>flags</i> are the same as with the <b>open</b> request.
+
+ This request is supported in Postfix 2.5 and later.
+
+ <b>sequence</b> <i>maptype:mapname flags function</i>
+ Iterate over the specified database. The <i>function</i> is one of
+ DICT_SEQ_FUN_FIRST or DICT_SEQ_FUN_NEXT. The reply is the
+ request completion status code and a lookup key and result
+ value, if found.
+
+ This request is supported in Postfix 2.9 and later.
+
+ The request completion status is one of OK, RETRY, NOKEY (lookup failed
+ because the key was not found), BAD (malformed request) or DENY (the
+ table is not approved for proxy read or update access).
+
+ There is no <b>close</b> command, nor are tables implicitly closed when a
+ client disconnects. The purpose is to share tables among multiple
+ client processes.
+
+<b>SERVER PROCESS MANAGEMENT</b>
+ <a href="proxymap.8.html"><b>proxymap</b>(8)</a> servers run under control by the Postfix <a href="master.8.html"><b>master</b>(8)</a> server.
+ Each server can handle multiple simultaneous connections. When all
+ servers are busy while a client connects, the <a href="master.8.html"><b>master</b>(8)</a> creates a new
+ <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server process, provided that the process limit is not
+ exceeded. Each server terminates after serving at least <b>$<a href="postconf.5.html#max_use">max_use</a></b>
+ clients or after <b>$<a href="postconf.5.html#max_idle">max_idle</a></b> seconds of idle time.
+
+<b>SECURITY</b>
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server opens only tables that are approved via the
+ <b><a href="postconf.5.html#proxy_read_maps">proxy_read_maps</a></b> or <b><a href="postconf.5.html#proxy_write_maps">proxy_write_maps</a></b> configuration parameters, does not
+ talk to users, and can run at fixed low privilege, chrooted or not.
+ However, running the proxymap server chrooted severely limits usabil-
+ ity, because it can open only chrooted tables.
+
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server is not a trusted daemon process, and must not be
+ used to look up sensitive information such as UNIX user or group IDs,
+ mailbox file/directory names or external commands.
+
+ In Postfix version 2.2 and later, the proxymap client recognizes
+ requests to access a table for security-sensitive purposes, and opens
+ the table directly. This allows the same <a href="postconf.5.html">main.cf</a> setting to be used by
+ sensitive and non-sensitive processes.
+
+ Postfix-writable data files should be stored under a dedicated direc-
+ tory that is writable only by the Postfix mail system, such as the
+ Postfix-owned <b><a href="postconf.5.html#data_directory">data_directory</a></b>.
+
+ In particular, Postfix-writable files should never exist in root-owned
+ directories. That would open up a particular type of security hole
+ where ownership of a file or directory does not match the provider of
+ its content.
+
+<b>DIAGNOSTICS</b>
+ Problems and transactions are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>.
+
+<b>BUGS</b>
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server provides service to multiple clients, and must
+ therefore not be used for tables that have high-latency lookups.
+
+ The <a href="proxymap.8.html"><b>proxymap</b>(8)</a> read-write service does not explicitly close lookup
+ tables (even if it did, this could not be relied on, because the
+ process may be terminated between table updates). The read-write ser-
+ vice should therefore not be used with tables that leave persistent
+ storage in an inconsistent state between updates (for example, CDB).
+ Tables that support "sync on update" should be safe (for example,
+ Berkeley DB) as should tables that are implemented by a real DBMS.
+
+<b>CONFIGURATION PARAMETERS</b>
+ On busy mail systems a long time may pass before <a href="proxymap.8.html"><b>proxymap</b>(8)</a> relevant
+ changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up. Use the command "<b>postfix reload</b>" to
+ speed up a change.
+
+ The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
+ more details including examples.
+
+ <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
+ figuration files.
+
+ <b><a href="postconf.5.html#data_directory">data_directory</a> (see 'postconf -d' output)</b>
+ The directory with Postfix-writable data files (for example:
+ caches, pseudo-random numbers).
+
+ <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
+ How much time a Postfix daemon process may take to handle a
+ request before it is terminated by a built-in watchdog timer.
+
+ <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
+ The time limit for sending or receiving information over an
+ internal communication channel.
+
+ <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
+ The maximum amount of time that an idle Postfix daemon process
+ waits for an incoming connection before terminating voluntarily.
+
+ <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
+ The maximal number of incoming connections that a Postfix daemon
+ process will service before terminating voluntarily.
+
+ <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
+ The process ID of a Postfix command or daemon process.
+
+ <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
+ The process name of a Postfix command or daemon process.
+
+ <b><a href="postconf.5.html#proxy_read_maps">proxy_read_maps</a> (see 'postconf -d' output)</b>
+ The lookup tables that the <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server is allowed to
+ access for the read-only service.
+
+ Available in Postfix 2.5 and later:
+
+ <b><a href="postconf.5.html#data_directory">data_directory</a> (see 'postconf -d' output)</b>
+ The directory with Postfix-writable data files (for example:
+ caches, pseudo-random numbers).
+
+ <b><a href="postconf.5.html#proxy_write_maps">proxy_write_maps</a> (see 'postconf -d' output)</b>
+ The lookup tables that the <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server is allowed to
+ access for the read-write service.
+
+ Available in Postfix 3.3 and later:
+
+ <b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b>
+ The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process.
+
+<b>SEE ALSO</b>
+ <a href="postconf.5.html">postconf(5)</a>, configuration parameters
+ <a href="master.5.html">master(5)</a>, generic daemon options
+
+<b>README FILES</b>
+ <a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
+
+<b>LICENSE</b>
+ The Secure Mailer license must be distributed with this software.
+
+<b>HISTORY</b>
+ The proxymap service was introduced with Postfix 2.0.
+
+<b>AUTHOR(S)</b>
+ Wietse Venema
+ IBM T.J. Watson Research
+ P.O. Box 704
+ Yorktown Heights, NY 10598, USA
+
+ Wietse Venema
+ Google, Inc.
+ 111 8th Avenue
+ New York, NY 10011, USA
+
+ PROXYMAP(8)
+</pre> </body> </html>