summaryrefslogtreecommitdiffstats
path: root/man/man1/postfix.1
blob: 412c0c9d1c1bfd2354c6a3b358d29b0531cc1d99 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
.TH POSTFIX 1 
.ad
.fi
.SH NAME
postfix
\-
Postfix control program
.SH "SYNOPSIS"
.na
.nf
.fi
\fBpostfix\fR [\fB\-Dv\fR] [\fB\-c \fIconfig_dir\fR] \fIcommand\fR
.SH DESCRIPTION
.ad
.fi
This command is reserved for the superuser. To submit mail,
use the Postfix \fBsendmail\fR(1) command.

The \fBpostfix\fR(1) command controls the operation of the Postfix
mail system: start or stop the \fBmaster\fR(8) daemon, do a health
check, and other maintenance.

By default, the \fBpostfix\fR(1) command sets up a standardized
environment and runs the \fBpostfix\-script\fR shell script
to do the actual work.

However, when support for multiple Postfix instances is
configured, \fBpostfix\fR(1) executes the command specified
with the \fBmulti_instance_wrapper\fR configuration parameter.
This command will execute the \fIcommand\fR for each
applicable Postfix instance.

The following commands are implemented:
.IP \fBcheck\fR
Warn about bad directory/file ownership or permissions,
and create missing directories.
.IP \fBstart\fR
Start the Postfix mail system. This also runs the configuration
check described above.
.IP \fBstart\-fg\fR
Like \fBstart\fR, but keep the \fBmaster\fR(8) daemon running
in the foreground, and enable \fBmaster\fR(8) "init" mode
when running as PID 1.
This command requires that multi\-instance support is
disabled (i.e. the multi_instance_directories parameter
value must be empty). When running Postfix inside a container,
mount the container host's /dev/log socket inside the
container (example: "docker run \-v /dev/log:/dev/log ...")
and specify a distinct Postfix "syslog_name" prefix that
identifies logging from the Postfix instance.
.IP \fBstop\fR
Stop the Postfix mail system in an orderly fashion. If
possible, running processes are allowed to terminate at
their earliest convenience.
.sp
Note: in order to refresh the Postfix mail system after a
configuration change, do not use the \fBstart\fR and \fBstop\fR
commands in succession. Use the \fBreload\fR command instead.
.IP \fBabort\fR
Stop the Postfix mail system abruptly. Running processes are
signaled to stop immediately.
.IP \fBflush\fR
Force delivery: attempt to deliver every message in the deferred
mail queue. Normally, attempts to deliver delayed mail happen at
regular intervals, the interval doubling after each failed attempt.
.sp
Warning: flushing undeliverable mail frequently will result in
poor delivery performance of all other mail.
.IP \fBreload\fR
Re\-read configuration files. Running processes terminate at their
earliest convenience.
.IP \fBstatus\fR
Indicate if the Postfix mail system is currently running.
.IP "\fBset\-permissions\fR [\fIname\fR=\fIvalue ...\fR]"
Set the ownership and permissions of Postfix related files and
directories, as specified in the \fBpostfix\-files\fR file.
.sp
Specify \fIname\fR=\fIvalue\fR to override and update specific
main.cf configuration parameters. Use this, for example, to
change the \fBmail_owner\fR or \fBsetgid_group\fR setting for an
already installed Postfix system.
.sp
This feature is available in Postfix 2.1 and later.  With
Postfix 2.0 and earlier, use "\fB$config_directory/post\-install
set\-permissions\fR".
.IP "\fBlogrotate\fR"
Rotate the logfile specified with $maillog_file, by appending
a time\-stamp suffix that is formatted according to
$maillog_file_rotate_suffix, and by compressing the file
with the command specified with $maillog_file_compressor.
This will not rotate /dev/* files.
.sp
This feature is available in Postfix 3.4 and later.
.IP "\fBtls\fR \fIsubcommand\fR"
Enable opportunistic TLS in the Postfix SMTP client or
server, and manage Postfix SMTP server TLS private keys and
certificates.  See postfix\-tls(1) for documentation.
.sp
This feature is available in Postfix 3.1 and later.
.IP "\fBupgrade\-configuration\fR [\fIname\fR=\fIvalue ...\fR]"
Update the \fBmain.cf\fR and \fBmaster.cf\fR files with information
that Postfix needs in order to run: add or update services, and add
or update configuration parameter settings.
.sp
Specify \fIname\fR=\fIvalue\fR to override and update specific
main.cf configuration parameters.
.sp
This feature is available in Postfix 2.1 and later.  With
Postfix 2.0 and earlier, use "\fB$config_directory/post\-install
upgrade\-configuration\fR".
.PP
The following options are implemented:
.IP "\fB\-c \fIconfig_dir\fR"
Read the \fBmain.cf\fR and \fBmaster.cf\fR configuration files in
the named directory instead of the default configuration directory.
Use this to distinguish between multiple Postfix instances on the
same host.

With Postfix 2.6 and later, this option forces the postfix(1)
command to operate on the specified Postfix instance only.
This behavior is inherited by postfix(1) commands that run
as a descendant of the current process.
.IP "\fB\-D\fR (with \fBpostfix start\fR only)"
Run each Postfix daemon under control of a debugger as specified
via the \fBdebugger_command\fR configuration parameter.
.IP \fB\-v\fR
Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
options make the software increasingly verbose.
.SH "ENVIRONMENT"
.na
.nf
.ad
.fi
The \fBpostfix\fR(1) command exports the following environment
variables before executing the \fBpostfix\-script\fR file:
.IP \fBMAIL_CONFIG\fR
This is set when the \-c command\-line option is present.

With Postfix 2.6 and later, this environment variable forces
the postfix(1) command to operate on the specified Postfix
instance only.  This behavior is inherited by postfix(1)
commands that run as a descendant of the current process.
.IP \fBMAIL_VERBOSE\fR
This is set when the \-v command\-line option is present.
.IP \fBMAIL_DEBUG\fR
This is set when the \-D command\-line option is present.
.PP
When the internal logging service is enabled (by setting a
non\-empty maillog_file parameter value) the postfix(1)
command exports settings that are used by child processes
before they have processed main.cf or command\-line settings.
.IP \fBPOSTLOG_SERVICE
The name of the public postlog service endpoint.
.IP \fBPOSTLOG_HOSTNAME
The hostname to prepend to internal logging.
.SH "CONFIGURATION PARAMETERS"
.na
.nf
.ad
.fi
The following \fBmain.cf\fR configuration parameters are
exported as environment variables with the same names:
.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
The default location of the Postfix main.cf and master.cf
configuration files.
.IP "\fBcommand_directory (see 'postconf -d' output)\fR"
The location of all postfix administrative commands.
.IP "\fBdaemon_directory (see 'postconf -d' output)\fR"
The directory with Postfix support programs and daemon programs.
.IP "\fBhtml_directory (see 'postconf -d' output)\fR"
The location of Postfix HTML files that describe how to build,
configure or operate a specific Postfix subsystem or feature.
.IP "\fBmail_owner (postfix)\fR"
The UNIX system account that owns the Postfix queue and most Postfix
daemon processes.
.IP "\fBmailq_path (see 'postconf -d' output)\fR"
Sendmail compatibility feature that specifies where the Postfix
\fBmailq\fR(1) command is installed.
.IP "\fBmanpage_directory (see 'postconf -d' output)\fR"
Where the Postfix manual pages are installed.
.IP "\fBnewaliases_path (see 'postconf -d' output)\fR"
Sendmail compatibility feature that specifies the location of the
\fBnewaliases\fR(1) command.
.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
The location of the Postfix top\-level queue directory.
.IP "\fBreadme_directory (see 'postconf -d' output)\fR"
The location of Postfix README files that describe how to build,
configure or operate a specific Postfix subsystem or feature.
.IP "\fBsendmail_path (see 'postconf -d' output)\fR"
A Sendmail compatibility feature that specifies the location of
the Postfix \fBsendmail\fR(1) command.
.IP "\fBsetgid_group (postdrop)\fR"
The group ownership of set\-gid Postfix commands and of group\-writable
Postfix directories.
.PP
Available in Postfix version 2.5 and later:
.IP "\fBdata_directory (see 'postconf -d' output)\fR"
The directory with Postfix\-writable data files (for example:
caches, pseudo\-random numbers).
.PP
Available in Postfix version 3.0 and later:
.IP "\fBmeta_directory (see 'postconf -d' output)\fR"
The location of non\-executable files that are shared among
multiple Postfix instances, such as postfix\-files, dynamicmaps.cf,
and the multi\-instance template files main.cf.proto and master.cf.proto.
.IP "\fBshlib_directory (see 'postconf -d' output)\fR"
The location of Postfix dynamically\-linked libraries
(libpostfix\-*.so), and the default location of Postfix database
plugins (postfix\-*.so) that have a relative pathname in the
dynamicmaps.cf file.
.PP
Available in Postfix version 3.1 and later:
.IP "\fBopenssl_path (openssl)\fR"
The location of the OpenSSL command line program \fBopenssl\fR(1).
.PP
Other configuration parameters:
.IP "\fBimport_environment (see 'postconf -d' output)\fR"
The list of environment parameters that a privileged Postfix
process will import from a non\-Postfix parent process, or name=value
environment overrides.
.IP "\fBsyslog_facility (mail)\fR"
The syslog facility of Postfix logging.
.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
.PP
Available in Postfix version 2.6 and later:
.IP "\fBmulti_instance_directories (empty)\fR"
An optional list of non\-default Postfix configuration directories;
these directories belong to additional Postfix instances that share
the Postfix executable files and documentation with the default
Postfix instance, and that are started, stopped, etc., together
with the default Postfix instance.
.IP "\fBmulti_instance_wrapper (empty)\fR"
The pathname of a multi\-instance manager command that the
\fBpostfix\fR(1) command invokes when the multi_instance_directories
parameter value is non\-empty.
.IP "\fBmulti_instance_group (empty)\fR"
The optional instance group name of this Postfix instance.
.IP "\fBmulti_instance_name (empty)\fR"
The optional instance name of this Postfix instance.
.IP "\fBmulti_instance_enable (no)\fR"
Allow this Postfix instance to be started, stopped, etc., by a
multi\-instance manager.
.PP
Available in Postfix version 3.4 and later:
.IP "\fBmaillog_file (empty)\fR"
The name of an optional logfile that is written by the Postfix
\fBpostlogd\fR(8) service.
.IP "\fBmaillog_file_compressor (gzip)\fR"
The program to run after rotating $maillog_file with "postfix
logrotate".
.IP "\fBmaillog_file_prefixes (/var, /dev/stdout)\fR"
A list of allowed prefixes for a maillog_file value.
.IP "\fBmaillog_file_rotate_suffix (%Y%m%d\-%H%M%S)\fR"
The format of the suffix to append to $maillog_file while rotating
the file with "postfix logrotate".
.IP "\fBpostlog_service_name (postlog)\fR"
The name of the \fBpostlogd\fR(8) service entry in master.cf.
.SH "FILES"
.na
.nf
.ad
.fi
Prior to Postfix version 2.6, all of the following files
were in \fB$config_directory\fR. Some files are now in
\fB$daemon_directory\fR so that they can be shared among
multiple instances that run the same Postfix version.

Use the command "\fBpostconf config_directory\fR" or
"\fBpostconf daemon_directory\fR" to expand the names
into their actual values.
.na
.nf

$config_directory/main.cf, Postfix configuration parameters
$config_directory/master.cf, Postfix daemon processes
$daemon_directory/postfix\-files, file/directory permissions
$daemon_directory/postfix\-script, administrative commands
$daemon_directory/post\-install, post\-installation configuration
$daemon_directory/dynamicmaps.cf, plug\-in database clients
.SH "SEE ALSO"
.na
.nf
Commands:
postalias(1), create/update/query alias database
postcat(1), examine Postfix queue file
postconf(1), Postfix configuration utility
postfix(1), Postfix control program
postfix\-tls(1), Postfix TLS management
postkick(1), trigger Postfix daemon
postlock(1), Postfix\-compatible locking
postlog(1), Postfix\-compatible logging
postmap(1), Postfix lookup table manager
postmulti(1), Postfix multi\-instance manager
postqueue(1), Postfix mail queue control
postsuper(1), Postfix housekeeping
mailq(1), Sendmail compatibility interface
newaliases(1), Sendmail compatibility interface
sendmail(1), Sendmail compatibility interface

Postfix configuration:
bounce(5), Postfix bounce message templates
master(5), Postfix master.cf file syntax
postconf(5), Postfix main.cf file syntax
postfix\-wrapper(5), Postfix multi\-instance API

Table\-driven mechanisms:
access(5), Postfix SMTP access control table
aliases(5), Postfix alias database
canonical(5), Postfix input address rewriting
generic(5), Postfix output address rewriting
header_checks(5), body_checks(5), Postfix content inspection
relocated(5), Users that have moved
transport(5), Postfix routing table
virtual(5), Postfix virtual aliasing

Table lookup mechanisms:
cidr_table(5), Associate CIDR pattern with value
ldap_table(5), Postfix LDAP client
lmdb_table(5), Postfix LMDB database driver
memcache_table(5), Postfix memcache client
mysql_table(5), Postfix MYSQL client
nisplus_table(5), Postfix NIS+ client
pcre_table(5), Associate PCRE pattern with value
pgsql_table(5), Postfix PostgreSQL client
regexp_table(5), Associate POSIX regexp pattern with value
socketmap_table(5), Postfix socketmap client
sqlite_table(5), Postfix SQLite database driver
tcp_table(5), Postfix client\-server table lookup

Daemon processes:
anvil(8), Postfix connection/rate limiting
bounce(8), defer(8), trace(8), Delivery status reports
cleanup(8), canonicalize and enqueue message
discard(8), Postfix discard delivery agent
dnsblog(8), DNS black/whitelist logger
error(8), Postfix error delivery agent
flush(8), Postfix fast ETRN service
local(8), Postfix local delivery agent
master(8), Postfix master daemon
oqmgr(8), old Postfix queue manager
pickup(8), Postfix local mail pickup
pipe(8), deliver mail to non\-Postfix command
postlogd(8), Postfix internal logging service
postscreen(8), Postfix zombie blocker
proxymap(8), Postfix lookup table proxy server
qmgr(8), Postfix queue manager
qmqpd(8), Postfix QMQP server
scache(8), Postfix connection cache manager
showq(8), list Postfix mail queue
smtp(8), lmtp(8), Postfix SMTP+LMTP client
smtpd(8), Postfix SMTP server
spawn(8), run non\-Postfix server
tlsmgr(8), Postfix TLS cache and randomness manager
tlsproxy(8), Postfix TLS proxy server
trivial\-rewrite(8), Postfix address rewriting
verify(8), Postfix address verification
virtual(8), Postfix virtual delivery agent

Other:
syslogd(8), system logging
.SH "README FILES"
.na
.nf
.ad
.fi
Use "\fBpostconf readme_directory\fR" or
"\fBpostconf html_directory\fR" to locate this information.
.na
.nf
OVERVIEW, overview of Postfix commands and processes
BASIC_CONFIGURATION_README, Postfix basic configuration
ADDRESS_REWRITING_README, Postfix address rewriting
SMTPD_ACCESS_README, SMTP relay/access control
CONTENT_INSPECTION_README, Postfix content inspection
QSHAPE_README, Postfix queue analysis
.SH "LICENSE"
.na
.nf
.ad
.fi
The Secure Mailer license must be distributed with this software.
.SH "AUTHOR(S)"
.na
.nf
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA

Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA

TLS support by:
Lutz Jaenicke
Brandenburg University of Technology
Cottbus, Germany

Victor Duchovni
Morgan Stanley

SASL support originally by:
Till Franke
SuSE Rhein/Main AG
65760 Eschborn, Germany

LMTP support originally by:
Philip A. Prindeville
Mirapoint, Inc.
USA.

Amos Gouaux
University of Texas at Dallas
P.O. Box 830688, MC34
Richardson, TX 75083, USA

IPv6 support originally by:
Mark Huizer, Eindhoven University, The Netherlands
Jun\-ichiro 'itojun' Hagino, KAME project, Japan
The Linux PLD project
Dean Strik, Eindhoven University, The Netherlands