diff options
Diffstat (limited to 'man/man8')
| -rw-r--r-- | man/man8/cleanup.8 | 24 | ||||
| -rw-r--r-- | man/man8/dnsblog.8 | 3 | ||||
| -rw-r--r-- | man/man8/local.8 | 31 | ||||
| -rw-r--r-- | man/man8/master.8 | 8 | ||||
| -rw-r--r-- | man/man8/pipe.8 | 5 | ||||
| -rw-r--r-- | man/man8/postlogd.8 | 14 | ||||
| -rw-r--r-- | man/man8/postscreen.8 | 32 | ||||
| -rw-r--r-- | man/man8/proxymap.8 | 2 | ||||
| -rw-r--r-- | man/man8/qmgr.8 | 2 | ||||
| -rw-r--r-- | man/man8/qmqpd.8 | 2 | ||||
| -rw-r--r-- | man/man8/smtp.8 | 99 | ||||
| -rw-r--r-- | man/man8/smtpd.8 | 21 | ||||
| -rw-r--r-- | man/man8/tlsproxy.8 | 6 | ||||
| -rw-r--r-- | man/man8/trivial-rewrite.8 | 17 |
14 files changed, 168 insertions, 98 deletions
diff --git a/man/man8/cleanup.8 b/man/man8/cleanup.8 index bc51c31..0f4ee68 100644 --- a/man/man8/cleanup.8 +++ b/man/man8/cleanup.8 @@ -286,10 +286,10 @@ that is received by the Postfix mail system. Available in Postfix version 2.1 and later: .IP "\fBsender_bcc_maps (empty)\fR" Optional BCC (blind carbon\-copy) address lookup tables, indexed -by sender address. +by envelope sender address. .IP "\fBrecipient_bcc_maps (empty)\fR" Optional BCC (blind carbon\-copy) address lookup tables, indexed by -recipient address. +envelope recipient address. .SH "ADDRESS TRANSFORMATION CONTROLS" .na .nf @@ -329,8 +329,9 @@ remote domains. .PP Available in Postfix version 2.0 and later: .IP "\fBvirtual_alias_maps ($virtual_maps)\fR" -Optional lookup tables that alias specific mail addresses or domains -to other local or remote address. +Optional lookup tables with aliases that apply to all recipients: +\fBlocal\fR(8), virtual, and remote; this is unlike alias_maps that apply +only to \fBlocal\fR(8) recipients. .PP Available in Postfix version 2.2 and later: .IP "\fBcanonical_classes (envelope_sender, envelope_recipient, header_sender, header_recipient)\fR" @@ -342,9 +343,10 @@ mapping. What addresses are subject to sender_canonical_maps address mapping. .IP "\fBremote_header_rewrite_domain (empty)\fR" -Don't rewrite message headers from remote clients at all when -this parameter is empty; otherwise, rewrite message headers and -append the specified domain name to incomplete addresses. +Rewrite or add message headers in mail from remote clients if +the remote_header_rewrite_domain parameter value is non\-empty, +updating incomplete addresses with the domain specified in the +remote_header_rewrite_domain parameter, and adding missing headers. .SH "RESOURCE AND RATE CONTROLS" .na .nf @@ -395,7 +397,7 @@ The maximal length of an email address after virtual alias expansion. Preliminary SMTPUTF8 support is introduced with Postfix 3.0. .IP "\fBsmtputf8_enable (yes)\fR" Enable preliminary SMTPUTF8 support for the protocols described -in RFC 6531..6533. +in RFC 6531, RFC 6532, and RFC 6533. .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR" Detect that a message requires SMTPUTF8 support for the specified mail origin classes. @@ -465,6 +467,12 @@ Available in Postfix 3.5 and later: .IP "\fBinfo_log_address_format (external)\fR" The email address form that will be used in non\-debug logging (info, warning, etc.). +.PP +Available in Postfix 3.9 and later: +.IP "\fBforce_mime_input_conversion (no)\fR" +Convert body content that claims to be 8\-bit into quoted\-printable, +before header_checks, body_checks, Milters, and before after\-queue +content filters. .SH "FILES" .na .nf diff --git a/man/man8/dnsblog.8 b/man/man8/dnsblog.8 index bf55548..6c6cef3 100644 --- a/man/man8/dnsblog.8 +++ b/man/man8/dnsblog.8 @@ -55,7 +55,8 @@ configuration files. How much time a Postfix daemon process may take to handle a request before it is terminated by a built\-in watchdog timer. .IP "\fBpostscreen_dnsbl_sites (empty)\fR" -Optional list of DNS allow/denylist domains, filters and weight +Optional list of patterns with DNS allow/denylist domains, filters +and weight factors. .IP "\fBipc_timeout (3600s)\fR" The time limit for sending or receiving information over an internal diff --git a/man/man8/local.8 b/man/man8/local.8 index ca9c6c8..84736cb 100644 --- a/man/man8/local.8 +++ b/man/man8/local.8 @@ -223,27 +223,30 @@ are replaced with underscores. The list of acceptable characters is specified with the \fBcommand_expansion_filter\fR configuration parameter. .IP \fBSHELL\fR -The recipient user's login shell. +The envelope recipient user's login shell. .IP \fBHOME\fR -The recipient user's home directory. +The envelope recipient user's home directory. .IP \fBUSER\fR -The bare recipient name. +The bare envelope recipient name. .IP \fBEXTENSION\fR -The optional recipient address extension. +The optional envelope recipient address extension. .IP \fBDOMAIN\fR -The recipient address domain part. +The envelope recipient address domain part. .IP \fBLOGNAME\fR -The bare recipient name. +The bare envelope recipient name. .IP \fBLOCAL\fR -The entire recipient address localpart (text to the left of the -rightmost @ character). +The entire envelope recipient address localpart (text to +the left of the rightmost @ character). .IP \fBORIGINAL_RECIPIENT\fR -The entire recipient address, before any address rewriting -or aliasing (Postfix 2.5 and later). +The entire envelope recipient address, before any address +rewriting or aliasing (Postfix 2.5 and later). .IP \fBRECIPIENT\fR -The entire recipient address. +The entire envelope recipient address. .IP \fBSENDER\fR -The entire sender address. +The entire envelope sender address. +.IP \fBENVID\fR +The optional RFC 3461 envelope ID. Available as of Postfix +3.9. .PP Additional remote client information is made available via the following environment variables: @@ -449,7 +452,9 @@ mailbox_transport, mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory, fallback_transport_maps, fallback_transport, and luser_relay. .IP "\fBalias_maps (see 'postconf -d' output)\fR" -The alias databases that are used for \fBlocal\fR(8) delivery. +Optional lookup tables with aliases that apply only to \fBlocal\fR(8) +recipients; this is unlike virtual_alias_maps that apply to all +recipients: \fBlocal\fR(8), virtual, and remote. .IP "\fBforward_path (see 'postconf -d' output)\fR" The \fBlocal\fR(8) delivery agent search list for finding a .forward file with user\-specified delivery methods. diff --git a/man/man8/master.8 b/man/man8/master.8 index 8c37de4..87fd648 100644 --- a/man/man8/master.8 +++ b/man/man8/master.8 @@ -151,13 +151,13 @@ The directory with Postfix support programs and daemon programs. The external command to execute when a Postfix daemon program is invoked with the \-D option. .IP "\fBinet_interfaces (all)\fR" -The network interface addresses that this mail system receives -mail on. -.IP "\fBinet_protocols (see 'postconf -d output')\fR" +The local network interface addresses that this mail system +receives mail on. +.IP "\fBinet_protocols (see 'postconf -d' output)\fR" The Internet protocols Postfix will attempt to use when making or accepting connections. .IP "\fBimport_environment (see 'postconf -d' output)\fR" -The list of environment parameters that a privileged Postfix +The list of environment variables that a privileged Postfix process will import from a non\-Postfix parent process, or name=value environment overrides. .IP "\fBmail_owner (postfix)\fR" diff --git a/man/man8/pipe.8 b/man/man8/pipe.8 index 8e54eaf..efb9e0e 100644 --- a/man/man8/pipe.8 +++ b/man/man8/pipe.8 @@ -240,6 +240,11 @@ the domain is \fIdomain\fR. This information is modified by the \fBh\fR flag for case folding. .sp This feature is available as of Postfix 2.5. +.IP \fB${envid}\fR +This macro expands to the RFC 3461 envelope ID if available, +otherwise the empty string. +.sp +This feature is available as of Postfix 3.9. .IP \fB${extension}\fR This macro expands to the extension part of a recipient address. For example, with an address \fIuser+foo@domain\fR the extension is diff --git a/man/man8/postlogd.8 b/man/man8/postlogd.8 index 9168a34..aeb95c7 100644 --- a/man/man8/postlogd.8 +++ b/man/man8/postlogd.8 @@ -41,10 +41,10 @@ set this permission on programs other than \fBpostdrop\fR(1), .nf .ad .fi -Changes to \fBmain.cf\fR are picked up automatically, as -\fBpostlogd\fR(8) processes run for only a limited amount -of time. Use the command "\fBpostfix reload\fR" to speed -up a change. +Changes to \fBmain.cf\fR are not picked up automatically, +because \fBpostlogd\fR(8) terminates only after reaching +the \fBmax_idle\fR time limit. +Use the command "\fBpostfix reload\fR" to speed up a change. The text below provides only a parameter summary. See \fBpostconf\fR(5) for more details including examples. @@ -66,6 +66,12 @@ The master.cf service name of a Postfix daemon process. .IP "\fBpostlogd_watchdog_timeout (10s)\fR" How much time a \fBpostlogd\fR(8) process may take to process a request before it is terminated by a built\-in watchdog timer. +.PP +Available in Postfix 3.9 and later: +.IP "\fBmaillog_file_permissions (0600)\fR" +The file access permissions that will be set when the file +$maillog_file is created for the first time, or when the file is +created after an existing file is rotated. .SH "SEE ALSO" .na .nf diff --git a/man/man8/postscreen.8 b/man/man8/postscreen.8 index 556a865..0231b0a 100644 --- a/man/man8/postscreen.8 +++ b/man/man8/postscreen.8 @@ -323,25 +323,29 @@ Persistent storage for the \fBpostscreen\fR(8) server decisions. The amount of time that \fBpostscreen\fR(8) will cache an expired temporary allowlist entry before it is removed. .IP "\fBpostscreen_bare_newline_ttl (30d)\fR" -The amount of time that \fBpostscreen\fR(8) will use the result from -a successful "bare newline" SMTP protocol test. +The amount of time that \fBpostscreen\fR(8) remembers that a client +IP address passed a "bare newline" SMTP protocol test, before it +address is required to pass that test again. .IP "\fBpostscreen_dnsbl_max_ttl (${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h)\fR" -The maximum amount of time that \fBpostscreen\fR(8) will use the -result from a successful DNS\-based reputation test before a -client IP address is required to pass that test again. +The maximum amount of time that \fBpostscreen\fR(8) remembers that a +client IP address passed a DNS\-based reputation test, before it is +required to pass that test again. .IP "\fBpostscreen_dnsbl_min_ttl (60s)\fR" -The minimum amount of time that \fBpostscreen\fR(8) will use the -result from a successful DNS\-based reputation test before a -client IP address is required to pass that test again. +The minimum amount of time that \fBpostscreen\fR(8) remembers that a +client IP address passed a DNS\-based reputation test, before it +is required to pass that test again. .IP "\fBpostscreen_greet_ttl (1d)\fR" -The amount of time that \fBpostscreen\fR(8) will use the result from -a successful PREGREET test. +The amount of time that \fBpostscreen\fR(8) remembers that a client +IP address passed a PREGREET test, before it is required to pass +that test again. .IP "\fBpostscreen_non_smtp_command_ttl (30d)\fR" -The amount of time that \fBpostscreen\fR(8) will use the result from -a successful "non_smtp_command" SMTP protocol test. +The amount of time that \fBpostscreen\fR(8) remembers that a client +IP address passed a "non_smtp_command" SMTP protocol test, before +it is required to pass that test again. .IP "\fBpostscreen_pipelining_ttl (30d)\fR" -The amount of time that \fBpostscreen\fR(8) will use the result from -a successful "pipelining" SMTP protocol test. +The amount of time that \fBpostscreen\fR(8) remembers that a client +IP address passed a "pipelining" SMTP protocol test, before it is +required to pass that test again. .SH "RESOURCE CONTROLS" .na .nf diff --git a/man/man8/proxymap.8 b/man/man8/proxymap.8 index e734a2b..ff0d759 100644 --- a/man/man8/proxymap.8 +++ b/man/man8/proxymap.8 @@ -43,7 +43,7 @@ proxymap server processes. .IP \(bu To provide single\-updater functionality for lookup tables that do not reliably support multiple writers (i.e. all -file\-based tables). +file\-based tables that are not based on \fBlmdb\fR). .PP The \fBproxymap\fR(8) server implements the following requests: .IP "\fBopen\fR \fImaptype:mapname flags\fR" diff --git a/man/man8/qmgr.8 b/man/man8/qmgr.8 index a24af71..ca1fd4c 100644 --- a/man/man8/qmgr.8 +++ b/man/man8/qmgr.8 @@ -234,7 +234,7 @@ A transport\-specific override for the default_recipient_refill_limit parameter value, where \fItransport\fR is the master.cf name of the message delivery transport. .IP "\fBdefault_recipient_refill_delay (5s)\fR" -The default per\-transport maximum delay between recipients refills. +The default per\-transport maximum delay between refilling recipients. .IP "\fBtransport_recipient_refill_delay ($default_recipient_refill_delay)\fR" A transport\-specific override for the default_recipient_refill_delay parameter value, where \fItransport\fR is the master.cf name of diff --git a/man/man8/qmqpd.8 b/man/man8/qmqpd.8 index 9ee6267..0f0a82b 100644 --- a/man/man8/qmqpd.8 +++ b/man/man8/qmqpd.8 @@ -75,7 +75,7 @@ filtering, or address mapping. Preliminary SMTPUTF8 support is introduced with Postfix 3.0. .IP "\fBsmtputf8_enable (yes)\fR" Enable preliminary SMTPUTF8 support for the protocols described -in RFC 6531..6533. +in RFC 6531, RFC 6532, and RFC 6533. .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR" Detect that a message requires SMTPUTF8 support for the specified mail origin classes. diff --git a/man/man8/smtp.8 b/man/man8/smtp.8 index e53a377..0145350 100644 --- a/man/man8/smtp.8 +++ b/man/man8/smtp.8 @@ -1,14 +1,16 @@ -.TH SMTP 8 +.TH SMTP, LMTP 8 .ad .fi .SH NAME -smtp +smtp, lmtp \- Postfix SMTP+LMTP client .SH "SYNOPSIS" .na .nf \fBsmtp\fR [generic Postfix daemon options] [flags=DORX] + +\fBlmtp\fR [generic Postfix daemon options] [flags=DORX] .SH DESCRIPTION .ad .fi @@ -17,7 +19,9 @@ delivery protocols. It processes message delivery requests from the queue manager. Each request specifies a queue file, a sender address, a domain or host to deliver to, and recipient information. This program expects to be run from the \fBmaster\fR(8) process -manager. +manager. The process name, \fBsmtp\fR or \fBlmtp\fR, controls +the protocol, and the names of the configuration parameters +that will be used. The SMTP+LMTP client updates the queue file and marks recipients as finished, or it informs the queue manager that delivery should @@ -25,13 +29,9 @@ be tried again at a later time. Delivery status reports are sent to the \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemon as appropriate. -The SMTP+LMTP client looks up a list of mail exchanger addresses for -the destination host, sorts the list by preference, and connects -to each listed address until it finds a server that responds. - -When a server is not reachable, or when mail delivery fails due -to a recoverable error condition, the SMTP+LMTP client will try to -deliver the mail to an alternate host. +The server lookup strategy is different for SMTP and LMTP, +as described in the sections "SMTP SERVER LOOKUP" and "LMTP +SERVER LOOKUP". After a successful mail transaction, a connection may be saved to the \fBscache\fR(8) connection cache server, so that it @@ -41,48 +41,62 @@ By default, connection caching is enabled temporarily for destinations that have a high volume of mail in the active queue. Connection caching can be enabled permanently for specific destinations. -.SH "SMTP DESTINATION SYNTAX" +.SH "SMTP SERVER LOOKUP" .na .nf .ad .fi -The Postfix SMTP+LMTP client supports multiple destinations +The Postfix SMTP client supports multiple destinations separated by comma or whitespace (Postfix 3.5 and later). +Each destination is tried in the specified order. + SMTP destinations have the following form: .IP \fIdomainname\fR -.IP \fIdomainname\fR:\fIport\fR +.IP \fIdomainname\fR:\fIservice\fR Look up the mail exchangers for the specified domain, and -connect to the specified port (default: \fBsmtp\fR). +connect to the specified service (default: \fBsmtp\fR). +Optionally, mail exchangers may be looked up with SRV queries +instead of MX; this requires that \fIservice\fR is given +in symbolic form. .IP [\fIhostname\fR] -.IP [\fIhostname\fR]:\fIport\fR -Look up the address(es) of the specified host, and connect to -the specified port (default: \fBsmtp\fR). +.IP [\fIhostname\fR]:\fIservice\fR +Look up the address(es) for the specified host, and connect to +the specified service (default: \fBsmtp\fR). .IP [\fIaddress\fR] -.IP [\fIaddress\fR]:\fIport\fR +.IP [\fIaddress\fR]:\fIservice\fR Connect to the host at the specified address, and connect -to the specified port (default: \fBsmtp\fR). An IPv6 address +to the specified service (default: \fBsmtp\fR). An IPv6 address must be formatted as [\fBipv6\fR:\fIaddress\fR]. -.SH "LMTP DESTINATION SYNTAX" +.SH "LMTP SERVER LOOKUP" .na .nf .ad .fi -The Postfix SMTP+LMTP client supports multiple destinations +The Postfix LMTP client supports multiple destinations separated by comma or whitespace (Postfix 3.5 and later). +Each destination is tried in the specified order. + LMTP destinations have the following form: .IP \fBunix\fR:\fIpathname\fR Connect to the local UNIX\-domain server that is bound to the specified \fIpathname\fR. If the process runs chrooted, an absolute pathname is interpreted relative to the Postfix queue directory. +.IP \fBinet\fR:\fIdomainname\fR +.IP \fBinet\fR:\fIdomainname\fR:\fIservice\fR +Look up the LMTP servers for the specified domain and service +(default: \fBlmtp\fR). +This form is supported when SRV lookups are enabled, and +requires that \fIservice\fR is in symbolic form. .IP \fBinet\fR:\fIhostname\fR -.IP \fBinet\fR:\fIhostname\fR:\fIport\fR +.IP \fBinet\fR:\fIhostname\fR:\fIservice\fR +Look up the address(es) for the specified host, and connect to +the specified service (default: \fBlmtp\fR). When SRV lookups +are enabled, use the form \fB[\fIhostname\fB]\fR to force +address lookups. .IP \fBinet\fR:[\fIaddress\fR] -.IP \fBinet\fR:[\fIaddress\fR]:\fIport\fR -Connect to the specified TCP port on the specified local or -remote host. If no port is specified, connect to the port defined as -\fBlmtp\fR in \fBservices\fR(4). -If no such service is found, the \fBlmtp_tcp_port\fR configuration -parameter (default value of 24) will be used. +.IP \fBinet\fR:[\fIaddress\fR]:\fIservice\fR +Connect to the specified local or remote host and service +(default: \fBlmtp\fR). An IPv6 address must be formatted as [\fBipv6\fR:\fIaddress\fR]. .SH "SINGLE-RECIPIENT DELIVERY" .na @@ -146,6 +160,8 @@ This feature is available as of Postfix 3.5. .SH "SECURITY" .na .nf +.ad +.fi The SMTP+LMTP client is moderately security\-sensitive. It talks to SMTP or LMTP servers and to DNS servers on the network. The SMTP+LMTP client can be run chrooted at fixed @@ -199,11 +215,10 @@ address and TCP port. .nf .ad .fi -Before Postfix version 2.3, the LMTP client is a separate -program that implements only a subset of the functionality -available with SMTP: there is no support for TLS, and -connections are cached in\-process, making it ineffective -when the client is used for multiple domains. +Postfix versions 2.3 and later implement the SMTP and LMTP +client with the same program, and choose the protocol and +configuration parameters based on the process name, \fBsmtp\fR +or \fBlmtp\fR. Most smtp_\fIxxx\fR configuration parameters have an lmtp_\fIxxx\fR "mirror" parameter for the equivalent LMTP @@ -464,6 +479,11 @@ Available in Postfix version 2.9 and later: .IP "\fBsmtp_send_dummy_mail_auth (no)\fR" Whether or not to append the "AUTH=<>" option to the MAIL FROM command in SASL\-authenticated SMTP sessions. +.PP +Available in Postfix version 3.9 and later: +.IP "\fBsmtp_sasl_password_result_delimiter (:)\fR" +The delimiter between username and password in sasl_passwd_maps lookup +results. .SH "STARTTLS SUPPORT CONTROLS" .na .nf @@ -566,7 +586,7 @@ The message digest algorithm used to construct remote SMTP server certificate fingerprints. .PP Available in Postfix version 2.6 and later: -.IP "\fBsmtp_tls_protocols (see postconf -d output)\fR" +.IP "\fBsmtp_tls_protocols (see 'postconf -d' output)\fR" TLS protocols that the Postfix SMTP client will use with opportunistic TLS encryption. .IP "\fBsmtp_tls_ciphers (medium)\fR" @@ -647,6 +667,11 @@ Optional configuration file with baseline OpenSSL settings. .IP "\fBtls_config_name (empty)\fR" The application name passed by Postfix to OpenSSL library initialization functions. +.PP +Available in Postfix version 3.9 and later: +.IP "\fBsmtp_tls_enable_rpk (no)\fR" +Request that remote SMTP servers send an RFC7250 raw public key +instead of an X.509 certificate. .SH "OBSOLETE STARTTLS CONTROLS" .na .nf @@ -843,9 +868,9 @@ sub\-second delay values. .IP "\fBdisable_dns_lookups (no)\fR" Disable DNS lookups in the Postfix SMTP and LMTP clients. .IP "\fBinet_interfaces (all)\fR" -The local network interface addresses that this mail system receives -mail on. -.IP "\fBinet_protocols (see 'postconf -d output')\fR" +The local network interface addresses that this mail system +receives mail on. +.IP "\fBinet_protocols (see 'postconf -d' output)\fR" The Internet protocols Postfix will attempt to use when making or accepting connections. .IP "\fBipc_timeout (3600s)\fR" diff --git a/man/man8/smtpd.8 b/man/man8/smtpd.8 index 6f72084..4569f1f 100644 --- a/man/man8/smtpd.8 +++ b/man/man8/smtpd.8 @@ -502,7 +502,7 @@ fingerprints or public key fingerprints (Postfix 2.9 and later) for \fBcheck_ccert_access\fR and \fBpermit_tls_clientcerts\fR. .PP Available in Postfix version 2.6 and later: -.IP "\fBsmtpd_tls_protocols (see postconf -d output)\fR" +.IP "\fBsmtpd_tls_protocols (see 'postconf -d' output)\fR" TLS protocols accepted by the Postfix SMTP server with opportunistic TLS encryption. .IP "\fBsmtpd_tls_ciphers (medium)\fR" @@ -571,6 +571,12 @@ Optional configuration file with baseline OpenSSL settings. .IP "\fBtls_config_name (empty)\fR" The application name passed by Postfix to OpenSSL library initialization functions. +.PP +Available in Postfix version 3.9 and later: +.IP "\fBsmtpd_tls_enable_rpk (no)\fR" +Request that remote SMTP clients send an RFC7250 raw public key +instead of an X.509 certificate, when asking for or requiring client +authentication. .SH "OBSOLETE STARTTLS CONTROLS" .na .nf @@ -706,12 +712,12 @@ Parameters concerning known/unknown local recipients: The list of domains that are delivered via the $local_transport mail delivery transport. .IP "\fBinet_interfaces (all)\fR" -The local network interface addresses that this mail system receives -mail on. +The local network interface addresses that this mail system +receives mail on. .IP "\fBproxy_interfaces (empty)\fR" The remote network interface addresses that this mail system receives mail on by way of a proxy or network address translation unit. -.IP "\fBinet_protocols (see 'postconf -d output')\fR" +.IP "\fBinet_protocols (see 'postconf -d' output)\fR" The Internet protocols Postfix will attempt to use when making or accepting connections. .IP "\fBlocal_recipient_maps (proxy:unix:passwd.byname $alias_maps)\fR" @@ -742,8 +748,9 @@ Postfix is the final destination for the specified list of virtual alias domains, that is, domains for which all addresses are aliased to addresses in other local or remote domains. .IP "\fBvirtual_alias_maps ($virtual_maps)\fR" -Optional lookup tables that alias specific mail addresses or domains -to other local or remote addresses. +Optional lookup tables with aliases that apply to all recipients: +\fBlocal\fR(8), virtual, and remote; this is unlike alias_maps that apply +only to \fBlocal\fR(8) recipients. .IP "\fBunknown_virtual_alias_reject_code (550)\fR" The Postfix SMTP server reply code when a recipient address matches $virtual_alias_domains, and $virtual_alias_maps specifies a list @@ -863,7 +870,7 @@ Disconnect remote SMTP clients that violate RFC 2920 (or 5321) command pipelining constraints. .PP Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later: -.IP "\fBsmtpd_forbid_bare_newline (Postfix < 3.9: no)\fR" +.IP "\fBsmtpd_forbid_bare_newline (Postfix >= 3.9: normalize)\fR" Reject or restrict input lines from an SMTP client that end in <LF> instead of the standard <CR><LF>. .IP "\fBsmtpd_forbid_bare_newline_exclusions ($mynetworks)\fR" diff --git a/man/man8/tlsproxy.8 b/man/man8/tlsproxy.8 index 6913b7b..4677dc4 100644 --- a/man/man8/tlsproxy.8 +++ b/man/man8/tlsproxy.8 @@ -255,6 +255,12 @@ parameters smtpd_use_tls and smtpd_enforce_tls. .IP "\fBtlsproxy_tls_chain_files ($smtpd_tls_chain_files)\fR" Files with the Postfix \fBtlsproxy\fR(8) server keys and certificate chains in PEM format. +.PP +Available in Postfix version 3.9 and later: +.IP "\fBtlsproxy_tls_enable_rpk ($smtpd_tls_enable_rpk)\fR" +Request that remote SMTP clients send an RFC7250 raw public key +instead of an X.509 certificate, when asking or requiring client +authentication. .SH "STARTTLS CLIENT CONTROLS" .na .nf diff --git a/man/man8/trivial-rewrite.8 b/man/man8/trivial-rewrite.8 index e41da71..f2c39fb 100644 --- a/man/man8/trivial-rewrite.8 +++ b/man/man8/trivial-rewrite.8 @@ -142,9 +142,10 @@ Enable the rewriting of "site!user" into "user@site". .PP Available in Postfix 2.2 and later: .IP "\fBremote_header_rewrite_domain (empty)\fR" -Don't rewrite message headers from remote clients at all when -this parameter is empty; otherwise, rewrite message headers and -append the specified domain name to incomplete addresses. +Rewrite or add message headers in mail from remote clients if +the remote_header_rewrite_domain parameter value is non\-empty, +updating incomplete addresses with the domain specified in the +remote_header_rewrite_domain parameter, and adding missing headers. .SH "ROUTING CONTROLS" .na .nf @@ -163,10 +164,12 @@ The default mail delivery transport and next\-hop destination for final delivery to domains listed with $virtual_mailbox_domains. .IP "\fBrelay_transport (relay)\fR" The default mail delivery transport and next\-hop destination for -remote delivery to domains listed with $relay_domains. +the relay domain address class: recipient domains that match +$relay_domains. .IP "\fBdefault_transport (smtp)\fR" The default mail delivery transport and next\-hop destination for -destinations that do not match $mydestination, $inet_interfaces, +the default domain class: recipient domains that do not match +$mydestination, $inet_interfaces, $proxy_interfaces, $virtual_alias_domains, $virtual_mailbox_domains, or $relay_domains. .IP "\fBparent_domain_matches_subdomains (see 'postconf -d' output)\fR" @@ -174,8 +177,8 @@ A list of Postfix features where the pattern "example.com" also matches subdomains of example.com, instead of requiring an explicit ".example.com" pattern. .IP "\fBrelayhost (empty)\fR" -The next\-hop destination(s) for non\-local mail; overrides non\-local -domains in recipient addresses. +The next\-hop destination(s) for non\-local mail; takes precedence +over non\-local domains in recipient addresses. .IP "\fBtransport_maps (empty)\fR" Optional lookup tables with mappings from recipient address to (message delivery transport, next\-hop destination). |