summaryrefslogtreecommitdiffstats
path: root/proto/stop.double-proto-html
blob: a4b2332a2a387e2d8cccfca228f4007090f98119 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
 1 000 000 messages with good performance unlikely above that limit 
 10 10 Mandatory configuration file edits
 11 11 To chroot or not to chroot
 12 12 Care and feeding of the Postfix system
14 rbl_domain rbl_reason rbl_reason 
168 100 189 2 255 255 255 224
18 rbl_domain rbl_reason rbl_reason 
 1 ffff ffff ffff ffff ffff ffff ffff ffff
2001 240 587 0 2d0 b7ff fe88 2ca7 ffff ffff ffff ffff 
 31 sasldb Accounts are stored stored in a Cyrus SASL Berkeley DB
 33 ldapdb Accounts are stored stored in an LDAP database
 4 yes yes yes never 100 
5 postmaster postmaster example com
5 root root localhost
6 abuse abuse example com
80821 S 0 00 24 smtpd n smtp t inet u c o stress yes
83326 S 0 00 28 smtpd n smtp t inet u c o stress 
84345 Ss 0 00 11 usr bin perl usr libexec postfix smtpd policy pl
 8 SENDMAIL usr sbin sendmail G i NEVER NEVER NEVER use t here 
address localpart as per RFC 822 so that additional or or 
all  all Maximum per destination delivery concurrency
and cost cost 1 times more than if the preemptive scheduler was
 and sneak in the ten recipient mail Wait wait wait Could we Aren t
 aNULL aNULL kEECDH kEDH RC4 eNULL EXPORT LOW STRENGTH 
Arrival Date Sun 26 Nov 2006 17 01 01 0500 EST 
attacks with user domain domain addresses when Postfix provides
authzTo authzTo dn regex uniqueIdentifier ou people dc example dc com
 AUXLIBS AUXLIBS options for LDAP or TLS etc 
blockquote  blockquote 
 broken smtp smtp o smtp_quote_rfc821_envelope no
ccert_fingerprint C2 9D F4 87 71 73 73 D9 18 E7 C2 F3 C1 DA 6E 04
command_directory command_directory
 concurrency concurrency limit
config_directory config_directory
daemon_directory daemon_directory
data_directory data_directory
Date Sun 26 Nov 2006 17 01 01 0500 EST 
dd  dd Alternatively check_ccert_access accepts an explicit search
dd  dd check_ccert_access type table search_order cert_fingerprint 
dd  dd The commas are optional dd 
dd  dd The default algorithm is b sha256 b with Postfix ge 3 6
 dd No TLS TLS will not be used unless enabled for specific
Dec 4 04 30 09 hostname postfix smtpd 58549 NOQUEUE reject 
 default_transport uucp uucp gateway
Documentation  Documentation is available as README files start with the file
done  done
done done
 dt b a name check_address_map check_address_map a i a href DATABASE_RE
 dt b a name check_ccert_access check_ccert_access a i a href DATABASE_
 dt b a name check_client_a_access check_client_a_access a i a href DAT
 dt b a name check_client_access check_client_access a i a href DATABAS
 dt b a name check_client_mx_access check_client_mx_access a i a href D
 dt b a name check_client_ns_access check_client_ns_access a i a href D
 dt b a name check_etrn_access check_etrn_access a i a href DATABASE_RE
 dt b a name check_helo_a_access check_helo_a_access a i a href DATABAS
 dt b a name check_helo_access check_helo_access a i a href DATABASE_RE
 dt b a name check_helo_mx_access check_helo_mx_access a i a href DATAB
 dt b a name check_helo_ns_access check_helo_ns_access a i a href DATAB
 dt b a name check_policy_service check_policy_service i servername i a 
 dt b a name check_recipient_a_access check_recipient_a_access a i a hre
 dt b a name check_recipient_access check_recipient_access a i a href D
 dt b a name check_recipient_mx_access check_recipient_mx_access a i a h
 dt b a name check_recipient_ns_access check_recipient_ns_access a i a h
 dt b a name check_sasl_access check_sasl_access a i a href DATABASE_RE
 dt b a name check_sender_a_access check_sender_a_access a i a href DAT
 dt b a name check_sender_access check_sender_access a i a href DATABAS
 dt b a name check_sender_mx_access check_sender_mx_access a i a href D
 dt b a name check_sender_ns_access check_sender_ns_access a i a href D
 dt b a name defer defer a b dt 
 dt b a name defer_if_permit defer_if_permit a b dt 
 dt b a name defer_if_reject defer_if_reject a b dt 
 dt b a name defer_unauth_destination defer_unauth_destination a b dt 
 dt b a name no_address_mappings no_address_mappings a b dt 
 dt b a name no_header_body_checks no_header_body_checks a b dt 
 dt b a name no_milters no_milters a b dt 
 dt b a name no_unknown_recipient_checks no_unknown_recipient_checks a b 
 dt b a name permit_auth_destination permit_auth_destination a b dt 
 dt b a name permit_dnswl_client permit_dnswl_client i dnswl_domain d d d d
 dt b a name permit_inet_interfaces permit_inet_interfaces a b dt 
 dt b a name permit_mx_backup permit_mx_backup a b dt 
 dt b a name permit_mynetworks permit_mynetworks a b dt 
 dt b a name permit permit a b dt 
 dt b a name permit_rhswl_client permit_rhswl_client i rhswl_domain d d d d
 dt b a name permit_sasl_authenticated permit_sasl_authenticated a b dt
 dt b a name permit_tls_all_clientcerts permit_tls_all_clientcerts a b 
 dt b a name permit_tls_clientcerts permit_tls_clientcerts a b dt 
 dt b a name reject_invalid_helo_hostname reject_invalid_helo_hostname a 
 dt b a name reject_multi_recipient_bounce reject_multi_recipient_bounce a 
 dt b a name reject_non_fqdn_helo_hostname reject_non_fqdn_helo_hostname a 
 dt b a name reject_non_fqdn_recipient reject_non_fqdn_recipient a b dt
 dt b a name reject_non_fqdn_sender reject_non_fqdn_sender a b dt 
 dt b a name reject_plaintext_session reject_plaintext_session a b dt 
 dt b a name reject_rbl_client reject_rbl_client i rbl_domain d d d d i 
 dt b a name reject reject a b dt 
 dt b a name reject_rhsbl_client reject_rhsbl_client i rbl_domain d d d d 
 dt b a name reject_rhsbl_helo reject_rhsbl_helo i rbl_domain d d d d i 
 dt b a name reject_rhsbl_recipient reject_rhsbl_recipient i rbl_domain d d
 dt b a name reject_rhsbl_reverse_client reject_rhsbl_reverse_client i rbl_
 dt b a name reject_rhsbl_sender reject_rhsbl_sender i rbl_domain d d d d 
 dt b a name reject_sender_login_mismatch reject_sender_login_mismatch a 
 dt b a name reject_unauth_destination reject_unauth_destination a b dt
 dt b a name reject_unauth_pipelining reject_unauth_pipelining a b dt 
 dt b a name reject_unknown_client_hostname reject_unknown_client_hostname 
 dt b a name reject_unknown_helo_hostname reject_unknown_helo_hostname a 
 dt b a name reject_unknown_recipient_domain reject_unknown_recipient_domain
 dt b a name reject_unknown_sender_domain reject_unknown_sender_domain a 
 dt b a name reject_unlisted_recipient reject_unlisted_recipient a b wi
 dt b a name reject_unlisted_sender reject_unlisted_sender a b dt 
 dt b a name reject_unverified_recipient reject_unverified_recipient a b 
 dt b a name reject_unverified_sender reject_unverified_sender a b dt 
 dt b a name sleep sleep i seconds i a b dt 
 dt b a name warn_if_reject warn_if_reject a b dt 
dt  dt b i a href DATABASE_README html type table a i b dt 
dt  dt b i number i i number i b dt 
 dt dt dd 0 Disable logging of TLS activity dd 
 dt dt dd 1 Log only a summary message on TLS handshake completion
 dt dt dd 2 Also log levels during TLS negotiation dd 
 dt dt dd 3 Also log hexadecimal and ASCII dump of TLS negotiation
 dt dt dd 4 Also log hexadecimal and ASCII dump of complete
 dude dude example com 
 eliminates the latency of the TCP handshake SYN SYN ACK ACK 
 example com uucp uucp host
 example MAIL RCPT BDAT BDAT MAIL RCPT BDAT without ever having to
 export MANPATH MANPATH pwd man MANPATH 
fe80 1 2d0 b7ff fe88 2ca7 ffff ffff ffff ffff 
fe80 5 1 ffff ffff ffff ffff 
file allows for robust handling of temporary delivery errors errors
Filtered  Filtered
for the file name when a pattern is a type table table specification 
from host example com 192 168 0 2 TLSv1 with cipher cipher name
generic generic a restrictions These restrictions are applicable in
 groups msn com 63 2 1 2 4 4 14 14 14 8 0
 highvolume com 4000 160 160 320 640 1280 1440 0 0 0 0
host host port host port address or address port the form
 http www umich edu dirsvcs ldap ldap html or OpenLDAP
 id 84863BC0E5 Sun 26 Nov 2006 17 01 01 0500 EST 
 if concurrency concurrency limit 
 ifconfig en0 alias address netmask 255 255 255 255
 inet_addr_local inet_addr_local configured 2 IPv4 addresses
 inet_addr_local inet_addr_local configured 4 IPv6 addresses
insiders_only  insiders_only check_sender_access hash etc postfix insiders reject
in the form of a domain name hostname hostname port hostname port 
into memory such as pcre regexp or texthash texthash is similar
 jane jane janes preferred machine
 joe joe joes preferred machine
 Line 8 NEVER NEVER NEVER use the t command line option here It
listname  listname request 
 lists sourceforge net 2313 2313 0 0 0 0 0 0 0 0
local  local 8 
local_only  local_only 
maildrop  maildrop 
maildrop  maildrop owner cn root dc your dc com 
make  make makefiles CC opt ansic bin cc Ae HP UX 
make  make makefiles CC purify cc 
 man man man5 postconf 5 less 
master_service_disable foo inet inet
multi_instance_enable multi_instance_enable
multi_instance_group multi_instance_group
multi_instance_name multi_instance_name
mydestination myhostname localhost mydomain mydomain
 mydomain to an incomplete address address rewriting alias
mynetworks mynetworks 127 0 0 0 8 168 100 189 0 28 1 128 fe80 10 2001 240 587 
mynetworks mynetworks hash etc postfix network_table
Name lt user example com gt gt i Postfix will ignore the i User
 name name port name or name port 
 NOTE Postfix 3 6 also introduces support for the level level 
number number ranges Postfix version 2 8 and later If no
numbers or number number ranges Postfix version 2 8 and later 
one or more separated numbers or number number ranges 
 openssl req new key key 
or more separated numbers or number number ranges p 
or number number ranges Postfix version 2 8 and later If no
 ownership of system directories such as etc usr usr bin var
 PARAM postscreen_dnsbl_max_ttl postscreen_dnsbl_ttl postscreen_dnsbl_ttl 
 patterns list multiple domain names as domain domain 
 p Note 2 address information may be enclosed inside tt tt 
 postfix 12345 12345 postfix no where no shell
 Postfix 2 3 2 5 to hang up on clients that that match
 Postfix has TWO sets of mail filters filters that are used for
Postfix  Postfix can use an LDAP directory as a source for any of its lookups 
 Postfix Postfix passes the status back to the remote SMTP
 Postfix Postfix will send the mail back to the sender address 
pre  pre 
query_filter mailacceptinggeneralid s maildrop maildrop 
queue_directory queue_directory
Received from localhost localhost 127 0 0 1 
Received  Received from porcupine org 
rejected  rejected recipients are available on request by the Milter
 rewrite 8 none none
 Say we have ten recipient mail followed by two two recipient mails If
 separated numbers or number number ranges If no
smtpd_recipient_restrictions smtpd_recipient_restrictions 
smtpd_relay_restrictions  smtpd_relay_restrictions 
smtpd_relay_restrictions smtpd_relay_restrictions 
 smtpd_tls_mandatory_protocols SSLv2 SSLv3 TLSv1 TLSv1 1
smtpd_tls_mandatory_protocols SSLv2 SSLv3 TLSv1 TLSv1 1
 smtp smtp o smtp_bind_address 11 22 33 44
 smtp smtp o smtp_bind_address6 1 2 3 4 5 6 7 8
 smtp_tls_mandatory_protocols SSLv2 SSLv3 TLSv1 TLSv1 1
smtp_tls_mandatory_protocols SSLv2 SSLv3 TLSv1 TLSv1 1
 SSLv3 TLSv1 TLSv1 1 TLSv1 2 and TLSv1 3 Starting with
 T 5 10 20 40 80 160 320 640 1280 1280 
 T A 5 10 20 40 80 160 320 320 
Therefore 301 0301 0x301 and 0x0301 are all equivalent to
 The syntax of name value value name value and name value 
the  the backed up domain tld domain This prevents your mail queue
 tls_random_source dev dev urandom
 tls_random_source dev dev urandom 
tls_random_source dev dev urandom
TLS  TLS support in the LMTP delivery agent
 TLSv1 3 with cipher TLS_AES_256_GCM_SHA384 256 256 bits 
 to flush flush 8 Deferred
to host example com 192 168 0 2 25 TLSv1 with cipher cipher name
 to server example TLSv1 3 with cipher TLS_AES_256_GCM_SHA384 256 256 bits 
 TOTAL 5000 200 200 400 800 1600 1000 200 200 200 200
transport transport 
 tt tt in the authorized_verp_clients value and in files
 tt tt in the mynetworks value and in files specified with
 tt tt in the smtpd_authorized_verp_clients value and in
 tt tt in the smtpd_authorized_xclient_hosts value and in
 tt tt in the smtpd_authorized_xforward_hosts value and in
 tt tt in the smtpd_client_event_limit_exceptions value and
 tt tt in the smtpd_sasl_exceptions_networks value and in
 tt tt p 
two  two recipient mails 
 uid cn cn auth
Unfiltered  Unfiltered 
 unknown recipients in local domains domains that match mydestination
 Use blockquote pre pre blockquote for examples
 Use pre pre for the Examples section at the end
username username
 user sourceforge net 7678 7678 0 0 0 0 0 0 0 0
 using TLSv1 3 with cipher TLS_AES_256_GCM_SHA384 256 256 bits 
 using TLSv1 with cipher cipher name
var  var spool and so on This is especially an issue if you executed
With the standard operators lt lt etc compatibility
 yes yes yes never 100 
zombie  zombie tlsproxy 8 smtpd 8 
 and 1 000 000 messages with good performance unlikely above that
dt  dt b name value b Postfix ge 3 0 dt 
 dt dt dd 3 Also log the hexadecimal and ASCII dump of the
 dt dt dd 4 Also log the hexadecimal and ASCII dump of complete
 parametername stress something something Other
 p Note on OpenBSD systems specify dev dev arandom when dev dev urandom
 user3 example net smtp smtp relay example net submission 
 virtual_alias_maps hash etc postfix virtual virtual aliasing 
system_wide_settings  system_wide_settings 
ssl_library_settings  ssl_library_settings 
initial_ssl_settings  initial_ssl_settings 
postfix_settings  postfix_settings 
postfix_ssl_settings  postfix_ssl_settings 
baseline_postfix_settings  baseline_postfix_settings 
 The and match and literally Without the the
 The matches literally Without the the would
 The example is simplified for educational purposes In reality my patterns list multiple domain names as domain domain 
 The matches literally Without the the would match any character 
 The and match and literally Without the the and would be grouping operators 
 The matches literally Without the the would match any character 
 pipeline all commands following EHLO for example MAIL RCPT BDAT BDAT MAIL RCPT BDAT without ever having to wait for a server response This means that with BDAT the Postfix SMTP server cannot distinguish between a well behaved client and a
 NOTE Postfix 3 6 also introduces support for the level level and other operators to compare compatibility levels With the standard operators etc compatibility level 3 10 would be smaller than 3 9 which is undesirable 
 Otherwise the benefits of SMTP connection caching are minor it eliminates the latency of the TCP handshake SYN SYN ACK ACK plus the latency of the SMTP initial handshake 220 greeting EHLO command EHLO response With TLS encrypted
 Otherwise the benefits of SMTP connection caching are minor it eliminates the latency of the TCP handshake SYN SYN ACK ACK plus the latency of the SMTP initial handshake 220 greeting EHLO command EHLO response With TLS encrypted
 3 Reject the mail by sending a suitable status code back to Postfix Postfix will send the mail back to the sender address 
 Line 8 NEVER NEVER NEVER use the t command line option here It will mis deliver mail like sending messages from a mailing list back to the mailing list 
 Line 8 NEVER NEVER NEVER use the t command line option here It will mis deliver mail like sending messages from a mailing list back to the mailing list 
Documentation  Documentation is available as README files start with the file README_FILES AAAREADME as HTML web pages point your browser to html index html and as UNIX style manual pages 
 Parameters whose defaults can be specified in this way are listed below See the postconf 5 manpage for a description command nroff man man man5 postconf 5 less 
 Parameters whose defaults can be specified in this way are listed below See the postconf 5 manpage for a description command nroff man man man5 postconf 5 less 
mynetworks mynetworks 127 0 0 0 8 168 100 189 0 28 1 128 fe80 10 2001 240 587 64
Postfix  Postfix can use an LDAP directory as a source for any of its lookups aliases 5 virtual 5 canonical 5 etc This allows you to keep information for your mail service in a replicated network database with fine grained access controls By not
 If you re using the libraries from the UM distribution http www umich edu dirsvcs ldap ldap html or OpenLDAP http www openldap org something like this in the top level of your Postfix source tree should work 
query_filter mailacceptinggeneralid s maildrop maildrop maildrop 
query_filter mailacceptinggeneralid s maildrop maildrop maildrop 
query_filter mailacceptinggeneralid s maildrop maildrop maildrop owner cn root dc your dc com 
query_filter mailacceptinggeneralid s maildrop maildrop maildrop owner cn root dc your dc com 
 As of Postfix version 2 0 the Postfix SMTP server rejects mail for unknown recipients in local domains domains that match mydestination or the IP addresses in inet_interfaces or proxy_interfaces with User unknown in local recipient table 
 Postfix emulates a limited number of Sendmail macros as shown in the table Some macro values depend on whether a recipient is rejected rejected recipients are available on request by the Milter application Different macros are available at
 Postfix has TWO sets of mail filters filters that are used for SMTP mail only specified with the smtpd_milters parameter and filters for non SMTP mail specified with the non_smtpd_milters parameter The non SMTP filters are primarily for
 etc usr usr bin var var spool and so on This is especially an issue if you executed postfix install see above as an unprivileged user 
 etc usr usr bin var var spool and so on This is especially an issue if you executed postfix install see above as an unprivileged user 
 parametername stress something stress something or parametername stress something something Other parameters always evaluate as if the stress value is the empty string 
 parametername stress something stress something or parametername stress something something Other parameters always evaluate as if the stress value is the empty string 
 more CPU faster disks and more network bandwidth can deal with larger deferred queues but as a rule of thumb the deferred queue scales to somewhere between 100 000 and 1 000 000 messages with good performance unlikely above that limit 
 31 sasldb Accounts are stored stored in a Cyrus SASL Berkeley DB database
 assigned to the delivery slots might look like this 12131415 Hmm fine for sneaking in the single recipient mail but how do we sneak in the mail with more than one recipient Say if we have one four recipient mail followed by two two recipient
 we see the hundred recipient job can accumulate ten free delivery slots and then we could preempt it and sneak in the ten recipient mail Wait wait wait Could we Aren t we overinflating the original one thousand recipient mail 
 The truth is that it turns out that it is not really necessary to wait until the jobs counter accumulates all the delivery slots in advance Say we have ten recipient mail followed by two two recipient mails If the preemption happened when enough
 Disallowing RFC 822 address syntax example MAIL FROM the dude dude example com 
 3 Reject the mail by sending a suitable SMTP status code back to Postfix Postfix passes the status back to the remote SMTP client This way Postfix does not have to send a bounce message 
 Lines 14 18 Define the list of valid addresses in the the backed up domain tld domain This prevents your mail queue from filling up with undeliverable MAILER DAEMON messages If you can t maintain a list of valid recipients then you must
 The syntax of name value value name value and name value is explained at the beginning of the postconf 5 manual page 
 Use 521 SMTP reply codes Postfix 2 6 and later or 421 Postfix 2 3 2 5 to hang up on clients that that match botnet related RBLs see next bullet or that match selected non RBL restrictions such as SMTP access maps The Postfix SMTP
 the next hop destination can have the Postfix specific form name name port name or name port 
 dt b a name no_unknown_recipient_checks no_unknown_recipient_checks a b dt 
 dt b a name check_ccert_access check_ccert_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_client_access check_client_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_client_a_access check_client_a_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_client_mx_access check_client_mx_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_client_ns_access check_client_ns_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_reverse_client_hostname_access check_reverse_client_hostname_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_reverse_client_hostname_a_access check_reverse_client_hostname_a_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_reverse_client_hostname_mx_access check_reverse_client_hostname_mx_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_reverse_client_hostname_ns_access check_reverse_client_hostname_ns_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_sasl_access check_sasl_access a i a href DATABASE_README html type table a i b dt 
 dt b a name permit_sasl_authenticated permit_sasl_authenticated a b dt 
 dt b a name permit_tls_all_clientcerts permit_tls_all_clientcerts a b dt 
 dt b a name reject_rbl_client reject_rbl_client i rbl_domain d d d d i a b dt 
 dt b a name permit_dnswl_client permit_dnswl_client i dnswl_domain d d d d i a b dt 
 dt b a name reject_rhsbl_client reject_rhsbl_client i rbl_domain d d d d i a b dt 
 dt b a name permit_rhswl_client permit_rhswl_client i rhswl_domain d d d d i a b dt 
 dt b a name reject_rhsbl_reverse_client reject_rhsbl_reverse_client i rbl_domain d d d d i a b dt 
 dt b a name reject_unknown_client_hostname reject_unknown_client_hostname a b with Postfix lt 2 3 reject_unknown_client dt 
 dt b a name reject_unknown_reverse_client_hostname reject_unknown_reverse_client_hostname a b dt 
 dt b a name reject_unknown_forward_client_hostname reject_unknown_forward_client_hostname a b dt 
 dt b a name check_policy_service check_policy_service i servername i a b dt 
 dt b a name reject_multi_recipient_bounce reject_multi_recipient_bounce a b dt 
 dt b a name check_etrn_access check_etrn_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_helo_access check_helo_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_helo_a_access check_helo_a_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_helo_mx_access check_helo_mx_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_helo_ns_access check_helo_ns_access a i a href DATABASE_README html type table a i b dt 
 dt b a name reject_invalid_helo_hostname reject_invalid_helo_hostname a b with Postfix lt 2 3 reject_invalid_hostname dt 
 dt b a name reject_non_fqdn_helo_hostname reject_non_fqdn_helo_hostname a b with Postfix lt 2 3 reject_non_fqdn_hostname dt 
 dt b a name reject_rhsbl_helo reject_rhsbl_helo i rbl_domain d d d d i a b dt 
 dt b a name reject_unknown_helo_hostname reject_unknown_helo_hostname a b with Postfix lt 2 3 reject_unknown_hostname dt 
 dt b a name check_recipient_access check_recipient_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_recipient_a_access check_recipient_a_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_recipient_mx_access check_recipient_mx_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_recipient_ns_access check_recipient_ns_access a i a href DATABASE_README html type table a i b dt 
 dt b a name reject_non_fqdn_recipient reject_non_fqdn_recipient a b dt 
 dt b a name reject_rhsbl_recipient reject_rhsbl_recipient i rbl_domain d d d d i a b dt 
 dt b a name reject_unauth_destination reject_unauth_destination a b dt 
 dt b a name reject_unknown_recipient_domain reject_unknown_recipient_domain a b dt 
 dt b a name reject_unlisted_recipient reject_unlisted_recipient a b with Postfix version 2 0 check_recipient_maps dt 
 dt b a name reject_unverified_recipient reject_unverified_recipient a b dt 
 dt b a name check_sender_access check_sender_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_sender_a_access check_sender_a_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_sender_mx_access check_sender_mx_access a i a href DATABASE_README html type table a i b dt 
 dt b a name check_sender_ns_access check_sender_ns_access a i a href DATABASE_README html type table a i b dt 
 dt b a name reject_authenticated_sender_login_mismatch reject_authenticated_sender_login_mismatch a b dt 
 dt b a name reject_known_sender_login_mismatch reject_known_sender_login_mismatch a b dt 
 dt b a name reject_rhsbl_sender reject_rhsbl_sender i rbl_domain d d d d i a b dt 
 dt b a name reject_sender_login_mismatch reject_sender_login_mismatch a b dt 
 dt b a name reject_unauthenticated_sender_login_mismatch reject_unauthenticated_sender_login_mismatch a b dt 
 dt b a name reject_unknown_sender_domain reject_unknown_sender_domain a b dt 
 dt b a name check_address_map check_address_map a i a href DATABASE_README html type table a i b dt 
 PARAM postscreen_dnsbl_max_ttl postscreen_dnsbl_ttl postscreen_dnsbl_ttl 1 h
standard lt CR gt lt LF gt br br This maintains compatibility
 lt CR gt lt LF gt lt CR gt lt LF gt br br Such clients
 smtpd_forbid_bare_newline_reject_code br br This will reject
 br br This will also reject some email from Microsoft services
2045 Sections 2 7 and 2 8 br br Such clients can be excluded
 br br This will also reject email from services that use BDAT
RFC 2045 Sections 2 7 and 2 8 br br Such clients can be
to become a list of comma separated names br br This feature
the form of a domain name hostname hostname service hostname service 
expected to become a list of comma separated names br br This
Postfix  Postfix can use MongoDB as a source for any of its lookups aliases 5 virtual 5 canonical 5 etc This allows you to keep information for your mail service in a replicated noSQL database with fine grained access controls By not storing it
 CCARGS CCARGS DHAS_MONGODB I usr include libmongoc 1 0 
 dt dt dd 2 Also enable verbose logging in the Postfix TLS