diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:18:56 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:18:56 +0000 |
commit | b7c15c31519dc44c1f691e0466badd556ffe9423 (patch) | |
tree | f944572f288bab482a615e09af627d9a2b6727d8 /man/man1 | |
parent | Initial commit. (diff) | |
download | postfix-b7c15c31519dc44c1f691e0466badd556ffe9423.tar.xz postfix-b7c15c31519dc44c1f691e0466badd556ffe9423.zip |
Adding upstream version 3.7.10.upstream/3.7.10upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | man/man1/mailq.1 | 1 | ||||
-rw-r--r-- | man/man1/makedefs.1 | 191 | ||||
-rw-r--r-- | man/man1/newaliases.1 | 1 | ||||
-rw-r--r-- | man/man1/postalias.1 | 262 | ||||
-rw-r--r-- | man/man1/postcat.1 | 121 | ||||
-rw-r--r-- | man/man1/postconf.1 | 610 | ||||
-rw-r--r-- | man/man1/postdrop.1 | 139 | ||||
-rw-r--r-- | man/man1/postfix-tls.1 | 246 | ||||
-rw-r--r-- | man/man1/postfix.1 | 433 | ||||
-rw-r--r-- | man/man1/postkick.1 | 102 | ||||
-rw-r--r-- | man/man1/postlock.1 | 126 | ||||
-rw-r--r-- | man/man1/postlog.1 | 125 | ||||
-rw-r--r-- | man/man1/postmap.1 | 343 | ||||
-rw-r--r-- | man/man1/postmulti.1 | 434 | ||||
-rw-r--r-- | man/man1/postqueue.1 | 271 | ||||
-rw-r--r-- | man/man1/postsuper.1 | 343 | ||||
-rw-r--r-- | man/man1/posttls-finger.1 | 343 | ||||
-rw-r--r-- | man/man1/qmqp-sink.1 | 69 | ||||
-rw-r--r-- | man/man1/qmqp-source.1 | 90 | ||||
-rw-r--r-- | man/man1/qshape.1 | 118 | ||||
-rw-r--r-- | man/man1/sendmail.1 | 512 | ||||
-rw-r--r-- | man/man1/smtp-sink.1 | 276 | ||||
-rw-r--r-- | man/man1/smtp-source.1 | 127 |
23 files changed, 5283 insertions, 0 deletions
diff --git a/man/man1/mailq.1 b/man/man1/mailq.1 new file mode 100644 index 0000000..b12bf18 --- /dev/null +++ b/man/man1/mailq.1 @@ -0,0 +1 @@ +.so man1/sendmail.1 diff --git a/man/man1/makedefs.1 b/man/man1/makedefs.1 new file mode 100644 index 0000000..70c848e --- /dev/null +++ b/man/man1/makedefs.1 @@ -0,0 +1,191 @@ +.TH MAKEDEFS 1 +.ad +.fi +.SH NAME +makedefs +\- +Postfix makefile configuration utility +.SH "SYNOPSIS" +.na +.nf +\fBmake makefiles \fIname=value...\fR +.SH DESCRIPTION +.ad +.fi +The \fBmakedefs\fR command identifies the compilation +environment, and emits macro definitions on the standard +output stream that can be prepended to template Makefiles. +These macros implement an internal interface and are subject +to change without notice. +.SH "NAME=VALUE OVERRIDES" +.na +.nf +.ad +.fi +Default settings can be overruled by specifying them as +environment variables (or as name=value pairs on the "make" +command line). Use quotes if variables contain whitespace +or shell meta characters. + +The command "\fBmake makefiles name=value...\fR" will replace +the string \fBMAIL_VERSION\fR at the end of a value with the +Postfix version (\fImajor.minor.patchlevel\fR for a stable +release, \fImajor.minor\-date\fR for a development release). +Do not try to specify something like \fB$mail_version\fR: +that produces inconsistent results with different implementations +of the make(1) command. +.IP \fBAUXLIBS=\fIobject_library...\fR +Specifies one or more non\-default object libraries. Postfix +3.0 and later specify some of their database library +dependencies with AUXLIBS_CDB, AUXLIBS_LDAP, AUXLIBS_LMDB, +AUXLIBS_MYSQL, AUXLIBS_PCRE, AUXLIBS_PGSQL, AUXLIBS_SDBM, +and AUXLIBS_SQLITE, respectively. +.IP \fBCC=\fIcompiler_command\fR +Specifies a non\-default compiler. On many systems, the default +is \fBgcc\fR. +.IP \fBCCARGS=\fIcompiler_arguments\fR +Specifies non\-default compiler arguments, for example, a non\-default +\fIinclude\fR directory. +The following directives are special: +.RS +.IP \fB\-DNO_DB\fR +Do not build with Berkeley DB support. +.IP \fB\-DNO_DEVPOLL\fR +Do not build with Solaris /dev/poll support. +By default, /dev/poll support is compiled in on platforms that +are known to support it. +.IP \fB\-DNO_DNSSEC\fR +Do not build with DNSSEC support, even if the resolver +library appears to support it. +.IP \fB\-DNO_EPOLL\fR +Do not build with Linux EPOLL support. +By default, EPOLL support is compiled in on platforms that +are known to support it. +.IP \fB\-DNO_EAI\fR +Do not build with EAI (SMTPUTF8) support. By default, EAI +support is compiled in when the "pkg\-config" command is +found, or the deprecated "icu\-config" command. +.IP \fB\-DNO_INLINE\fR +Do not require support for C99 "inline" functions. Instead, +implement argument typechecks for non\-(printf/scanf)\-like +functions with ternary operators and unreachable code. +.IP \fB\-DNO_IPV6\fR +Do not build with IPv6 support. +By default, IPv6 support is compiled in on platforms that +are known to have IPv6 support. + +Note: this directive is for debugging and testing only. It +is not guaranteed to work on all platforms. If you don't +want IPv6 support, set "inet_protocols = ipv4" in main.cf. +.IP \fB\-DNO_IP_CYRUS_SASL_AUTH\fR +Don't pass remote SMTP client and Postfix SMTP server IP +address and port information to the Cyrus SASL library. +This is compatible with Postfix < 3.2. +.IP \fB\-DNO_KQUEUE\fR +Do not build with FreeBSD/NetBSD/OpenBSD/MacOSX KQUEUE support. +By default, KQUEUE support is compiled in on platforms that +are known to support it. +.IP \fB\-DNO_NIS\fR +Do not build with NIS or NISPLUS support. Support for NIS +is unavailable on some recent Linux distributions. +.IP \fB\-DNO_NISPLUS\fR +Do not build with NISPLUS support. Support for NISPLUS +is unavailable on some recent Solaris distributions. +.IP \fB\-DNO_PCRE\fR +Do not build with PCRE support. +By default, PCRE support is compiled in when the \fBpcre2\-config\fR +or \fBpcre\-config\fR utility are installed. +.IP \fB\-DNO_POSIX_GETPW_R\fR +Disable support for POSIX getpwnam_r/getpwuid_r. +.IP \fB\-DNO_RES_NCALLS\fR +Do not build with the threadsafe resolver(5) API (res_ninit() etc.). +.IP \fB\-DNO_SIGSETJMP\fR +Use setjmp()/longjmp() instead of sigsetjmp()/siglongjmp(). +By default, Postfix uses sigsetjmp()/siglongjmp() when they +appear to work. +.IP \fB\-DNO_SNPRINTF\fR +Use sprintf() instead of snprintf(). By default, Postfix +uses snprintf() except on ancient systems. +.RE +.IP \fBDEBUG=\fIdebug_level\fR +Specifies a non\-default debugging level. The default is \fB\-g\fR. +Specify \fBDEBUG=\fR to turn off debugging. +.IP \fBOPT=\fIoptimization_level\fR +Specifies a non\-default optimization level. The default is \fB\-O\fR. +Specify \fBOPT=\fR to turn off optimization. +.IP \fBPOSTFIX_INSTALL_OPTS=\fI\-option...\fR +Specifies options for the postfix\-install command, separated +by whitespace. Currently, the only supported option is +\fB\-keep\-build\-mtime\fR. +.IP \fBSHLIB_CFLAGS=\fIflags\fR +Override the compiler flags (typically, "\-fPIC") for Postfix +dynamically\-linked libraries and database plugins. + +This feature was introduced with Postfix 3.0. +.IP \fBSHLIB_RPATH=\fIrpath\fR +Override the runpath (typically, "'\-Wl,\-rpath,${SHLIB_DIR}'") +for Postfix dynamically\-linked libraries. + +This feature was introduced with Postfix 3.0. +.IP \fBSHLIB_SUFFIX=\fIsuffix\fR +Override the filename suffix (typically, ".so") for Postfix +dynamically\-linked libraries and database plugins. + +This feature was introduced with Postfix 3.0. +.IP \fBshared=yes\fR +.IP \fBshared=no\fR +Enable (disable) Postfix builds with dynamically\-linked +libraries typically named $shlib_directory/libpostfix\-*.so.*. + +This feature was introduced with Postfix 3.0. +.IP \fBdynamicmaps=yes\fR +.IP \fBdynamicmaps=no\fR +Enable (disable) Postfix builds with the configuration file +$meta_directory/dynamicmaps.cf and dynamically\-loadable +database plugins typically named postfix\-*.so.*. The setting +"dynamicmaps=yes" implicitly enables Postfix dynamically\-linked +libraries. + +This feature was introduced with Postfix 3.0. +.IP \fBpie=yes\fR +.IP \fBpie=no\fR +Enable (disable) Postfix builds with position\-independent +executables, on platforms where this is supported. + +This feature was introduced with Postfix 3.0. +.IP \fIinstallation_parameter\fB=\fIvalue\fR... +Override the compiled\-in default value of the specified +installation parameter(s). The following parameters are +supported in this context: + +command_directory config_directory daemon_directory +data_directory default_database_type html_directory +mail_spool_directory mailq_path manpage_directory meta_directory +newaliases_path queue_directory readme_directory sendmail_path +shlib_directory openssl_path + +See the postconf(5) manpage for a description of these +parameters. + +This feature was introduced with Postfix 3.0. +.IP \fBWARN=\fIwarning_flags\fR +Specifies non\-default gcc compiler warning options for use when +"make" is invoked in a source subdirectory only. +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/newaliases.1 b/man/man1/newaliases.1 new file mode 100644 index 0000000..b12bf18 --- /dev/null +++ b/man/man1/newaliases.1 @@ -0,0 +1 @@ +.so man1/sendmail.1 diff --git a/man/man1/postalias.1 b/man/man1/postalias.1 new file mode 100644 index 0000000..4c7f02b --- /dev/null +++ b/man/man1/postalias.1 @@ -0,0 +1,262 @@ +.TH POSTALIAS 1 +.ad +.fi +.SH NAME +postalias +\- +Postfix alias database maintenance +.SH "SYNOPSIS" +.na +.nf +.fi +\fBpostalias\fR [\fB\-Nfinoprsuvw\fR] [\fB\-c \fIconfig_dir\fR] +[\fB\-d \fIkey\fR] [\fB\-q \fIkey\fR] + [\fIfile_type\fR:]\fIfile_name\fR ... +.SH DESCRIPTION +.ad +.fi +The \fBpostalias\fR(1) command creates or queries one or more Postfix +alias databases, or updates an existing one. The input and output +file formats are expected to be compatible with Sendmail version 8, +and are expected to be suitable for use as NIS alias maps. + +If the result files do not exist they will be created with the +same group and other read permissions as their source file. + +While a database update is in progress, signal delivery is +postponed, and an exclusive, advisory, lock is placed on the +entire database, in order to avoid surprises in spectator +processes. + +The format of Postfix alias input files is described in +\fBaliases\fR(5). + +By default the lookup key is mapped to lowercase to make +the lookups case insensitive; as of Postfix 2.3 this case +folding happens only with tables whose lookup keys are +fixed\-case strings such as btree:, dbm: or hash:. With +earlier versions, the lookup key is folded even with tables +where a lookup field can match both upper and lower case +text, such as regexp: and pcre:. This resulted in loss of +information with $\fInumber\fR substitutions. + +Options: +.IP "\fB\-c \fIconfig_dir\fR" +Read the \fBmain.cf\fR configuration file in the named directory +instead of the default configuration directory. +.IP "\fB\-d \fIkey\fR" +Search the specified maps for \fIkey\fR and remove one entry per map. +The exit status is zero when the requested information was found. + +If a key value of \fB\-\fR is specified, the program reads key +values from the standard input stream. The exit status is zero +when at least one of the requested keys was found. +.IP \fB\-f\fR +Do not fold the lookup key to lower case while creating or querying +a table. + +With Postfix version 2.3 and later, this option has no +effect for regular expression tables. There, case folding +is controlled by appending a flag to a pattern. +.IP \fB\-i\fR +Incremental mode. Read entries from standard input and do not +truncate an existing database. By default, \fBpostalias\fR(1) creates +a new database from the entries in \fIfile_name\fR. +.IP \fB\-N\fR +Include the terminating null character that terminates lookup keys +and values. By default, \fBpostalias\fR(1) does whatever +is the default for +the host operating system. +.IP \fB\-n\fR +Don't include the terminating null character that terminates lookup +keys and values. By default, \fBpostalias\fR(1) does whatever +is the default for +the host operating system. +.IP \fB\-o\fR +Do not release root privileges when processing a non\-root +input file. By default, \fBpostalias\fR(1) drops root privileges +and runs as the source file owner instead. +.IP \fB\-p\fR +Do not inherit the file access permissions from the input file +when creating a new file. Instead, create a new file with default +access permissions (mode 0644). +.IP "\fB\-q \fIkey\fR" +Search the specified maps for \fIkey\fR and write the first value +found to the standard output stream. The exit status is zero +when the requested information was found. + +Note: this performs a single query with the key as specified, +and does not make iterative queries with substrings of the +key as described in the aliases(5) manual page. + +If a key value of \fB\-\fR is specified, the program reads key +values from the standard input stream and writes one line of +\fIkey: value\fR output for each key that was found. The exit +status is zero when at least one of the requested keys was found. +.IP \fB\-r\fR +When updating a table, do not complain about attempts to update +existing entries, and make those updates anyway. +.IP \fB\-s\fR +Retrieve all database elements, and write one line of +\fIkey: value\fR output for each element. The elements are +printed in database order, which is not necessarily the same +as the original input order. +This feature is available in Postfix version 2.2 and later, +and is not available for all database types. +.IP \fB\-u\fR +Disable UTF\-8 support. UTF\-8 support is enabled by default +when "smtputf8_enable = yes". It requires that keys and +values are valid UTF\-8 strings. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. +.IP \fB\-w\fR +When updating a table, do not complain about attempts to update +existing entries, and ignore those attempts. +.PP +Arguments: +.IP \fIfile_type\fR +The database type. To find out what types are supported, use +the "\fBpostconf \-m\fR" command. + +The \fBpostalias\fR(1) command can query any supported file type, +but it can create only the following file types: +.RS +.IP \fBbtree\fR +The output is a btree file, named \fIfile_name\fB.db\fR. +This is available on systems with support for \fBdb\fR databases. +.IP \fBcdb\fR +The output is one file named \fIfile_name\fB.cdb\fR. +This is available on systems with support for \fBcdb\fR databases. +.IP \fBdbm\fR +The output consists of two files, named \fIfile_name\fB.pag\fR and +\fIfile_name\fB.dir\fR. +This is available on systems with support for \fBdbm\fR databases. +.IP \fBfail\fR +A table that reliably fails all requests. The lookup table +name is used for logging only. This table exists to simplify +Postfix error tests. +.IP \fBhash\fR +The output is a hashed file, named \fIfile_name\fB.db\fR. +This is available on systems with support for \fBdb\fR databases. +.IP \fBlmdb\fR +The output is a btree\-based file, named \fIfile_name\fB.lmdb\fR. +\fBlmdb\fR supports concurrent writes and reads from different +processes, unlike other supported file\-based tables. +This is available on systems with support for \fBlmdb\fR databases. +.IP \fBsdbm\fR +The output consists of two files, named \fIfile_name\fB.pag\fR and +\fIfile_name\fB.dir\fR. +This is available on systems with support for \fBsdbm\fR databases. +.PP +When no \fIfile_type\fR is specified, the software uses the database +type specified via the \fBdefault_database_type\fR configuration +parameter. +The default value for this parameter depends on the host environment. +.RE +.IP \fIfile_name\fR +The name of the alias database source file when creating a database. +.SH DIAGNOSTICS +.ad +.fi +Problems are logged to the standard error stream and to +\fBsyslogd\fR(8) or \fBpostlogd\fR(8). No output means that +no problems were detected. Duplicate entries are skipped and are +flagged with a warning. + +\fBpostalias\fR(1) terminates with zero exit status in case of success +(including successful "\fBpostalias \-q\fR" lookup) and terminates +with non\-zero exit status in case of failure. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP \fBMAIL_CONFIG\fR +Directory with Postfix configuration files. +.IP \fBMAIL_VERBOSE\fR +Enable verbose logging for debugging purposes. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. + +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBalias_database (see 'postconf -d' output)\fR" +The alias databases for \fBlocal\fR(8) delivery that are updated with +"\fBnewaliases\fR" or with "\fBsendmail \-bi\fR". +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBberkeley_db_create_buffer_size (16777216)\fR" +The per\-table I/O buffer size for programs that create Berkeley DB +hash or btree tables. +.IP "\fBberkeley_db_read_buffer_size (131072)\fR" +The per\-table I/O buffer size for programs that read Berkeley DB +hash or btree tables. +.IP "\fBdefault_database_type (see 'postconf -d' output)\fR" +The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1) +and \fBpostmap\fR(1) commands. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment variables that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBsmtputf8_enable (yes)\fR" +Enable preliminary SMTPUTF8 support for the protocols described +in RFC 6531, RFC 6532, and RFC 6533. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.PP +Available in Postfix 2.11 and later: +.IP "\fBlmdb_map_size (16777216)\fR" +The initial OpenLDAP LMDB database size limit in bytes. +.SH "STANDARDS" +.na +.nf +RFC 822 (ARPA Internet Text Messages) +.SH "SEE ALSO" +.na +.nf +aliases(5), format of alias database input file. +local(8), Postfix local delivery agent. +postconf(1), supported database types +postconf(5), configuration parameters +postmap(1), create/update/query lookup tables +newaliases(1), Sendmail compatibility interface. +postlogd(8), Postfix logging +syslogd(8), system logging +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or +"\fBpostconf html_directory\fR" to locate this information. +.na +.nf +DATABASE_README, Postfix lookup table overview +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postcat.1 b/man/man1/postcat.1 new file mode 100644 index 0000000..eb3025b --- /dev/null +++ b/man/man1/postcat.1 @@ -0,0 +1,121 @@ +.TH POSTCAT 1 +.ad +.fi +.SH NAME +postcat +\- +show Postfix queue file contents +.SH "SYNOPSIS" +.na +.nf +\fBpostcat\fR [\fB\-bdehnoqv\fR] [\fB\-c \fIconfig_dir\fR] [\fIfiles\fR...] +.SH DESCRIPTION +.ad +.fi +The \fBpostcat\fR(1) command prints the contents of the +named \fIfiles\fR in human\-readable form. The files are +expected to be in Postfix queue file format. If no \fIfiles\fR +are specified on the command line, the program reads from +standard input. + +By default, \fBpostcat\fR(1) shows the envelope and message +content, as if the options \fB\-beh\fR were specified. To +view message content only, specify \fB\-bh\fR (Postfix 2.7 +and later). + +Options: +.IP \fB\-b\fR +Show body content. The \fB\-b\fR option starts producing +output at the first non\-header line, and stops when the end +of the message is reached. +.sp +This feature is available in Postfix 2.7 and later. +.IP "\fB\-c \fIconfig_dir\fR" +The \fBmain.cf\fR configuration file is in the named directory +instead of the default configuration directory. +.IP \fB\-d\fR +Print the decimal type of each record. +.IP \fB\-e\fR +Show message envelope content. +.sp +This feature is available in Postfix 2.7 and later. +.IP \fB\-h\fR +Show message header content. The \fB\-h\fR option produces +output from the beginning of the message up to, but not +including, the first non\-header line. +.sp +This feature is available in Postfix 2.7 and later. +.IP \fB\-o\fR +Print the queue file offset of each record. +.IP \fB\-q\fR +Search the Postfix queue for the named \fIfiles\fR instead +of taking the names literally. + +This feature is available in Postfix 2.0 and later. +.IP \fB\-r\fR +Print records in file order, don't follow pointer records. + +This feature is available in Postfix 3.7 and later. +.IP "\fB\-s \fIoffset\fR" +Skip to the specified queue file offset. + +This feature is available in Postfix 3.7 and later. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. +.SH DIAGNOSTICS +.ad +.fi +Problems are reported to the standard error stream. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP \fBMAIL_CONFIG\fR +Directory with Postfix configuration files. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. + +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment parameters that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBqueue_directory (see 'postconf -d' output)\fR" +The location of the Postfix top\-level queue directory. +.SH "FILES" +.na +.nf +/var/spool/postfix, Postfix queue directory +.SH "SEE ALSO" +.na +.nf +postconf(5), Postfix configuration +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postconf.1 b/man/man1/postconf.1 new file mode 100644 index 0000000..e422429 --- /dev/null +++ b/man/man1/postconf.1 @@ -0,0 +1,610 @@ +.TH POSTCONF 1 +.ad +.fi +.SH NAME +postconf +\- +Postfix configuration utility +.SH "SYNOPSIS" +.na +.nf +.fi +.ti -4 +\fBManaging main.cf:\fR + +\fBpostconf\fR [\fB\-dfhHnopvx\fR] [\fB\-c \fIconfig_dir\fR] +[\fB\-C \fIclass,...\fR] [\fIparameter ...\fR] + +\fBpostconf\fR [\fB\-epv\fR] [\fB\-c \fIconfig_dir\fR] +\fIparameter\fB=\fIvalue ...\fR + +\fBpostconf\fR \fB\-#\fR [\fB\-pv\fR] [\fB\-c \fIconfig_dir\fR] +\fIparameter ...\fR + +\fBpostconf\fR \fB\-X\fR [\fB\-pv\fR] [\fB\-c \fIconfig_dir\fR] +\fIparameter ...\fR + +.ti -4 +\fBManaging master.cf service entries:\fR + +\fBpostconf\fR \fB\-M\fR [\fB\-fovx\fR] [\fB\-c \fIconfig_dir\fR] +[\fIservice\fR[\fB/\fItype\fR]\fI ...\fR] + +\fBpostconf\fR \fB\-M\fR [\fB\-ev\fR] [\fB\-c \fIconfig_dir\fR] +\fIservice\fB/\fItype\fB=\fIvalue ...\fR + +\fBpostconf\fR \fB\-M#\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] +\fIservice\fB/\fItype ...\fR + +\fBpostconf\fR \fB\-MX\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] +\fIservice\fB/\fItype ...\fR + +.ti -4 +\fBManaging master.cf service fields:\fR + +\fBpostconf\fR \fB\-F\fR [\fB\-fhHovx\fR] [\fB\-c \fIconfig_dir\fR] +[\fIservice\fR[\fB/\fItype\fR[\fB/\fIfield\fR]]\fI ...\fR] + +\fBpostconf\fR \fB\-F\fR [\fB\-ev\fR] [\fB\-c \fIconfig_dir\fR] +\fIservice\fB/\fItype\fB/\fIfield\fB=\fIvalue ...\fR + +.ti -4 +\fBManaging master.cf service parameters:\fR + +\fBpostconf\fR \fB\-P\fR [\fB\-fhHovx\fR] [\fB\-c \fIconfig_dir\fR] +[\fIservice\fR[\fB/\fItype\fR[\fB/\fIparameter\fR]]\fI ...\fR] + +\fBpostconf\fR \fB\-P\fR [\fB\-ev\fR] [\fB\-c \fIconfig_dir\fR] +\fIservice\fB/\fItype\fB/\fIparameter\fB=\fIvalue ...\fR + +\fBpostconf\fR \fB\-PX\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] +\fIservice\fB/\fItype\fB/\fIparameter ...\fR + +.ti -4 +\fBManaging bounce message templates:\fR + +\fBpostconf\fR \fB\-b\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] +[\fItemplate_file\fR] + +\fBpostconf\fR \fB\-t\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] +[\fItemplate_file\fR] + +.ti -4 +\fBManaging TLS features:\fR + +\fBpostconf\fR \fB\-T \fImode\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] + +.ti -4 +\fBManaging other configuration:\fR + +\fBpostconf\fR \fB\-a\fR|\fB\-A\fR|\fB\-l\fR|\fB\-m\fR [\fB\-v\fR] +[\fB\-c \fIconfig_dir\fR] +.SH DESCRIPTION +.ad +.fi +By default, the \fBpostconf\fR(1) command displays the +values of \fBmain.cf\fR configuration parameters, and warns +about possible mis\-typed parameter names (Postfix 2.9 and later). +The command can also change \fBmain.cf\fR configuration +parameter values, or display other configuration information +about the Postfix mail system. + +Options: +.IP \fB\-a\fR +List the available SASL plug\-in types for the Postfix SMTP +server. The plug\-in type is selected with the \fBsmtpd_sasl_type\fR +configuration parameter by specifying one of the names +listed below. +.RS +.IP \fBcyrus\fR +This server plug\-in is available when Postfix is built with +Cyrus SASL support. +.IP \fBdovecot\fR +This server plug\-in uses the Dovecot authentication server, +and is available when Postfix is built with any form of SASL +support. +.RE +.IP +This feature is available with Postfix 2.3 and later. +.IP \fB\-A\fR +List the available SASL plug\-in types for the Postfix SMTP +client. The plug\-in type is selected with the \fBsmtp_sasl_type\fR +or \fBlmtp_sasl_type\fR configuration parameters by specifying +one of the names listed below. +.RS +.IP \fBcyrus\fR +This client plug\-in is available when Postfix is built with +Cyrus SASL support. +.RE +.IP +This feature is available with Postfix 2.3 and later. +.IP "\fB\-b\fR [\fItemplate_file\fR]" +Display the message text that appears at the beginning of +delivery status notification (DSN) messages, expanding +$\fBname\fR expressions with actual values as described in +\fBbounce\fR(5). + +To override the \fBbounce_template_file\fR parameter setting, +specify a template file name at the end of the "\fBpostconf +\-b\fR" command line. Specify an empty file name to display +built\-in templates (in shell language: ""). + +This feature is available with Postfix 2.3 and later. +.IP "\fB\-c \fIconfig_dir\fR" +The \fBmain.cf\fR configuration file is in the named directory +instead of the default configuration directory. +.IP "\fB\-C \fIclass,...\fR" +When displaying \fBmain.cf\fR parameters, select only +parameters from the specified class(es): +.RS +.IP \fBbuiltin\fR +Parameters with built\-in names. +.IP \fBservice\fR +Parameters with service\-defined names (the first field of +a \fBmaster.cf\fR entry plus a Postfix\-defined suffix). +.IP \fBuser\fR +Parameters with user\-defined names. +.IP \fBall\fR +All the above classes. +.RE +.IP +The default is as if "\fB\-C all\fR" is +specified. + +This feature is available with Postfix 2.9 and later. +.IP \fB\-d\fR +Print \fBmain.cf\fR default parameter settings instead of +actual settings. +Specify \fB\-df\fR to fold long lines for human readability +(Postfix 2.9 and later). +.IP \fB\-e\fR +Edit the \fBmain.cf\fR configuration file, and update +parameter settings with the "\fIname=value\fR" pairs on the +\fBpostconf\fR(1) command line. + +With \fB\-M\fR, edit the \fBmaster.cf\fR configuration file, +and replace one or more service entries with new values as +specified with "\fIservice/type=value\fR" on the \fBpostconf\fR(1) +command line. + +With \fB\-F\fR, edit the \fBmaster.cf\fR configuration file, +and replace one or more service fields with new values as +specified with "\fIservice/type/field=value\fR" on the +\fBpostconf\fR(1) command line. Currently, the "command" +field contains the command name and command arguments. This +may change in the near future, so that the "command" field +contains only the command name, and a new "arguments" +pseudofield contains the command arguments. + +With \fB\-P\fR, edit the \fBmaster.cf\fR configuration file, +and add or update one or more service parameter settings +(\-o parameter=value settings) with new values as specified +with "\fIservice/type/parameter=value\fR" on the \fBpostconf\fR(1) +command line. + +In all cases the file is copied to a temporary file then +renamed into place. Specify quotes to protect special +characters and whitespace on the \fBpostconf\fR(1) command +line. + +The \fB\-e\fR option is no longer needed with Postfix version +2.8 and later, as it is assumed whenever a value is specified +(empty or non\-empty). +.IP \fB\-f\fR +Fold long lines when printing \fBmain.cf\fR or \fBmaster.cf\fR +configuration file entries, for human readability. + +This feature is available with Postfix 2.9 and later. +.IP \fB\-F\fR +Show \fBmaster.cf\fR per\-entry field settings (by default +all services and all fields), formatted as +"\fIservice/type/field=value\fR", one per line. Specify +\fB\-Ff\fR to fold long lines. + +Specify one or more "\fIservice/type/field\fR" instances +on the \fBpostconf\fR(1) command line to limit the output +to fields of interest. Trailing parameter name or service +type fields that are omitted will be handled as "*" wildcard +fields. + +This feature is available with Postfix 2.11 and later. +.IP \fB\-h\fR +Show parameter or attribute values without the "\fIname\fR = " +label that normally precedes the value. +.IP \fB\-H\fR +Show parameter or attribute names without the " = \fIvalue\fR" +that normally follows the name. + +This feature is available with Postfix 3.1 and later. +.IP \fB\-l\fR +List the names of all supported mailbox locking methods. +Postfix supports the following methods: +.RS +.IP \fBflock\fR +A kernel\-based advisory locking method for local files only. +This locking method is available on systems with a BSD +compatible library. +.IP \fBfcntl\fR +A kernel\-based advisory locking method for local and remote +files. +.IP \fBdotlock\fR +An application\-level locking method. An application locks +a file named \fIfilename\fR by creating a file named +\fIfilename\fB.lock\fR. The application is expected to +remove its own lock file, as well as stale lock files that +were left behind after abnormal program termination. +.RE +.IP \fB\-m\fR +List the names of all supported lookup table types. In +Postfix configuration files, lookup tables are specified +as \fItype\fB:\fIname\fR, where \fItype\fR is one of the +types listed below. The table \fIname\fR syntax depends on +the lookup table type as described in the DATABASE_README +document. +.RS +.IP \fBbtree\fR +A sorted, balanced tree structure. Available on systems +with support for Berkeley DB databases. +.IP \fBcdb\fR +A read\-optimized structure with no support for incremental +updates. Available on systems with support for CDB databases. + +This feature is available with Postfix 2.2 and later. +.IP \fBcidr\fR +A table that associates values with Classless Inter\-Domain +Routing (CIDR) patterns. This is described in \fBcidr_table\fR(5). + +This feature is available with Postfix 2.2 and later. +.IP \fBdbm\fR +An indexed file type based on hashing. Available on systems +with support for DBM databases. +.IP \fBenviron\fR +The UNIX process environment array. The lookup key is the +environment variable name; the table name is ignored. Originally +implemented for testing, someone may find this useful someday. +.IP \fBfail\fR +A table that reliably fails all requests. The lookup table +name is used for logging. This table exists to simplify +Postfix error tests. + +This feature is available with Postfix 2.9 and later. +.IP \fBhash\fR +An indexed file type based on hashing. Available on systems +with support for Berkeley DB databases. +.IP "\fBinline\fR (read\-only)" +A non\-shared, in\-memory lookup table. Example: "\fBinline:{ +\fIkey\fB=\fIvalue\fB, { \fIkey\fB = \fItext with whitespace +or comma\fB }}\fR". Key\-value pairs are separated by +whitespace or comma; with a key\-value pair inside "\fB{}\fR", +whitespace is ignored after the opening "\fB{\fR", around +the "\fB=\fR" between key and value, and before the closing +"\fB}\fR". Inline tables eliminate the need to create a +database file for just a few fixed elements. See also the +\fIstatic:\fR map type. + +This feature is available with Postfix 3.0 and later. +.IP \fBinternal\fR +A non\-shared, in\-memory hash table. Its content are lost +when a process terminates. +.IP "\fBlmdb\fR" +OpenLDAP LMDB database (a memory\-mapped, persistent file). +Available on systems with support for LMDB databases. This +is described in \fBlmdb_table\fR(5). + +This feature is available with Postfix 2.11 and later. +.IP "\fBldap\fR (read\-only)" +LDAP database client. This is described in \fBldap_table\fR(5). +.IP "\fBmemcache\fR" +Memcache database client. This is described in +\fBmemcache_table\fR(5). + +This feature is available with Postfix 2.9 and later. +.IP "\fBmysql\fR (read\-only)" +MySQL database client. Available on systems with support +for MySQL databases. This is described in \fBmysql_table\fR(5). +.IP "\fBpcre\fR (read\-only)" +A lookup table based on Perl Compatible Regular Expressions. +The file format is described in \fBpcre_table\fR(5). +.IP "\fBpgsql\fR (read\-only)" +PostgreSQL database client. This is described in +\fBpgsql_table\fR(5). + +This feature is available with Postfix 2.1 and later. +.IP "\fBpipemap\fR (read\-only)" +A lookup table that constructs a pipeline of tables. Example: +"\fBpipemap:{\fItype_1:name_1, ..., type_n:name_n\fB}\fR". +Each "pipemap:" query is given to the first table. Each +lookup result becomes the query for the next table in the +pipeline, and the last table produces the final result. +When any table lookup produces no result, the pipeline +produces no result. The first and last characters of the +"pipemap:" table name must be "\fB{\fR" and "\fB}\fR". +Within these, individual maps are separated with comma or +whitespace. + +This feature is available with Postfix 3.0 and later. +.IP "\fBproxy\fR" +Postfix \fBproxymap\fR(8) client for shared access to Postfix +databases. The table name syntax is \fItype\fB:\fIname\fR. + +This feature is available with Postfix 2.0 and later. +.IP "\fBrandmap\fR (read\-only)" +An in\-memory table that performs random selection. Example: +"\fBrandmap:{\fIresult_1, ..., result_n\fB}\fR". Each table query +returns a random choice from the specified results. The first +and last characters of the "randmap:" table name must be +"\fB{\fR" and "\fB}\fR". Within these, individual results +are separated with comma or whitespace. To give a specific +result more weight, specify it multiple times. + +This feature is available with Postfix 3.0 and later. +.IP "\fBregexp\fR (read\-only)" +A lookup table based on regular expressions. The file format +is described in \fBregexp_table\fR(5). +.IP \fBsdbm\fR +An indexed file type based on hashing. Available on systems +with support for SDBM databases. + +This feature is available with Postfix 2.2 and later. +.IP "\fBsocketmap\fR (read\-only)" +Sendmail\-style socketmap client. The table name is +\fBinet\fR:\fIhost\fR:\fIport\fR:\fIname\fR for a TCP/IP +server, or \fBunix\fR:\fIpathname\fR:\fIname\fR for a +UNIX\-domain server. This is described in \fBsocketmap_table\fR(5). + +This feature is available with Postfix 2.10 and later. +.IP "\fBsqlite\fR (read\-only)" +SQLite database. This is described in \fBsqlite_table\fR(5). + +This feature is available with Postfix 2.8 and later. +.IP "\fBstatic\fR (read\-only)" +A table that always returns its name as lookup result. For +example, \fBstatic:foobar\fR always returns the string +\fBfoobar\fR as lookup result. Specify "\fBstatic:{ \fItext +with whitespace\fB }\fR" when the result contains whitespace; +this form ignores whitespace after the opening "\fB{\fR" +and before the closing +"\fB}\fR". See also the \fIinline:\fR map. + +The form "\fBstatic:{\fItext\fB}\fR is available with Postfix +3.0 and later. +.IP "\fBtcp\fR (read\-only)" +TCP/IP client. The protocol is described in \fBtcp_table\fR(5). +.IP "\fBtexthash\fR (read\-only)" +Produces similar results as hash: files, except that you +don't need to run the \fBpostmap\fR(1) command before you +can use the file, and that it does not detect changes after +the file is read. + +This feature is available with Postfix 2.8 and later. +.IP "\fBunionmap\fR (read\-only)" +A table that sends each query to multiple lookup tables and +that concatenates all found results, separated by comma. +The table name syntax is the same as for \fBpipemap\fR. + +This feature is available with Postfix 3.0 and later. +.IP "\fBunix\fR (read\-only)" +A limited view of the UNIX authentication database. The +following tables are implemented: +.RS +. IP \fBunix:passwd.byname\fR +The table is the UNIX password database. The key is a login +name. The result is a password file entry in \fBpasswd\fR(5) +format. +.IP \fBunix:group.byname\fR +The table is the UNIX group database. The key is a group +name. The result is a group file entry in \fBgroup\fR(5) +format. +.RE +.RE +.IP +Other table types may exist depending on how Postfix was +built. +.IP \fB\-M\fR +Show \fBmaster.cf\fR file contents instead of \fBmain.cf\fR +file contents. Specify \fB\-Mf\fR to fold long lines for +human readability. + +Specify zero or more arguments, each with a \fIservice\-name\fR +or \fIservice\-name/service\-type\fR pair, where \fIservice\-name\fR +is the first field of a master.cf entry and \fIservice\-type\fR +is one of (\fBinet\fR, \fBunix\fR, \fBfifo\fR, or \fBpass\fR). + +If \fIservice\-name\fR or \fIservice\-name/service\-type\fR +is specified, only the matching master.cf entries will be +output. For example, "\fBpostconf \-Mf smtp\fR" will output +all services named "smtp", and "\fBpostconf \-Mf smtp/inet\fR" +will output only the smtp service that listens on the +network. Trailing service type fields that are omitted +will be handled as "*" wildcard fields. + +This feature is available with Postfix 2.9 and later. The +syntax was changed from "\fIname.type\fR" to "\fIname/type\fR", +and "*" wildcard support was added with Postfix 2.11. +.IP \fB\-n\fR +Show only configuration parameters that have explicit +\fIname=value\fR settings in \fBmain.cf\fR. Specify \fB\-nf\fR +to fold long lines for human readability (Postfix 2.9 and +later). To show settings that differ from built\-in defaults +only, use the following bash syntax: +.nf + LANG=C comm \-23 <(postconf \-n) <(postconf \-d) +.fi +Replace "\-23" with "\-12" to show settings that duplicate +built\-in defaults. +.IP "\fB\-o \fIname=value\fR" +Override \fBmain.cf\fR parameter settings. This lets you see +the effect changing a parameter would have when it is used in +other configuration parameters, e.g.: +.nf + postconf \-x \-o stress=yes +.fi + +This feature is available with Postfix 2.10 and later. +.IP \fB\-p\fR +Show \fBmain.cf\fR parameter settings. This is the default. + +This feature is available with Postfix 2.11 and later. +.IP \fB\-P\fR +Show \fBmaster.cf\fR service parameter settings (by default +all services and all parameters), formatted as +"\fIservice/type/parameter=value\fR", one per line. Specify +\fB\-Pf\fR to fold long lines. + +Specify one or more "\fIservice/type/parameter\fR" instances +on the \fBpostconf\fR(1) command line to limit the output +to parameters of interest. Trailing parameter name or +service type fields that are omitted will be handled as "*" +wildcard fields. + +This feature is available with Postfix 2.11 and later. +.IP "\fB\-t\fR [\fItemplate_file\fR]" +Display the templates for text that appears at the beginning +of delivery status notification (DSN) messages, without +expanding $\fBname\fR expressions. + +To override the \fBbounce_template_file\fR parameter setting, +specify a template file name at the end of the "\fBpostconf +\-t\fR" command line. Specify an empty file name to display +built\-in templates (in shell language: ""). + +This feature is available with Postfix 2.3 and later. +.IP "\fB\-T \fImode\fR" +If Postfix is compiled without TLS support, the \fB\-T\fR option +produces no output. Otherwise, if an invalid \fImode\fR is specified, +the \fB\-T\fR option reports an error and exits with a non\-zero status +code. The valid modes are: +.RS +.IP \fBcompile\-version\fR +Output the OpenSSL version that Postfix was compiled with +(i.e. the OpenSSL version in a header file). The output +format is the same as with the command "\fBopenssl version\fR". +.IP \fBrun\-version\fR +Output the OpenSSL version that Postfix is linked with at +runtime (i.e. the OpenSSL version in a shared library). +.IP \fBpublic\-key\-algorithms\fR +Output the lower\-case names of the supported public\-key +algorithms, one per\-line. +.RE +.IP +This feature is available with Postfix 3.1 and later. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple +\fB\-v\fR options make the software increasingly verbose. +.IP \fB\-x\fR +Expand \fI$name\fR in \fBmain.cf\fR or \fBmaster.cf\fR +parameter values. The expansion is recursive. + +This feature is available with Postfix 2.10 and later. +.IP \fB\-X\fR +Edit the \fBmain.cf\fR configuration file, and remove the +parameters named on the \fBpostconf\fR(1) command line. +Specify a list of parameter names, not "\fIname=value\fR" +pairs. + +With \fB\-M\fR, edit the \fBmaster.cf\fR configuration file, +and remove one or more service entries as specified with +"\fIservice/type\fR" on the \fBpostconf\fR(1) command line. + +With \fB\-P\fR, edit the \fBmaster.cf\fR configuration file, +and remove one or more service parameter settings (\-o +parameter=value settings) as specified with +"\fIservice/type/parameter\fR" on the \fBpostconf\fR(1) +command line. + +In all cases the file is copied to a temporary file then +renamed into place. Specify quotes to protect special +characters on the \fBpostconf\fR(1) command line. + +There is no \fBpostconf\fR(1) command to perform the reverse +operation. + +This feature is available with Postfix 2.10 and later. +Support for \-M and \-P was added with Postfix 2.11. +.IP \fB\-#\fR +Edit the \fBmain.cf\fR configuration file, and comment out +the parameters named on the \fBpostconf\fR(1) command line, +so that those parameters revert to their default values. +Specify a list of parameter names, not "\fIname=value\fR" +pairs. + +With \fB\-M\fR, edit the \fBmaster.cf\fR configuration file, +and comment out one or more service entries as specified +with "\fIservice/type\fR" on the \fBpostconf\fR(1) command +line. + +In all cases the file is copied to a temporary file then +renamed into place. Specify quotes to protect special +characters on the \fBpostconf\fR(1) command line. + +There is no \fBpostconf\fR(1) command to perform the reverse +operation. + +This feature is available with Postfix 2.6 and later. Support +for \-M was added with Postfix 2.11. +.SH DIAGNOSTICS +.ad +.fi +Problems are reported to the standard error stream. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP \fBMAIL_CONFIG\fR +Directory with Postfix configuration files. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially +relevant to this program. + +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBbounce_template_file (empty)\fR" +Pathname of a configuration file with bounce message templates. +.SH "FILES" +.na +.nf +/etc/postfix/main.cf, Postfix configuration parameters +/etc/postfix/master.cf, Postfix master daemon configuration +.SH "SEE ALSO" +.na +.nf +bounce(5), bounce template file format +master(5), master.cf configuration file syntax +postconf(5), main.cf configuration file syntax +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or "\fBpostconf +html_directory\fR" to locate this information. +.na +.nf +DATABASE_README, Postfix lookup table overview +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this +software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postdrop.1 b/man/man1/postdrop.1 new file mode 100644 index 0000000..23d6012 --- /dev/null +++ b/man/man1/postdrop.1 @@ -0,0 +1,139 @@ +.TH POSTDROP 1 +.ad +.fi +.SH NAME +postdrop +\- +Postfix mail posting utility +.SH "SYNOPSIS" +.na +.nf +\fBpostdrop\fR [\fB\-rv\fR] [\fB\-c \fIconfig_dir\fR] +.SH DESCRIPTION +.ad +.fi +The \fBpostdrop\fR(1) command creates a file in the \fBmaildrop\fR +directory and copies its standard input to the file. + +Options: +.IP "\fB\-c \fIconfig_dir\fR" +The \fBmain.cf\fR configuration file is in the named directory +instead of the default configuration directory. See also the +MAIL_CONFIG environment setting below. +.IP \fB\-r\fR +Use a Postfix\-internal protocol for reading the message from +standard input, and for reporting status information on standard +output. This is currently the only supported method. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. As of Postfix 2.3, +this option is available for the super\-user only. +.SH "SECURITY" +.na +.nf +.ad +.fi +The command is designed to run with set\-group ID privileges, so +that it can write to the \fBmaildrop\fR queue directory and so that +it can connect to Postfix daemon processes. +.SH DIAGNOSTICS +.ad +.fi +Fatal errors: malformed input, I/O error, out of memory. Problems +are logged to \fBsyslogd\fR(8) or \fBpostlogd\fR(8) and to +the standard error stream. +When the input is incomplete, or when the process receives a HUP, +INT, QUIT or TERM signal, the queue file is deleted. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP MAIL_CONFIG +Directory with the \fBmain.cf\fR file. In order to avoid exploitation +of set\-group ID privileges, a non\-standard directory is allowed only +if: +.RS +.IP \(bu +The name is listed in the standard \fBmain.cf\fR file with the +\fBalternate_config_directories\fR configuration parameter. +.IP \(bu +The command is invoked by the super\-user. +.RE +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBalternate_config_directories (empty)\fR" +A list of non\-default Postfix configuration directories that may +be specified with "\-c config_directory" on the command line (in the +case of \fBsendmail\fR(1), with the "\-C" option), or via the MAIL_CONFIG +environment parameter. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment parameters that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBqueue_directory (see 'postconf -d' output)\fR" +The location of the Postfix top\-level queue directory. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.IP "\fBtrigger_timeout (10s)\fR" +The time limit for sending a trigger to a Postfix daemon (for +example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon). +.PP +Available in Postfix version 2.2 and later: +.IP "\fBauthorized_submit_users (static:anyone)\fR" +List of users who are authorized to submit mail with the \fBsendmail\fR(1) +command (and with the privileged \fBpostdrop\fR(1) helper command). +.PP +Available in Postfix version 3.6 and later: +.IP "\fBlocal_login_sender_maps (static:*)\fR" +A list of lookup tables that are searched by the UNIX login name, +and that return a list of allowed envelope sender patterns separated +by space or comma. +.IP "\fBempty_address_local_login_sender_maps_lookup_key (<>)\fR" +The lookup key to be used in local_login_sender_maps tables, instead +of the null sender address. +.IP "\fBrecipient_delimiter (empty)\fR" +The set of characters that can separate an email address +localpart, user name, or a .forward file name from its extension. +.SH "FILES" +.na +.nf +/var/spool/postfix/maildrop, maildrop queue +.SH "SEE ALSO" +.na +.nf +sendmail(1), compatibility interface +postconf(5), configuration parameters +postlogd(8), Postfix logging +syslogd(8), system logging +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postfix-tls.1 b/man/man1/postfix-tls.1 new file mode 100644 index 0000000..1c96799 --- /dev/null +++ b/man/man1/postfix-tls.1 @@ -0,0 +1,246 @@ +.TH POSTFIX-TLS 1 +.ad +.fi +.SH NAME +postfix-tls +\- +Postfix TLS management +.SH "SYNOPSIS" +.na +.nf +\fBpostfix tls\fR \fIsubcommand\fR +.SH DESCRIPTION +.ad +.fi +The "\fBpostfix tls \fIsubcommand\fR" feature enables +opportunistic TLS in the Postfix SMTP client or server, and +manages Postfix SMTP server private keys and certificates. + +The following subcommands are available: +.IP "\fBenable\-client\fR [\fB\-r \fIrandsource\fR]" +Enable opportunistic TLS in the Postfix SMTP client, if all +SMTP client TLS settings are at their default values. +Otherwise, suggest parameter settings without making any +changes. +.sp +Specify \fIrandsource\fR to update the value of the +\fBtls_random_source\fR configuration parameter (typically, +/dev/urandom). Prepend \fBdev:\fR to device paths or +\fBegd:\fR to EGD socket paths. +.sp +See also the \fBall\-default\-client\fR subcommand. +.IP "\fBenable\-server\fR [\fB\-r \fIrandsource\fR] [\fB\-a \fIalgorithm\fR] [\fB\-b \fIbits\fR] [\fIhostname\fB...\fR]" +Create a new private key and self\-signed server certificate +and enable opportunistic TLS in the Postfix SMTP server, +if all SMTP server TLS settings are at their default values. +Otherwise, suggest parameter settings without making any +changes. +.sp +The \fIrandsource\fR parameter is as with \fBenable\-client\fR +above, and the remaining options are as with \fBnew\-server\-key\fR +below. +.sp +See also the \fBall\-default\-server\fR subcommand. +.IP "\fBnew\-server\-key\fR [\fB\-a \fIalgorithm\fR] [\fB\-b \fIbits\fR] [\fIhostname\fB...\fR]" +Create a new private key and self\-signed server certificate, +but do not deploy them. Log and display commands to deploy +the new key and corresponding certificate. Also log and +display commands to output a corresponding CSR or TLSA +records which may be needed to obtain a CA certificate or +to update DNS before the new key can be deployed. +.sp +The \fIalgorithm\fR defaults to \fBrsa\fR, and \fIbits\fR +defaults to 2048. If you choose the \fBecdsa\fR \fIalgorithm\fR +then \fIbits\fR will be an EC curve name (by default +\fBsecp256r1\fR, also known as prime256v1). Curves other +than \fBsecp256r1\fR, \fBsecp384r1\fR or \fBsecp521r1\fR +are unlikely to be widely interoperable. When generating +EC keys, use one of these three. DSA keys are obsolete and +are not supported. +.sp +Note: ECDSA support requires OpenSSL 1.0.0 or later and may +not be available on your system. Not all client systems +will support ECDSA, so you'll generally want to deploy both +RSA and ECDSA certificates to make use of ECDSA with +compatible clients and RSA with the rest. If you want to +deploy certificate chains with intermediate CAs for both +RSA and ECDSA, you'll want at least OpenSSL 1.0.2, as earlier +versions may not handle multiple chain files correctly. +.sp +The first \fIhostname\fR argument will be the \fBCommonName\fR +of both the subject and issuer of the self\-signed certificate. +It, and any additional \fIhostname\fR arguments, will also +be listed as DNS alternative names in the certificate. If +no \fIhostname\fR is provided the value of the \fBmyhostname\fR +main.cf parameter will be used. +.sp +For RSA, the generated private key and certificate files +are named \fBkey\-\fIyyyymmdd\-hhmmss\fB.pem\fR and +\fBcert\-\fIyyyymmdd\-hhmmss\fB.pem\fR, where \fIyyyymmdd\fR +is the calendar date and \fIhhmmss\fR is the time of day +in UTC. For ECDSA, the file names start with \fBeckey\-\fR +and \fBeccert\-\fR instead of \fBkey\-\fR and \fBcert\-\fR +respectively. +.sp +Before deploying the new key and certificate with DANE, +update the DNS with new DANE TLSA records, then wait for +secondary nameservers to update and then for stale records +in remote DNS caches to expire. +.sp +Before deploying a new CA certificate make sure to include +all the required intermediate issuing CA certificates in +the certificate chain file. The server certificate must +be the first certificate in the chain file. Overwrite and +deploy the file with the original self\-signed certificate +that was generated together with the key. +.IP "\fBnew\-server\-cert\fR [\fB\-a \fIalgorithm\fR] [\fB\-b \fIbits\fR] [\fIhostname\fB...\fR]" +This is just like \fBnew\-server\-key\fR except that, rather +than generating a new private key, any currently deployed +private key is copied to the new key file. Thus if you're +publishing DANE TLSA "3 1 1" or "3 1 2" records, there is +no need to update DNS records. The \fIalgorithm\fR and +\fIbits\fR arguments are used only if no key of the same +algorithm is already configured. +.sp +This command is rarely needed, because the self\-signed +certificates generated have a 100\-year nominal expiration +time. The underlying public key algorithms may well be +obsoleted by quantum computers long before then. +.sp +The most plausible reason for using this command is when +the system hostname changes, and you'd like the name in the +certificate to match the new hostname (not required for +DANE "3 1 1", but some needlessly picky non\-DANE opportunistic +TLS clients may log warnings or even refuse to communicate). +.IP "\fBdeploy\-server\-cert \fIcertfile\fB \fIkeyfile\fR" +This subcommand deploys the certificates in \fIcertfile\fR +and private key in \fIkeyfile\fR (which are typically +generated by the commands above, which will also log and +display the full command needed to deploy the generated key +and certificate). After the new certificate and key are +deployed any obsolete keys and certificates may be removed +by hand. The \fIkeyfile\fR and \fIcertfile\fR filenames +may be relative to the Postfix configuration directory. +.IP "\fBoutput\-server\-csr\fR [\fB\-k \fIkeyfile\fR] [\fIhostname\fB...\fR]" +Write to stdout a certificate signing request (CSR) for the +specified \fIkeyfile\fR. +.sp +Instead of an absolute pathname or a pathname relative to +$config_directory, \fIkeyfile\fR may specify one of the +supported key algorithm names (see "\fBpostconf \-T +public\-key\-algorithms\fR"). In that case, the corresponding +setting from main.cf is used to locate the \fIkeyfile\fR. +The default \fIkeyfile\fR value is \fBrsa\fR. +.sp +Zero or more \fIhostname\fR values can be specified. The +default \fIhostname\fR is the value of \fBmyhostname\fR +main.cf parameter. +.IP "\fBoutput\-server\-tlsa\fR [\fB\-h \fIhostname\fR] [\fIkeyfile\fB...\fR]" +Write to stdout a DANE TLSA RRset suitable for a port 25 +SMTP server on host \fIhostname\fR with keys from any of +the specified \fIkeyfile\fR values. The default \fIhostname\fR +is the value of the \fBmyhostname\fR main.cf parameter. +.sp +Instead of absolute pathnames or pathnames relative to +$config_directory, the \fIkeyfile\fR list may specify +names of supported public key algorithms (see "\fBpostconf +\-T public\-key\-algorithms\fR"). In that case, the actual +\fIkeyfile\fR list uses the values of the corresponding +Postfix server TLS key file parameters. If a parameter +value is empty or equal to \fBnone\fR, then no TLSA record +is output for that algorithm. +.sp +The default \fIkeyfile\fR list consists of the two supported +algorithms \fBrsa\fR and \fBecdsa\fR. +.SH "AUXILIARY COMMANDS" +.na +.nf +.IP "\fBall\-default\-client\fR" +Exit with status 0 (success) if all SMTP client TLS settings are +at their default values. Otherwise, exit with a non\-zero status. +This is typically used as follows: +.sp +\fBpostfix tls all\-default\-client && + postfix tls enable\-client\fR +.IP "\fBall\-default\-server\fR" +Exit with status 0 (success) if all SMTP server TLS settings are +at their default values. Otherwise, exit with a non\-zero status. +This is typically used as follows: +.sp +\fBpostfix tls all\-default\-server && + postfix tls enable\-server\fR +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The "\fBpostfix tls \fIsubcommand\fR" feature reads +or updates the following configuration parameters. +.IP "\fBcommand_directory (see 'postconf -d' output)\fR" +The location of all postfix administrative commands. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBopenssl_path (openssl)\fR" +The location of the OpenSSL command line program \fBopenssl\fR(1). +.IP "\fBsmtp_tls_loglevel (0)\fR" +Enable additional Postfix SMTP client logging of TLS activity. +.IP "\fBsmtp_tls_security_level (empty)\fR" +The default SMTP TLS security level for the Postfix SMTP client; +when a non\-empty value is specified, this overrides the obsolete +parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername. +.IP "\fBsmtp_tls_session_cache_database (empty)\fR" +Name of the file containing the optional Postfix SMTP client +TLS session cache. +.IP "\fBsmtpd_tls_cert_file (empty)\fR" +File with the Postfix SMTP server RSA certificate in PEM format. +.IP "\fBsmtpd_tls_eccert_file (empty)\fR" +File with the Postfix SMTP server ECDSA certificate in PEM format. +.IP "\fBsmtpd_tls_eckey_file ($smtpd_tls_eccert_file)\fR" +File with the Postfix SMTP server ECDSA private key in PEM format. +.IP "\fBsmtpd_tls_key_file ($smtpd_tls_cert_file)\fR" +File with the Postfix SMTP server RSA private key in PEM format. +.IP "\fBsmtpd_tls_loglevel (0)\fR" +Enable additional Postfix SMTP server logging of TLS activity. +.IP "\fBsmtpd_tls_received_header (no)\fR" +Request that the Postfix SMTP server produces Received: message +headers that include information about the protocol and cipher used, +as well as the remote SMTP client CommonName and client certificate issuer +CommonName. +.IP "\fBsmtpd_tls_security_level (empty)\fR" +The SMTP TLS security level for the Postfix SMTP server; when +a non\-empty value is specified, this overrides the obsolete parameters +smtpd_use_tls and smtpd_enforce_tls. +.IP "\fBtls_random_source (see 'postconf -d' output)\fR" +The external entropy source for the in\-memory \fBtlsmgr\fR(8) pseudo +random number generator (PRNG) pool. +.SH "SEE ALSO" +.na +.nf +master(8) Postfix master program +postfix(1) Postfix administrative interface +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or +"\fBpostconf html_directory\fR" to locate this information. +.na +.nf +TLS_README, Postfix TLS configuration and operation +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH HISTORY +.ad +.fi +The "\fBpostfix tls\fR" command was introduced with Postfix +version 3.1. +.SH "AUTHOR(S)" +.na +.nf +Viktor Dukhovni diff --git a/man/man1/postfix.1 b/man/man1/postfix.1 new file mode 100644 index 0000000..21681de --- /dev/null +++ b/man/man1/postfix.1 @@ -0,0 +1,433 @@ +.TH POSTFIX 1 +.ad +.fi +.SH NAME +postfix +\- +Postfix control program +.SH "SYNOPSIS" +.na +.nf +.fi +\fBpostfix\fR [\fB\-Dv\fR] [\fB\-c \fIconfig_dir\fR] \fIcommand\fR +.SH DESCRIPTION +.ad +.fi +This command is reserved for the superuser. To submit mail, +use the Postfix \fBsendmail\fR(1) command. + +The \fBpostfix\fR(1) command controls the operation of the Postfix +mail system: start or stop the \fBmaster\fR(8) daemon, do a health +check, and other maintenance. + +By default, the \fBpostfix\fR(1) command sets up a standardized +environment and runs the \fBpostfix\-script\fR shell script +to do the actual work. + +However, when support for multiple Postfix instances is +configured, \fBpostfix\fR(1) executes the command specified +with the \fBmulti_instance_wrapper\fR configuration parameter. +This command will execute the \fIcommand\fR for each +applicable Postfix instance. + +The following commands are implemented: +.IP \fBcheck\fR +Warn about bad directory/file ownership or permissions, +and create missing directories. +.IP \fBstart\fR +Start the Postfix mail system. This also runs the configuration +check described above. +.IP \fBstart\-fg\fR +Like \fBstart\fR, but keep the \fBmaster\fR(8) daemon running +in the foreground, and enable \fBmaster\fR(8) "init" mode +when running as PID 1. +This command requires that multi\-instance support is +disabled (i.e. the multi_instance_directories parameter +value must be empty). + +When running Postfix inside a container, see MAILLOG_README +for logging to stdout. Postfix logs to syslog by default, +which requires a) running a syslogd process inside the +container, or b) mounting the container host's /dev/log +socket inside the container (example: "docker run \-v +/dev/log:/dev/log ..."), and c) a distinct Postfix "syslog_name" +prefix that identifies logging from the Postfix instance. +.IP \fBstop\fR +Stop the Postfix mail system in an orderly fashion. If +possible, running processes are allowed to terminate at +their earliest convenience. +.sp +Note: in order to refresh the Postfix mail system after a +configuration change, do not use the \fBstart\fR and \fBstop\fR +commands in succession. Use the \fBreload\fR command instead. +.IP \fBabort\fR +Stop the Postfix mail system abruptly. Running processes are +signaled to stop immediately. +.IP \fBflush\fR +Force delivery: attempt to deliver every message in the deferred +mail queue. Normally, attempts to deliver delayed mail happen at +regular intervals, the interval doubling after each failed attempt. +.sp +Warning: flushing undeliverable mail frequently will result in +poor delivery performance of all other mail. +.IP \fBreload\fR +Re\-read configuration files. Running processes terminate at their +earliest convenience. +.IP \fBstatus\fR +Indicate if the Postfix mail system is currently running. +.IP "\fBset\-permissions\fR [\fIname\fR=\fIvalue ...\fR]" +Set the ownership and permissions of Postfix related files and +directories, as specified in the \fBpostfix\-files\fR file. +.sp +Specify \fIname\fR=\fIvalue\fR to override and update specific +main.cf configuration parameters. Use this, for example, to +change the \fBmail_owner\fR or \fBsetgid_group\fR setting for an +already installed Postfix system. +.sp +This feature is available in Postfix 2.1 and later. With +Postfix 2.0 and earlier, use "\fB$config_directory/post\-install +set\-permissions\fR". +.IP "\fBlogrotate\fR" +Rotate the logfile specified with $maillog_file, by appending +a time\-stamp suffix that is formatted according to +$maillog_file_rotate_suffix, and by compressing the file +with the command specified with $maillog_file_compressor. +This will not rotate /dev/* files. +.sp +This feature is available in Postfix 3.4 and later. +.IP "\fBtls\fR \fIsubcommand\fR" +Enable opportunistic TLS in the Postfix SMTP client or +server, and manage Postfix SMTP server TLS private keys and +certificates. See postfix\-tls(1) for documentation. +.sp +This feature is available in Postfix 3.1 and later. +.IP "\fBupgrade\-configuration\fR [\fIname\fR=\fIvalue ...\fR]" +Update the \fBmain.cf\fR and \fBmaster.cf\fR files with information +that Postfix needs in order to run: add or update services, and add +or update configuration parameter settings. +.sp +Specify \fIname\fR=\fIvalue\fR to override and update specific +main.cf configuration parameters. +.sp +This feature is available in Postfix 2.1 and later. With +Postfix 2.0 and earlier, use "\fB$config_directory/post\-install +upgrade\-configuration\fR". +.PP +The following options are implemented: +.IP "\fB\-c \fIconfig_dir\fR" +Read the \fBmain.cf\fR and \fBmaster.cf\fR configuration files in +the named directory instead of the default configuration directory. +Use this to distinguish between multiple Postfix instances on the +same host. + +With Postfix 2.6 and later, this option forces the postfix(1) +command to operate on the specified Postfix instance only. +This behavior is inherited by postfix(1) commands that run +as a descendant of the current process. +.IP "\fB\-D\fR (with \fBpostfix start\fR only)" +Run each Postfix daemon under control of a debugger as specified +via the \fBdebugger_command\fR configuration parameter. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +The \fBpostfix\fR(1) command exports the following environment +variables before executing the \fBpostfix\-script\fR file: +.IP \fBMAIL_CONFIG\fR +This is set when the \-c command\-line option is present. + +With Postfix 2.6 and later, this environment variable forces +the postfix(1) command to operate on the specified Postfix +instance only. This behavior is inherited by postfix(1) +commands that run as a descendant of the current process. +.IP \fBMAIL_VERBOSE\fR +This is set when the \-v command\-line option is present. +.IP \fBMAIL_DEBUG\fR +This is set when the \-D command\-line option is present. +.PP +When the internal logging service is enabled (by setting a +non\-empty maillog_file parameter value) the postfix(1) +command exports settings that are used by child processes +before they have processed main.cf or command\-line settings. +.IP \fBPOSTLOG_SERVICE +The name of the public postlog service endpoint. +.IP \fBPOSTLOG_HOSTNAME +The hostname to prepend to internal logging. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR configuration parameters are +exported as environment variables with the same names: +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBcommand_directory (see 'postconf -d' output)\fR" +The location of all postfix administrative commands. +.IP "\fBdaemon_directory (see 'postconf -d' output)\fR" +The directory with Postfix support programs and daemon programs. +.IP "\fBhtml_directory (see 'postconf -d' output)\fR" +The location of Postfix HTML files that describe how to build, +configure or operate a specific Postfix subsystem or feature. +.IP "\fBmail_owner (postfix)\fR" +The UNIX system account that owns the Postfix queue and most Postfix +daemon processes. +.IP "\fBmailq_path (see 'postconf -d' output)\fR" +Sendmail compatibility feature that specifies where the Postfix +\fBmailq\fR(1) command is installed. +.IP "\fBmanpage_directory (see 'postconf -d' output)\fR" +Where the Postfix manual pages are installed. +.IP "\fBnewaliases_path (see 'postconf -d' output)\fR" +Sendmail compatibility feature that specifies the location of the +\fBnewaliases\fR(1) command. +.IP "\fBqueue_directory (see 'postconf -d' output)\fR" +The location of the Postfix top\-level queue directory. +.IP "\fBreadme_directory (see 'postconf -d' output)\fR" +The location of Postfix README files that describe how to build, +configure or operate a specific Postfix subsystem or feature. +.IP "\fBsendmail_path (see 'postconf -d' output)\fR" +A Sendmail compatibility feature that specifies the location of +the Postfix \fBsendmail\fR(1) command. +.IP "\fBsetgid_group (postdrop)\fR" +The group ownership of set\-gid Postfix commands and of group\-writable +Postfix directories. +.PP +Available in Postfix version 2.5 and later: +.IP "\fBdata_directory (see 'postconf -d' output)\fR" +The directory with Postfix\-writable data files (for example: +caches, pseudo\-random numbers). +.PP +Available in Postfix version 3.0 and later: +.IP "\fBcompatibility_level (0)\fR" +A safety net that causes Postfix to run with backwards\-compatible +default settings after an upgrade to a newer Postfix version. +.IP "\fBmeta_directory (see 'postconf -d' output)\fR" +The location of non\-executable files that are shared among +multiple Postfix instances, such as postfix\-files, dynamicmaps.cf, +and the multi\-instance template files main.cf.proto and master.cf.proto. +.IP "\fBshlib_directory (see 'postconf -d' output)\fR" +The location of Postfix dynamically\-linked libraries +(libpostfix\-*.so), and the default location of Postfix database +plugins (postfix\-*.so) that have a relative pathname in the +dynamicmaps.cf file. +.PP +Available in Postfix version 3.1 and later: +.IP "\fBopenssl_path (openssl)\fR" +The location of the OpenSSL command line program \fBopenssl\fR(1). +.PP +Other configuration parameters: +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment variables that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.PP +Available in Postfix version 2.6 and later: +.IP "\fBmulti_instance_directories (empty)\fR" +An optional list of non\-default Postfix configuration directories; +these directories belong to additional Postfix instances that share +the Postfix executable files and documentation with the default +Postfix instance, and that are started, stopped, etc., together +with the default Postfix instance. +.IP "\fBmulti_instance_wrapper (empty)\fR" +The pathname of a multi\-instance manager command that the +\fBpostfix\fR(1) command invokes when the multi_instance_directories +parameter value is non\-empty. +.IP "\fBmulti_instance_group (empty)\fR" +The optional instance group name of this Postfix instance. +.IP "\fBmulti_instance_name (empty)\fR" +The optional instance name of this Postfix instance. +.IP "\fBmulti_instance_enable (no)\fR" +Allow this Postfix instance to be started, stopped, etc., by a +multi\-instance manager. +.PP +Available in Postfix version 3.4 and later: +.IP "\fBmaillog_file (empty)\fR" +The name of an optional logfile that is written by the Postfix +\fBpostlogd\fR(8) service. +.IP "\fBmaillog_file_compressor (gzip)\fR" +The program to run after rotating $maillog_file with "postfix +logrotate". +.IP "\fBmaillog_file_prefixes (/var, /dev/stdout)\fR" +A list of allowed prefixes for a maillog_file value. +.IP "\fBmaillog_file_rotate_suffix (%Y%m%d\-%H%M%S)\fR" +The format of the suffix to append to $maillog_file while rotating +the file with "postfix logrotate". +.IP "\fBpostlog_service_name (postlog)\fR" +The name of the \fBpostlogd\fR(8) service entry in master.cf. +.SH "FILES" +.na +.nf +.ad +.fi +Prior to Postfix version 2.6, all of the following files +were in \fB$config_directory\fR. Some files are now in +\fB$daemon_directory\fR or \fB$meta_directory\fR so that they +can be shared among multiple instances that run the same Postfix +version. + +Use the command "\fBpostconf config_directory\fR" or +"\fBpostconf daemon_directory\fR" to expand the names +into their actual values. +.na +.nf + +$config_directory/main.cf, Postfix configuration parameters +$config_directory/master.cf, Postfix daemon processes +$daemon_directory/postfix\-script, administrative commands +$daemon_directory/post\-install, post\-installation configuration +$meta_directory/dynamicmaps.cf, plug\-in database clients +$meta_directory/postfix\-files, file/directory permissions +.SH "SEE ALSO" +.na +.nf +Commands: +postalias(1), create/update/query alias database +postcat(1), examine Postfix queue file +postconf(1), Postfix configuration utility +postdrop(1), Postfix mail posting utility +postfix(1), Postfix control program +postfix\-tls(1), Postfix TLS management +postkick(1), trigger Postfix daemon +postlock(1), Postfix\-compatible locking +postlog(1), Postfix\-compatible logging +postmap(1), Postfix lookup table manager +postmulti(1), Postfix multi\-instance manager +postqueue(1), Postfix mail queue control +postsuper(1), Postfix housekeeping +mailq(1), Sendmail compatibility interface +newaliases(1), Sendmail compatibility interface +sendmail(1), Sendmail compatibility interface + +Postfix configuration: +bounce(5), Postfix bounce message templates +master(5), Postfix master.cf file syntax +postconf(5), Postfix main.cf file syntax +postfix\-wrapper(5), Postfix multi\-instance API + +Table\-driven mechanisms: +access(5), Postfix SMTP access control table +aliases(5), Postfix alias database +canonical(5), Postfix input address rewriting +generic(5), Postfix output address rewriting +header_checks(5), body_checks(5), Postfix content inspection +relocated(5), Users that have moved +transport(5), Postfix routing table +virtual(5), Postfix virtual aliasing + +Table lookup mechanisms: +cidr_table(5), Associate CIDR pattern with value +ldap_table(5), Postfix LDAP client +lmdb_table(5), Postfix LMDB database driver +memcache_table(5), Postfix memcache client +mysql_table(5), Postfix MYSQL client +nisplus_table(5), Postfix NIS+ client +pcre_table(5), Associate PCRE pattern with value +pgsql_table(5), Postfix PostgreSQL client +regexp_table(5), Associate POSIX regexp pattern with value +socketmap_table(5), Postfix socketmap client +sqlite_table(5), Postfix SQLite database driver +tcp_table(5), Postfix client\-server table lookup + +Daemon processes: +anvil(8), Postfix connection/rate limiting +bounce(8), defer(8), trace(8), Delivery status reports +cleanup(8), canonicalize and enqueue message +discard(8), Postfix discard delivery agent +dnsblog(8), DNS allow/denylist logger +error(8), Postfix error delivery agent +flush(8), Postfix fast ETRN service +local(8), Postfix local delivery agent +master(8), Postfix master daemon +oqmgr(8), old Postfix queue manager +pickup(8), Postfix local mail pickup +pipe(8), deliver mail to non\-Postfix command +postlogd(8), Postfix internal logging service +postscreen(8), Postfix zombie blocker +proxymap(8), Postfix lookup table proxy server +qmgr(8), Postfix queue manager +qmqpd(8), Postfix QMQP server +scache(8), Postfix connection cache manager +showq(8), list Postfix mail queue +smtp(8), lmtp(8), Postfix SMTP+LMTP client +smtpd(8), Postfix SMTP server +spawn(8), run non\-Postfix server +tlsmgr(8), Postfix TLS cache and randomness manager +tlsproxy(8), Postfix TLS proxy server +trivial\-rewrite(8), Postfix address rewriting +verify(8), Postfix address verification +virtual(8), Postfix virtual delivery agent + +Other: +syslogd(8), system logging +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or +"\fBpostconf html_directory\fR" to locate this information. +.na +.nf +OVERVIEW, overview of Postfix commands and processes +BASIC_CONFIGURATION_README, Postfix basic configuration +ADDRESS_REWRITING_README, Postfix address rewriting +SMTPD_ACCESS_README, SMTP relay/access control +CONTENT_INSPECTION_README, Postfix content inspection +QSHAPE_README, Postfix queue analysis +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA + +TLS support by: +Lutz Jaenicke +Brandenburg University of Technology +Cottbus, Germany + +Victor Duchovni +Morgan Stanley + +SASL support originally by: +Till Franke +SuSE Rhein/Main AG +65760 Eschborn, Germany + +LMTP support originally by: +Philip A. Prindeville +Mirapoint, Inc. +USA. + +Amos Gouaux +University of Texas at Dallas +P.O. Box 830688, MC34 +Richardson, TX 75083, USA + +IPv6 support originally by: +Mark Huizer, Eindhoven University, The Netherlands +Jun\-ichiro 'itojun' Hagino, KAME project, Japan +The Linux PLD project +Dean Strik, Eindhoven University, The Netherlands diff --git a/man/man1/postkick.1 b/man/man1/postkick.1 new file mode 100644 index 0000000..6cd0ef6 --- /dev/null +++ b/man/man1/postkick.1 @@ -0,0 +1,102 @@ +.TH POSTKICK 1 +.ad +.fi +.SH NAME +postkick +\- +kick a Postfix service +.SH "SYNOPSIS" +.na +.nf +.fi +\fBpostkick\fR [\fB\-c \fIconfig_dir\fR] [\fB\-v\fR] +\fIclass service request\fR +.SH DESCRIPTION +.ad +.fi +The \fBpostkick\fR(1) command sends \fIrequest\fR to the +specified \fIservice\fR over a local transport channel. +This command makes Postfix private IPC accessible +for use in, for example, shell scripts. + +Options: +.IP "\fB\-c\fR \fIconfig_dir\fR" +Read the \fBmain.cf\fR configuration file in the named directory +instead of the default configuration directory. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. +.PP +Arguments: +.IP \fIclass\fR +Name of a class of local transport channel endpoints, +either \fBpublic\fR (accessible by any local user) or +\fBprivate\fR (administrative access only). +.IP \fIservice\fR +The name of a local transport endpoint within the named class. +.IP \fIrequest\fR +A string. The list of valid requests is service\-specific. +.SH DIAGNOSTICS +.ad +.fi +Problems and transactions are logged to the standard error +stream. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP \fBMAIL_CONFIG\fR +Directory with Postfix configuration files. +.IP \fBMAIL_VERBOSE\fR +Enable verbose logging for debugging purposes. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBapplication_event_drain_time (100s)\fR" +How long the \fBpostkick\fR(1) command waits for a request to enter the +Postfix daemon process input buffer before giving up. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment parameters that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBqueue_directory (see 'postconf -d' output)\fR" +The location of the Postfix top\-level queue directory. +.SH "FILES" +.na +.nf +/var/spool/postfix/private, private class endpoints +/var/spool/postfix/public, public class endpoints +.SH "SEE ALSO" +.na +.nf +qmgr(8), queue manager trigger protocol +pickup(8), local pickup daemon +postconf(5), configuration parameters +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postlock.1 b/man/man1/postlock.1 new file mode 100644 index 0000000..cd468e7 --- /dev/null +++ b/man/man1/postlock.1 @@ -0,0 +1,126 @@ +.TH POSTLOCK 1 +.ad +.fi +.SH NAME +postlock +\- +lock mail folder and execute command +.SH "SYNOPSIS" +.na +.nf +.fi +\fBpostlock\fR [\fB\-c \fIconfig_dir\fR] [\fB\-l \fIlock_style\fR] + [\fB\-v\fR] \fIfile command...\fR +.SH DESCRIPTION +.ad +.fi +The \fBpostlock\fR(1) command locks \fIfile\fR for exclusive +access, and executes \fIcommand\fR. The locking method is +compatible with the Postfix UNIX\-style local delivery agent. + +Options: +.IP "\fB\-c \fIconfig_dir\fR" +Read the \fBmain.cf\fR configuration file in the named directory +instead of the default configuration directory. +.IP "\fB\-l \fIlock_style\fR" +Override the locking method specified via the +\fBmailbox_delivery_lock\fR configuration parameter (see below). +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. +.PP +Arguments: +.IP \fIfile\fR +A mailbox file. The user should have read/write permission. +.IP \fIcommand...\fR +The command to execute while \fIfile\fR is locked for exclusive +access. The command is executed directly, i.e. without +interpretation by a shell command interpreter. +.SH DIAGNOSTICS +.ad +.fi +The result status is 75 (EX_TEMPFAIL) when \fBpostlock\fR(1) +could not perform the requested operation. Otherwise, the +exit status is the exit status from the command. +.SH BUGS +.ad +.fi +With remote file systems, the ability to acquire a lock does not +necessarily eliminate access conflicts. Avoid file access by +processes running on different machines. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP \fBMAIL_CONFIG\fR +Directory with Postfix configuration files. +.IP \fBMAIL_VERBOSE\fR +Enable verbose logging for debugging purposes. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.SH "LOCKING CONTROLS" +.na +.nf +.ad +.fi +.IP "\fBdeliver_lock_attempts (20)\fR" +The maximal number of attempts to acquire an exclusive lock on a +mailbox file or \fBbounce\fR(8) logfile. +.IP "\fBdeliver_lock_delay (1s)\fR" +The time between attempts to acquire an exclusive lock on a mailbox +file or \fBbounce\fR(8) logfile. +.IP "\fBstale_lock_time (500s)\fR" +The time after which a stale exclusive mailbox lockfile is removed. +.IP "\fBmailbox_delivery_lock (see 'postconf -d' output)\fR" +How to lock a UNIX\-style \fBlocal\fR(8) mailbox before attempting delivery. +.SH "RESOURCE AND RATE CONTROLS" +.na +.nf +.ad +.fi +.IP "\fBfork_attempts (5)\fR" +The maximal number of attempts to fork() a child process. +.IP "\fBfork_delay (1s)\fR" +The delay between attempts to fork() a child process. +.SH "MISCELLANEOUS CONTROLS" +.na +.nf +.ad +.fi +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment parameters that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.SH "SEE ALSO" +.na +.nf +postconf(5), configuration parameters +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postlog.1 b/man/man1/postlog.1 new file mode 100644 index 0000000..406a3a3 --- /dev/null +++ b/man/man1/postlog.1 @@ -0,0 +1,125 @@ +.TH POSTLOG 1 +.ad +.fi +.SH NAME +postlog +\- +Postfix\-compatible logging utility +.SH "SYNOPSIS" +.na +.nf +.fi +.ad +\fBpostlog\fR [\fB\-iv\fR] [\fB\-c \fIconfig_dir\fR] +[\fB\-p \fIpriority\fR] [\fB\-t \fItag\fR] [\fItext...\fR] +.SH DESCRIPTION +.ad +.fi +The \fBpostlog\fR(1) command implements a Postfix\-compatible logging +interface for use in, for example, shell scripts. + +By default, \fBpostlog\fR(1) logs the \fItext\fR given on the command +line as one record. If no \fItext\fR is specified on the command +line, \fBpostlog\fR(1) reads from standard input and logs each input +line as one record. + +By default, logging is sent to \fBsyslogd\fR(8) or +\fBpostlogd\fR(8); when the +standard error stream is connected to a terminal, logging +is sent there as well. + +The following options are implemented: +.IP "\fB\-c \fIconfig_dir\fR" +Read the \fBmain.cf\fR configuration file in the named directory +instead of the default configuration directory. +.IP "\fB\-i\fR (obsolete)" +Include the process ID in the logging tag. This flag is ignored as +of Postfix 3.4, where the PID is always included. +.IP "\fB\-p \fIpriority\fR (default: \fBinfo\fR)" +Specifies the logging severity: \fBinfo\fR, \fBwarn\fR, +\fBerror\fR, \fBfatal\fR, or \fBpanic\fR. With Postfix 3.1 +and later, the program will pause for 1 second after reporting +a \fBfatal\fR or \fBpanic\fR condition, just like other +Postfix programs. +.IP "\fB\-t \fItag\fR" +Specifies the logging tag, that is, the identifying name that +appears at the beginning of each logging record. A default tag +is used when none is specified. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. +.SH "SECURITY" +.na +.nf +.ad +.fi +The \fBpostlog\fR(1) command is designed to run with +set\-groupid privileges, so that it can connect to the +\fBpostlogd\fR(8) daemon process (Postfix 3.7 and later; +earlier implementations of this command must not have +set\-groupid or set\-userid permissions). +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP MAIL_CONFIG +Directory with the \fBmain.cf\fR file. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. + +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment parameters that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.PP +Available in Postfix 3.4 and later: +.IP "\fBmaillog_file (empty)\fR" +The name of an optional logfile that is written by the Postfix +\fBpostlogd\fR(8) service. +.IP "\fBpostlog_service_name (postlog)\fR" +The name of the \fBpostlogd\fR(8) service entry in master.cf. +.SH "SEE ALSO" +.na +.nf +postconf(5), configuration parameters +postlogd(8), Postfix logging +syslogd(8), system logging +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH HISTORY +.ad +.fi +The \fBpostlog\fR(1) command was introduced with Postfix +version 3.4. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postmap.1 b/man/man1/postmap.1 new file mode 100644 index 0000000..d2551e5 --- /dev/null +++ b/man/man1/postmap.1 @@ -0,0 +1,343 @@ +.TH POSTMAP 1 +.ad +.fi +.SH NAME +postmap +\- +Postfix lookup table management +.SH "SYNOPSIS" +.na +.nf +.fi +\fBpostmap\fR [\fB\-bfFhimnNoprsuUvw\fR] [\fB\-c \fIconfig_dir\fR] +[\fB\-d \fIkey\fR] [\fB\-q \fIkey\fR] + [\fIfile_type\fR:]\fIfile_name\fR ... +.SH DESCRIPTION +.ad +.fi +The \fBpostmap\fR(1) command creates or queries one or more Postfix +lookup tables, or updates an existing one. + +If the result files do not exist they will be created with the +same group and other read permissions as their source file. + +While the table update is in progress, signal delivery is +postponed, and an exclusive, advisory, lock is placed on the +entire table, in order to avoid surprises in spectator +processes. +.SH "INPUT FILE FORMAT" +.na +.nf +.ad +.fi +The format of a lookup table input file is as follows: +.IP \(bu +A table entry has the form +.sp +.nf + \fIkey\fR whitespace \fIvalue\fR +.fi +.IP \(bu +Empty lines and whitespace\-only lines are ignored, as +are lines whose first non\-whitespace character is a `#'. +.IP \(bu +A logical line starts with non\-whitespace text. A line that +starts with whitespace continues a logical line. +.PP +The \fIkey\fR and \fIvalue\fR are processed as is, except that +surrounding white space is stripped off. Whitespace in lookup +keys is supported in Postfix 3.2 and later, by surrounding the +key with double quote characters `"'. Within the double quotes, +double quote `"' and backslash `\\' characters can be included +by quoting them with a preceding backslash. + +When the \fB\-F\fR option is given, the \fIvalue\fR must +specify one or more filenames separated by comma and/or +whitespace; \fBpostmap\fR(1) will concatenate the file +content (with a newline character inserted between files) +and will store the base64\-encoded result instead of the +\fIvalue\fR. + +When the \fIkey\fR specifies email address information, the +localpart should be enclosed with double quotes if required +by RFC 5322. For example, an address localpart that contains +";", or a localpart that starts or ends with ".". + +By default the lookup key is mapped to lowercase to make +the lookups case insensitive; as of Postfix 2.3 this case +folding happens only with tables whose lookup keys are +fixed\-case strings such as btree:, dbm: or hash:. With +earlier versions, the lookup key is folded even with tables +where a lookup field can match both upper and lower case +text, such as regexp: and pcre:. This resulted in loss of +information with $\fInumber\fR substitutions. +.SH "COMMAND-LINE ARGUMENTS" +.na +.nf +.ad +.fi +.IP \fB\-b\fR +Enable message body query mode. When reading lookup keys +from standard input with "\fB\-q \-\fR", process the input +as if it is an email message in RFC 5322 format. Each line +of body content becomes one lookup key. +.sp +By default, the \fB\-b\fR option starts generating lookup +keys at the first non\-header line, and stops when the end +of the message is reached. +To simulate \fBbody_checks\fR(5) processing, enable MIME +parsing with \fB\-m\fR. With this, the \fB\-b\fR option +generates no body\-style lookup keys for attachment MIME +headers and for attached message/* headers. +.sp +NOTE: with "smtputf8_enable = yes", the \fB\-b\fR option +disables UTF\-8 syntax checks on query keys and lookup +results. Specify the \fB\-U\fR option to force UTF\-8 +syntax checks anyway. +.sp +This feature is available in Postfix version 2.6 and later. +.IP "\fB\-c \fIconfig_dir\fR" +Read the \fBmain.cf\fR configuration file in the named directory +instead of the default configuration directory. +.IP "\fB\-d \fIkey\fR" +Search the specified maps for \fIkey\fR and remove one entry per map. +The exit status is zero when the requested information was found. + +If a key value of \fB\-\fR is specified, the program reads key +values from the standard input stream. The exit status is zero +when at least one of the requested keys was found. +.IP \fB\-f\fR +Do not fold the lookup key to lower case while creating or querying +a table. + +With Postfix version 2.3 and later, this option has no +effect for regular expression tables. There, case folding +is controlled by appending a flag to a pattern. +.IP \fB\-F\fR +When querying a map, or listing a map, base64\-decode each +value. When creating a map from source file, process each +value as a list of filenames, concatenate the content of +those files, and store the base64\-encoded result instead +of the value (see INPUT FILE FORMAT for details). +.sp +This feature is available in Postfix version 3.4 and later. +.IP \fB\-h\fR +Enable message header query mode. When reading lookup keys +from standard input with "\fB\-q \-\fR", process the input +as if it is an email message in RFC 5322 format. Each +logical header line becomes one lookup key. A multi\-line +header becomes one lookup key with one or more embedded +newline characters. +.sp +By default, the \fB\-h\fR option generates lookup keys until +the first non\-header line is reached. +To simulate \fBheader_checks\fR(5) processing, enable MIME +parsing with \fB\-m\fR. With this, the \fB\-h\fR option also +generates header\-style lookup keys for attachment MIME +headers and for attached message/* headers. +.sp +NOTE: with "smtputf8_enable = yes", the \fB\-b\fR option +option disables UTF\-8 syntax checks on query keys and +lookup results. Specify the \fB\-U\fR option to force UTF\-8 +syntax checks anyway. +.sp +This feature is available in Postfix version 2.6 and later. +.IP \fB\-i\fR +Incremental mode. Read entries from standard input and do not +truncate an existing database. By default, \fBpostmap\fR(1) creates +a new database from the entries in \fBfile_name\fR. +.IP \fB\-m\fR +Enable MIME parsing with "\fB\-b\fR" and "\fB\-h\fR". +.sp +This feature is available in Postfix version 2.6 and later. +.IP \fB\-N\fR +Include the terminating null character that terminates lookup keys +and values. By default, \fBpostmap\fR(1) does whatever is +the default for +the host operating system. +.IP \fB\-n\fR +Don't include the terminating null character that terminates lookup +keys and values. By default, \fBpostmap\fR(1) does whatever +is the default for +the host operating system. +.IP \fB\-o\fR +Do not release root privileges when processing a non\-root +input file. By default, \fBpostmap\fR(1) drops root privileges +and runs as the source file owner instead. +.IP \fB\-p\fR +Do not inherit the file access permissions from the input file +when creating a new file. Instead, create a new file with default +access permissions (mode 0644). +.IP "\fB\-q \fIkey\fR" +Search the specified maps for \fIkey\fR and write the first value +found to the standard output stream. The exit status is zero +when the requested information was found. + +Note: this performs a single query with the key as specified, +and does not make iterative queries with substrings of the +key as described for access(5), canonical(5), transport(5), +virtual(5) and other Postfix table\-driven features. + +If a key value of \fB\-\fR is specified, the program reads key +values from the standard input stream and writes one line of +\fIkey value\fR output for each key that was found. The exit +status is zero when at least one of the requested keys was found. +.IP \fB\-r\fR +When updating a table, do not complain about attempts to update +existing entries, and make those updates anyway. +.IP \fB\-s\fR +Retrieve all database elements, and write one line of +\fIkey value\fR output for each element. The elements are +printed in database order, which is not necessarily the same +as the original input order. +.sp +This feature is available in Postfix version 2.2 and later, +and is not available for all database types. +.IP \fB\-u\fR +Disable UTF\-8 support. UTF\-8 support is enabled by default +when "smtputf8_enable = yes". It requires that keys and +values are valid UTF\-8 strings. +.IP \fB\-U\fR +With "smtputf8_enable = yes", force UTF\-8 syntax checks +with the \fB\-b\fR and \fB\-h\fR options. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. +.IP \fB\-w\fR +When updating a table, do not complain about attempts to update +existing entries, and ignore those attempts. +.PP +Arguments: +.IP \fIfile_type\fR +The database type. To find out what types are supported, use +the "\fBpostconf \-m\fR" command. + +The \fBpostmap\fR(1) command can query any supported file type, +but it can create only the following file types: +.RS +.IP \fBbtree\fR +The output file is a btree file, named \fIfile_name\fB.db\fR. +This is available on systems with support for \fBdb\fR databases. +.IP \fBcdb\fR +The output consists of one file, named \fIfile_name\fB.cdb\fR. +This is available on systems with support for \fBcdb\fR databases. +.IP \fBdbm\fR +The output consists of two files, named \fIfile_name\fB.pag\fR and +\fIfile_name\fB.dir\fR. +This is available on systems with support for \fBdbm\fR databases. +.IP \fBfail\fR +A table that reliably fails all requests. The lookup table +name is used for logging only. This table exists to simplify +Postfix error tests. +.IP \fBhash\fR +The output file is a hashed file, named \fIfile_name\fB.db\fR. +This is available on systems with support for \fBdb\fR databases. +.IP \fBlmdb\fR +The output is a btree\-based file, named \fIfile_name\fB.lmdb\fR. +\fBlmdb\fR supports concurrent writes and reads from different +processes, unlike other supported file\-based tables. +This is available on systems with support for \fBlmdb\fR databases. +.IP \fBsdbm\fR +The output consists of two files, named \fIfile_name\fB.pag\fR and +\fIfile_name\fB.dir\fR. +This is available on systems with support for \fBsdbm\fR databases. +.PP +When no \fIfile_type\fR is specified, the software uses the database +type specified via the \fBdefault_database_type\fR configuration +parameter. +.RE +.IP \fIfile_name\fR +The name of the lookup table source file when rebuilding a database. +.SH DIAGNOSTICS +.ad +.fi +Problems are logged to the standard error stream and to +\fBsyslogd\fR(8) or \fBpostlogd\fR(8). +No output means that no problems were detected. Duplicate entries are +skipped and are flagged with a warning. + +\fBpostmap\fR(1) terminates with zero exit status in case of success +(including successful "\fBpostmap \-q\fR" lookup) and terminates +with non\-zero exit status in case of failure. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP \fBMAIL_CONFIG\fR +Directory with Postfix configuration files. +.IP \fBMAIL_VERBOSE\fR +Enable verbose logging for debugging purposes. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBberkeley_db_create_buffer_size (16777216)\fR" +The per\-table I/O buffer size for programs that create Berkeley DB +hash or btree tables. +.IP "\fBberkeley_db_read_buffer_size (131072)\fR" +The per\-table I/O buffer size for programs that read Berkeley DB +hash or btree tables. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBdefault_database_type (see 'postconf -d' output)\fR" +The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1) +and \fBpostmap\fR(1) commands. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment variables that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBsmtputf8_enable (yes)\fR" +Enable preliminary SMTPUTF8 support for the protocols described +in RFC 6531, RFC 6532, and RFC 6533. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.PP +Available in Postfix 2.11 and later: +.IP "\fBlmdb_map_size (16777216)\fR" +The initial OpenLDAP LMDB database size limit in bytes. +.SH "SEE ALSO" +.na +.nf +postalias(1), create/update/query alias database +postconf(1), supported database types +postconf(5), configuration parameters +postlogd(8), Postfix logging +syslogd(8), system logging +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or +"\fBpostconf html_directory\fR" to locate this information. +.na +.nf +DATABASE_README, Postfix lookup table overview +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postmulti.1 b/man/man1/postmulti.1 new file mode 100644 index 0000000..6db035e --- /dev/null +++ b/man/man1/postmulti.1 @@ -0,0 +1,434 @@ +.TH POSTMULTI 1 +.ad +.fi +.SH NAME +postmulti +\- +Postfix multi\-instance manager +.SH "SYNOPSIS" +.na +.nf +.fi +.ti -4 +\fBEnabling multi\-instance management:\fR + +\fBpostmulti\fR \fB\-e init\fR [\fB\-v\fR] + +.ti -4 +\fBIterator mode:\fR + +\fBpostmulti\fR \fB\-l\fR [\fB\-aRv\fR] [\fB\-g \fIgroup\fR] +[\fB\-i \fIname\fR] + +\fBpostmulti\fR \fB\-p\fR [\fB\-av\fR] [\fB\-g \fIgroup\fR] +[\fB\-i \fIname\fR] \fIpostfix\-command...\fR + +\fBpostmulti\fR \fB\-x\fR [\fB\-aRv\fR] [\fB\-g \fIgroup\fR] +[\fB\-i \fIname\fR] \fIunix\-command...\fR + +.ti -4 +\fBLife\-cycle management:\fR + +\fBpostmulti\fR \fB\-e create\fR [\fB\-av\fR] +[\fB\-g \fIgroup\fR] [\fB\-i \fIname\fR] [\fB\-G \fIgroup\fR] +[\fB\-I \fIname\fR] [\fIparam=value\fR ...] + +\fBpostmulti\fR \fB\-e import\fR [\fB\-av\fR] +[\fB\-g \fIgroup\fR] [\fB\-i \fIname\fR] [\fB\-G \fIgroup\fR] +[\fB\-I \fIname\fR] [\fBconfig_directory=\fI/path\fR] + +\fBpostmulti\fR \fB\-e destroy\fR [\fB\-v\fR] \fB\-i \fIname\fR + +\fBpostmulti\fR \fB\-e deport\fR [\fB\-v\fR] \fB\-i \fIname\fR + +\fBpostmulti\fR \fB\-e enable\fR [\fB\-v\fR] \fB\-i \fIname\fR + +\fBpostmulti\fR \fB\-e disable\fR [\fB\-v\fR] \fB\-i \fIname\fR + +\fBpostmulti\fR \fB\-e assign\fR [\fB\-v\fR] \fB\-i \fIname\fR +[\fB\-I \fIname\fR] [\-G \fIgroup\fR] +.SH DESCRIPTION +.ad +.fi +The \fBpostmulti\fR(1) command allows a Postfix administrator +to manage multiple Postfix instances on a single host. + +\fBpostmulti\fR(1) implements two fundamental modes of +operation. In \fBiterator\fR mode, it executes the same +command for multiple Postfix instances. In \fBlife\-cycle +management\fR mode, it adds or deletes one instance, or +changes the multi\-instance status of one instance. + +Each mode of operation has its own command syntax. For this +reason, each mode is documented in separate sections below. +.SH "BACKGROUND" +.na +.nf +.ad +.fi +A multi\-instance configuration consists of one primary +Postfix instance, and one or more secondary instances whose +configuration directory pathnames are recorded in the primary +instance's main.cf file. Postfix instances share program +files and documentation, but have their own configuration, +queue and data directories. + +Currently, only the default Postfix instance can be used +as primary instance in a multi\-instance configuration. The +\fBpostmulti\fR(1) command does not currently support a \fB\-c\fR +option to select an alternative primary instance, and exits +with a fatal error if the \fBMAIL_CONFIG\fR environment +variable is set to a non\-default configuration directory. + +See the MULTI_INSTANCE_README tutorial for a more detailed +discussion of multi\-instance management with \fBpostmulti\fR(1). +.SH "ITERATOR MODE" +.na +.nf +.ad +.fi +In iterator mode, \fBpostmulti\fR performs the same operation +on all Postfix instances in turn. + +If multi\-instance support is not enabled, the requested +command is performed just for the primary instance. +.PP +Iterator mode implements the following command options: +.SH "Instance selection" +.IP \fB\-a\fR +Perform the operation on all instances. This is the default. +.IP "\fB\-g \fIgroup\fR" +Perform the operation only for members of the named \fIgroup\fR. +.IP "\fB\-i \fIname\fR" +Perform the operation only for the instance with the specified +\fIname\fR. You can specify either the instance name +or the absolute pathname of the instance's configuration +directory. Specify "\-" to select the primary Postfix instance. +.IP \fB\-R\fR +Reverse the iteration order. This may be appropriate when +updating a multi\-instance system, where "sink" instances +are started before "source" instances. +.sp +This option cannot be used with \fB\-p\fR. +.SH "List mode" +.IP \fB\-l\fR +List Postfix instances with their instance name, instance +group name, enable/disable status and configuration directory. +.SH "Postfix\-wrapper mode" +.IP "\fB\-p \fIpostfix\-command\fR" +Invoke \fBpostfix(1)\fR to execute \fIpostfix\-command\fR. +This option implements the \fBpostfix\-wrapper\fR(5) interface. +.RS +.IP \(bu +With "start"\-like commands, "postfix check" is executed for +instances that are not enabled. The full list of commands +is specified with the postmulti_start_commands parameter. +.IP \(bu +With "stop"\-like commands, the iteration order is reversed, +and disabled instances are skipped. The full list of commands +is specified with the postmulti_stop_commands parameter. +.IP \(bu +With "reload" and other commands that require a started +instance, disabled instances are skipped. The full list of +commands is specified with the postmulti_control_commands +parameter. +.IP \(bu +With "status" and other commands that don't require a started +instance, the command is executed for all instances. +.RE +.IP +The \fB\-p\fR option can also be used interactively to +start/stop/etc. a named instance or instance group. For +example, to start just the instances in the group "msa", +invoke \fBpostmulti\fR(1) as follows: +.RS +.IP +# postmulti \-g msa \-p start +.RE +.SH "Command mode" +.IP "\fB\-x \fIunix\-command\fR" +Execute the specified \fIunix\-command\fR for all Postfix instances. +The command runs with appropriate environment settings for +MAIL_CONFIG, command_directory, daemon_directory, +config_directory, queue_directory, data_directory, +multi_instance_name, multi_instance_group and +multi_instance_enable. +.SH "Other options" +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple +\fB\-v\fR options make the software increasingly verbose. +.SH "LIFE-CYCLE MANAGEMENT MODE" +.na +.nf +.ad +.fi +With the \fB\-e\fR option \fBpostmulti\fR(1) can be used to +add or delete a Postfix instance, and to manage the +multi\-instance status of an existing instance. +.PP +The following options are implemented: +.SH "Existing instance selection" +.IP \fB\-a\fR +When creating or importing an instance, place the new +instance at the front of the secondary instance list. +.IP "\fB\-g \fIgroup\fR" +When creating or importing an instance, place the new +instance before the first secondary instance that is a +member of the specified group. +.IP "\fB\-i \fIname\fR" +When creating or importing an instance, place the new +instance before the matching secondary instance. +.sp +With other life\-cycle operations, apply the operation to +the named existing instance. Specify "\-" to select the +primary Postfix instance. +.SH "New or existing instance name assignment" +.IP "\fB\-I \fIname\fR" +Assign the specified instance \fIname\fR to an existing +instance, newly\-created instance, or imported instance. +Instance +names other than "\-" (which makes the instance "nameless") +must start with "postfix\-". This restriction reduces the +likelihood of name collisions with system files. +.IP "\fB\-G \fIgroup\fR" +Assign the specified \fIgroup\fR name to an existing instance +or to a newly created or imported instance. +.SH "Instance creation/deletion/status change" +.IP "\fB\-e \fIaction\fR" +"Edit" managed instances. The following actions are supported: +.RS +.IP \fBinit\fR +This command is required before \fBpostmulti\fR(1) can be +used to manage Postfix instances. The "postmulti \-e init" +command updates the primary instance's main.cf file by +setting: +.RS +.IP +.nf +multi_instance_wrapper = + ${command_directory}/postmulti \-p \-\- +multi_instance_enable = yes +.fi +.RE +.IP +You can set these by other means if you prefer. +.IP \fBcreate\fR +Create a new Postfix instance and add it to the +multi_instance_directories parameter of the primary instance. +The "\fB\-I \fIname\fR" option is recommended to give the +instance a short name that is used to construct default +values for the private directories of the new instance. The +"\fB\-G \fIgroup\fR" option may be specified to assign the +instance to a group, otherwise, the new instance is not a +member of any group. +.sp +The new instance main.cf is the stock main.cf with the +parameters that specify the locations of shared files cloned +from the primary instance. For "nameless" instances, you +should manually adjust "syslog_name" to yield a unique +"logtag" starting with "postfix\-" that will uniquely identify +the instance in the mail logs. It is simpler to assign the +instance a short name with the "\fB\-I \fIname\fR" option. +.sp +Optional "name=value" arguments specify the instance +config_directory, queue_directory and data_directory. +For example: +.RS +.IP +.nf +# postmulti \-I postfix\-mumble \e + \-G mygroup \-e create \e + config_directory=/my/config/dir \e + queue_directory=/my/queue/dir \e + data_directory=/my/data/dir +.fi +.RE +.IP +If any of these pathnames is not supplied, the program +attempts to generate the missing pathname(s) by taking the +corresponding primary instance pathname, and replacing the +last pathname component by the value of the \fB\-I\fR option. +.sp +If the instance configuration directory already exists, and +contains both a main.cf and master.cf file, \fBcreate\fR +will "import" the instance as\-is. For existing instances, +\fBcreate\fR and \fBimport\fR are identical. +.IP \fBimport\fR +Import an existing instance into the list of instances +managed by the \fBpostmulti\fR(1) multi\-instance manager. +This adds the instance to the multi_instance_directories +list of the primary instance. If the "\fB\-I \fIname\fR" +option is provided it specifies the new name for the instance +and is used to define a default location for the instance +configuration directory (as with \fBcreate\fR above). The +"\fB\-G \fIgroup\fR" option may be used to assign the instance +to a group. Add a "\fBconfig_directory=\fI/path\fR" argument +to override a default pathname based on "\fB\-I \fIname\fR". +.IP \fBdestroy\fR +Destroy a secondary Postfix instance. To be a candidate for +destruction an instance must be disabled, stopped and its +queue must not contain any messages. Attempts to destroy +the primary Postfix instance trigger a fatal error, without +destroying the instance. +.sp +The instance is removed from the primary instance main.cf +file's alternate_config_directories parameter and its data, +queue and configuration directories are cleaned of files +and directories created by the Postfix system. The main.cf +and master.cf files are removed from the configuration +directory even if they have been modified since initial +creation. Finally, the instance is "deported" from the list +of managed instances. +.sp +If other files are present in instance private directories, +the directories may not be fully removed, a warning is +logged to alert the administrator. It is expected that an +instance built using "fresh" directories via the \fBcreate\fR +action will be fully removed by the \fBdestroy\fR action +(if first disabled). If the instance configuration and queue +directories are populated with additional files (access and +rewriting tables, chroot jail content, etc.) the instance +directories will not be fully removed. +.sp +The \fBdestroy\fR action triggers potentially dangerous +file removal operations. Make sure the instance's data, +queue and configuration directories are set correctly and +do not contain any valuable files. +.IP \fBdeport\fR +Deport a secondary instance from the list of managed +instances. This deletes the instance configuration directory +from the primary instance's multi_instance_directories list, +but does not remove any files or directories. +.IP \fBassign\fR +Assign a new instance name or a new group name to the +selected instance. Use "\fB\-G \-\fR" to specify "no group" +and "\fB\-I \-\fR" to specify "no name". If you choose to +make an instance "nameless", set a suitable syslog_name in +the corresponding main.cf file. +.IP \fBenable\fR +Mark the selected instance as enabled. This just sets the +multi_instance_enable parameter to "yes" in the instance's +main.cf file. +.IP \fBdisable\fR +Mark the selected instance as disabled. This means that +the instance will not be started etc. with "postfix start", +"postmulti \-p start" and so on. The instance can still be +started etc. with "postfix \-c config\-directory start". +.SH "Other options" +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple +\fB\-v\fR options make the software increasingly verbose. +.RE +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +The \fBpostmulti\fR(1) command exports the following environment +variables before executing the requested \fIcommand\fR for a given +instance: +.IP \fBMAIL_VERBOSE\fR +This is set when the \-v command\-line option is present. +.IP \fBMAIL_CONFIG\fR +The location of the configuration directory of the instance. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBdaemon_directory (see 'postconf -d' output)\fR" +The directory with Postfix support programs and daemon programs. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment variables that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBmulti_instance_directories (empty)\fR" +An optional list of non\-default Postfix configuration directories; +these directories belong to additional Postfix instances that share +the Postfix executable files and documentation with the default +Postfix instance, and that are started, stopped, etc., together +with the default Postfix instance. +.IP "\fBmulti_instance_group (empty)\fR" +The optional instance group name of this Postfix instance. +.IP "\fBmulti_instance_name (empty)\fR" +The optional instance name of this Postfix instance. +.IP "\fBmulti_instance_enable (no)\fR" +Allow this Postfix instance to be started, stopped, etc., by a +multi\-instance manager. +.IP "\fBpostmulti_start_commands (start)\fR" +The \fBpostfix\fR(1) commands that the \fBpostmulti\fR(1) instance manager treats +as "start" commands. +.IP "\fBpostmulti_stop_commands (see 'postconf -d' output)\fR" +The \fBpostfix\fR(1) commands that the \fBpostmulti\fR(1) instance manager treats +as "stop" commands. +.IP "\fBpostmulti_control_commands (reload flush)\fR" +The \fBpostfix\fR(1) commands that the \fBpostmulti\fR(1) instance manager +treats as "control" commands, that operate on running instances. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.PP +Available in Postfix 3.0 and later: +.IP "\fBmeta_directory (see 'postconf -d' output)\fR" +The location of non\-executable files that are shared among +multiple Postfix instances, such as postfix\-files, dynamicmaps.cf, +and the multi\-instance template files main.cf.proto and master.cf.proto. +.IP "\fBshlib_directory (see 'postconf -d' output)\fR" +The location of Postfix dynamically\-linked libraries +(libpostfix\-*.so), and the default location of Postfix database +plugins (postfix\-*.so) that have a relative pathname in the +dynamicmaps.cf file. +.SH "FILES" +.na +.nf +$meta_directory/main.cf.proto, stock configuration file +$meta_directory/master.cf.proto, stock configuration file +$daemon_directory/postmulti\-script, life\-cycle helper program +.SH "SEE ALSO" +.na +.nf +postfix(1), Postfix control program +postfix\-wrapper(5), Postfix multi\-instance API +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or "\fBpostconf +html_directory\fR" to locate this information. +.nf +.na +MULTI_INSTANCE_README, Postfix multi\-instance management +.SH HISTORY +.ad +.fi +.ad +.fi +The \fBpostmulti\fR(1) command was introduced with Postfix +version 2.6. +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Victor Duchovni +Morgan Stanley + +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postqueue.1 b/man/man1/postqueue.1 new file mode 100644 index 0000000..c8020c1 --- /dev/null +++ b/man/man1/postqueue.1 @@ -0,0 +1,271 @@ +.TH POSTQUEUE 1 +.ad +.fi +.SH NAME +postqueue +\- +Postfix queue control +.SH "SYNOPSIS" +.na +.nf +.ti -4 +\fBTo flush the mail queue\fR: + +\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-f\fR + +\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-i \fIqueue_id\fR + +\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-s \fIsite\fR + +.ti -4 +\fBTo list the mail queue\fR: + +\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-j\fR + +\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-p\fR +.SH DESCRIPTION +.ad +.fi +The \fBpostqueue\fR(1) command implements the Postfix user interface +for queue management. It implements operations that are +traditionally available via the \fBsendmail\fR(1) command. +See the \fBpostsuper\fR(1) command for queue operations +that require super\-user privileges such as deleting a message +from the queue or changing the status of a message. + +The following options are recognized: +.IP "\fB\-c \fIconfig_dir\fR" +The \fBmain.cf\fR configuration file is in the named directory +instead of the default configuration directory. See also the +MAIL_CONFIG environment setting below. +.IP \fB\-f\fR +Flush the queue: attempt to deliver all queued mail. + +This option implements the traditional "\fBsendmail \-q\fR" command, +by contacting the Postfix \fBqmgr\fR(8) daemon. + +Warning: flushing undeliverable mail frequently will result in +poor delivery performance of all other mail. +.IP "\fB\-i \fIqueue_id\fR" +Schedule immediate delivery of deferred mail with the +specified queue ID. + +This option implements the traditional \fBsendmail \-qI\fR +command, by contacting the \fBflush\fR(8) server. + +This feature is available with Postfix version 2.4 and later. +.IP "\fB\-j\fR" +Produce a queue listing in JSON format, based on output +from the showq(8) daemon. The result is a stream of zero +or more JSON objects, one per queue file. Each object is +followed by a newline character to support simple streaming +parsers. See "\fBJSON OBJECT FORMAT\fR" below for details. + +This feature is available in Postfix 3.1 and later. +.IP \fB\-p\fR +Produce a traditional sendmail\-style queue listing. +This option implements the traditional \fBmailq\fR command, +by contacting the Postfix \fBshowq\fR(8) daemon. + +Each queue entry shows the queue file ID, message +size, arrival time, sender, and the recipients that still need to +be delivered. If mail could not be delivered upon the last attempt, +the reason for failure is shown. The queue ID string +is followed by an optional status character: +.RS +.IP \fB*\fR +The message is in the \fBactive\fR queue, i.e. the message is +selected for delivery. +.IP \fB!\fR +The message is in the \fBhold\fR queue, i.e. no further delivery +attempt will be made until the mail is taken off hold. +.IP \fB#\fR +The message is forced to expire. See the \fBpostsuper\fR(1) +options \fB\-e\fR or \fB\-f\fR. +.sp +This feature is available in Postfix 3.5 and later. +.RE +.IP "\fB\-s \fIsite\fR" +Schedule immediate delivery of all mail that is queued for the named +\fIsite\fR. A numerical site must be specified as a valid RFC 5321 +address literal enclosed in [], just like in email addresses. +The site must be eligible for the "fast flush" service. +See \fBflush\fR(8) for more information about the "fast flush" +service. + +This option implements the traditional "\fBsendmail \-qR\fIsite\fR" +command, by contacting the Postfix \fBflush\fR(8) daemon. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. As of Postfix 2.3, +this option is available for the super\-user only. +.SH "JSON OBJECT FORMAT" +.na +.nf +.ad +.fi +Each JSON object represents one queue file; it is emitted +as a single text line followed by a newline character. + +Object members have string values unless indicated otherwise. +Programs should ignore object members that are not listed +here; the list of members is expected to grow over time. +.IP \fBqueue_name\fR +The name of the queue where the message was found. Note +that the contents of the mail queue may change while it is +being listed; some messages may appear more than once, and +some messages may be missed. +.IP \fBqueue_id\fR +The queue file name. The queue_id may be reused within a +Postfix instance unless "enable_long_queue_ids = true" and +time is monotonic. Even then, the queue_id is not expected +to be unique between different Postfix instances. Management +tools that require a unique name should combine the queue_id +with the myhostname setting of the Postfix instance. +.IP \fBarrival_time\fR +The number of seconds since the start of the UNIX epoch. +.IP \fBmessage_size\fR +The number of bytes in the message header and body. This +number does not include message envelope information. It +is approximately equal to the number of bytes that would +be transmitted via SMTP including the <CR><LF> line endings. +.IP \fBforced_expire\fR +The message is forced to expire (\fBtrue\fR or \fBfalse\fR). +See the \fBpostsuper\fR(1) options \fB\-e\fR or \fB\-f\fR. +.sp +This feature is available in Postfix 3.5 and later. +.IP \fBsender\fR +The envelope sender address. +.IP \fBrecipients\fR +An array containing zero or more objects with members: +.RS +.IP \fBaddress\fR +One recipient address. +.IP \fBdelay_reason\fR +If present, the reason for delayed delivery. Delayed +recipients may have no delay reason, for example, while +delivery is in progress, or after the system was stopped +before it could record the reason. +.RE +.SH "SECURITY" +.na +.nf +.ad +.fi +This program is designed to run with set\-group ID privileges, so +that it can connect to Postfix daemon processes. +.SH "STANDARDS" +.na +.nf +RFC 7159 (JSON notation) +.SH DIAGNOSTICS +.ad +.fi +Problems are logged to \fBsyslogd\fR(8) or \fBpostlogd\fR(8), +and to the standard error stream. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP MAIL_CONFIG +Directory with the \fBmain.cf\fR file. In order to avoid exploitation +of set\-group ID privileges, a non\-standard directory is allowed only +if: +.RS +.IP \(bu +The name is listed in the standard \fBmain.cf\fR file with the +\fBalternate_config_directories\fR configuration parameter. +.IP \(bu +The command is invoked by the super\-user. +.RE +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBalternate_config_directories (empty)\fR" +A list of non\-default Postfix configuration directories that may +be specified with "\-c config_directory" on the command line (in the +case of \fBsendmail\fR(1), with the "\-C" option), or via the MAIL_CONFIG +environment parameter. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBcommand_directory (see 'postconf -d' output)\fR" +The location of all postfix administrative commands. +.IP "\fBfast_flush_domains ($relay_domains)\fR" +Optional list of destinations that are eligible for per\-destination +logfiles with mail that is queued to those destinations. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment variables that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBqueue_directory (see 'postconf -d' output)\fR" +The location of the Postfix top\-level queue directory. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.IP "\fBtrigger_timeout (10s)\fR" +The time limit for sending a trigger to a Postfix daemon (for +example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon). +.PP +Available in Postfix version 2.2 and later: +.IP "\fBauthorized_flush_users (static:anyone)\fR" +List of users who are authorized to flush the queue. +.IP "\fBauthorized_mailq_users (static:anyone)\fR" +List of users who are authorized to view the queue. +.SH "FILES" +.na +.nf +/var/spool/postfix, mail queue +.SH "SEE ALSO" +.na +.nf +qmgr(8), queue manager +showq(8), list mail queue +flush(8), fast flush service +sendmail(1), Sendmail\-compatible user interface +postsuper(1), privileged queue operations +postlogd(8), Postfix logging +syslogd(8), system logging +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or +"\fBpostconf html_directory\fR" to locate this information. +.na +.nf +ETRN_README, Postfix ETRN howto +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH HISTORY +.ad +.fi +.ad +.fi +The postqueue command was introduced with Postfix version 1.1. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/postsuper.1 b/man/man1/postsuper.1 new file mode 100644 index 0000000..885330f --- /dev/null +++ b/man/man1/postsuper.1 @@ -0,0 +1,343 @@ +.TH POSTSUPER 1 +.ad +.fi +.SH NAME +postsuper +\- +Postfix superintendent +.SH "SYNOPSIS" +.na +.nf +.fi +\fBpostsuper\fR [\fB\-psSv\fR] + [\fB\-c \fIconfig_dir\fR] [\fB\-d \fIqueue_id\fR] + [\fB\-e \fIqueue_id\fR] [\fB\-f \fIqueue_id\fR] + [\fB\-h \fIqueue_id\fR] [\fB\-H \fIqueue_id\fR] + [\fB\-r \fIqueue_id\fR] [\fIdirectory ...\fR] +.SH DESCRIPTION +.ad +.fi +The \fBpostsuper\fR(1) command does maintenance jobs on the Postfix +queue. Use of the command is restricted to the superuser. +See the \fBpostqueue\fR(1) command for unprivileged queue operations +such as listing or flushing the mail queue. + +By default, \fBpostsuper\fR(1) performs the operations +requested with the +\fB\-s\fR and \fB\-p\fR command\-line options on all Postfix queue +directories \- this includes the \fBincoming\fR, \fBactive\fR, +\fBdeferred\fR, and \fBhold\fR directories with message +files and the \fBbounce\fR, +\fBdefer\fR, \fBtrace\fR and \fBflush\fR directories with log files. + +Options: +.IP "\fB\-c \fIconfig_dir\fR" +The \fBmain.cf\fR configuration file is in the named directory +instead of the default configuration directory. See also the +MAIL_CONFIG environment setting below. +.IP "\fB\-d \fIqueue_id\fR" +Delete one message with the named queue ID from the named +mail queue(s) (default: \fBhold\fR, \fBincoming\fR, \fBactive\fR and +\fBdeferred\fR). + +To delete multiple files, specify the \fB\-d\fR option multiple +times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs +from standard input. For example, to delete all mail +with exactly one recipient \fBuser@example.com\fR: +.sp +.nf +postqueue \-j | jq -r ' + # See JSON OBJECT FORMAT section in the postqueue(1) manpage + select(.recipients[0].address == "user@example.com") + | select(.recipients[1].address == null) + | .queue_id + ' | postsuper \-d \- +.fi +.sp +(note the "jq -r" option), or the historical form: +.sp +.nf +mailq | tail \-n +2 | grep \-v '^ *(' | awk 'BEGIN { RS = "" } + # $7=sender, $8=recipient1, $9=recipient2 + { if ($8 == "user@example.com" && $9 == "") + print $1 } + ' | tr \-d '*!' | postsuper \-d \- +.fi +.sp +Specify "\fB\-d ALL\fR" to remove all messages; for example, specify +"\fB\-d ALL deferred\fR" to delete all mail in the \fBdeferred\fR queue. +As a safety measure, the word \fBALL\fR must be specified in upper +case. +.sp +Warning: Postfix queue IDs are reused (always with Postfix +<= 2.8; and with Postfix >= 2.9 when enable_long_queue_ids=no). +There is a very small possibility that postsuper deletes the +wrong message file when it is executed while the Postfix mail +system is delivering mail. +.sp +The scenario is as follows: +.RS +.IP 1) +The Postfix queue manager deletes the message that \fBpostsuper\fR(1) +is asked to delete, because Postfix is finished with the +message (it is delivered, or it is returned to the sender). +.IP 2) +New mail arrives, and the new message is given the same queue ID +as the message that \fBpostsuper\fR(1) is supposed to delete. +The probability for reusing a deleted queue ID is about 1 in 2**15 +(the number of different microsecond values that the system clock +can distinguish within a second). +.IP 3) +\fBpostsuper\fR(1) deletes the new message, instead of the old +message that it should have deleted. +.RE +.IP "\fB\-e \fIqueue_id\fR" +.IP "\fB\-f \fIqueue_id\fR" +Request forced expiration for one message with the named +queue ID in the named mail queue(s) (default: \fBhold\fR, +\fBincoming\fR, \fBactive\fR and \fBdeferred\fR). +.RS +.IP \(bu +The message will be returned to the sender when the queue +manager attempts to deliver that message (note that Postfix +will never deliver messages in the \fBhold\fR queue). +.IP \(bu +The \fB\-e\fR and \fB\-f\fR options both request forced +expiration. The difference is that \fB\-f\fR will also release +a message if it is in the \fBhold\fR queue. With \fB\-e\fR, such +a message would not be returned to the sender until it is +released with \fB\-f\fR or \fB\-H\fR. +.IP \(bu +When a deferred message is force\-expired, the return message +will state the reason for the delay. Otherwise, the reason +will be "message is administratively expired". +.RE +.IP +To expire multiple files, specify the \fB\-e\fR or \fB\-f\fR +option multiple times, or specify a \fIqueue_id\fR of \fB\-\fR +to read queue IDs from standard input (see the \fB\-d\fR option +above for an example, but be sure to replace \fB\-d\fR in +the example). +.sp +Specify "\fB\-e ALL\fR" or "\fB\-f ALL\fR" to expire all +messages; for example, specify "\fB\-e ALL deferred\fR" to +expire all mail in the \fBdeferred\fR queue. As a safety +measure, the word \fBALL\fR must be specified in upper case. +.sp +These features are available in Postfix 3.5 and later. +.IP "\fB\-h \fIqueue_id\fR" +Put mail "on hold" so that no attempt is made to deliver it. +Move one message with the named queue ID from the named +mail queue(s) (default: \fBincoming\fR, \fBactive\fR and +\fBdeferred\fR) to the \fBhold\fR queue. + +To hold multiple files, specify the \fB\-h\fR option multiple +times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs +from standard input. +.sp +Specify "\fB\-h ALL\fR" to hold all messages; for example, specify +"\fB\-h ALL deferred\fR" to hold all mail in the \fBdeferred\fR queue. +As a safety measure, the word \fBALL\fR must be specified in upper +case. +.sp +Note: while mail is "on hold" it will not expire when its +time in the queue exceeds the \fBmaximal_queue_lifetime\fR +or \fBbounce_queue_lifetime\fR setting. It becomes subject to +expiration after it is released from "hold". +.sp +This feature is available in Postfix 2.0 and later. +.IP "\fB\-H \fIqueue_id\fR" +Release mail that was put "on hold". +Move one message with the named queue ID from the named +mail queue(s) (default: \fBhold\fR) to the \fBdeferred\fR queue. + +To release multiple files, specify the \fB\-H\fR option multiple +times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs +from standard input. +.sp +Note: specify "\fBpostsuper \-r\fR" to release mail that was kept on +hold for a significant fraction of \fB$maximal_queue_lifetime\fR +or \fB$bounce_queue_lifetime\fR, or longer. +.sp +Specify "\fB\-H ALL\fR" to release all mail that is "on hold". +As a safety measure, the word \fBALL\fR must be specified in upper +case. +.sp +This feature is available in Postfix 2.0 and later. +.IP \fB\-p\fR +Purge old temporary files that are left over after system or +software crashes. +The \fB\-p\fR, \fB\-s\fR, and \fB\-S\fR operations are done +before other operations. +.IP "\fB\-r \fIqueue_id\fR" +Requeue the message with the named queue ID from the named +mail queue(s) (default: \fBhold\fR, \fBincoming\fR, \fBactive\fR and +\fBdeferred\fR). + +To requeue multiple files, specify the \fB\-r\fR option multiple +times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs +from standard input. +.sp +Specify "\fB\-r ALL\fR" to requeue all messages. As a safety +measure, the word \fBALL\fR must be specified in upper case. +.sp +A requeued message is moved to the \fBmaildrop\fR queue, +from where it is copied by the \fBpickup\fR(8) and +\fBcleanup\fR(8) daemons to a new queue file. In many +respects its handling differs from that of a new local +submission. +.RS +.IP \(bu +The message is not subjected to the smtpd_milters or +non_smtpd_milters settings. When mail has passed through +an external content filter, this would produce incorrect +results with Milter applications that depend on original +SMTP connection state information. +.IP \(bu +The message is subjected again to mail address rewriting +and substitution. This is useful when rewriting rules or +virtual mappings have changed. +.sp +The address rewriting context (local or remote) is the same +as when the message was received. +.IP \(bu +The message is subjected to the same content_filter settings +(if any) as used for new local mail submissions. This is +useful when content_filter settings have changed. +.RE +.IP +Warning: Postfix queue IDs are reused (always with Postfix +<= 2.8; and with Postfix >= 2.9 when enable_long_queue_ids=no). +There is a very small possibility that \fBpostsuper\fR(1) requeues +the wrong message file when it is executed while the Postfix mail +system is running, but no harm should be done. +.sp +This feature is available in Postfix 1.1 and later. +.IP \fB\-s\fR +Structure check and structure repair. This should be done once +before Postfix startup. +The \fB\-p\fR, \fB\-s\fR, and \fB\-S\fR operations are done +before other operations. +.RS +.IP \(bu +Rename files whose name does not match the message file inode +number. This operation is necessary after restoring a mail +queue from a different machine or from backup, when queue +files were created with Postfix <= 2.8 or with +"enable_long_queue_ids = no". +.IP \(bu +Move queue files that are in the wrong place in the file system +hierarchy and remove subdirectories that are no longer needed. +File position rearrangements are necessary after a change in the +\fBhash_queue_names\fR and/or \fBhash_queue_depth\fR +configuration parameters. +.IP \(bu +Rename queue files created with "enable_long_queue_ids = +yes" to short names, for migration to Postfix <= 2.8. The +procedure is as follows: +.sp +.nf +.na +# postfix stop +# postconf enable_long_queue_ids=no +# postsuper +.ad +.fi +.sp +Run \fBpostsuper\fR(1) repeatedly until it stops reporting +file name changes. +.RE +.IP \fB\-S\fR +A redundant version of \fB\-s\fR that requires that long +file names also match the message file inode number. This +option exists for testing purposes, and is available with +Postfix 2.9 and later. +The \fB\-p\fR, \fB\-s\fR, and \fB\-S\fR operations are done +before other operations. +.IP \fB\-v\fR +Enable verbose logging for debugging purposes. Multiple \fB\-v\fR +options make the software increasingly verbose. +.SH DIAGNOSTICS +.ad +.fi +Problems are reported to the standard error stream and to +\fBsyslogd\fR(8) or \fBpostlogd\fR(8). + +\fBpostsuper\fR(1) reports the number of messages deleted +with \fB\-d\fR, the number of messages expired with \fB\-e\fR, +the number of messages expired or released with \fB\-f\fR, +the number of messages held or released with \fB\-h\fR or +\fB\-H\fR, the number of messages requeued with \fB\-r\fR, +and the number of messages whose queue file name was fixed +with \fB\-s\fR. The report is written to the standard error +stream and to \fBsyslogd\fR(8) or \fBpostlogd\fR(8). +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP MAIL_CONFIG +Directory with the \fBmain.cf\fR file. +.SH BUGS +.ad +.fi +Mail that is not sanitized by Postfix (i.e. mail in the \fBmaildrop\fR +queue) cannot be placed "on hold". +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBhash_queue_depth (1)\fR" +The number of subdirectory levels for queue directories listed with +the hash_queue_names parameter. +.IP "\fBhash_queue_names (deferred, defer)\fR" +The names of queue directories that are split across multiple +subdirectory levels. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment parameters that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBqueue_directory (see 'postconf -d' output)\fR" +The location of the Postfix top\-level queue directory. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.PP +Available in Postfix version 2.9 and later: +.IP "\fBenable_long_queue_ids (no)\fR" +Enable long, non\-repeating, queue IDs (queue file names). +.SH "SEE ALSO" +.na +.nf +sendmail(1), Sendmail\-compatible user interface +postqueue(1), unprivileged queue operations +postlogd(8), Postfix logging +syslogd(8), system logging +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/posttls-finger.1 b/man/man1/posttls-finger.1 new file mode 100644 index 0000000..54b72ab --- /dev/null +++ b/man/man1/posttls-finger.1 @@ -0,0 +1,343 @@ +.TH POSTTLS-FINGER 1 +.ad +.fi +.SH NAME +posttls-finger +\- +Probe the TLS properties of an ESMTP or LMTP server. +.SH "SYNOPSIS" +.na +.nf +\fBposttls\-finger\fR [\fIoptions\fR] [\fBinet:\fR]\fIdomain\fR[:\fIport\fR] [\fImatch ...\fR] +.br +\fBposttls\-finger\fR \-S [\fIoptions\fR] \fBunix:\fIpathname\fR [\fImatch ...\fR] +.SH DESCRIPTION +.ad +.fi +\fBposttls\-finger\fR(1) connects to the specified destination +and reports TLS\-related information about the server. With SMTP, the +destination is a domainname; with LMTP it is either a domainname +prefixed with \fBinet:\fR or a pathname prefixed with \fBunix:\fR. If +Postfix is built without TLS support, the resulting \fBposttls\-finger\fR(1) +program has very limited functionality, and only the \fB\-a\fR, \fB\-c\fR, +\fB\-h\fR, \fB\-o\fR, \fB\-S\fR, \fB\-t\fR, \fB\-T\fR and \fB\-v\fR options +are available. + +Note: this is an unsupported test program. No attempt is made +to maintain compatibility between successive versions. + +For SMTP servers that don't support ESMTP, only the greeting banner +and the negative EHLO response are reported. Otherwise, the reported +EHLO response details further server capabilities. + +If TLS support is enabled when \fBposttls\-finger\fR(1) is compiled, and +the server supports \fBSTARTTLS\fR, a TLS handshake is attempted. + +If DNSSEC support is available, the connection TLS security level +(\fB\-l\fR option) defaults to \fBdane\fR; see TLS_README for +details. Otherwise, it defaults to \fBsecure\fR. This setting +determines the certificate matching policy. + +If TLS negotiation succeeds, the TLS protocol and cipher details are +reported. The server certificate is then verified in accordance with +the policy at the chosen (or default) security level. With public +CA\-based trust, when the \fB\-L\fR option includes \fBcertmatch\fR, +(true by default) name matching is performed even if the certificate +chain is not trusted. This logs the names found in the remote SMTP +server certificate and which if any would match, were the certificate +chain trusted. + +Note: \fBposttls\-finger\fR(1) does not perform any table lookups, so +the TLS policy table and obsolete per\-site tables are not consulted. +It does not communicate with the \fBtlsmgr\fR(8) daemon (or any other +Postfix daemons); its TLS session cache is held in private memory, and +disappears when the process exits. + +With the \fB\-r \fIdelay\fR option, if the server assigns a TLS +session id, the TLS session is cached. The connection is then closed +and re\-opened after the specified delay, and \fBposttls\-finger\fR(1) +then reports whether the cached TLS session was re\-used. + +When the destination is a load balancer, it may be distributing +load between multiple server caches. Typically, each server returns +its unique name in its EHLO response. If, upon reconnecting with +\fB\-r\fR, a new server name is detected, another session is cached +for the new server, and the reconnect is repeated up to a maximum +number of times (default 5) that can be specified via the \fB\-m\fR +option. + +The choice of SMTP or LMTP (\fB\-S\fR option) determines the syntax of +the destination argument. With SMTP, one can specify a service on a +non\-default port as \fIhost\fR:\fIservice\fR, and disable MX (mail +exchanger) DNS lookups with [\fIhost\fR] or [\fIhost\fR]:\fIport\fR. +The [] form is required when you specify an IP address instead of a +hostname. An IPv6 address takes the form [\fBipv6:\fIaddress\fR]. +The default port for SMTP is taken from the \fBsmtp/tcp\fR entry in +/etc/services, defaulting to 25 if the entry is not found. + +With LMTP, specify \fBunix:\fIpathname\fR to connect to a local server +listening on a unix\-domain socket bound to the specified pathname; +otherwise, specify an optional \fBinet:\fR prefix followed by a +\fIdomain\fR and an optional port, with the same syntax as for +SMTP. The default TCP port for LMTP is 24. + +Arguments: +.IP "\fB\-a\fR \fIfamily\fR (default: \fBany\fR)" +Address family preference: \fBipv4\fR, \fBipv6\fR or \fBany\fR. When +using \fBany\fR, \fBposttls\-finger\fR(1) will randomly select one of +the two as the more preferred, and exhaust all MX preferences for the +first address family before trying any addresses for the other. +.IP "\fB\-A\fR \fItrust\-anchor.pem\fR (default: none)" +A list of PEM trust\-anchor files that overrides CAfile and CApath +trust chain verification. Specify the option multiple times to +specify multiple files. See the main.cf documentation for +smtp_tls_trust_anchor_file for details. +.IP "\fB\-c\fR" +Disable SMTP chat logging; only TLS\-related information is logged. +.IP "\fB\-C\fR" +Print the remote SMTP server certificate trust chain in PEM format. +The issuer DN, subject DN, certificate and public key fingerprints +(see \fB\-d \fImdalg\fR option below) are printed above each PEM +certificate block. If you specify \fB\-F \fICAfile\fR or +\fB\-P \fICApath\fR, the OpenSSL library may augment the chain with +missing issuer certificates. To see the actual chain sent by the +remote SMTP server leave \fICAfile\fR and \fICApath\fR unset. +.IP "\fB\-d \fImdalg\fR (default: \fB$smtp_tls_fingerprint_digest\fR)" +The message digest algorithm to use for reporting remote SMTP server +fingerprints and matching against user provided certificate +fingerprints (with DANE TLSA records the algorithm is specified +in the DNS). In Postfix versions prior to 3.6, the default value +was "md5". +.IP "\fB\-f\fR" +Lookup the associated DANE TLSA RRset even when a hostname is not an +alias and its address records lie in an unsigned zone. See +smtp_tls_force_insecure_host_tlsa_lookup for details. +.IP "\fB\-F \fICAfile.pem\fR (default: none)" +The PEM formatted CAfile for remote SMTP server certificate +verification. By default no CAfile is used and no public CAs +are trusted. +.IP "\fB\-g \fIgrade\fR (default: medium)" +The minimum TLS cipher grade used by \fBposttls\-finger\fR(1). +See smtp_tls_mandatory_ciphers for details. +.IP "\fB\-h \fIhost_lookup\fR (default: \fBdns\fR)" +The hostname lookup methods used for the connection. See the +documentation of smtp_host_lookup for syntax and semantics. +.IP "\fB\-H \fIchainfiles\fR (default: \fInone\fR)\fR" +List of files with a sequence PEM\-encoded TLS client certificate +chains. The list can be built\-up incrementally, by specifying +the option multiple times, or all at once via a comma or +whitespace separated list of filenames. Each chain starts with +a private key, which is followed immediately by the +corresponding certificate, and optionally by additional issuer +certificates. Each new key begins a new chain for the +corresponding algorithm. This option is mutually exclusive with +the below \fB\-k\fR and \fB\-K\fR options. +.IP "\fB\-k \fIcertfile\fR (default: \fIkeyfile\fR)\fR" +File with PEM\-encoded TLS client certificate chain. This +defaults to \fIkeyfile\fR if one is specified. +.IP "\fB\-K \fIkeyfile\fR (default: \fIcertfile\fR)" +File with PEM\-encoded TLS client private key. +This defaults to \fIcertfile\fR if one is specified. +.IP "\fB\-l \fIlevel\fR (default: \fBdane\fR or \fBsecure\fR)" +The security level for the connection, default \fBdane\fR or +\fBsecure\fR depending on whether DNSSEC is available. For syntax +and semantics, see the documentation of smtp_tls_security_level. +When \fBdane\fR or \fBdane\-only\fR is supported and selected, if no +TLSA records are found, or all the records found are unusable, the +\fIsecure\fR level will be used instead. The \fBfingerprint\fR +security level allows you to test certificate or public\-key +fingerprint matches before you deploy them in the policy table. +.IP +Note, since \fBposttls\-finger\fR(1) does not actually deliver any email, +the \fBnone\fR, \fBmay\fR and \fBencrypt\fR security levels are not +very useful. Since \fBmay\fR and \fBencrypt\fR don't require peer +certificates, they will often negotiate anonymous TLS ciphersuites, +so you won't learn much about the remote SMTP server's certificates +at these levels if it also supports anonymous TLS (though you may +learn that the server supports anonymous TLS). +.IP "\fB\-L \fIlogopts\fR (default: \fBroutine,certmatch\fR)" +Fine\-grained TLS logging options. To tune the TLS features logged +during the TLS handshake, specify one or more of: +.RS +.IP "\fB0, none\fR" +These yield no TLS logging; you'll generally want more, but this +is handy if you just want the trust chain: +.RS +.ad +.nf +$ posttls\-finger \-cC \-L none destination +.fi +.RE +.IP "\fB1, routine, summary\fR" +These synonymous values yield a normal one\-line summary of the TLS +connection. +.IP "\fB2, debug\fR" +These synonymous values combine routine, ssl\-debug, cache and verbose. +.IP "\fB3, ssl\-expert\fR" +These synonymous values combine debug with ssl\-handshake\-packet\-dump. +For experts only. +.IP "\fB4, ssl\-developer\fR" +These synonymous values combine ssl\-expert with ssl\-session\-packet\-dump. +For experts only, and in most cases, use wireshark instead. +.IP "\fBssl\-debug\fR" +Turn on OpenSSL logging of the progress of the SSL handshake. +.IP "\fBssl\-handshake\-packet\-dump\fR" +Log hexadecimal packet dumps of the SSL handshake; for experts only. +.IP "\fBssl\-session\-packet\-dump\fR" +Log hexadecimal packet dumps of the entire SSL session; only useful +to those who can debug SSL protocol problems from hex dumps. +.IP "\fBuntrusted\fR" +Logs trust chain verification problems. This is turned on +automatically at security levels that use peer names signed +by Certification Authorities to validate certificates. So while +this setting is recognized, you should never need to set it +explicitly. +.IP "\fBpeercert\fR" +This logs a one line summary of the remote SMTP server certificate +subject, issuer, and fingerprints. +.IP "\fBcertmatch\fR" +This logs remote SMTP server certificate matching, showing the CN +and each subjectAltName and which name matched. With DANE, logs +matching of TLSA record trust\-anchor and end\-entity certificates. +.IP "\fBcache\fR" +This logs session cache operations, showing whether session caching +is effective with the remote SMTP server. Automatically used when +reconnecting with the \fB\-r\fR option; rarely needs to be set +explicitly. +.IP "\fBverbose\fR" +Enables verbose logging in the Postfix TLS driver; includes all of +peercert..cache and more. +.RE +.IP +The default is \fBroutine,certmatch\fR. After a reconnect, +\fBpeercert\fR, \fBcertmatch\fR and \fBverbose\fR are automatically +disabled while \fBcache\fR and \fBsummary\fR are enabled. +.IP "\fB\-m \fIcount\fR (default: \fB5\fR)" +When the \fB\-r \fIdelay\fR option is specified, the \fB\-m\fR option +determines the maximum number of reconnect attempts to use with +a server behind a load balancer, to see whether connection caching +is likely to be effective for this destination. Some MTAs +don't expose the underlying server identity in their EHLO +response; with these servers there will never be more than +1 reconnection attempt. +.IP "\fB\-M \fIinsecure_mx_policy\fR (default: \fBdane\fR)" +The TLS policy for MX hosts with "secure" TLSA records when the +nexthop destination security level is \fBdane\fR, but the MX +record was found via an "insecure" MX lookup. See the main.cf +documentation for smtp_tls_dane_insecure_mx_policy for details. +.IP "\fB\-o \fIname=value\fR" +Specify zero or more times to override the value of the main.cf +parameter \fIname\fR with \fIvalue\fR. Possible use\-cases include +overriding the values of TLS library parameters, or "myhostname" to +configure the SMTP EHLO name sent to the remote server. +.IP "\fB\-p \fIprotocols\fR (default: >=TLSv1)" +TLS protocols that \fBposttls\-finger\fR(1) will exclude or include. See +smtp_tls_mandatory_protocols for details. +.IP "\fB\-P \fICApath/\fR (default: none)" +The OpenSSL CApath/ directory (indexed via c_rehash(1)) for remote +SMTP server certificate verification. By default no CApath is used +and no public CAs are trusted. +.IP "\fB\-r \fIdelay\fR" +With a cacheable TLS session, disconnect and reconnect after \fIdelay\fR +seconds. Report whether the session is re\-used. Retry if a new server +is encountered, up to 5 times or as specified with the \fB\-m\fR option. +By default reconnection is disabled, specify a positive delay to +enable this behavior. +.IP "\fB\-s \fIservername\fR" +The server name to send with the TLS Server Name Indication (SNI) +extension. When the server has DANE TLSA records, this parameter +is ignored and the TLSA base domain is used instead. Otherwise, SNI is +not used by default, but can be enabled by specifying the desired value +with this option. +.IP "\fB\-S\fR" +Disable SMTP; that is, connect to an LMTP server. The default port for +LMTP over TCP is 24. Alternative ports can specified by appending +"\fI:servicename\fR" or ":\fIportnumber\fR" to the destination +argument. +.IP "\fB\-t \fItimeout\fR (default: \fB30\fR)" +The TCP connection timeout to use. This is also the timeout for +reading the remote server's 220 banner. +.IP "\fB\-T \fItimeout\fR (default: \fB30\fR)" +The SMTP/LMTP command timeout for EHLO/LHLO, STARTTLS and QUIT. +.IP "\fB\-v\fR" +Enable verbose Postfix logging. Specify more than once to increase +the level of verbose logging. +.IP "\fB\-w\fR" +Enable outgoing TLS wrapper mode, or SUBMISSIONS/SMTPS support. This +is typically provided on port 465 by servers that are compatible with +the SMTP\-in\-SSL protocol, rather than the STARTTLS protocol. +The destination \fIdomain\fR:\fIport\fR must of course provide such +a service. +.IP "\fB\-X\fR" +Enable \fBtlsproxy\fR(8) mode. This is an unsupported mode, +for program development only. +.IP "[\fBinet:\fR]\fIdomain\fR[:\fIport\fR]" +Connect via TCP to domain \fIdomain\fR, port \fIport\fR. The default +port is \fBsmtp\fR (or 24 with LMTP). With SMTP an MX lookup is +performed to resolve the domain to a host, unless the domain is +enclosed in \fB[]\fR. If you want to connect to a specific MX host, +for instance \fImx1.example.com\fR, specify [\fImx1.example.com\fR] +as the destination and \fIexample.com\fR as a \fBmatch\fR argument. +When using DNS, the destination domain is assumed fully qualified +and no default domain or search suffixes are applied; you must use +fully\-qualified names or also enable \fBnative\fR host lookups +(these don't support \fBdane\fR or \fBdane\-only\fR as no DNSSEC +validation information is available via \fBnative\fR lookups). +.IP "\fBunix:\fIpathname\fR" +Connect to the UNIX\-domain socket at \fIpathname\fR. LMTP only. +.IP "\fBmatch ...\fR" +With no match arguments specified, certificate peername matching uses +the compiled\-in default strategies for each security level. If you +specify one or more arguments, these will be used as the list of +certificate or public\-key digests to match for the \fBfingerprint\fR +level, or as the list of DNS names to match in the certificate at the +\fBverify\fR and \fBsecure\fR levels. If the security level is +\fBdane\fR, or \fBdane\-only\fR the match names are ignored, and +\fBhostname, nexthop\fR strategies are used. +.ad +.fi +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP \fBMAIL_CONFIG\fR +Read configuration parameters from a non\-default location. +.IP \fBMAIL_VERBOSE\fR +Same as \fB\-v\fR option. +.SH "SEE ALSO" +.na +.nf +smtp\-source(1), SMTP/LMTP message source +smtp\-sink(1), SMTP/LMTP message dump + +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or "\fBpostconf +html_directory\fR" to locate this information. +.na +.nf +TLS_README, Postfix STARTTLS howto +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA + +Viktor Dukhovni diff --git a/man/man1/qmqp-sink.1 b/man/man1/qmqp-sink.1 new file mode 100644 index 0000000..1556b51 --- /dev/null +++ b/man/man1/qmqp-sink.1 @@ -0,0 +1,69 @@ +.TH QMQP-SINK 1 +.ad +.fi +.SH NAME +qmqp-sink +\- +parallelized QMQP test server +.SH "SYNOPSIS" +.na +.nf +.fi +\fBqmqp\-sink\fR [\fB\-46cv\fR] [\fB\-x \fItime\fR] +[\fBinet:\fR][\fIhost\fR]:\fIport\fR \fIbacklog\fR + +\fBqmqp\-sink\fR [\fB\-46cv\fR] [\fB\-x \fItime\fR] +\fBunix:\fR\fIpathname\fR \fIbacklog\fR +.SH DESCRIPTION +.ad +.fi +\fBqmqp\-sink\fR listens on the named host (or address) and port. +It receives messages from the network and throws them away. +The purpose is to measure QMQP client performance, not protocol +compliance. +Connections can be accepted on IPv4 or IPv6 endpoints, or on +UNIX\-domain sockets. +IPv4 and IPv6 are the default. +This program is the complement of the \fBqmqp\-source\fR(1) program. + +Note: this is an unsupported test program. No attempt is made +to maintain compatibility between successive versions. + +Arguments: +.IP \fB\-4\fR +Support IPv4 only. This option has no effect when +Postfix is built without IPv6 support. +.IP \fB\-6\fR +Support IPv6 only. This option is not available when +Postfix is built without IPv6 support. +.IP \fB\-c\fR +Display a running counter that is updated whenever a delivery +is completed. +.IP \fB\-v\fR +Increase verbosity. Specify \fB\-v \-v\fR to see some of the QMQP +conversation. +.IP "\fB\-x \fItime\fR" +Terminate after \fItime\fR seconds. This is to facilitate memory +leak testing. +.SH "SEE ALSO" +.na +.nf +qmqp\-source(1), QMQP message generator +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/qmqp-source.1 b/man/man1/qmqp-source.1 new file mode 100644 index 0000000..86f23b9 --- /dev/null +++ b/man/man1/qmqp-source.1 @@ -0,0 +1,90 @@ +.TH QMQP-SOURCE 1 +.ad +.fi +.SH NAME +qmqp-source +\- +parallelized QMQP test generator +.SH "SYNOPSIS" +.na +.nf +.fi +\fBqmqp\-source\fR [\fIoptions\fR] [\fBinet:\fR]\fIhost\fR[:\fIport\fR] + +\fBqmqp\-source\fR [\fIoptions\fR] \fBunix:\fIpathname\fR +.SH DESCRIPTION +.ad +.fi +\fBqmqp\-source\fR connects to the named host and TCP port (default 628) +and sends one or more messages to it, either sequentially +or in parallel. The program speaks the QMQP protocol. +Connections can be made to UNIX\-domain and IPv4 or IPv6 servers. +IPv4 and IPv6 are the default. + +Note: this is an unsupported test program. No attempt is made +to maintain compatibility between successive versions. + +Arguments: +.IP \fB\-4\fR +Connect to the server with IPv4. This option has no effect when +Postfix is built without IPv6 support. +.IP \fB\-6\fR +Connect to the server with IPv6. This option is not available when +Postfix is built without IPv6 support. +.IP \fB\-c\fR +Display a running counter that is incremented each time +a delivery completes. +.IP "\fB\-C \fIcount\fR" +When a host sends RESET instead of SYN|ACK, try \fIcount\fR times +before giving up. The default count is 1. Specify a larger count in +order to work around a problem with TCP/IP stacks that send RESET +when the listen queue is full. +.IP "\fB\-f \fIfrom\fR" +Use the specified sender address (default: <foo@myhostname>). +.IP "\fB\-l \fIlength\fR" +Send \fIlength\fR bytes as message payload. The length +includes the message headers. +.IP "\fB\-m \fImessage_count\fR" +Send the specified number of messages (default: 1). +.IP "\fB\-M \fImyhostname\fR" +Use the specified hostname or [address] in the default +sender and recipient addresses, instead of the machine +hostname. +.IP "\fB\-r \fIrecipient_count\fR" +Send the specified number of recipients per transaction (default: 1). +Recipient names are generated by prepending a number to the +recipient address. +.IP "\fB\-s \fIsession_count\fR" +Run the specified number of QMQP sessions in parallel (default: 1). +.IP "\fB\-t \fIto\fR" +Use the specified recipient address (default: <foo@myhostname>). +.IP "\fB\-R \fIinterval\fR" +Wait for a random period of time 0 <= n <= interval between messages. +Suspending one thread does not affect other delivery threads. +.IP \fB\-v\fR +Make the program more verbose, for debugging purposes. +.IP "\fB\-w \fIinterval\fR" +Wait a fixed time between messages. +Suspending one thread does not affect other delivery threads. +.SH "SEE ALSO" +.na +.nf +qmqp\-sink(1), QMQP message dump +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/qshape.1 b/man/man1/qshape.1 new file mode 100644 index 0000000..5a6352f --- /dev/null +++ b/man/man1/qshape.1 @@ -0,0 +1,118 @@ +.TH QSHAPE 1 +.ad +.fi +.SH NAME +qshape +\- +Print Postfix queue domain and age distribution +.SH "SYNOPSIS" +.na +.nf +.fi +\fBqshape\fR [\fB\-s\fR] [\fB\-p\fR] [\fB\-m \fImin_subdomains\fR] + [\fB\-b \fIbucket_count\fR] [\fB\-t \fIbucket_time\fR] + [\fB\-l\fR] [\fB\-w \fIterminal_width\fR] + [\fB\-N \fIbatch_msg_count\fR] [\fB\-n \fIbatch_top_domains\fR] + [\fB\-c \fIconfig_directory\fR] [\fIqueue_name\fR ...] +.SH DESCRIPTION +.ad +.fi +The \fBqshape\fR program helps the administrator understand the +Postfix queue message distribution in time and by sender domain +or recipient domain. The program needs read access to the queue +directories and queue files, so it must run as the superuser or +the \fBmail_owner\fR specified in \fBmain.cf\fR (typically +\fBpostfix\fR). + +Options: +.IP \fB\-s\fR +Display the sender domain distribution instead of the recipient +domain distribution. By default the recipient distribution is +displayed. There can be more recipients than messages, but as +each message has only one sender, the sender distribution is a +message distribution. +.IP \fB\-p\fR +Generate aggregate statistics for parent domains. Top level domains +are not shown, nor are domains with fewer than \fImin_subdomains\fR +subdomains. The names of parent domains are shown with a leading dot, +(e.g. \fI.example.com\fR). +.IP "\fB\-m \fImin_subdomains\fR" +When used with the \fB\-p\fR option, sets the minimum subdomain count +needed to show a separate line for a parent domain. The default is 5. +.IP "\fB\-b \fIbucket_count\fR" +The age distribution is broken up into a sequence of geometrically +increasing intervals. This option sets the number of intervals +or "buckets". Each bucket has a maximum queue age that is twice +as large as that of the previous bucket. The last bucket has no +age limit. +.IP "\fB\-t \fIbucket_time\fR" +The age limit in minutes for the first time bucket. The default +value is 5, meaning that the first bucket counts messages between +0 and 5 minutes old. +.IP "\fB\-l\fR" +Instead of using a geometric age sequence, use a linear age sequence, +in other words simple multiples of \fBbucket_time\fR. + +This feature is available in Postfix 2.2 and later. +.IP "\fB\-w \fIterminal_width\fR" +The output is right justified, with the counts for the last +bucket shown on the 80th column, the \fIterminal_width\fR can be +adjusted for wider screens allowing more buckets to be displayed +without truncating the domain names on the left. When a row for a +full domain name and its counters does not fit in the specified +number of columns, only the last 17 bytes of the domain name +are shown with the prefix replaced by a '+' character. Truncated +parent domain rows are shown as '.+' followed by the last 16 bytes +of the domain name. If this is still too narrow to show the domain +name and all the counters, the terminal_width limit is violated. +.IP "\fB\-N \fIbatch_msg_count\fR" +When the output device is a terminal, intermediate results are +shown each "batch_msg_count" messages. This produces usable results +in a reasonable time even when the deferred queue is large. The +default is to show intermediate results every 1000 messages. +.IP "\fB\-n \fIbatch_top_domains\fR" +When reporting intermediate or final results to a termainal, report +only the top "batch_top_domains" domains. The default limit is 20 +domains. +.IP "\fB\-c \fIconfig_directory\fR" +The \fBmain.cf\fR configuration file is in the named directory +instead of the default configuration directory. +.PP +Arguments: +.IP \fIqueue_name\fR +By default \fBqshape\fR displays the combined distribution of +the incoming and active queues. To display a different set of +queues, just list their directory names on the command line. +Absolute paths are used as is, other paths are taken relative +to the \fBmain.cf\fR \fBqueue_directory\fR parameter setting. +While \fBmain.cf\fR supports the use of \fI$variable\fR expansion +in the definition of the \fBqueue_directory\fR parameter, the +\fBqshape\fR program does not. If you must use variable expansions +in the \fBqueue_directory\fR setting, you must specify an explicit +absolute path for each queue subdirectory even if you want the +default incoming and active queue distribution. +.SH "SEE ALSO" +.na +.nf +mailq(1), List all messages in the queue. +QSHAPE_README Examples and background material. +.SH "FILES" +.na +.nf +$config_directory/main.cf, Postfix installation parameters. +$queue_directory/maildrop/, local submission directory. +$queue_directory/incoming/, new message queue. +$queue_directory/hold/, messages waiting for tech support. +$queue_directory/active/, messages scheduled for delivery. +$queue_directory/deferred/, messages postponed for later delivery. +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Victor Duchovni +Morgan Stanley diff --git a/man/man1/sendmail.1 b/man/man1/sendmail.1 new file mode 100644 index 0000000..22affe6 --- /dev/null +++ b/man/man1/sendmail.1 @@ -0,0 +1,512 @@ +.TH SENDMAIL 1 +.ad +.fi +.SH NAME +sendmail +\- +Postfix to Sendmail compatibility interface +.SH "SYNOPSIS" +.na +.nf +\fBsendmail\fR [\fIoption ...\fR] [\fIrecipient ...\fR] + +\fBmailq\fR +\fBsendmail \-bp\fR + +\fBnewaliases\fR +\fBsendmail \-I\fR +.SH DESCRIPTION +.ad +.fi +The Postfix \fBsendmail\fR(1) command implements the Postfix +to Sendmail compatibility interface. +For the sake of compatibility with existing applications, some +Sendmail command\-line options are recognized but silently ignored. + +By default, Postfix \fBsendmail\fR(1) reads a message from +standard input +until EOF or until it reads a line with only a \fB.\fR character, +and arranges for delivery. Postfix \fBsendmail\fR(1) relies on the +\fBpostdrop\fR(1) command to create a queue file in the \fBmaildrop\fR +directory. + +Specific command aliases are provided for other common modes of +operation: +.IP \fBmailq\fR +List the mail queue. Each entry shows the queue file ID, message +size, arrival time, sender, and the recipients that still need to +be delivered. If mail could not be delivered upon the last attempt, +the reason for failure is shown. The queue ID string is +followed by an optional status character: +.RS +.IP \fB*\fR +The message is in the \fBactive\fR queue, i.e. the message is +selected for delivery. +.IP \fB!\fR +The message is in the \fBhold\fR queue, i.e. no further delivery +attempt will be made until the mail is taken off hold. +.IP \fB#\fR +The message is forced to expire. See the \fBpostsuper\fR(1) +options \fB\-e\fR or \fB\-f\fR. +.RE +.IP +This mode of operation is implemented by executing the +\fBpostqueue\fR(1) command. +.IP \fBnewaliases\fR +Initialize the alias database. If no input file is specified (with +the \fB\-oA\fR option, see below), the program processes the file(s) +specified with the \fBalias_database\fR configuration parameter. +If no alias database type is specified, the program uses the type +specified with the \fBdefault_database_type\fR configuration parameter. +This mode of operation is implemented by running the \fBpostalias\fR(1) +command. +.sp +Note: it may take a minute or so before an alias database update +becomes visible. Use the "\fBpostfix reload\fR" command to eliminate +this delay. +.PP +These and other features can be selected by specifying the +appropriate combination of command\-line options. Some features are +controlled by parameters in the \fBmain.cf\fR configuration file. + +The following options are recognized: +.IP "\fB\-Am\fR (ignored)" +.IP "\fB\-Ac\fR (ignored)" +Postfix sendmail uses the same configuration file regardless of +whether or not a message is an initial submission. +.IP "\fB\-B \fIbody_type\fR" +The message body MIME type: \fB7BIT\fR or \fB8BITMIME\fR. +.IP \fB\-bd\fR +Go into daemon mode. This mode of operation is implemented by +executing the "\fBpostfix start\fR" command. +.IP "\fB\-bh\fR (ignored)" +.IP "\fB\-bH\fR (ignored)" +Postfix has no persistent host status database. +.IP \fB\-bi\fR +Initialize alias database. See the \fBnewaliases\fR +command above. +.IP \fB\-bl\fR +Go into daemon mode. To accept only local connections as +with Sendmail's \fB\-bl\fR option, specify "\fBinet_interfaces += loopback\fR" in the Postfix \fBmain.cf\fR configuration +file. +.IP \fB\-bm\fR +Read mail from standard input and arrange for delivery. +This is the default mode of operation. +.IP \fB\-bp\fR +List the mail queue. See the \fBmailq\fR command above. +.IP \fB\-bs\fR +Stand\-alone SMTP server mode. Read SMTP commands from +standard input, and write responses to standard output. +In stand\-alone SMTP server mode, mail relaying and other +access controls are disabled by default. To enable them, +run the process as the \fBmail_owner\fR user. +.sp +This mode of operation is implemented by running the +\fBsmtpd\fR(8) daemon. +.IP \fB\-bv\fR +Do not collect or deliver a message. Instead, send an email +report after verifying each recipient address. This is useful +for testing address rewriting and routing configurations. +.sp +This feature is available in Postfix version 2.1 and later. +.IP "\fB\-C \fIconfig_file\fR" +.IP "\fB\-C \fIconfig_dir\fR" +The path name of the Postfix \fBmain.cf\fR file, or of its +parent directory. This information is ignored with Postfix +versions before 2.3. + +With Postfix version 3.2 and later, a non\-default directory +must be authorized in the default \fBmain.cf\fR file, through +the alternate_config_directories or multi_instance_directories +parameters. + +With all Postfix versions, you can specify a directory pathname +with the MAIL_CONFIG environment variable to override the +location of configuration files. +.IP "\fB\-F \fIfull_name\fR" +Set the sender full name. This overrides the NAME environment +variable, and is used only with messages that +have no \fBFrom:\fR message header. +.IP "\fB\-f \fIsender\fR" +Set the envelope sender address. This is the address where +delivery problems are sent to. With Postfix versions before 2.1, the +\fBErrors\-To:\fR message header overrides the error return address. +.IP \fB\-G\fR +Gateway (relay) submission, as opposed to initial user +submission. Either do not rewrite addresses at all, or +update incomplete addresses with the domain information +specified with \fBremote_header_rewrite_domain\fR. + +This option is ignored before Postfix version 2.3. +.IP "\fB\-h \fIhop_count\fR (ignored)" +Hop count limit. Use the \fBhopcount_limit\fR configuration +parameter instead. +.IP \fB\-I\fR +Initialize alias database. See the \fBnewaliases\fR +command above. +.IP "\fB\-i\fR" +When reading a message from standard input, don't treat a line +with only a \fB.\fR character as the end of input. +.IP "\fB\-L \fIlabel\fR (ignored)" +The logging label. Use the \fBsyslog_name\fR configuration +parameter instead. +.IP "\fB\-m\fR (ignored)" +Backwards compatibility. +.IP "\fB\-N \fIdsn\fR (default: 'delay, failure')" +Delivery status notification control. Specify either a +comma\-separated list with one or more of \fBfailure\fR (send +notification when delivery fails), \fBdelay\fR (send +notification when delivery is delayed), or \fBsuccess\fR +(send notification when the message is delivered); or specify +\fBnever\fR (don't send any notifications at all). + +This feature is available in Postfix 2.3 and later. +.IP "\fB\-n\fR (ignored)" +Backwards compatibility. +.IP "\fB\-oA\fIalias_database\fR" +Non\-default alias database. Specify \fIpathname\fR or +\fItype\fR:\fIpathname\fR. See \fBpostalias\fR(1) for +details. +.IP "\fB\-O \fIoption=value\fR (ignored)" +Set the named \fIoption\fR to \fIvalue\fR. Use the equivalent +configuration parameter in \fBmain.cf\fR instead. +.IP "\fB\-o7\fR (ignored)" +.IP "\fB\-o8\fR (ignored)" +To send 8\-bit or binary content, use an appropriate MIME encapsulation +and specify the appropriate \fB\-B\fR command\-line option. +.IP "\fB\-oi\fR" +When reading a message from standard input, don't treat a line +with only a \fB.\fR character as the end of input. +.IP "\fB\-om\fR (ignored)" +The sender is never eliminated from alias etc. expansions. +.IP "\fB\-o \fIx value\fR (ignored)" +Set option \fIx\fR to \fIvalue\fR. Use the equivalent +configuration parameter in \fBmain.cf\fR instead. +.IP "\fB\-r \fIsender\fR" +Set the envelope sender address. This is the address where +delivery problems are sent to. With Postfix versions before 2.1, the +\fBErrors\-To:\fR message header overrides the error return address. +.IP "\fB\-R \fIreturn\fR" +Delivery status notification control. Specify "hdrs" to +return only the header when a message bounces, "full" to +return a full copy (the default behavior). + +The \fB\-R\fR option specifies an upper bound; Postfix will +return only the header, when a full copy would exceed the +bounce_size_limit setting. + +This option is ignored before Postfix version 2.10. +.IP \fB\-q\fR +Attempt to deliver all queued mail. This is implemented by +executing the \fBpostqueue\fR(1) command. + +Warning: flushing undeliverable mail frequently will result in +poor delivery performance of all other mail. +.IP "\fB\-q\fIinterval\fR (ignored)" +The interval between queue runs. Use the \fBqueue_run_delay\fR +configuration parameter instead. +.IP \fB\-qI\fIqueueid\fR +Schedule immediate delivery of mail with the specified queue +ID. This option is implemented by executing the +\fBpostqueue\fR(1) command, and is available with Postfix +version 2.4 and later. +.IP \fB\-qR\fIsite\fR +Schedule immediate delivery of all mail that is queued for the named +\fIsite\fR. This option accepts only \fIsite\fR names that are +eligible for the "fast flush" service, and is implemented by +executing the \fBpostqueue\fR(1) command. +See \fBflush\fR(8) for more information about the "fast flush" +service. +.IP \fB\-qS\fIsite\fR +This command is not implemented. Use the slower "\fBsendmail \-q\fR" +command instead. +.IP \fB\-t\fR +Extract recipients from message headers. These are added to any +recipients specified on the command line. + +With Postfix versions prior to 2.1, this option requires that +no recipient addresses are specified on the command line. +.IP "\fB\-U\fR (ignored)" +Initial user submission. +.IP "\fB\-V \fIenvid\fR" +Specify the envelope ID for notification by servers that +support DSN. + +This feature is available in Postfix 2.3 and later. +.IP "\fB\-XV\fR (Postfix 2.2 and earlier: \fB\-V\fR)" +Variable Envelope Return Path. Given an envelope sender address +of the form \fIowner\-listname\fR@\fIorigin\fR, each recipient +\fIuser\fR@\fIdomain\fR receives mail with a personalized envelope +sender address. +.sp +By default, the personalized envelope sender address is +\fIowner\-listname\fB+\fIuser\fB=\fIdomain\fR@\fIorigin\fR. The default +\fB+\fR and \fB=\fR characters are configurable with the +\fBdefault_verp_delimiters\fR configuration parameter. +.IP "\fB\-XV\fIxy\fR (Postfix 2.2 and earlier: \fB\-V\fIxy\fR)" +As \fB\-XV\fR, but uses \fIx\fR and \fIy\fR as the VERP delimiter +characters, instead of the characters specified with the +\fBdefault_verp_delimiters\fR configuration parameter. +.IP \fB\-v\fR +Send an email report of the first delivery attempt (Postfix +versions 2.1 and later). Mail delivery +always happens in the background. When multiple \fB\-v\fR +options are given, enable verbose logging for debugging purposes. +.IP "\fB\-X \fIlog_file\fR (ignored)" +Log mailer traffic. Use the \fBdebug_peer_list\fR and +\fBdebug_peer_level\fR configuration parameters instead. +.SH "SECURITY" +.na +.nf +.ad +.fi +By design, this program is not set\-user (or group) id. +It is prepared to handle message content from untrusted, +possibly remote, users. + +However, like most Postfix programs, this program does not +enforce a security policy on its command\-line arguments. +Instead, it relies on the UNIX system to enforce access +policies based on the effective user and group IDs of the +process. Concretely, this means that running Postfix commands +as root (from sudo or equivalent) on behalf of a non\-root +user is likely to create privilege escalation opportunities. + +If an application runs any Postfix programs on behalf of +users that do not have normal shell access to Postfix +commands, then that application MUST restrict user\-specified +command\-line arguments to avoid privilege escalation. +.IP \(bu +Filter all command\-line arguments, for example arguments +that contain a pathname or that specify a database access +method. These pathname checks must reject user\-controlled +symlinks or hardlinks to sensitive files, and must not be +vulnerable to TOCTOU race attacks. +.IP \(bu +Disable command options processing for all command arguments +that contain user\-specified data. For example, the Postfix +\fBsendmail\fR(1) command line MUST be structured as follows: + +.nf + \fB/path/to/sendmail\fR \fIsystem\-arguments\fR \fB\-\-\fR \fIuser\-arguments\fR +.fi + +Here, the "\fB\-\-\fR" disables command option processing for +all \fIuser\-arguments\fR that follow. +.IP +Without the "\fB\-\-\fR", a malicious user could enable Postfix +\fBsendmail\fR(1) command options, by specifying an email +address that starts with "\fB\-\fR". +.SH DIAGNOSTICS +.ad +.fi +Problems are logged to \fBsyslogd\fR(8) or \fBpostlogd\fR(8), +and to the standard error stream. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP \fBMAIL_CONFIG\fR +Directory with Postfix configuration files. +.IP "\fBMAIL_VERBOSE\fR (value does not matter)" +Enable verbose logging for debugging purposes. +.IP "\fBMAIL_DEBUG\fR (value does not matter)" +Enable debugging with an external command, as specified with the +\fBdebugger_command\fR configuration parameter. +.IP \fBNAME\fR +The sender full name. This is used only with messages that +have no \fBFrom:\fR message header. See also the \fB\-F\fR +option above. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.SH "COMPATIBILITY CONTROLS" +.na +.nf +.ad +.fi +Available with Postfix 2.9 and later: +.IP "\fBsendmail_fix_line_endings (always)\fR" +Controls how the Postfix sendmail command converts email message +line endings from <CR><LF> into UNIX format (<LF>). +.SH "TROUBLE SHOOTING CONTROLS" +.na +.nf +.ad +.fi +The DEBUG_README file gives examples of how to troubleshoot a +Postfix system. +.IP "\fBdebugger_command (empty)\fR" +The external command to execute when a Postfix daemon program is +invoked with the \-D option. +.IP "\fBdebug_peer_level (2)\fR" +The increment in verbose logging level when a nexthop destination, +remote client or server name or network address matches a pattern +given with the debug_peer_list parameter. +.IP "\fBdebug_peer_list (empty)\fR" +Optional list of nexthop destination, remote client or server +name or network address patterns that, if matched, cause the verbose +logging level to increase by the amount specified in $debug_peer_level. +.SH "ACCESS CONTROLS" +.na +.nf +.ad +.fi +Available in Postfix version 2.2 and later: +.IP "\fBauthorized_flush_users (static:anyone)\fR" +List of users who are authorized to flush the queue. +.IP "\fBauthorized_mailq_users (static:anyone)\fR" +List of users who are authorized to view the queue. +.IP "\fBauthorized_submit_users (static:anyone)\fR" +List of users who are authorized to submit mail with the \fBsendmail\fR(1) +command (and with the privileged \fBpostdrop\fR(1) helper command). +.SH "RESOURCE AND RATE CONTROLS" +.na +.nf +.ad +.fi +.IP "\fBbounce_size_limit (50000)\fR" +The maximal amount of original message text that is sent in a +non\-delivery notification. +.IP "\fBfork_attempts (5)\fR" +The maximal number of attempts to fork() a child process. +.IP "\fBfork_delay (1s)\fR" +The delay between attempts to fork() a child process. +.IP "\fBhopcount_limit (50)\fR" +The maximal number of Received: message headers that is allowed +in the primary message headers. +.IP "\fBqueue_run_delay (300s)\fR" +The time between deferred queue scans by the queue manager; +prior to Postfix 2.4 the default value was 1000s. +.SH "FAST FLUSH CONTROLS" +.na +.nf +.ad +.fi +The ETRN_README file describes configuration and operation +details for the Postfix "fast flush" service. +.IP "\fBfast_flush_domains ($relay_domains)\fR" +Optional list of destinations that are eligible for per\-destination +logfiles with mail that is queued to those destinations. +.SH "VERP CONTROLS" +.na +.nf +.ad +.fi +The VERP_README file describes configuration and operation +details of Postfix support for variable envelope return +path addresses. +.IP "\fBdefault_verp_delimiters (+=)\fR" +The two default VERP delimiter characters. +.IP "\fBverp_delimiter_filter (\-=+)\fR" +The characters Postfix accepts as VERP delimiter characters on the +Postfix \fBsendmail\fR(1) command line and in SMTP commands. +.SH "MISCELLANEOUS CONTROLS" +.na +.nf +.ad +.fi +.IP "\fBalias_database (see 'postconf -d' output)\fR" +The alias databases for \fBlocal\fR(8) delivery that are updated with +"\fBnewaliases\fR" or with "\fBsendmail \-bi\fR". +.IP "\fBcommand_directory (see 'postconf -d' output)\fR" +The location of all postfix administrative commands. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBdaemon_directory (see 'postconf -d' output)\fR" +The directory with Postfix support programs and daemon programs. +.IP "\fBdefault_database_type (see 'postconf -d' output)\fR" +The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1) +and \fBpostmap\fR(1) commands. +.IP "\fBdelay_warning_time (0h)\fR" +The time after which the sender receives a copy of the message +headers of mail that is still queued. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment variables that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBmail_owner (postfix)\fR" +The UNIX system account that owns the Postfix queue and most Postfix +daemon processes. +.IP "\fBqueue_directory (see 'postconf -d' output)\fR" +The location of the Postfix top\-level queue directory. +.IP "\fBremote_header_rewrite_domain (empty)\fR" +Don't rewrite message headers from remote clients at all when +this parameter is empty; otherwise, rewrite message headers and +append the specified domain name to incomplete addresses. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.PP +Postfix 3.2 and later: +.IP "\fBalternate_config_directories (empty)\fR" +A list of non\-default Postfix configuration directories that may +be specified with "\-c config_directory" on the command line (in the +case of \fBsendmail\fR(1), with the "\-C" option), or via the MAIL_CONFIG +environment parameter. +.IP "\fBmulti_instance_directories (empty)\fR" +An optional list of non\-default Postfix configuration directories; +these directories belong to additional Postfix instances that share +the Postfix executable files and documentation with the default +Postfix instance, and that are started, stopped, etc., together +with the default Postfix instance. +.SH "FILES" +.na +.nf +/var/spool/postfix, mail queue +/etc/postfix, configuration files +.SH "SEE ALSO" +.na +.nf +pickup(8), mail pickup daemon +qmgr(8), queue manager +smtpd(8), SMTP server +flush(8), fast flush service +postsuper(1), queue maintenance +postalias(1), create/update/query alias database +postdrop(1), mail posting utility +postfix(1), mail system control +postqueue(1), mail queue control +postlogd(8), Postfix logging +syslogd(8), system logging +.SH "README_FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or +"\fBpostconf html_directory\fR" to locate this information. +.na +.nf +DEBUG_README, Postfix debugging howto +ETRN_README, Postfix ETRN howto +VERP_README, Postfix VERP howto +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/smtp-sink.1 b/man/man1/smtp-sink.1 new file mode 100644 index 0000000..17bb89c --- /dev/null +++ b/man/man1/smtp-sink.1 @@ -0,0 +1,276 @@ +.TH SMTP-SINK 1 +.ad +.fi +.SH NAME +smtp-sink +\- +parallelized SMTP/LMTP test server +.SH "SYNOPSIS" +.na +.nf +.fi +\fBsmtp\-sink\fR [\fIoptions\fR] [\fBinet:\fR][\fIhost\fR]:\fIport\fR +\fIbacklog\fR + +\fBsmtp\-sink\fR [\fIoptions\fR] \fBunix:\fR\fIpathname\fR \fIbacklog\fR +.SH DESCRIPTION +.ad +.fi +\fBsmtp\-sink\fR listens on the named host (or address) and port. +It takes SMTP messages from the network and throws them away. +The purpose is to measure client performance, not protocol +compliance. + +\fBsmtp\-sink\fR may also be configured to capture each mail +delivery transaction to file. Since disk latencies are large +compared to network delays, this mode of operation can +reduce the maximal performance by several orders of magnitude. + +Connections can be accepted on IPv4 or IPv6 endpoints, or on +UNIX\-domain sockets. +IPv4 and IPv6 are the default. +This program is the complement of the \fBsmtp\-source\fR(1) program. + +Note: this is an unsupported test program. No attempt is made +to maintain compatibility between successive versions. + +Arguments: +.IP \fB\-4\fR +Support IPv4 only. This option has no effect when +Postfix is built without IPv6 support. +.IP \fB\-6\fR +Support IPv6 only. This option is not available when +Postfix is built without IPv6 support. +.IP \fB\-8\fR +Do not announce 8BITMIME support. +.IP \fB\-a\fR +Do not announce SASL authentication support. +.IP "\fB\-A \fIdelay\fR" +Wait \fIdelay\fR seconds after responding to DATA, then +abort prematurely with a 550 reply status. Do not read +further input from the client; this is an attempt to block +the client before it sends ".". Specify a zero delay value +to abort immediately. +.IP "\fB\-b \fIsoft\-bounce\-reply\fR" +Use \fIsoft\-bounce\-reply\fR for soft reject responses. The +default reply is "450 4.3.0 Error: command failed". +.IP "\fB\-B \fIhard\-bounce\-reply\fR" +Use \fIhard\-bounce\-reply\fR for hard reject responses. The +default reply is "500 5.3.0 Error: command failed". +.IP \fB\-c\fR +Display running counters that are updated whenever an SMTP +session ends, a QUIT command is executed, or when "." is +received. +.IP \fB\-C\fR +Disable XCLIENT support. +.IP "\fB\-d \fIdump\-template\fR" +Dump each mail transaction to a single\-message file whose +name is created by expanding the \fIdump\-template\fR via +strftime(3) and appending a pseudo\-random hexadecimal number +(example: "%Y%m%d%H/%M." expands into "2006081203/05.809a62e3"). +If the template contains "/" characters, missing directories +are created automatically. The message dump format is +described below. +.sp +Note: this option keeps one capture file open for every +mail transaction in progress. +.IP "\fB\-D \fIdump\-template\fR" +Append mail transactions to a multi\-message dump file whose +name is created by expanding the \fIdump\-template\fR via +strftime(3). +If the template contains "/" characters, missing directories +are created automatically. The message dump format is +described below. +.sp +Note: this option keeps one capture file open for every +mail transaction in progress. +.IP \fB\-e\fR +Do not announce ESMTP support. +.IP \fB\-E\fR +Do not announce ENHANCEDSTATUSCODES support. +.IP "\fB\-f \fIcommand,command,...\fR" +Reject the specified commands with a hard (5xx) error code. +This option implies \fB\-p\fR. +.sp +Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY, +DATA, ., RSET, NOOP, and QUIT. Separate command names by +white space or commas, and use quotes to protect white space +from the shell. Command names are case\-insensitive. +.IP \fB\-F\fR +Disable XFORWARD support. +.IP "\fB\-h\fI hostname\fR" +Use \fIhostname\fR in the SMTP greeting, in the HELO response, +and in the EHLO response. The default hostname is "smtp\-sink". +.IP "\fB\-H\fI delay\fR" +Delay the first read operation after receiving DATA (time +in seconds). Combine with a large test message and a small +TCP window size (see the \fB\-T\fR option) to test the Postfix +client write_wait() implementation. +.IP \fB\-L\fR +Enable LMTP instead of SMTP. +.IP "\fB\-m \fIcount\fR (default: 256)" +An upper bound on the maximal number of simultaneous +connections that \fBsmtp\-sink\fR will handle. This prevents +the process from running out of file descriptors. Excess +connections will stay queued in the TCP/IP stack. +.IP "\fB\-M \fIcount\fR" +Terminate after receiving \fIcount\fR messages. +.IP "\fB\-n \fIcount\fR" +Terminate after \fIcount\fR sessions. +.IP \fB\-N\fR +Do not announce support for DSN. +.IP \fB\-p\fR +Do not announce support for ESMTP command pipelining. +.IP \fB\-P\fR +Change the server greeting so that it appears to come through +a CISCO PIX system. Implies \fB\-e\fR. +.IP "\fB\-q \fIcommand,command,...\fR" +Disconnect (without replying) after receiving one of the +specified commands. +.sp +Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY, +DATA, ., RSET, NOOP, and QUIT. Separate command names by +white space or commas, and use quotes to protect white space +from the shell. Command names are case\-insensitive. +.IP "\fB\-Q \fIcommand,command,...\fR" +Send a 421 reply and disconnect after receiving one +of the specified commands. +.sp +Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY, +DATA, ., RSET, NOOP, and QUIT. Separate command names by +white space or commas, and use quotes to protect white space +from the shell. Command names are case\-insensitive. +.IP "\fB\-r \fIcommand,command,...\fR" +Reject the specified commands with a soft (4xx) error code. +This option implies \fB\-p\fR. +.sp +Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY, +DATA, ., RSET, NOOP, and QUIT. Separate command names by +white space or commas, and use quotes to protect white space +from the shell. Command names are case\-insensitive. +.IP "\fB\-R \fIroot\-directory\fR" +Change the process root directory to the specified location. +This option requires super\-user privileges. See also the +\fB\-u\fR option. +.IP "\fB\-s \fIcommand,command,...\fR" +Log the named commands to syslogd. +.sp +Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY, +DATA, ., RSET, NOOP, and QUIT. Separate command names by +white space or commas, and use quotes to protect white space +from the shell. Command names are case\-insensitive. +.IP "\fB\-S start\-string\fR" +An optional string that is prepended to each message that is +written to a dump file (see the dump file format description +below). The following C escape sequences are supported: \ea +(bell), \eb (backspace), \ef (formfeed), \en (newline), \er +(carriage return), \et (horizontal tab), \ev (vertical tab), +\e\fIddd\fR (up to three octal digits) and \e\e (the backslash +character). +.IP "\fB\-t \fItimeout\fR (default: 100)" +Limit the time for receiving a command or sending a response. +The time limit is specified in seconds. +.IP "\fB\-T \fIwindowsize\fR" +Override the default TCP window size. To work around +broken TCP window scaling implementations, specify a +value > 0 and < 65536. +.IP "\fB\-u \fIusername\fR" +Switch to the specified user privileges after opening the +network socket and optionally changing the process root +directory. This option is required when the process runs +with super\-user privileges. See also the \fB\-R\fR option. +.IP \fB\-v\fR +Show the SMTP conversations. +.IP "\fB\-w \fIdelay\fR" +Wait \fIdelay\fR seconds before responding to a DATA command. +.IP "\fB\-W \fIcommand:delay[:odds]\fR" +Wait \fIdelay\fR seconds before responding to \fIcommand\fR. +If \fIodds\fR is also specified (a number between 1\-99 +inclusive), wait for a random multiple of \fIdelay\fR. The +random multiplier is equal to the number of times the program +needs to roll a dice with a range of 0..99 inclusive, before +the dice produces a result greater than or equal to \fIodds\fR. +.IP [\fBinet:\fR][\fIhost\fR]:\fIport\fR +Listen on network interface \fIhost\fR (default: any interface) +TCP port \fIport\fR. Both \fIhost\fR and \fIport\fR may be +specified in numeric or symbolic form. +.IP \fBunix:\fR\fIpathname\fR +Listen on the UNIX\-domain socket at \fIpathname\fR. +.IP \fIbacklog\fR +The maximum length of the queue of pending connections, +as defined by the \fBlisten\fR(2) system call. +.SH "DUMP FILE FORMAT" +.na +.nf +.ad +.fi +Each dumped message contains a sequence of text lines, +terminated with the newline character. The sequence of +information is as follows: +.IP \(bu +The optional string specified with the \fB\-S\fR option. +.IP \(bu +The \fBsmtp\-sink\fR generated headers as documented below. +.IP \(bu +The message header and body as received from the SMTP client. +.IP \(bu +An empty line. +.PP +The format of the \fBsmtp\-sink\fR generated headers is as +follows: +.IP "\fBX\-Client\-Addr: \fItext\fR" +The client IP address without enclosing []. An IPv6 address +is prefixed with "ipv6:". This record is always present. +.IP "\fBX\-Client\-Proto: \fItext\fR" +The client protocol: SMTP, ESMTP or LMTP. This record is +always present. +.IP "\fBX\-Helo\-Args: \fItext\fR" +The arguments of the last HELO or EHLO command before this +mail delivery transaction. This record is present only if +the client sent a recognizable HELO or EHLO command before +the DATA command. +.IP "\fBX\-Mail\-Args: \fItext\fR" +The arguments of the MAIL command that started this mail +delivery transaction. This record is present exactly once. +.IP "\fBX\-Rcpt\-Args: \fItext\fR" +The arguments of an RCPT command within this mail delivery +transaction. There is one record for each RCPT command, and +they are in the order as sent by the client. +.IP "\fBReceived: \fItext\fR" +A message header for compatibility with mail processing +software. This three\-line header marks the end of the headers +provided by \fBsmtp\-sink\fR, and is formatted as follows: +.RS +.IP "\fBfrom \fIhelo\fR ([\fIaddr\fR])" +The HELO or EHLO command argument and client IP address. +If the client did not send HELO or EHLO, the client IP +address is used instead. +.IP "\fBby \fIhost\fB (smtp\-sink) with \fIproto\fB id \fIrandom\fB;\fR" +The hostname specified with the \fB\-h\fR option, the client +protocol (see \fBX\-Client\-Proto\fR above), and the pseudo\-random +portion of the per\-message capture file name. +.IP \fItime\-stamp\fR +A time stamp as defined in RFC 2822. +.RE +.SH "SEE ALSO" +.na +.nf +smtp\-source(1), SMTP/LMTP message generator +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA diff --git a/man/man1/smtp-source.1 b/man/man1/smtp-source.1 new file mode 100644 index 0000000..014ee10 --- /dev/null +++ b/man/man1/smtp-source.1 @@ -0,0 +1,127 @@ +.TH SMTP-SOURCE 1 +.ad +.fi +.SH NAME +smtp-source +\- +parallelized SMTP/LMTP test generator +.SH "SYNOPSIS" +.na +.nf +.fi +\fBsmtp\-source\fR [\fIoptions\fR] [\fBinet:\fR]\fIhost\fR[:\fIport\fR] + +\fBsmtp\-source\fR [\fIoptions\fR] \fBunix:\fIpathname\fR +.SH DESCRIPTION +.ad +.fi +\fBsmtp\-source\fR connects to the named \fIhost\fR and TCP \fIport\fR +(default: port 25) +and sends one or more messages to it, either sequentially +or in parallel. The program speaks either SMTP (default) or +LMTP. +Connections can be made to UNIX\-domain and IPv4 or IPv6 servers. +IPv4 and IPv6 are the default. + +Note: this is an unsupported test program. No attempt is made +to maintain compatibility between successive versions. + +Arguments: +.IP \fB\-4\fR +Connect to the server with IPv4. This option has no effect when +Postfix is built without IPv6 support. +.IP \fB\-6\fR +Connect to the server with IPv6. This option is not available when +Postfix is built without IPv6 support. +.IP "\fB\-A\fR" +Don't abort when the server sends something other than the +expected positive reply code. +.IP \fB\-c\fR +Display a running counter that is incremented each time +an SMTP DATA command completes. +.IP "\fB\-C \fIcount\fR" +When a host sends RESET instead of SYN|ACK, try \fIcount\fR times +before giving up. The default count is 1. Specify a larger count in +order to work around a problem with TCP/IP stacks that send RESET +when the listen queue is full. +.IP \fB\-d\fR +Don't disconnect after sending a message; send the next +message over the same connection. +.IP "\fB\-f \fIfrom\fR" +Use the specified sender address (default: <foo@myhostname>). +.IP "\fB\-F \fIfile\fR" +Send the pre\-formatted message header and body in the +specified \fIfile\fR, while prepending '.' before lines that +begin with '.', and while appending CRLF after each line. +.IP "\fB\-l \fIlength\fR" +Send \fIlength\fR bytes as message payload. The length does not +include message headers. +.IP \fB\-L\fR +Speak LMTP rather than SMTP. +.IP "\fB\-m \fImessage_count\fR" +Send the specified number of messages (default: 1). +.IP "\fB\-M \fImyhostname\fR" +Use the specified hostname or [address] in the HELO command +and in the default sender and recipient addresses, instead +of the machine hostname. +.IP "\fB\-N\fR" +Prepend a non\-repeating sequence number to each recipient +address. This avoids the artificial 100% hit rate in the +resolve and rewrite client caches and exercises the +trivial\-rewrite daemon, better approximating Postfix +performance under real\-life work\-loads. +.IP \fB\-o\fR +Old mode: don't send HELO, and don't send message headers. +.IP "\fB\-r \fIrecipient_count\fR" +Send the specified number of recipients per transaction (default: 1). +Recipient names are generated by prepending a number to the +recipient address. +.IP "\fB\-R \fIinterval\fR" +Wait for a random period of time 0 <= n <= interval between messages. +Suspending one thread does not affect other delivery threads. +.IP "\fB\-s \fIsession_count\fR" +Run the specified number of SMTP sessions in parallel (default: 1). +.IP "\fB\-S \fIsubject\fR" +Send mail with the named subject line (default: none). +.IP "\fB\-t \fIto\fR" +Use the specified recipient address (default: <foo@myhostname>). +.IP "\fB\-T \fIwindowsize\fR" +Override the default TCP window size. To work around +broken TCP window scaling implementations, specify a +value > 0 and < 65536. +.IP \fB\-v\fR +Make the program more verbose, for debugging purposes. +.IP "\fB\-w \fIinterval\fR" +Wait a fixed time between messages. +Suspending one thread does not affect other delivery threads. +.IP [\fBinet:\fR]\fIhost\fR[:\fIport\fR] +Connect via TCP to host \fIhost\fR, port \fIport\fR. The default +port is \fBsmtp\fR. +.IP \fBunix:\fIpathname\fR +Connect to the UNIX\-domain socket at \fIpathname\fR. +.SH BUGS +.ad +.fi +No SMTP command pipelining support. +.SH "SEE ALSO" +.na +.nf +smtp\-sink(1), SMTP/LMTP message dump +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA |