summaryrefslogtreecommitdiffstats
path: root/man/man1
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:18:56 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:18:56 +0000
commitb7c15c31519dc44c1f691e0466badd556ffe9423 (patch)
treef944572f288bab482a615e09af627d9a2b6727d8 /man/man1
parentInitial commit. (diff)
downloadpostfix-b7c15c31519dc44c1f691e0466badd556ffe9423.tar.xz
postfix-b7c15c31519dc44c1f691e0466badd556ffe9423.zip
Adding upstream version 3.7.10.upstream/3.7.10upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--man/man1/mailq.11
-rw-r--r--man/man1/makedefs.1191
-rw-r--r--man/man1/newaliases.11
-rw-r--r--man/man1/postalias.1262
-rw-r--r--man/man1/postcat.1121
-rw-r--r--man/man1/postconf.1610
-rw-r--r--man/man1/postdrop.1139
-rw-r--r--man/man1/postfix-tls.1246
-rw-r--r--man/man1/postfix.1433
-rw-r--r--man/man1/postkick.1102
-rw-r--r--man/man1/postlock.1126
-rw-r--r--man/man1/postlog.1125
-rw-r--r--man/man1/postmap.1343
-rw-r--r--man/man1/postmulti.1434
-rw-r--r--man/man1/postqueue.1271
-rw-r--r--man/man1/postsuper.1343
-rw-r--r--man/man1/posttls-finger.1343
-rw-r--r--man/man1/qmqp-sink.169
-rw-r--r--man/man1/qmqp-source.190
-rw-r--r--man/man1/qshape.1118
-rw-r--r--man/man1/sendmail.1512
-rw-r--r--man/man1/smtp-sink.1276
-rw-r--r--man/man1/smtp-source.1127
23 files changed, 5283 insertions, 0 deletions
diff --git a/man/man1/mailq.1 b/man/man1/mailq.1
new file mode 100644
index 0000000..b12bf18
--- /dev/null
+++ b/man/man1/mailq.1
@@ -0,0 +1 @@
+.so man1/sendmail.1
diff --git a/man/man1/makedefs.1 b/man/man1/makedefs.1
new file mode 100644
index 0000000..70c848e
--- /dev/null
+++ b/man/man1/makedefs.1
@@ -0,0 +1,191 @@
+.TH MAKEDEFS 1
+.ad
+.fi
+.SH NAME
+makedefs
+\-
+Postfix makefile configuration utility
+.SH "SYNOPSIS"
+.na
+.nf
+\fBmake makefiles \fIname=value...\fR
+.SH DESCRIPTION
+.ad
+.fi
+The \fBmakedefs\fR command identifies the compilation
+environment, and emits macro definitions on the standard
+output stream that can be prepended to template Makefiles.
+These macros implement an internal interface and are subject
+to change without notice.
+.SH "NAME=VALUE OVERRIDES"
+.na
+.nf
+.ad
+.fi
+Default settings can be overruled by specifying them as
+environment variables (or as name=value pairs on the "make"
+command line). Use quotes if variables contain whitespace
+or shell meta characters.
+
+The command "\fBmake makefiles name=value...\fR" will replace
+the string \fBMAIL_VERSION\fR at the end of a value with the
+Postfix version (\fImajor.minor.patchlevel\fR for a stable
+release, \fImajor.minor\-date\fR for a development release).
+Do not try to specify something like \fB$mail_version\fR:
+that produces inconsistent results with different implementations
+of the make(1) command.
+.IP \fBAUXLIBS=\fIobject_library...\fR
+Specifies one or more non\-default object libraries. Postfix
+3.0 and later specify some of their database library
+dependencies with AUXLIBS_CDB, AUXLIBS_LDAP, AUXLIBS_LMDB,
+AUXLIBS_MYSQL, AUXLIBS_PCRE, AUXLIBS_PGSQL, AUXLIBS_SDBM,
+and AUXLIBS_SQLITE, respectively.
+.IP \fBCC=\fIcompiler_command\fR
+Specifies a non\-default compiler. On many systems, the default
+is \fBgcc\fR.
+.IP \fBCCARGS=\fIcompiler_arguments\fR
+Specifies non\-default compiler arguments, for example, a non\-default
+\fIinclude\fR directory.
+The following directives are special:
+.RS
+.IP \fB\-DNO_DB\fR
+Do not build with Berkeley DB support.
+.IP \fB\-DNO_DEVPOLL\fR
+Do not build with Solaris /dev/poll support.
+By default, /dev/poll support is compiled in on platforms that
+are known to support it.
+.IP \fB\-DNO_DNSSEC\fR
+Do not build with DNSSEC support, even if the resolver
+library appears to support it.
+.IP \fB\-DNO_EPOLL\fR
+Do not build with Linux EPOLL support.
+By default, EPOLL support is compiled in on platforms that
+are known to support it.
+.IP \fB\-DNO_EAI\fR
+Do not build with EAI (SMTPUTF8) support. By default, EAI
+support is compiled in when the "pkg\-config" command is
+found, or the deprecated "icu\-config" command.
+.IP \fB\-DNO_INLINE\fR
+Do not require support for C99 "inline" functions. Instead,
+implement argument typechecks for non\-(printf/scanf)\-like
+functions with ternary operators and unreachable code.
+.IP \fB\-DNO_IPV6\fR
+Do not build with IPv6 support.
+By default, IPv6 support is compiled in on platforms that
+are known to have IPv6 support.
+
+Note: this directive is for debugging and testing only. It
+is not guaranteed to work on all platforms. If you don't
+want IPv6 support, set "inet_protocols = ipv4" in main.cf.
+.IP \fB\-DNO_IP_CYRUS_SASL_AUTH\fR
+Don't pass remote SMTP client and Postfix SMTP server IP
+address and port information to the Cyrus SASL library.
+This is compatible with Postfix < 3.2.
+.IP \fB\-DNO_KQUEUE\fR
+Do not build with FreeBSD/NetBSD/OpenBSD/MacOSX KQUEUE support.
+By default, KQUEUE support is compiled in on platforms that
+are known to support it.
+.IP \fB\-DNO_NIS\fR
+Do not build with NIS or NISPLUS support. Support for NIS
+is unavailable on some recent Linux distributions.
+.IP \fB\-DNO_NISPLUS\fR
+Do not build with NISPLUS support. Support for NISPLUS
+is unavailable on some recent Solaris distributions.
+.IP \fB\-DNO_PCRE\fR
+Do not build with PCRE support.
+By default, PCRE support is compiled in when the \fBpcre2\-config\fR
+or \fBpcre\-config\fR utility are installed.
+.IP \fB\-DNO_POSIX_GETPW_R\fR
+Disable support for POSIX getpwnam_r/getpwuid_r.
+.IP \fB\-DNO_RES_NCALLS\fR
+Do not build with the threadsafe resolver(5) API (res_ninit() etc.).
+.IP \fB\-DNO_SIGSETJMP\fR
+Use setjmp()/longjmp() instead of sigsetjmp()/siglongjmp().
+By default, Postfix uses sigsetjmp()/siglongjmp() when they
+appear to work.
+.IP \fB\-DNO_SNPRINTF\fR
+Use sprintf() instead of snprintf(). By default, Postfix
+uses snprintf() except on ancient systems.
+.RE
+.IP \fBDEBUG=\fIdebug_level\fR
+Specifies a non\-default debugging level. The default is \fB\-g\fR.
+Specify \fBDEBUG=\fR to turn off debugging.
+.IP \fBOPT=\fIoptimization_level\fR
+Specifies a non\-default optimization level. The default is \fB\-O\fR.
+Specify \fBOPT=\fR to turn off optimization.
+.IP \fBPOSTFIX_INSTALL_OPTS=\fI\-option...\fR
+Specifies options for the postfix\-install command, separated
+by whitespace. Currently, the only supported option is
+\fB\-keep\-build\-mtime\fR.
+.IP \fBSHLIB_CFLAGS=\fIflags\fR
+Override the compiler flags (typically, "\-fPIC") for Postfix
+dynamically\-linked libraries and database plugins.
+
+This feature was introduced with Postfix 3.0.
+.IP \fBSHLIB_RPATH=\fIrpath\fR
+Override the runpath (typically, "'\-Wl,\-rpath,${SHLIB_DIR}'")
+for Postfix dynamically\-linked libraries.
+
+This feature was introduced with Postfix 3.0.
+.IP \fBSHLIB_SUFFIX=\fIsuffix\fR
+Override the filename suffix (typically, ".so") for Postfix
+dynamically\-linked libraries and database plugins.
+
+This feature was introduced with Postfix 3.0.
+.IP \fBshared=yes\fR
+.IP \fBshared=no\fR
+Enable (disable) Postfix builds with dynamically\-linked
+libraries typically named $shlib_directory/libpostfix\-*.so.*.
+
+This feature was introduced with Postfix 3.0.
+.IP \fBdynamicmaps=yes\fR
+.IP \fBdynamicmaps=no\fR
+Enable (disable) Postfix builds with the configuration file
+$meta_directory/dynamicmaps.cf and dynamically\-loadable
+database plugins typically named postfix\-*.so.*. The setting
+"dynamicmaps=yes" implicitly enables Postfix dynamically\-linked
+libraries.
+
+This feature was introduced with Postfix 3.0.
+.IP \fBpie=yes\fR
+.IP \fBpie=no\fR
+Enable (disable) Postfix builds with position\-independent
+executables, on platforms where this is supported.
+
+This feature was introduced with Postfix 3.0.
+.IP \fIinstallation_parameter\fB=\fIvalue\fR...
+Override the compiled\-in default value of the specified
+installation parameter(s). The following parameters are
+supported in this context:
+
+command_directory config_directory daemon_directory
+data_directory default_database_type html_directory
+mail_spool_directory mailq_path manpage_directory meta_directory
+newaliases_path queue_directory readme_directory sendmail_path
+shlib_directory openssl_path
+
+See the postconf(5) manpage for a description of these
+parameters.
+
+This feature was introduced with Postfix 3.0.
+.IP \fBWARN=\fIwarning_flags\fR
+Specifies non\-default gcc compiler warning options for use when
+"make" is invoked in a source subdirectory only.
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/newaliases.1 b/man/man1/newaliases.1
new file mode 100644
index 0000000..b12bf18
--- /dev/null
+++ b/man/man1/newaliases.1
@@ -0,0 +1 @@
+.so man1/sendmail.1
diff --git a/man/man1/postalias.1 b/man/man1/postalias.1
new file mode 100644
index 0000000..4c7f02b
--- /dev/null
+++ b/man/man1/postalias.1
@@ -0,0 +1,262 @@
+.TH POSTALIAS 1
+.ad
+.fi
+.SH NAME
+postalias
+\-
+Postfix alias database maintenance
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBpostalias\fR [\fB\-Nfinoprsuvw\fR] [\fB\-c \fIconfig_dir\fR]
+[\fB\-d \fIkey\fR] [\fB\-q \fIkey\fR]
+ [\fIfile_type\fR:]\fIfile_name\fR ...
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostalias\fR(1) command creates or queries one or more Postfix
+alias databases, or updates an existing one. The input and output
+file formats are expected to be compatible with Sendmail version 8,
+and are expected to be suitable for use as NIS alias maps.
+
+If the result files do not exist they will be created with the
+same group and other read permissions as their source file.
+
+While a database update is in progress, signal delivery is
+postponed, and an exclusive, advisory, lock is placed on the
+entire database, in order to avoid surprises in spectator
+processes.
+
+The format of Postfix alias input files is described in
+\fBaliases\fR(5).
+
+By default the lookup key is mapped to lowercase to make
+the lookups case insensitive; as of Postfix 2.3 this case
+folding happens only with tables whose lookup keys are
+fixed\-case strings such as btree:, dbm: or hash:. With
+earlier versions, the lookup key is folded even with tables
+where a lookup field can match both upper and lower case
+text, such as regexp: and pcre:. This resulted in loss of
+information with $\fInumber\fR substitutions.
+
+Options:
+.IP "\fB\-c \fIconfig_dir\fR"
+Read the \fBmain.cf\fR configuration file in the named directory
+instead of the default configuration directory.
+.IP "\fB\-d \fIkey\fR"
+Search the specified maps for \fIkey\fR and remove one entry per map.
+The exit status is zero when the requested information was found.
+
+If a key value of \fB\-\fR is specified, the program reads key
+values from the standard input stream. The exit status is zero
+when at least one of the requested keys was found.
+.IP \fB\-f\fR
+Do not fold the lookup key to lower case while creating or querying
+a table.
+
+With Postfix version 2.3 and later, this option has no
+effect for regular expression tables. There, case folding
+is controlled by appending a flag to a pattern.
+.IP \fB\-i\fR
+Incremental mode. Read entries from standard input and do not
+truncate an existing database. By default, \fBpostalias\fR(1) creates
+a new database from the entries in \fIfile_name\fR.
+.IP \fB\-N\fR
+Include the terminating null character that terminates lookup keys
+and values. By default, \fBpostalias\fR(1) does whatever
+is the default for
+the host operating system.
+.IP \fB\-n\fR
+Don't include the terminating null character that terminates lookup
+keys and values. By default, \fBpostalias\fR(1) does whatever
+is the default for
+the host operating system.
+.IP \fB\-o\fR
+Do not release root privileges when processing a non\-root
+input file. By default, \fBpostalias\fR(1) drops root privileges
+and runs as the source file owner instead.
+.IP \fB\-p\fR
+Do not inherit the file access permissions from the input file
+when creating a new file. Instead, create a new file with default
+access permissions (mode 0644).
+.IP "\fB\-q \fIkey\fR"
+Search the specified maps for \fIkey\fR and write the first value
+found to the standard output stream. The exit status is zero
+when the requested information was found.
+
+Note: this performs a single query with the key as specified,
+and does not make iterative queries with substrings of the
+key as described in the aliases(5) manual page.
+
+If a key value of \fB\-\fR is specified, the program reads key
+values from the standard input stream and writes one line of
+\fIkey: value\fR output for each key that was found. The exit
+status is zero when at least one of the requested keys was found.
+.IP \fB\-r\fR
+When updating a table, do not complain about attempts to update
+existing entries, and make those updates anyway.
+.IP \fB\-s\fR
+Retrieve all database elements, and write one line of
+\fIkey: value\fR output for each element. The elements are
+printed in database order, which is not necessarily the same
+as the original input order.
+This feature is available in Postfix version 2.2 and later,
+and is not available for all database types.
+.IP \fB\-u\fR
+Disable UTF\-8 support. UTF\-8 support is enabled by default
+when "smtputf8_enable = yes". It requires that keys and
+values are valid UTF\-8 strings.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose.
+.IP \fB\-w\fR
+When updating a table, do not complain about attempts to update
+existing entries, and ignore those attempts.
+.PP
+Arguments:
+.IP \fIfile_type\fR
+The database type. To find out what types are supported, use
+the "\fBpostconf \-m\fR" command.
+
+The \fBpostalias\fR(1) command can query any supported file type,
+but it can create only the following file types:
+.RS
+.IP \fBbtree\fR
+The output is a btree file, named \fIfile_name\fB.db\fR.
+This is available on systems with support for \fBdb\fR databases.
+.IP \fBcdb\fR
+The output is one file named \fIfile_name\fB.cdb\fR.
+This is available on systems with support for \fBcdb\fR databases.
+.IP \fBdbm\fR
+The output consists of two files, named \fIfile_name\fB.pag\fR and
+\fIfile_name\fB.dir\fR.
+This is available on systems with support for \fBdbm\fR databases.
+.IP \fBfail\fR
+A table that reliably fails all requests. The lookup table
+name is used for logging only. This table exists to simplify
+Postfix error tests.
+.IP \fBhash\fR
+The output is a hashed file, named \fIfile_name\fB.db\fR.
+This is available on systems with support for \fBdb\fR databases.
+.IP \fBlmdb\fR
+The output is a btree\-based file, named \fIfile_name\fB.lmdb\fR.
+\fBlmdb\fR supports concurrent writes and reads from different
+processes, unlike other supported file\-based tables.
+This is available on systems with support for \fBlmdb\fR databases.
+.IP \fBsdbm\fR
+The output consists of two files, named \fIfile_name\fB.pag\fR and
+\fIfile_name\fB.dir\fR.
+This is available on systems with support for \fBsdbm\fR databases.
+.PP
+When no \fIfile_type\fR is specified, the software uses the database
+type specified via the \fBdefault_database_type\fR configuration
+parameter.
+The default value for this parameter depends on the host environment.
+.RE
+.IP \fIfile_name\fR
+The name of the alias database source file when creating a database.
+.SH DIAGNOSTICS
+.ad
+.fi
+Problems are logged to the standard error stream and to
+\fBsyslogd\fR(8) or \fBpostlogd\fR(8). No output means that
+no problems were detected. Duplicate entries are skipped and are
+flagged with a warning.
+
+\fBpostalias\fR(1) terminates with zero exit status in case of success
+(including successful "\fBpostalias \-q\fR" lookup) and terminates
+with non\-zero exit status in case of failure.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP \fBMAIL_CONFIG\fR
+Directory with Postfix configuration files.
+.IP \fBMAIL_VERBOSE\fR
+Enable verbose logging for debugging purposes.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.IP "\fBalias_database (see 'postconf -d' output)\fR"
+The alias databases for \fBlocal\fR(8) delivery that are updated with
+"\fBnewaliases\fR" or with "\fBsendmail \-bi\fR".
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBberkeley_db_create_buffer_size (16777216)\fR"
+The per\-table I/O buffer size for programs that create Berkeley DB
+hash or btree tables.
+.IP "\fBberkeley_db_read_buffer_size (131072)\fR"
+The per\-table I/O buffer size for programs that read Berkeley DB
+hash or btree tables.
+.IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
+The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+and \fBpostmap\fR(1) commands.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment variables that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBsmtputf8_enable (yes)\fR"
+Enable preliminary SMTPUTF8 support for the protocols described
+in RFC 6531, RFC 6532, and RFC 6533.
+.IP "\fBsyslog_facility (mail)\fR"
+The syslog facility of Postfix logging.
+.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+.PP
+Available in Postfix 2.11 and later:
+.IP "\fBlmdb_map_size (16777216)\fR"
+The initial OpenLDAP LMDB database size limit in bytes.
+.SH "STANDARDS"
+.na
+.nf
+RFC 822 (ARPA Internet Text Messages)
+.SH "SEE ALSO"
+.na
+.nf
+aliases(5), format of alias database input file.
+local(8), Postfix local delivery agent.
+postconf(1), supported database types
+postconf(5), configuration parameters
+postmap(1), create/update/query lookup tables
+newaliases(1), Sendmail compatibility interface.
+postlogd(8), Postfix logging
+syslogd(8), system logging
+.SH "README FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or
+"\fBpostconf html_directory\fR" to locate this information.
+.na
+.nf
+DATABASE_README, Postfix lookup table overview
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postcat.1 b/man/man1/postcat.1
new file mode 100644
index 0000000..eb3025b
--- /dev/null
+++ b/man/man1/postcat.1
@@ -0,0 +1,121 @@
+.TH POSTCAT 1
+.ad
+.fi
+.SH NAME
+postcat
+\-
+show Postfix queue file contents
+.SH "SYNOPSIS"
+.na
+.nf
+\fBpostcat\fR [\fB\-bdehnoqv\fR] [\fB\-c \fIconfig_dir\fR] [\fIfiles\fR...]
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostcat\fR(1) command prints the contents of the
+named \fIfiles\fR in human\-readable form. The files are
+expected to be in Postfix queue file format. If no \fIfiles\fR
+are specified on the command line, the program reads from
+standard input.
+
+By default, \fBpostcat\fR(1) shows the envelope and message
+content, as if the options \fB\-beh\fR were specified. To
+view message content only, specify \fB\-bh\fR (Postfix 2.7
+and later).
+
+Options:
+.IP \fB\-b\fR
+Show body content. The \fB\-b\fR option starts producing
+output at the first non\-header line, and stops when the end
+of the message is reached.
+.sp
+This feature is available in Postfix 2.7 and later.
+.IP "\fB\-c \fIconfig_dir\fR"
+The \fBmain.cf\fR configuration file is in the named directory
+instead of the default configuration directory.
+.IP \fB\-d\fR
+Print the decimal type of each record.
+.IP \fB\-e\fR
+Show message envelope content.
+.sp
+This feature is available in Postfix 2.7 and later.
+.IP \fB\-h\fR
+Show message header content. The \fB\-h\fR option produces
+output from the beginning of the message up to, but not
+including, the first non\-header line.
+.sp
+This feature is available in Postfix 2.7 and later.
+.IP \fB\-o\fR
+Print the queue file offset of each record.
+.IP \fB\-q\fR
+Search the Postfix queue for the named \fIfiles\fR instead
+of taking the names literally.
+
+This feature is available in Postfix 2.0 and later.
+.IP \fB\-r\fR
+Print records in file order, don't follow pointer records.
+
+This feature is available in Postfix 3.7 and later.
+.IP "\fB\-s \fIoffset\fR"
+Skip to the specified queue file offset.
+
+This feature is available in Postfix 3.7 and later.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose.
+.SH DIAGNOSTICS
+.ad
+.fi
+Problems are reported to the standard error stream.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP \fBMAIL_CONFIG\fR
+Directory with Postfix configuration files.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment parameters that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
+The location of the Postfix top\-level queue directory.
+.SH "FILES"
+.na
+.nf
+/var/spool/postfix, Postfix queue directory
+.SH "SEE ALSO"
+.na
+.nf
+postconf(5), Postfix configuration
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postconf.1 b/man/man1/postconf.1
new file mode 100644
index 0000000..e422429
--- /dev/null
+++ b/man/man1/postconf.1
@@ -0,0 +1,610 @@
+.TH POSTCONF 1
+.ad
+.fi
+.SH NAME
+postconf
+\-
+Postfix configuration utility
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+.ti -4
+\fBManaging main.cf:\fR
+
+\fBpostconf\fR [\fB\-dfhHnopvx\fR] [\fB\-c \fIconfig_dir\fR]
+[\fB\-C \fIclass,...\fR] [\fIparameter ...\fR]
+
+\fBpostconf\fR [\fB\-epv\fR] [\fB\-c \fIconfig_dir\fR]
+\fIparameter\fB=\fIvalue ...\fR
+
+\fBpostconf\fR \fB\-#\fR [\fB\-pv\fR] [\fB\-c \fIconfig_dir\fR]
+\fIparameter ...\fR
+
+\fBpostconf\fR \fB\-X\fR [\fB\-pv\fR] [\fB\-c \fIconfig_dir\fR]
+\fIparameter ...\fR
+
+.ti -4
+\fBManaging master.cf service entries:\fR
+
+\fBpostconf\fR \fB\-M\fR [\fB\-fovx\fR] [\fB\-c \fIconfig_dir\fR]
+[\fIservice\fR[\fB/\fItype\fR]\fI ...\fR]
+
+\fBpostconf\fR \fB\-M\fR [\fB\-ev\fR] [\fB\-c \fIconfig_dir\fR]
+\fIservice\fB/\fItype\fB=\fIvalue ...\fR
+
+\fBpostconf\fR \fB\-M#\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR]
+\fIservice\fB/\fItype ...\fR
+
+\fBpostconf\fR \fB\-MX\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR]
+\fIservice\fB/\fItype ...\fR
+
+.ti -4
+\fBManaging master.cf service fields:\fR
+
+\fBpostconf\fR \fB\-F\fR [\fB\-fhHovx\fR] [\fB\-c \fIconfig_dir\fR]
+[\fIservice\fR[\fB/\fItype\fR[\fB/\fIfield\fR]]\fI ...\fR]
+
+\fBpostconf\fR \fB\-F\fR [\fB\-ev\fR] [\fB\-c \fIconfig_dir\fR]
+\fIservice\fB/\fItype\fB/\fIfield\fB=\fIvalue ...\fR
+
+.ti -4
+\fBManaging master.cf service parameters:\fR
+
+\fBpostconf\fR \fB\-P\fR [\fB\-fhHovx\fR] [\fB\-c \fIconfig_dir\fR]
+[\fIservice\fR[\fB/\fItype\fR[\fB/\fIparameter\fR]]\fI ...\fR]
+
+\fBpostconf\fR \fB\-P\fR [\fB\-ev\fR] [\fB\-c \fIconfig_dir\fR]
+\fIservice\fB/\fItype\fB/\fIparameter\fB=\fIvalue ...\fR
+
+\fBpostconf\fR \fB\-PX\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR]
+\fIservice\fB/\fItype\fB/\fIparameter ...\fR
+
+.ti -4
+\fBManaging bounce message templates:\fR
+
+\fBpostconf\fR \fB\-b\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR]
+[\fItemplate_file\fR]
+
+\fBpostconf\fR \fB\-t\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR]
+[\fItemplate_file\fR]
+
+.ti -4
+\fBManaging TLS features:\fR
+
+\fBpostconf\fR \fB\-T \fImode\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR]
+
+.ti -4
+\fBManaging other configuration:\fR
+
+\fBpostconf\fR \fB\-a\fR|\fB\-A\fR|\fB\-l\fR|\fB\-m\fR [\fB\-v\fR]
+[\fB\-c \fIconfig_dir\fR]
+.SH DESCRIPTION
+.ad
+.fi
+By default, the \fBpostconf\fR(1) command displays the
+values of \fBmain.cf\fR configuration parameters, and warns
+about possible mis\-typed parameter names (Postfix 2.9 and later).
+The command can also change \fBmain.cf\fR configuration
+parameter values, or display other configuration information
+about the Postfix mail system.
+
+Options:
+.IP \fB\-a\fR
+List the available SASL plug\-in types for the Postfix SMTP
+server. The plug\-in type is selected with the \fBsmtpd_sasl_type\fR
+configuration parameter by specifying one of the names
+listed below.
+.RS
+.IP \fBcyrus\fR
+This server plug\-in is available when Postfix is built with
+Cyrus SASL support.
+.IP \fBdovecot\fR
+This server plug\-in uses the Dovecot authentication server,
+and is available when Postfix is built with any form of SASL
+support.
+.RE
+.IP
+This feature is available with Postfix 2.3 and later.
+.IP \fB\-A\fR
+List the available SASL plug\-in types for the Postfix SMTP
+client. The plug\-in type is selected with the \fBsmtp_sasl_type\fR
+or \fBlmtp_sasl_type\fR configuration parameters by specifying
+one of the names listed below.
+.RS
+.IP \fBcyrus\fR
+This client plug\-in is available when Postfix is built with
+Cyrus SASL support.
+.RE
+.IP
+This feature is available with Postfix 2.3 and later.
+.IP "\fB\-b\fR [\fItemplate_file\fR]"
+Display the message text that appears at the beginning of
+delivery status notification (DSN) messages, expanding
+$\fBname\fR expressions with actual values as described in
+\fBbounce\fR(5).
+
+To override the \fBbounce_template_file\fR parameter setting,
+specify a template file name at the end of the "\fBpostconf
+\-b\fR" command line. Specify an empty file name to display
+built\-in templates (in shell language: "").
+
+This feature is available with Postfix 2.3 and later.
+.IP "\fB\-c \fIconfig_dir\fR"
+The \fBmain.cf\fR configuration file is in the named directory
+instead of the default configuration directory.
+.IP "\fB\-C \fIclass,...\fR"
+When displaying \fBmain.cf\fR parameters, select only
+parameters from the specified class(es):
+.RS
+.IP \fBbuiltin\fR
+Parameters with built\-in names.
+.IP \fBservice\fR
+Parameters with service\-defined names (the first field of
+a \fBmaster.cf\fR entry plus a Postfix\-defined suffix).
+.IP \fBuser\fR
+Parameters with user\-defined names.
+.IP \fBall\fR
+All the above classes.
+.RE
+.IP
+The default is as if "\fB\-C all\fR" is
+specified.
+
+This feature is available with Postfix 2.9 and later.
+.IP \fB\-d\fR
+Print \fBmain.cf\fR default parameter settings instead of
+actual settings.
+Specify \fB\-df\fR to fold long lines for human readability
+(Postfix 2.9 and later).
+.IP \fB\-e\fR
+Edit the \fBmain.cf\fR configuration file, and update
+parameter settings with the "\fIname=value\fR" pairs on the
+\fBpostconf\fR(1) command line.
+
+With \fB\-M\fR, edit the \fBmaster.cf\fR configuration file,
+and replace one or more service entries with new values as
+specified with "\fIservice/type=value\fR" on the \fBpostconf\fR(1)
+command line.
+
+With \fB\-F\fR, edit the \fBmaster.cf\fR configuration file,
+and replace one or more service fields with new values as
+specified with "\fIservice/type/field=value\fR" on the
+\fBpostconf\fR(1) command line. Currently, the "command"
+field contains the command name and command arguments. This
+may change in the near future, so that the "command" field
+contains only the command name, and a new "arguments"
+pseudofield contains the command arguments.
+
+With \fB\-P\fR, edit the \fBmaster.cf\fR configuration file,
+and add or update one or more service parameter settings
+(\-o parameter=value settings) with new values as specified
+with "\fIservice/type/parameter=value\fR" on the \fBpostconf\fR(1)
+command line.
+
+In all cases the file is copied to a temporary file then
+renamed into place. Specify quotes to protect special
+characters and whitespace on the \fBpostconf\fR(1) command
+line.
+
+The \fB\-e\fR option is no longer needed with Postfix version
+2.8 and later, as it is assumed whenever a value is specified
+(empty or non\-empty).
+.IP \fB\-f\fR
+Fold long lines when printing \fBmain.cf\fR or \fBmaster.cf\fR
+configuration file entries, for human readability.
+
+This feature is available with Postfix 2.9 and later.
+.IP \fB\-F\fR
+Show \fBmaster.cf\fR per\-entry field settings (by default
+all services and all fields), formatted as
+"\fIservice/type/field=value\fR", one per line. Specify
+\fB\-Ff\fR to fold long lines.
+
+Specify one or more "\fIservice/type/field\fR" instances
+on the \fBpostconf\fR(1) command line to limit the output
+to fields of interest. Trailing parameter name or service
+type fields that are omitted will be handled as "*" wildcard
+fields.
+
+This feature is available with Postfix 2.11 and later.
+.IP \fB\-h\fR
+Show parameter or attribute values without the "\fIname\fR = "
+label that normally precedes the value.
+.IP \fB\-H\fR
+Show parameter or attribute names without the " = \fIvalue\fR"
+that normally follows the name.
+
+This feature is available with Postfix 3.1 and later.
+.IP \fB\-l\fR
+List the names of all supported mailbox locking methods.
+Postfix supports the following methods:
+.RS
+.IP \fBflock\fR
+A kernel\-based advisory locking method for local files only.
+This locking method is available on systems with a BSD
+compatible library.
+.IP \fBfcntl\fR
+A kernel\-based advisory locking method for local and remote
+files.
+.IP \fBdotlock\fR
+An application\-level locking method. An application locks
+a file named \fIfilename\fR by creating a file named
+\fIfilename\fB.lock\fR. The application is expected to
+remove its own lock file, as well as stale lock files that
+were left behind after abnormal program termination.
+.RE
+.IP \fB\-m\fR
+List the names of all supported lookup table types. In
+Postfix configuration files, lookup tables are specified
+as \fItype\fB:\fIname\fR, where \fItype\fR is one of the
+types listed below. The table \fIname\fR syntax depends on
+the lookup table type as described in the DATABASE_README
+document.
+.RS
+.IP \fBbtree\fR
+A sorted, balanced tree structure. Available on systems
+with support for Berkeley DB databases.
+.IP \fBcdb\fR
+A read\-optimized structure with no support for incremental
+updates. Available on systems with support for CDB databases.
+
+This feature is available with Postfix 2.2 and later.
+.IP \fBcidr\fR
+A table that associates values with Classless Inter\-Domain
+Routing (CIDR) patterns. This is described in \fBcidr_table\fR(5).
+
+This feature is available with Postfix 2.2 and later.
+.IP \fBdbm\fR
+An indexed file type based on hashing. Available on systems
+with support for DBM databases.
+.IP \fBenviron\fR
+The UNIX process environment array. The lookup key is the
+environment variable name; the table name is ignored. Originally
+implemented for testing, someone may find this useful someday.
+.IP \fBfail\fR
+A table that reliably fails all requests. The lookup table
+name is used for logging. This table exists to simplify
+Postfix error tests.
+
+This feature is available with Postfix 2.9 and later.
+.IP \fBhash\fR
+An indexed file type based on hashing. Available on systems
+with support for Berkeley DB databases.
+.IP "\fBinline\fR (read\-only)"
+A non\-shared, in\-memory lookup table. Example: "\fBinline:{
+\fIkey\fB=\fIvalue\fB, { \fIkey\fB = \fItext with whitespace
+or comma\fB }}\fR". Key\-value pairs are separated by
+whitespace or comma; with a key\-value pair inside "\fB{}\fR",
+whitespace is ignored after the opening "\fB{\fR", around
+the "\fB=\fR" between key and value, and before the closing
+"\fB}\fR". Inline tables eliminate the need to create a
+database file for just a few fixed elements. See also the
+\fIstatic:\fR map type.
+
+This feature is available with Postfix 3.0 and later.
+.IP \fBinternal\fR
+A non\-shared, in\-memory hash table. Its content are lost
+when a process terminates.
+.IP "\fBlmdb\fR"
+OpenLDAP LMDB database (a memory\-mapped, persistent file).
+Available on systems with support for LMDB databases. This
+is described in \fBlmdb_table\fR(5).
+
+This feature is available with Postfix 2.11 and later.
+.IP "\fBldap\fR (read\-only)"
+LDAP database client. This is described in \fBldap_table\fR(5).
+.IP "\fBmemcache\fR"
+Memcache database client. This is described in
+\fBmemcache_table\fR(5).
+
+This feature is available with Postfix 2.9 and later.
+.IP "\fBmysql\fR (read\-only)"
+MySQL database client. Available on systems with support
+for MySQL databases. This is described in \fBmysql_table\fR(5).
+.IP "\fBpcre\fR (read\-only)"
+A lookup table based on Perl Compatible Regular Expressions.
+The file format is described in \fBpcre_table\fR(5).
+.IP "\fBpgsql\fR (read\-only)"
+PostgreSQL database client. This is described in
+\fBpgsql_table\fR(5).
+
+This feature is available with Postfix 2.1 and later.
+.IP "\fBpipemap\fR (read\-only)"
+A lookup table that constructs a pipeline of tables. Example:
+"\fBpipemap:{\fItype_1:name_1, ..., type_n:name_n\fB}\fR".
+Each "pipemap:" query is given to the first table. Each
+lookup result becomes the query for the next table in the
+pipeline, and the last table produces the final result.
+When any table lookup produces no result, the pipeline
+produces no result. The first and last characters of the
+"pipemap:" table name must be "\fB{\fR" and "\fB}\fR".
+Within these, individual maps are separated with comma or
+whitespace.
+
+This feature is available with Postfix 3.0 and later.
+.IP "\fBproxy\fR"
+Postfix \fBproxymap\fR(8) client for shared access to Postfix
+databases. The table name syntax is \fItype\fB:\fIname\fR.
+
+This feature is available with Postfix 2.0 and later.
+.IP "\fBrandmap\fR (read\-only)"
+An in\-memory table that performs random selection. Example:
+"\fBrandmap:{\fIresult_1, ..., result_n\fB}\fR". Each table query
+returns a random choice from the specified results. The first
+and last characters of the "randmap:" table name must be
+"\fB{\fR" and "\fB}\fR". Within these, individual results
+are separated with comma or whitespace. To give a specific
+result more weight, specify it multiple times.
+
+This feature is available with Postfix 3.0 and later.
+.IP "\fBregexp\fR (read\-only)"
+A lookup table based on regular expressions. The file format
+is described in \fBregexp_table\fR(5).
+.IP \fBsdbm\fR
+An indexed file type based on hashing. Available on systems
+with support for SDBM databases.
+
+This feature is available with Postfix 2.2 and later.
+.IP "\fBsocketmap\fR (read\-only)"
+Sendmail\-style socketmap client. The table name is
+\fBinet\fR:\fIhost\fR:\fIport\fR:\fIname\fR for a TCP/IP
+server, or \fBunix\fR:\fIpathname\fR:\fIname\fR for a
+UNIX\-domain server. This is described in \fBsocketmap_table\fR(5).
+
+This feature is available with Postfix 2.10 and later.
+.IP "\fBsqlite\fR (read\-only)"
+SQLite database. This is described in \fBsqlite_table\fR(5).
+
+This feature is available with Postfix 2.8 and later.
+.IP "\fBstatic\fR (read\-only)"
+A table that always returns its name as lookup result. For
+example, \fBstatic:foobar\fR always returns the string
+\fBfoobar\fR as lookup result. Specify "\fBstatic:{ \fItext
+with whitespace\fB }\fR" when the result contains whitespace;
+this form ignores whitespace after the opening "\fB{\fR"
+and before the closing
+"\fB}\fR". See also the \fIinline:\fR map.
+
+The form "\fBstatic:{\fItext\fB}\fR is available with Postfix
+3.0 and later.
+.IP "\fBtcp\fR (read\-only)"
+TCP/IP client. The protocol is described in \fBtcp_table\fR(5).
+.IP "\fBtexthash\fR (read\-only)"
+Produces similar results as hash: files, except that you
+don't need to run the \fBpostmap\fR(1) command before you
+can use the file, and that it does not detect changes after
+the file is read.
+
+This feature is available with Postfix 2.8 and later.
+.IP "\fBunionmap\fR (read\-only)"
+A table that sends each query to multiple lookup tables and
+that concatenates all found results, separated by comma.
+The table name syntax is the same as for \fBpipemap\fR.
+
+This feature is available with Postfix 3.0 and later.
+.IP "\fBunix\fR (read\-only)"
+A limited view of the UNIX authentication database. The
+following tables are implemented:
+.RS
+. IP \fBunix:passwd.byname\fR
+The table is the UNIX password database. The key is a login
+name. The result is a password file entry in \fBpasswd\fR(5)
+format.
+.IP \fBunix:group.byname\fR
+The table is the UNIX group database. The key is a group
+name. The result is a group file entry in \fBgroup\fR(5)
+format.
+.RE
+.RE
+.IP
+Other table types may exist depending on how Postfix was
+built.
+.IP \fB\-M\fR
+Show \fBmaster.cf\fR file contents instead of \fBmain.cf\fR
+file contents. Specify \fB\-Mf\fR to fold long lines for
+human readability.
+
+Specify zero or more arguments, each with a \fIservice\-name\fR
+or \fIservice\-name/service\-type\fR pair, where \fIservice\-name\fR
+is the first field of a master.cf entry and \fIservice\-type\fR
+is one of (\fBinet\fR, \fBunix\fR, \fBfifo\fR, or \fBpass\fR).
+
+If \fIservice\-name\fR or \fIservice\-name/service\-type\fR
+is specified, only the matching master.cf entries will be
+output. For example, "\fBpostconf \-Mf smtp\fR" will output
+all services named "smtp", and "\fBpostconf \-Mf smtp/inet\fR"
+will output only the smtp service that listens on the
+network. Trailing service type fields that are omitted
+will be handled as "*" wildcard fields.
+
+This feature is available with Postfix 2.9 and later. The
+syntax was changed from "\fIname.type\fR" to "\fIname/type\fR",
+and "*" wildcard support was added with Postfix 2.11.
+.IP \fB\-n\fR
+Show only configuration parameters that have explicit
+\fIname=value\fR settings in \fBmain.cf\fR. Specify \fB\-nf\fR
+to fold long lines for human readability (Postfix 2.9 and
+later). To show settings that differ from built\-in defaults
+only, use the following bash syntax:
+.nf
+ LANG=C comm \-23 <(postconf \-n) <(postconf \-d)
+.fi
+Replace "\-23" with "\-12" to show settings that duplicate
+built\-in defaults.
+.IP "\fB\-o \fIname=value\fR"
+Override \fBmain.cf\fR parameter settings. This lets you see
+the effect changing a parameter would have when it is used in
+other configuration parameters, e.g.:
+.nf
+ postconf \-x \-o stress=yes
+.fi
+
+This feature is available with Postfix 2.10 and later.
+.IP \fB\-p\fR
+Show \fBmain.cf\fR parameter settings. This is the default.
+
+This feature is available with Postfix 2.11 and later.
+.IP \fB\-P\fR
+Show \fBmaster.cf\fR service parameter settings (by default
+all services and all parameters), formatted as
+"\fIservice/type/parameter=value\fR", one per line. Specify
+\fB\-Pf\fR to fold long lines.
+
+Specify one or more "\fIservice/type/parameter\fR" instances
+on the \fBpostconf\fR(1) command line to limit the output
+to parameters of interest. Trailing parameter name or
+service type fields that are omitted will be handled as "*"
+wildcard fields.
+
+This feature is available with Postfix 2.11 and later.
+.IP "\fB\-t\fR [\fItemplate_file\fR]"
+Display the templates for text that appears at the beginning
+of delivery status notification (DSN) messages, without
+expanding $\fBname\fR expressions.
+
+To override the \fBbounce_template_file\fR parameter setting,
+specify a template file name at the end of the "\fBpostconf
+\-t\fR" command line. Specify an empty file name to display
+built\-in templates (in shell language: "").
+
+This feature is available with Postfix 2.3 and later.
+.IP "\fB\-T \fImode\fR"
+If Postfix is compiled without TLS support, the \fB\-T\fR option
+produces no output. Otherwise, if an invalid \fImode\fR is specified,
+the \fB\-T\fR option reports an error and exits with a non\-zero status
+code. The valid modes are:
+.RS
+.IP \fBcompile\-version\fR
+Output the OpenSSL version that Postfix was compiled with
+(i.e. the OpenSSL version in a header file). The output
+format is the same as with the command "\fBopenssl version\fR".
+.IP \fBrun\-version\fR
+Output the OpenSSL version that Postfix is linked with at
+runtime (i.e. the OpenSSL version in a shared library).
+.IP \fBpublic\-key\-algorithms\fR
+Output the lower\-case names of the supported public\-key
+algorithms, one per\-line.
+.RE
+.IP
+This feature is available with Postfix 3.1 and later.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple
+\fB\-v\fR options make the software increasingly verbose.
+.IP \fB\-x\fR
+Expand \fI$name\fR in \fBmain.cf\fR or \fBmaster.cf\fR
+parameter values. The expansion is recursive.
+
+This feature is available with Postfix 2.10 and later.
+.IP \fB\-X\fR
+Edit the \fBmain.cf\fR configuration file, and remove the
+parameters named on the \fBpostconf\fR(1) command line.
+Specify a list of parameter names, not "\fIname=value\fR"
+pairs.
+
+With \fB\-M\fR, edit the \fBmaster.cf\fR configuration file,
+and remove one or more service entries as specified with
+"\fIservice/type\fR" on the \fBpostconf\fR(1) command line.
+
+With \fB\-P\fR, edit the \fBmaster.cf\fR configuration file,
+and remove one or more service parameter settings (\-o
+parameter=value settings) as specified with
+"\fIservice/type/parameter\fR" on the \fBpostconf\fR(1)
+command line.
+
+In all cases the file is copied to a temporary file then
+renamed into place. Specify quotes to protect special
+characters on the \fBpostconf\fR(1) command line.
+
+There is no \fBpostconf\fR(1) command to perform the reverse
+operation.
+
+This feature is available with Postfix 2.10 and later.
+Support for \-M and \-P was added with Postfix 2.11.
+.IP \fB\-#\fR
+Edit the \fBmain.cf\fR configuration file, and comment out
+the parameters named on the \fBpostconf\fR(1) command line,
+so that those parameters revert to their default values.
+Specify a list of parameter names, not "\fIname=value\fR"
+pairs.
+
+With \fB\-M\fR, edit the \fBmaster.cf\fR configuration file,
+and comment out one or more service entries as specified
+with "\fIservice/type\fR" on the \fBpostconf\fR(1) command
+line.
+
+In all cases the file is copied to a temporary file then
+renamed into place. Specify quotes to protect special
+characters on the \fBpostconf\fR(1) command line.
+
+There is no \fBpostconf\fR(1) command to perform the reverse
+operation.
+
+This feature is available with Postfix 2.6 and later. Support
+for \-M was added with Postfix 2.11.
+.SH DIAGNOSTICS
+.ad
+.fi
+Problems are reported to the standard error stream.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP \fBMAIL_CONFIG\fR
+Directory with Postfix configuration files.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially
+relevant to this program.
+
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBbounce_template_file (empty)\fR"
+Pathname of a configuration file with bounce message templates.
+.SH "FILES"
+.na
+.nf
+/etc/postfix/main.cf, Postfix configuration parameters
+/etc/postfix/master.cf, Postfix master daemon configuration
+.SH "SEE ALSO"
+.na
+.nf
+bounce(5), bounce template file format
+master(5), master.cf configuration file syntax
+postconf(5), main.cf configuration file syntax
+.SH "README FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or "\fBpostconf
+html_directory\fR" to locate this information.
+.na
+.nf
+DATABASE_README, Postfix lookup table overview
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this
+software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postdrop.1 b/man/man1/postdrop.1
new file mode 100644
index 0000000..23d6012
--- /dev/null
+++ b/man/man1/postdrop.1
@@ -0,0 +1,139 @@
+.TH POSTDROP 1
+.ad
+.fi
+.SH NAME
+postdrop
+\-
+Postfix mail posting utility
+.SH "SYNOPSIS"
+.na
+.nf
+\fBpostdrop\fR [\fB\-rv\fR] [\fB\-c \fIconfig_dir\fR]
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostdrop\fR(1) command creates a file in the \fBmaildrop\fR
+directory and copies its standard input to the file.
+
+Options:
+.IP "\fB\-c \fIconfig_dir\fR"
+The \fBmain.cf\fR configuration file is in the named directory
+instead of the default configuration directory. See also the
+MAIL_CONFIG environment setting below.
+.IP \fB\-r\fR
+Use a Postfix\-internal protocol for reading the message from
+standard input, and for reporting status information on standard
+output. This is currently the only supported method.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose. As of Postfix 2.3,
+this option is available for the super\-user only.
+.SH "SECURITY"
+.na
+.nf
+.ad
+.fi
+The command is designed to run with set\-group ID privileges, so
+that it can write to the \fBmaildrop\fR queue directory and so that
+it can connect to Postfix daemon processes.
+.SH DIAGNOSTICS
+.ad
+.fi
+Fatal errors: malformed input, I/O error, out of memory. Problems
+are logged to \fBsyslogd\fR(8) or \fBpostlogd\fR(8) and to
+the standard error stream.
+When the input is incomplete, or when the process receives a HUP,
+INT, QUIT or TERM signal, the queue file is deleted.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP MAIL_CONFIG
+Directory with the \fBmain.cf\fR file. In order to avoid exploitation
+of set\-group ID privileges, a non\-standard directory is allowed only
+if:
+.RS
+.IP \(bu
+The name is listed in the standard \fBmain.cf\fR file with the
+\fBalternate_config_directories\fR configuration parameter.
+.IP \(bu
+The command is invoked by the super\-user.
+.RE
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.IP "\fBalternate_config_directories (empty)\fR"
+A list of non\-default Postfix configuration directories that may
+be specified with "\-c config_directory" on the command line (in the
+case of \fBsendmail\fR(1), with the "\-C" option), or via the MAIL_CONFIG
+environment parameter.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment parameters that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
+The location of the Postfix top\-level queue directory.
+.IP "\fBsyslog_facility (mail)\fR"
+The syslog facility of Postfix logging.
+.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+.IP "\fBtrigger_timeout (10s)\fR"
+The time limit for sending a trigger to a Postfix daemon (for
+example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
+.PP
+Available in Postfix version 2.2 and later:
+.IP "\fBauthorized_submit_users (static:anyone)\fR"
+List of users who are authorized to submit mail with the \fBsendmail\fR(1)
+command (and with the privileged \fBpostdrop\fR(1) helper command).
+.PP
+Available in Postfix version 3.6 and later:
+.IP "\fBlocal_login_sender_maps (static:*)\fR"
+A list of lookup tables that are searched by the UNIX login name,
+and that return a list of allowed envelope sender patterns separated
+by space or comma.
+.IP "\fBempty_address_local_login_sender_maps_lookup_key (<>)\fR"
+The lookup key to be used in local_login_sender_maps tables, instead
+of the null sender address.
+.IP "\fBrecipient_delimiter (empty)\fR"
+The set of characters that can separate an email address
+localpart, user name, or a .forward file name from its extension.
+.SH "FILES"
+.na
+.nf
+/var/spool/postfix/maildrop, maildrop queue
+.SH "SEE ALSO"
+.na
+.nf
+sendmail(1), compatibility interface
+postconf(5), configuration parameters
+postlogd(8), Postfix logging
+syslogd(8), system logging
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postfix-tls.1 b/man/man1/postfix-tls.1
new file mode 100644
index 0000000..1c96799
--- /dev/null
+++ b/man/man1/postfix-tls.1
@@ -0,0 +1,246 @@
+.TH POSTFIX-TLS 1
+.ad
+.fi
+.SH NAME
+postfix-tls
+\-
+Postfix TLS management
+.SH "SYNOPSIS"
+.na
+.nf
+\fBpostfix tls\fR \fIsubcommand\fR
+.SH DESCRIPTION
+.ad
+.fi
+The "\fBpostfix tls \fIsubcommand\fR" feature enables
+opportunistic TLS in the Postfix SMTP client or server, and
+manages Postfix SMTP server private keys and certificates.
+
+The following subcommands are available:
+.IP "\fBenable\-client\fR [\fB\-r \fIrandsource\fR]"
+Enable opportunistic TLS in the Postfix SMTP client, if all
+SMTP client TLS settings are at their default values.
+Otherwise, suggest parameter settings without making any
+changes.
+.sp
+Specify \fIrandsource\fR to update the value of the
+\fBtls_random_source\fR configuration parameter (typically,
+/dev/urandom). Prepend \fBdev:\fR to device paths or
+\fBegd:\fR to EGD socket paths.
+.sp
+See also the \fBall\-default\-client\fR subcommand.
+.IP "\fBenable\-server\fR [\fB\-r \fIrandsource\fR] [\fB\-a \fIalgorithm\fR] [\fB\-b \fIbits\fR] [\fIhostname\fB...\fR]"
+Create a new private key and self\-signed server certificate
+and enable opportunistic TLS in the Postfix SMTP server,
+if all SMTP server TLS settings are at their default values.
+Otherwise, suggest parameter settings without making any
+changes.
+.sp
+The \fIrandsource\fR parameter is as with \fBenable\-client\fR
+above, and the remaining options are as with \fBnew\-server\-key\fR
+below.
+.sp
+See also the \fBall\-default\-server\fR subcommand.
+.IP "\fBnew\-server\-key\fR [\fB\-a \fIalgorithm\fR] [\fB\-b \fIbits\fR] [\fIhostname\fB...\fR]"
+Create a new private key and self\-signed server certificate,
+but do not deploy them. Log and display commands to deploy
+the new key and corresponding certificate. Also log and
+display commands to output a corresponding CSR or TLSA
+records which may be needed to obtain a CA certificate or
+to update DNS before the new key can be deployed.
+.sp
+The \fIalgorithm\fR defaults to \fBrsa\fR, and \fIbits\fR
+defaults to 2048. If you choose the \fBecdsa\fR \fIalgorithm\fR
+then \fIbits\fR will be an EC curve name (by default
+\fBsecp256r1\fR, also known as prime256v1). Curves other
+than \fBsecp256r1\fR, \fBsecp384r1\fR or \fBsecp521r1\fR
+are unlikely to be widely interoperable. When generating
+EC keys, use one of these three. DSA keys are obsolete and
+are not supported.
+.sp
+Note: ECDSA support requires OpenSSL 1.0.0 or later and may
+not be available on your system. Not all client systems
+will support ECDSA, so you'll generally want to deploy both
+RSA and ECDSA certificates to make use of ECDSA with
+compatible clients and RSA with the rest. If you want to
+deploy certificate chains with intermediate CAs for both
+RSA and ECDSA, you'll want at least OpenSSL 1.0.2, as earlier
+versions may not handle multiple chain files correctly.
+.sp
+The first \fIhostname\fR argument will be the \fBCommonName\fR
+of both the subject and issuer of the self\-signed certificate.
+It, and any additional \fIhostname\fR arguments, will also
+be listed as DNS alternative names in the certificate. If
+no \fIhostname\fR is provided the value of the \fBmyhostname\fR
+main.cf parameter will be used.
+.sp
+For RSA, the generated private key and certificate files
+are named \fBkey\-\fIyyyymmdd\-hhmmss\fB.pem\fR and
+\fBcert\-\fIyyyymmdd\-hhmmss\fB.pem\fR, where \fIyyyymmdd\fR
+is the calendar date and \fIhhmmss\fR is the time of day
+in UTC. For ECDSA, the file names start with \fBeckey\-\fR
+and \fBeccert\-\fR instead of \fBkey\-\fR and \fBcert\-\fR
+respectively.
+.sp
+Before deploying the new key and certificate with DANE,
+update the DNS with new DANE TLSA records, then wait for
+secondary nameservers to update and then for stale records
+in remote DNS caches to expire.
+.sp
+Before deploying a new CA certificate make sure to include
+all the required intermediate issuing CA certificates in
+the certificate chain file. The server certificate must
+be the first certificate in the chain file. Overwrite and
+deploy the file with the original self\-signed certificate
+that was generated together with the key.
+.IP "\fBnew\-server\-cert\fR [\fB\-a \fIalgorithm\fR] [\fB\-b \fIbits\fR] [\fIhostname\fB...\fR]"
+This is just like \fBnew\-server\-key\fR except that, rather
+than generating a new private key, any currently deployed
+private key is copied to the new key file. Thus if you're
+publishing DANE TLSA "3 1 1" or "3 1 2" records, there is
+no need to update DNS records. The \fIalgorithm\fR and
+\fIbits\fR arguments are used only if no key of the same
+algorithm is already configured.
+.sp
+This command is rarely needed, because the self\-signed
+certificates generated have a 100\-year nominal expiration
+time. The underlying public key algorithms may well be
+obsoleted by quantum computers long before then.
+.sp
+The most plausible reason for using this command is when
+the system hostname changes, and you'd like the name in the
+certificate to match the new hostname (not required for
+DANE "3 1 1", but some needlessly picky non\-DANE opportunistic
+TLS clients may log warnings or even refuse to communicate).
+.IP "\fBdeploy\-server\-cert \fIcertfile\fB \fIkeyfile\fR"
+This subcommand deploys the certificates in \fIcertfile\fR
+and private key in \fIkeyfile\fR (which are typically
+generated by the commands above, which will also log and
+display the full command needed to deploy the generated key
+and certificate). After the new certificate and key are
+deployed any obsolete keys and certificates may be removed
+by hand. The \fIkeyfile\fR and \fIcertfile\fR filenames
+may be relative to the Postfix configuration directory.
+.IP "\fBoutput\-server\-csr\fR [\fB\-k \fIkeyfile\fR] [\fIhostname\fB...\fR]"
+Write to stdout a certificate signing request (CSR) for the
+specified \fIkeyfile\fR.
+.sp
+Instead of an absolute pathname or a pathname relative to
+$config_directory, \fIkeyfile\fR may specify one of the
+supported key algorithm names (see "\fBpostconf \-T
+public\-key\-algorithms\fR"). In that case, the corresponding
+setting from main.cf is used to locate the \fIkeyfile\fR.
+The default \fIkeyfile\fR value is \fBrsa\fR.
+.sp
+Zero or more \fIhostname\fR values can be specified. The
+default \fIhostname\fR is the value of \fBmyhostname\fR
+main.cf parameter.
+.IP "\fBoutput\-server\-tlsa\fR [\fB\-h \fIhostname\fR] [\fIkeyfile\fB...\fR]"
+Write to stdout a DANE TLSA RRset suitable for a port 25
+SMTP server on host \fIhostname\fR with keys from any of
+the specified \fIkeyfile\fR values. The default \fIhostname\fR
+is the value of the \fBmyhostname\fR main.cf parameter.
+.sp
+Instead of absolute pathnames or pathnames relative to
+$config_directory, the \fIkeyfile\fR list may specify
+names of supported public key algorithms (see "\fBpostconf
+\-T public\-key\-algorithms\fR"). In that case, the actual
+\fIkeyfile\fR list uses the values of the corresponding
+Postfix server TLS key file parameters. If a parameter
+value is empty or equal to \fBnone\fR, then no TLSA record
+is output for that algorithm.
+.sp
+The default \fIkeyfile\fR list consists of the two supported
+algorithms \fBrsa\fR and \fBecdsa\fR.
+.SH "AUXILIARY COMMANDS"
+.na
+.nf
+.IP "\fBall\-default\-client\fR"
+Exit with status 0 (success) if all SMTP client TLS settings are
+at their default values. Otherwise, exit with a non\-zero status.
+This is typically used as follows:
+.sp
+\fBpostfix tls all\-default\-client &&
+ postfix tls enable\-client\fR
+.IP "\fBall\-default\-server\fR"
+Exit with status 0 (success) if all SMTP server TLS settings are
+at their default values. Otherwise, exit with a non\-zero status.
+This is typically used as follows:
+.sp
+\fBpostfix tls all\-default\-server &&
+ postfix tls enable\-server\fR
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The "\fBpostfix tls \fIsubcommand\fR" feature reads
+or updates the following configuration parameters.
+.IP "\fBcommand_directory (see 'postconf -d' output)\fR"
+The location of all postfix administrative commands.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBopenssl_path (openssl)\fR"
+The location of the OpenSSL command line program \fBopenssl\fR(1).
+.IP "\fBsmtp_tls_loglevel (0)\fR"
+Enable additional Postfix SMTP client logging of TLS activity.
+.IP "\fBsmtp_tls_security_level (empty)\fR"
+The default SMTP TLS security level for the Postfix SMTP client;
+when a non\-empty value is specified, this overrides the obsolete
+parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername.
+.IP "\fBsmtp_tls_session_cache_database (empty)\fR"
+Name of the file containing the optional Postfix SMTP client
+TLS session cache.
+.IP "\fBsmtpd_tls_cert_file (empty)\fR"
+File with the Postfix SMTP server RSA certificate in PEM format.
+.IP "\fBsmtpd_tls_eccert_file (empty)\fR"
+File with the Postfix SMTP server ECDSA certificate in PEM format.
+.IP "\fBsmtpd_tls_eckey_file ($smtpd_tls_eccert_file)\fR"
+File with the Postfix SMTP server ECDSA private key in PEM format.
+.IP "\fBsmtpd_tls_key_file ($smtpd_tls_cert_file)\fR"
+File with the Postfix SMTP server RSA private key in PEM format.
+.IP "\fBsmtpd_tls_loglevel (0)\fR"
+Enable additional Postfix SMTP server logging of TLS activity.
+.IP "\fBsmtpd_tls_received_header (no)\fR"
+Request that the Postfix SMTP server produces Received: message
+headers that include information about the protocol and cipher used,
+as well as the remote SMTP client CommonName and client certificate issuer
+CommonName.
+.IP "\fBsmtpd_tls_security_level (empty)\fR"
+The SMTP TLS security level for the Postfix SMTP server; when
+a non\-empty value is specified, this overrides the obsolete parameters
+smtpd_use_tls and smtpd_enforce_tls.
+.IP "\fBtls_random_source (see 'postconf -d' output)\fR"
+The external entropy source for the in\-memory \fBtlsmgr\fR(8) pseudo
+random number generator (PRNG) pool.
+.SH "SEE ALSO"
+.na
+.nf
+master(8) Postfix master program
+postfix(1) Postfix administrative interface
+.SH "README FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or
+"\fBpostconf html_directory\fR" to locate this information.
+.na
+.nf
+TLS_README, Postfix TLS configuration and operation
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH HISTORY
+.ad
+.fi
+The "\fBpostfix tls\fR" command was introduced with Postfix
+version 3.1.
+.SH "AUTHOR(S)"
+.na
+.nf
+Viktor Dukhovni
diff --git a/man/man1/postfix.1 b/man/man1/postfix.1
new file mode 100644
index 0000000..21681de
--- /dev/null
+++ b/man/man1/postfix.1
@@ -0,0 +1,433 @@
+.TH POSTFIX 1
+.ad
+.fi
+.SH NAME
+postfix
+\-
+Postfix control program
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBpostfix\fR [\fB\-Dv\fR] [\fB\-c \fIconfig_dir\fR] \fIcommand\fR
+.SH DESCRIPTION
+.ad
+.fi
+This command is reserved for the superuser. To submit mail,
+use the Postfix \fBsendmail\fR(1) command.
+
+The \fBpostfix\fR(1) command controls the operation of the Postfix
+mail system: start or stop the \fBmaster\fR(8) daemon, do a health
+check, and other maintenance.
+
+By default, the \fBpostfix\fR(1) command sets up a standardized
+environment and runs the \fBpostfix\-script\fR shell script
+to do the actual work.
+
+However, when support for multiple Postfix instances is
+configured, \fBpostfix\fR(1) executes the command specified
+with the \fBmulti_instance_wrapper\fR configuration parameter.
+This command will execute the \fIcommand\fR for each
+applicable Postfix instance.
+
+The following commands are implemented:
+.IP \fBcheck\fR
+Warn about bad directory/file ownership or permissions,
+and create missing directories.
+.IP \fBstart\fR
+Start the Postfix mail system. This also runs the configuration
+check described above.
+.IP \fBstart\-fg\fR
+Like \fBstart\fR, but keep the \fBmaster\fR(8) daemon running
+in the foreground, and enable \fBmaster\fR(8) "init" mode
+when running as PID 1.
+This command requires that multi\-instance support is
+disabled (i.e. the multi_instance_directories parameter
+value must be empty).
+
+When running Postfix inside a container, see MAILLOG_README
+for logging to stdout. Postfix logs to syslog by default,
+which requires a) running a syslogd process inside the
+container, or b) mounting the container host's /dev/log
+socket inside the container (example: "docker run \-v
+/dev/log:/dev/log ..."), and c) a distinct Postfix "syslog_name"
+prefix that identifies logging from the Postfix instance.
+.IP \fBstop\fR
+Stop the Postfix mail system in an orderly fashion. If
+possible, running processes are allowed to terminate at
+their earliest convenience.
+.sp
+Note: in order to refresh the Postfix mail system after a
+configuration change, do not use the \fBstart\fR and \fBstop\fR
+commands in succession. Use the \fBreload\fR command instead.
+.IP \fBabort\fR
+Stop the Postfix mail system abruptly. Running processes are
+signaled to stop immediately.
+.IP \fBflush\fR
+Force delivery: attempt to deliver every message in the deferred
+mail queue. Normally, attempts to deliver delayed mail happen at
+regular intervals, the interval doubling after each failed attempt.
+.sp
+Warning: flushing undeliverable mail frequently will result in
+poor delivery performance of all other mail.
+.IP \fBreload\fR
+Re\-read configuration files. Running processes terminate at their
+earliest convenience.
+.IP \fBstatus\fR
+Indicate if the Postfix mail system is currently running.
+.IP "\fBset\-permissions\fR [\fIname\fR=\fIvalue ...\fR]"
+Set the ownership and permissions of Postfix related files and
+directories, as specified in the \fBpostfix\-files\fR file.
+.sp
+Specify \fIname\fR=\fIvalue\fR to override and update specific
+main.cf configuration parameters. Use this, for example, to
+change the \fBmail_owner\fR or \fBsetgid_group\fR setting for an
+already installed Postfix system.
+.sp
+This feature is available in Postfix 2.1 and later. With
+Postfix 2.0 and earlier, use "\fB$config_directory/post\-install
+set\-permissions\fR".
+.IP "\fBlogrotate\fR"
+Rotate the logfile specified with $maillog_file, by appending
+a time\-stamp suffix that is formatted according to
+$maillog_file_rotate_suffix, and by compressing the file
+with the command specified with $maillog_file_compressor.
+This will not rotate /dev/* files.
+.sp
+This feature is available in Postfix 3.4 and later.
+.IP "\fBtls\fR \fIsubcommand\fR"
+Enable opportunistic TLS in the Postfix SMTP client or
+server, and manage Postfix SMTP server TLS private keys and
+certificates. See postfix\-tls(1) for documentation.
+.sp
+This feature is available in Postfix 3.1 and later.
+.IP "\fBupgrade\-configuration\fR [\fIname\fR=\fIvalue ...\fR]"
+Update the \fBmain.cf\fR and \fBmaster.cf\fR files with information
+that Postfix needs in order to run: add or update services, and add
+or update configuration parameter settings.
+.sp
+Specify \fIname\fR=\fIvalue\fR to override and update specific
+main.cf configuration parameters.
+.sp
+This feature is available in Postfix 2.1 and later. With
+Postfix 2.0 and earlier, use "\fB$config_directory/post\-install
+upgrade\-configuration\fR".
+.PP
+The following options are implemented:
+.IP "\fB\-c \fIconfig_dir\fR"
+Read the \fBmain.cf\fR and \fBmaster.cf\fR configuration files in
+the named directory instead of the default configuration directory.
+Use this to distinguish between multiple Postfix instances on the
+same host.
+
+With Postfix 2.6 and later, this option forces the postfix(1)
+command to operate on the specified Postfix instance only.
+This behavior is inherited by postfix(1) commands that run
+as a descendant of the current process.
+.IP "\fB\-D\fR (with \fBpostfix start\fR only)"
+Run each Postfix daemon under control of a debugger as specified
+via the \fBdebugger_command\fR configuration parameter.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+The \fBpostfix\fR(1) command exports the following environment
+variables before executing the \fBpostfix\-script\fR file:
+.IP \fBMAIL_CONFIG\fR
+This is set when the \-c command\-line option is present.
+
+With Postfix 2.6 and later, this environment variable forces
+the postfix(1) command to operate on the specified Postfix
+instance only. This behavior is inherited by postfix(1)
+commands that run as a descendant of the current process.
+.IP \fBMAIL_VERBOSE\fR
+This is set when the \-v command\-line option is present.
+.IP \fBMAIL_DEBUG\fR
+This is set when the \-D command\-line option is present.
+.PP
+When the internal logging service is enabled (by setting a
+non\-empty maillog_file parameter value) the postfix(1)
+command exports settings that are used by child processes
+before they have processed main.cf or command\-line settings.
+.IP \fBPOSTLOG_SERVICE
+The name of the public postlog service endpoint.
+.IP \fBPOSTLOG_HOSTNAME
+The hostname to prepend to internal logging.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR configuration parameters are
+exported as environment variables with the same names:
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBcommand_directory (see 'postconf -d' output)\fR"
+The location of all postfix administrative commands.
+.IP "\fBdaemon_directory (see 'postconf -d' output)\fR"
+The directory with Postfix support programs and daemon programs.
+.IP "\fBhtml_directory (see 'postconf -d' output)\fR"
+The location of Postfix HTML files that describe how to build,
+configure or operate a specific Postfix subsystem or feature.
+.IP "\fBmail_owner (postfix)\fR"
+The UNIX system account that owns the Postfix queue and most Postfix
+daemon processes.
+.IP "\fBmailq_path (see 'postconf -d' output)\fR"
+Sendmail compatibility feature that specifies where the Postfix
+\fBmailq\fR(1) command is installed.
+.IP "\fBmanpage_directory (see 'postconf -d' output)\fR"
+Where the Postfix manual pages are installed.
+.IP "\fBnewaliases_path (see 'postconf -d' output)\fR"
+Sendmail compatibility feature that specifies the location of the
+\fBnewaliases\fR(1) command.
+.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
+The location of the Postfix top\-level queue directory.
+.IP "\fBreadme_directory (see 'postconf -d' output)\fR"
+The location of Postfix README files that describe how to build,
+configure or operate a specific Postfix subsystem or feature.
+.IP "\fBsendmail_path (see 'postconf -d' output)\fR"
+A Sendmail compatibility feature that specifies the location of
+the Postfix \fBsendmail\fR(1) command.
+.IP "\fBsetgid_group (postdrop)\fR"
+The group ownership of set\-gid Postfix commands and of group\-writable
+Postfix directories.
+.PP
+Available in Postfix version 2.5 and later:
+.IP "\fBdata_directory (see 'postconf -d' output)\fR"
+The directory with Postfix\-writable data files (for example:
+caches, pseudo\-random numbers).
+.PP
+Available in Postfix version 3.0 and later:
+.IP "\fBcompatibility_level (0)\fR"
+A safety net that causes Postfix to run with backwards\-compatible
+default settings after an upgrade to a newer Postfix version.
+.IP "\fBmeta_directory (see 'postconf -d' output)\fR"
+The location of non\-executable files that are shared among
+multiple Postfix instances, such as postfix\-files, dynamicmaps.cf,
+and the multi\-instance template files main.cf.proto and master.cf.proto.
+.IP "\fBshlib_directory (see 'postconf -d' output)\fR"
+The location of Postfix dynamically\-linked libraries
+(libpostfix\-*.so), and the default location of Postfix database
+plugins (postfix\-*.so) that have a relative pathname in the
+dynamicmaps.cf file.
+.PP
+Available in Postfix version 3.1 and later:
+.IP "\fBopenssl_path (openssl)\fR"
+The location of the OpenSSL command line program \fBopenssl\fR(1).
+.PP
+Other configuration parameters:
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment variables that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBsyslog_facility (mail)\fR"
+The syslog facility of Postfix logging.
+.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+.PP
+Available in Postfix version 2.6 and later:
+.IP "\fBmulti_instance_directories (empty)\fR"
+An optional list of non\-default Postfix configuration directories;
+these directories belong to additional Postfix instances that share
+the Postfix executable files and documentation with the default
+Postfix instance, and that are started, stopped, etc., together
+with the default Postfix instance.
+.IP "\fBmulti_instance_wrapper (empty)\fR"
+The pathname of a multi\-instance manager command that the
+\fBpostfix\fR(1) command invokes when the multi_instance_directories
+parameter value is non\-empty.
+.IP "\fBmulti_instance_group (empty)\fR"
+The optional instance group name of this Postfix instance.
+.IP "\fBmulti_instance_name (empty)\fR"
+The optional instance name of this Postfix instance.
+.IP "\fBmulti_instance_enable (no)\fR"
+Allow this Postfix instance to be started, stopped, etc., by a
+multi\-instance manager.
+.PP
+Available in Postfix version 3.4 and later:
+.IP "\fBmaillog_file (empty)\fR"
+The name of an optional logfile that is written by the Postfix
+\fBpostlogd\fR(8) service.
+.IP "\fBmaillog_file_compressor (gzip)\fR"
+The program to run after rotating $maillog_file with "postfix
+logrotate".
+.IP "\fBmaillog_file_prefixes (/var, /dev/stdout)\fR"
+A list of allowed prefixes for a maillog_file value.
+.IP "\fBmaillog_file_rotate_suffix (%Y%m%d\-%H%M%S)\fR"
+The format of the suffix to append to $maillog_file while rotating
+the file with "postfix logrotate".
+.IP "\fBpostlog_service_name (postlog)\fR"
+The name of the \fBpostlogd\fR(8) service entry in master.cf.
+.SH "FILES"
+.na
+.nf
+.ad
+.fi
+Prior to Postfix version 2.6, all of the following files
+were in \fB$config_directory\fR. Some files are now in
+\fB$daemon_directory\fR or \fB$meta_directory\fR so that they
+can be shared among multiple instances that run the same Postfix
+version.
+
+Use the command "\fBpostconf config_directory\fR" or
+"\fBpostconf daemon_directory\fR" to expand the names
+into their actual values.
+.na
+.nf
+
+$config_directory/main.cf, Postfix configuration parameters
+$config_directory/master.cf, Postfix daemon processes
+$daemon_directory/postfix\-script, administrative commands
+$daemon_directory/post\-install, post\-installation configuration
+$meta_directory/dynamicmaps.cf, plug\-in database clients
+$meta_directory/postfix\-files, file/directory permissions
+.SH "SEE ALSO"
+.na
+.nf
+Commands:
+postalias(1), create/update/query alias database
+postcat(1), examine Postfix queue file
+postconf(1), Postfix configuration utility
+postdrop(1), Postfix mail posting utility
+postfix(1), Postfix control program
+postfix\-tls(1), Postfix TLS management
+postkick(1), trigger Postfix daemon
+postlock(1), Postfix\-compatible locking
+postlog(1), Postfix\-compatible logging
+postmap(1), Postfix lookup table manager
+postmulti(1), Postfix multi\-instance manager
+postqueue(1), Postfix mail queue control
+postsuper(1), Postfix housekeeping
+mailq(1), Sendmail compatibility interface
+newaliases(1), Sendmail compatibility interface
+sendmail(1), Sendmail compatibility interface
+
+Postfix configuration:
+bounce(5), Postfix bounce message templates
+master(5), Postfix master.cf file syntax
+postconf(5), Postfix main.cf file syntax
+postfix\-wrapper(5), Postfix multi\-instance API
+
+Table\-driven mechanisms:
+access(5), Postfix SMTP access control table
+aliases(5), Postfix alias database
+canonical(5), Postfix input address rewriting
+generic(5), Postfix output address rewriting
+header_checks(5), body_checks(5), Postfix content inspection
+relocated(5), Users that have moved
+transport(5), Postfix routing table
+virtual(5), Postfix virtual aliasing
+
+Table lookup mechanisms:
+cidr_table(5), Associate CIDR pattern with value
+ldap_table(5), Postfix LDAP client
+lmdb_table(5), Postfix LMDB database driver
+memcache_table(5), Postfix memcache client
+mysql_table(5), Postfix MYSQL client
+nisplus_table(5), Postfix NIS+ client
+pcre_table(5), Associate PCRE pattern with value
+pgsql_table(5), Postfix PostgreSQL client
+regexp_table(5), Associate POSIX regexp pattern with value
+socketmap_table(5), Postfix socketmap client
+sqlite_table(5), Postfix SQLite database driver
+tcp_table(5), Postfix client\-server table lookup
+
+Daemon processes:
+anvil(8), Postfix connection/rate limiting
+bounce(8), defer(8), trace(8), Delivery status reports
+cleanup(8), canonicalize and enqueue message
+discard(8), Postfix discard delivery agent
+dnsblog(8), DNS allow/denylist logger
+error(8), Postfix error delivery agent
+flush(8), Postfix fast ETRN service
+local(8), Postfix local delivery agent
+master(8), Postfix master daemon
+oqmgr(8), old Postfix queue manager
+pickup(8), Postfix local mail pickup
+pipe(8), deliver mail to non\-Postfix command
+postlogd(8), Postfix internal logging service
+postscreen(8), Postfix zombie blocker
+proxymap(8), Postfix lookup table proxy server
+qmgr(8), Postfix queue manager
+qmqpd(8), Postfix QMQP server
+scache(8), Postfix connection cache manager
+showq(8), list Postfix mail queue
+smtp(8), lmtp(8), Postfix SMTP+LMTP client
+smtpd(8), Postfix SMTP server
+spawn(8), run non\-Postfix server
+tlsmgr(8), Postfix TLS cache and randomness manager
+tlsproxy(8), Postfix TLS proxy server
+trivial\-rewrite(8), Postfix address rewriting
+verify(8), Postfix address verification
+virtual(8), Postfix virtual delivery agent
+
+Other:
+syslogd(8), system logging
+.SH "README FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or
+"\fBpostconf html_directory\fR" to locate this information.
+.na
+.nf
+OVERVIEW, overview of Postfix commands and processes
+BASIC_CONFIGURATION_README, Postfix basic configuration
+ADDRESS_REWRITING_README, Postfix address rewriting
+SMTPD_ACCESS_README, SMTP relay/access control
+CONTENT_INSPECTION_README, Postfix content inspection
+QSHAPE_README, Postfix queue analysis
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
+
+TLS support by:
+Lutz Jaenicke
+Brandenburg University of Technology
+Cottbus, Germany
+
+Victor Duchovni
+Morgan Stanley
+
+SASL support originally by:
+Till Franke
+SuSE Rhein/Main AG
+65760 Eschborn, Germany
+
+LMTP support originally by:
+Philip A. Prindeville
+Mirapoint, Inc.
+USA.
+
+Amos Gouaux
+University of Texas at Dallas
+P.O. Box 830688, MC34
+Richardson, TX 75083, USA
+
+IPv6 support originally by:
+Mark Huizer, Eindhoven University, The Netherlands
+Jun\-ichiro 'itojun' Hagino, KAME project, Japan
+The Linux PLD project
+Dean Strik, Eindhoven University, The Netherlands
diff --git a/man/man1/postkick.1 b/man/man1/postkick.1
new file mode 100644
index 0000000..6cd0ef6
--- /dev/null
+++ b/man/man1/postkick.1
@@ -0,0 +1,102 @@
+.TH POSTKICK 1
+.ad
+.fi
+.SH NAME
+postkick
+\-
+kick a Postfix service
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBpostkick\fR [\fB\-c \fIconfig_dir\fR] [\fB\-v\fR]
+\fIclass service request\fR
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostkick\fR(1) command sends \fIrequest\fR to the
+specified \fIservice\fR over a local transport channel.
+This command makes Postfix private IPC accessible
+for use in, for example, shell scripts.
+
+Options:
+.IP "\fB\-c\fR \fIconfig_dir\fR"
+Read the \fBmain.cf\fR configuration file in the named directory
+instead of the default configuration directory.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose.
+.PP
+Arguments:
+.IP \fIclass\fR
+Name of a class of local transport channel endpoints,
+either \fBpublic\fR (accessible by any local user) or
+\fBprivate\fR (administrative access only).
+.IP \fIservice\fR
+The name of a local transport endpoint within the named class.
+.IP \fIrequest\fR
+A string. The list of valid requests is service\-specific.
+.SH DIAGNOSTICS
+.ad
+.fi
+Problems and transactions are logged to the standard error
+stream.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP \fBMAIL_CONFIG\fR
+Directory with Postfix configuration files.
+.IP \fBMAIL_VERBOSE\fR
+Enable verbose logging for debugging purposes.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBapplication_event_drain_time (100s)\fR"
+How long the \fBpostkick\fR(1) command waits for a request to enter the
+Postfix daemon process input buffer before giving up.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment parameters that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
+The location of the Postfix top\-level queue directory.
+.SH "FILES"
+.na
+.nf
+/var/spool/postfix/private, private class endpoints
+/var/spool/postfix/public, public class endpoints
+.SH "SEE ALSO"
+.na
+.nf
+qmgr(8), queue manager trigger protocol
+pickup(8), local pickup daemon
+postconf(5), configuration parameters
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postlock.1 b/man/man1/postlock.1
new file mode 100644
index 0000000..cd468e7
--- /dev/null
+++ b/man/man1/postlock.1
@@ -0,0 +1,126 @@
+.TH POSTLOCK 1
+.ad
+.fi
+.SH NAME
+postlock
+\-
+lock mail folder and execute command
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBpostlock\fR [\fB\-c \fIconfig_dir\fR] [\fB\-l \fIlock_style\fR]
+ [\fB\-v\fR] \fIfile command...\fR
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostlock\fR(1) command locks \fIfile\fR for exclusive
+access, and executes \fIcommand\fR. The locking method is
+compatible with the Postfix UNIX\-style local delivery agent.
+
+Options:
+.IP "\fB\-c \fIconfig_dir\fR"
+Read the \fBmain.cf\fR configuration file in the named directory
+instead of the default configuration directory.
+.IP "\fB\-l \fIlock_style\fR"
+Override the locking method specified via the
+\fBmailbox_delivery_lock\fR configuration parameter (see below).
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose.
+.PP
+Arguments:
+.IP \fIfile\fR
+A mailbox file. The user should have read/write permission.
+.IP \fIcommand...\fR
+The command to execute while \fIfile\fR is locked for exclusive
+access. The command is executed directly, i.e. without
+interpretation by a shell command interpreter.
+.SH DIAGNOSTICS
+.ad
+.fi
+The result status is 75 (EX_TEMPFAIL) when \fBpostlock\fR(1)
+could not perform the requested operation. Otherwise, the
+exit status is the exit status from the command.
+.SH BUGS
+.ad
+.fi
+With remote file systems, the ability to acquire a lock does not
+necessarily eliminate access conflicts. Avoid file access by
+processes running on different machines.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP \fBMAIL_CONFIG\fR
+Directory with Postfix configuration files.
+.IP \fBMAIL_VERBOSE\fR
+Enable verbose logging for debugging purposes.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.SH "LOCKING CONTROLS"
+.na
+.nf
+.ad
+.fi
+.IP "\fBdeliver_lock_attempts (20)\fR"
+The maximal number of attempts to acquire an exclusive lock on a
+mailbox file or \fBbounce\fR(8) logfile.
+.IP "\fBdeliver_lock_delay (1s)\fR"
+The time between attempts to acquire an exclusive lock on a mailbox
+file or \fBbounce\fR(8) logfile.
+.IP "\fBstale_lock_time (500s)\fR"
+The time after which a stale exclusive mailbox lockfile is removed.
+.IP "\fBmailbox_delivery_lock (see 'postconf -d' output)\fR"
+How to lock a UNIX\-style \fBlocal\fR(8) mailbox before attempting delivery.
+.SH "RESOURCE AND RATE CONTROLS"
+.na
+.nf
+.ad
+.fi
+.IP "\fBfork_attempts (5)\fR"
+The maximal number of attempts to fork() a child process.
+.IP "\fBfork_delay (1s)\fR"
+The delay between attempts to fork() a child process.
+.SH "MISCELLANEOUS CONTROLS"
+.na
+.nf
+.ad
+.fi
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment parameters that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.SH "SEE ALSO"
+.na
+.nf
+postconf(5), configuration parameters
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postlog.1 b/man/man1/postlog.1
new file mode 100644
index 0000000..406a3a3
--- /dev/null
+++ b/man/man1/postlog.1
@@ -0,0 +1,125 @@
+.TH POSTLOG 1
+.ad
+.fi
+.SH NAME
+postlog
+\-
+Postfix\-compatible logging utility
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+.ad
+\fBpostlog\fR [\fB\-iv\fR] [\fB\-c \fIconfig_dir\fR]
+[\fB\-p \fIpriority\fR] [\fB\-t \fItag\fR] [\fItext...\fR]
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostlog\fR(1) command implements a Postfix\-compatible logging
+interface for use in, for example, shell scripts.
+
+By default, \fBpostlog\fR(1) logs the \fItext\fR given on the command
+line as one record. If no \fItext\fR is specified on the command
+line, \fBpostlog\fR(1) reads from standard input and logs each input
+line as one record.
+
+By default, logging is sent to \fBsyslogd\fR(8) or
+\fBpostlogd\fR(8); when the
+standard error stream is connected to a terminal, logging
+is sent there as well.
+
+The following options are implemented:
+.IP "\fB\-c \fIconfig_dir\fR"
+Read the \fBmain.cf\fR configuration file in the named directory
+instead of the default configuration directory.
+.IP "\fB\-i\fR (obsolete)"
+Include the process ID in the logging tag. This flag is ignored as
+of Postfix 3.4, where the PID is always included.
+.IP "\fB\-p \fIpriority\fR (default: \fBinfo\fR)"
+Specifies the logging severity: \fBinfo\fR, \fBwarn\fR,
+\fBerror\fR, \fBfatal\fR, or \fBpanic\fR. With Postfix 3.1
+and later, the program will pause for 1 second after reporting
+a \fBfatal\fR or \fBpanic\fR condition, just like other
+Postfix programs.
+.IP "\fB\-t \fItag\fR"
+Specifies the logging tag, that is, the identifying name that
+appears at the beginning of each logging record. A default tag
+is used when none is specified.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose.
+.SH "SECURITY"
+.na
+.nf
+.ad
+.fi
+The \fBpostlog\fR(1) command is designed to run with
+set\-groupid privileges, so that it can connect to the
+\fBpostlogd\fR(8) daemon process (Postfix 3.7 and later;
+earlier implementations of this command must not have
+set\-groupid or set\-userid permissions).
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP MAIL_CONFIG
+Directory with the \fBmain.cf\fR file.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment parameters that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBsyslog_facility (mail)\fR"
+The syslog facility of Postfix logging.
+.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+.PP
+Available in Postfix 3.4 and later:
+.IP "\fBmaillog_file (empty)\fR"
+The name of an optional logfile that is written by the Postfix
+\fBpostlogd\fR(8) service.
+.IP "\fBpostlog_service_name (postlog)\fR"
+The name of the \fBpostlogd\fR(8) service entry in master.cf.
+.SH "SEE ALSO"
+.na
+.nf
+postconf(5), configuration parameters
+postlogd(8), Postfix logging
+syslogd(8), system logging
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH HISTORY
+.ad
+.fi
+The \fBpostlog\fR(1) command was introduced with Postfix
+version 3.4.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postmap.1 b/man/man1/postmap.1
new file mode 100644
index 0000000..d2551e5
--- /dev/null
+++ b/man/man1/postmap.1
@@ -0,0 +1,343 @@
+.TH POSTMAP 1
+.ad
+.fi
+.SH NAME
+postmap
+\-
+Postfix lookup table management
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBpostmap\fR [\fB\-bfFhimnNoprsuUvw\fR] [\fB\-c \fIconfig_dir\fR]
+[\fB\-d \fIkey\fR] [\fB\-q \fIkey\fR]
+ [\fIfile_type\fR:]\fIfile_name\fR ...
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostmap\fR(1) command creates or queries one or more Postfix
+lookup tables, or updates an existing one.
+
+If the result files do not exist they will be created with the
+same group and other read permissions as their source file.
+
+While the table update is in progress, signal delivery is
+postponed, and an exclusive, advisory, lock is placed on the
+entire table, in order to avoid surprises in spectator
+processes.
+.SH "INPUT FILE FORMAT"
+.na
+.nf
+.ad
+.fi
+The format of a lookup table input file is as follows:
+.IP \(bu
+A table entry has the form
+.sp
+.nf
+ \fIkey\fR whitespace \fIvalue\fR
+.fi
+.IP \(bu
+Empty lines and whitespace\-only lines are ignored, as
+are lines whose first non\-whitespace character is a `#'.
+.IP \(bu
+A logical line starts with non\-whitespace text. A line that
+starts with whitespace continues a logical line.
+.PP
+The \fIkey\fR and \fIvalue\fR are processed as is, except that
+surrounding white space is stripped off. Whitespace in lookup
+keys is supported in Postfix 3.2 and later, by surrounding the
+key with double quote characters `"'. Within the double quotes,
+double quote `"' and backslash `\\' characters can be included
+by quoting them with a preceding backslash.
+
+When the \fB\-F\fR option is given, the \fIvalue\fR must
+specify one or more filenames separated by comma and/or
+whitespace; \fBpostmap\fR(1) will concatenate the file
+content (with a newline character inserted between files)
+and will store the base64\-encoded result instead of the
+\fIvalue\fR.
+
+When the \fIkey\fR specifies email address information, the
+localpart should be enclosed with double quotes if required
+by RFC 5322. For example, an address localpart that contains
+";", or a localpart that starts or ends with ".".
+
+By default the lookup key is mapped to lowercase to make
+the lookups case insensitive; as of Postfix 2.3 this case
+folding happens only with tables whose lookup keys are
+fixed\-case strings such as btree:, dbm: or hash:. With
+earlier versions, the lookup key is folded even with tables
+where a lookup field can match both upper and lower case
+text, such as regexp: and pcre:. This resulted in loss of
+information with $\fInumber\fR substitutions.
+.SH "COMMAND-LINE ARGUMENTS"
+.na
+.nf
+.ad
+.fi
+.IP \fB\-b\fR
+Enable message body query mode. When reading lookup keys
+from standard input with "\fB\-q \-\fR", process the input
+as if it is an email message in RFC 5322 format. Each line
+of body content becomes one lookup key.
+.sp
+By default, the \fB\-b\fR option starts generating lookup
+keys at the first non\-header line, and stops when the end
+of the message is reached.
+To simulate \fBbody_checks\fR(5) processing, enable MIME
+parsing with \fB\-m\fR. With this, the \fB\-b\fR option
+generates no body\-style lookup keys for attachment MIME
+headers and for attached message/* headers.
+.sp
+NOTE: with "smtputf8_enable = yes", the \fB\-b\fR option
+disables UTF\-8 syntax checks on query keys and lookup
+results. Specify the \fB\-U\fR option to force UTF\-8
+syntax checks anyway.
+.sp
+This feature is available in Postfix version 2.6 and later.
+.IP "\fB\-c \fIconfig_dir\fR"
+Read the \fBmain.cf\fR configuration file in the named directory
+instead of the default configuration directory.
+.IP "\fB\-d \fIkey\fR"
+Search the specified maps for \fIkey\fR and remove one entry per map.
+The exit status is zero when the requested information was found.
+
+If a key value of \fB\-\fR is specified, the program reads key
+values from the standard input stream. The exit status is zero
+when at least one of the requested keys was found.
+.IP \fB\-f\fR
+Do not fold the lookup key to lower case while creating or querying
+a table.
+
+With Postfix version 2.3 and later, this option has no
+effect for regular expression tables. There, case folding
+is controlled by appending a flag to a pattern.
+.IP \fB\-F\fR
+When querying a map, or listing a map, base64\-decode each
+value. When creating a map from source file, process each
+value as a list of filenames, concatenate the content of
+those files, and store the base64\-encoded result instead
+of the value (see INPUT FILE FORMAT for details).
+.sp
+This feature is available in Postfix version 3.4 and later.
+.IP \fB\-h\fR
+Enable message header query mode. When reading lookup keys
+from standard input with "\fB\-q \-\fR", process the input
+as if it is an email message in RFC 5322 format. Each
+logical header line becomes one lookup key. A multi\-line
+header becomes one lookup key with one or more embedded
+newline characters.
+.sp
+By default, the \fB\-h\fR option generates lookup keys until
+the first non\-header line is reached.
+To simulate \fBheader_checks\fR(5) processing, enable MIME
+parsing with \fB\-m\fR. With this, the \fB\-h\fR option also
+generates header\-style lookup keys for attachment MIME
+headers and for attached message/* headers.
+.sp
+NOTE: with "smtputf8_enable = yes", the \fB\-b\fR option
+option disables UTF\-8 syntax checks on query keys and
+lookup results. Specify the \fB\-U\fR option to force UTF\-8
+syntax checks anyway.
+.sp
+This feature is available in Postfix version 2.6 and later.
+.IP \fB\-i\fR
+Incremental mode. Read entries from standard input and do not
+truncate an existing database. By default, \fBpostmap\fR(1) creates
+a new database from the entries in \fBfile_name\fR.
+.IP \fB\-m\fR
+Enable MIME parsing with "\fB\-b\fR" and "\fB\-h\fR".
+.sp
+This feature is available in Postfix version 2.6 and later.
+.IP \fB\-N\fR
+Include the terminating null character that terminates lookup keys
+and values. By default, \fBpostmap\fR(1) does whatever is
+the default for
+the host operating system.
+.IP \fB\-n\fR
+Don't include the terminating null character that terminates lookup
+keys and values. By default, \fBpostmap\fR(1) does whatever
+is the default for
+the host operating system.
+.IP \fB\-o\fR
+Do not release root privileges when processing a non\-root
+input file. By default, \fBpostmap\fR(1) drops root privileges
+and runs as the source file owner instead.
+.IP \fB\-p\fR
+Do not inherit the file access permissions from the input file
+when creating a new file. Instead, create a new file with default
+access permissions (mode 0644).
+.IP "\fB\-q \fIkey\fR"
+Search the specified maps for \fIkey\fR and write the first value
+found to the standard output stream. The exit status is zero
+when the requested information was found.
+
+Note: this performs a single query with the key as specified,
+and does not make iterative queries with substrings of the
+key as described for access(5), canonical(5), transport(5),
+virtual(5) and other Postfix table\-driven features.
+
+If a key value of \fB\-\fR is specified, the program reads key
+values from the standard input stream and writes one line of
+\fIkey value\fR output for each key that was found. The exit
+status is zero when at least one of the requested keys was found.
+.IP \fB\-r\fR
+When updating a table, do not complain about attempts to update
+existing entries, and make those updates anyway.
+.IP \fB\-s\fR
+Retrieve all database elements, and write one line of
+\fIkey value\fR output for each element. The elements are
+printed in database order, which is not necessarily the same
+as the original input order.
+.sp
+This feature is available in Postfix version 2.2 and later,
+and is not available for all database types.
+.IP \fB\-u\fR
+Disable UTF\-8 support. UTF\-8 support is enabled by default
+when "smtputf8_enable = yes". It requires that keys and
+values are valid UTF\-8 strings.
+.IP \fB\-U\fR
+With "smtputf8_enable = yes", force UTF\-8 syntax checks
+with the \fB\-b\fR and \fB\-h\fR options.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose.
+.IP \fB\-w\fR
+When updating a table, do not complain about attempts to update
+existing entries, and ignore those attempts.
+.PP
+Arguments:
+.IP \fIfile_type\fR
+The database type. To find out what types are supported, use
+the "\fBpostconf \-m\fR" command.
+
+The \fBpostmap\fR(1) command can query any supported file type,
+but it can create only the following file types:
+.RS
+.IP \fBbtree\fR
+The output file is a btree file, named \fIfile_name\fB.db\fR.
+This is available on systems with support for \fBdb\fR databases.
+.IP \fBcdb\fR
+The output consists of one file, named \fIfile_name\fB.cdb\fR.
+This is available on systems with support for \fBcdb\fR databases.
+.IP \fBdbm\fR
+The output consists of two files, named \fIfile_name\fB.pag\fR and
+\fIfile_name\fB.dir\fR.
+This is available on systems with support for \fBdbm\fR databases.
+.IP \fBfail\fR
+A table that reliably fails all requests. The lookup table
+name is used for logging only. This table exists to simplify
+Postfix error tests.
+.IP \fBhash\fR
+The output file is a hashed file, named \fIfile_name\fB.db\fR.
+This is available on systems with support for \fBdb\fR databases.
+.IP \fBlmdb\fR
+The output is a btree\-based file, named \fIfile_name\fB.lmdb\fR.
+\fBlmdb\fR supports concurrent writes and reads from different
+processes, unlike other supported file\-based tables.
+This is available on systems with support for \fBlmdb\fR databases.
+.IP \fBsdbm\fR
+The output consists of two files, named \fIfile_name\fB.pag\fR and
+\fIfile_name\fB.dir\fR.
+This is available on systems with support for \fBsdbm\fR databases.
+.PP
+When no \fIfile_type\fR is specified, the software uses the database
+type specified via the \fBdefault_database_type\fR configuration
+parameter.
+.RE
+.IP \fIfile_name\fR
+The name of the lookup table source file when rebuilding a database.
+.SH DIAGNOSTICS
+.ad
+.fi
+Problems are logged to the standard error stream and to
+\fBsyslogd\fR(8) or \fBpostlogd\fR(8).
+No output means that no problems were detected. Duplicate entries are
+skipped and are flagged with a warning.
+
+\fBpostmap\fR(1) terminates with zero exit status in case of success
+(including successful "\fBpostmap \-q\fR" lookup) and terminates
+with non\-zero exit status in case of failure.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP \fBMAIL_CONFIG\fR
+Directory with Postfix configuration files.
+.IP \fBMAIL_VERBOSE\fR
+Enable verbose logging for debugging purposes.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.IP "\fBberkeley_db_create_buffer_size (16777216)\fR"
+The per\-table I/O buffer size for programs that create Berkeley DB
+hash or btree tables.
+.IP "\fBberkeley_db_read_buffer_size (131072)\fR"
+The per\-table I/O buffer size for programs that read Berkeley DB
+hash or btree tables.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
+The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+and \fBpostmap\fR(1) commands.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment variables that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBsmtputf8_enable (yes)\fR"
+Enable preliminary SMTPUTF8 support for the protocols described
+in RFC 6531, RFC 6532, and RFC 6533.
+.IP "\fBsyslog_facility (mail)\fR"
+The syslog facility of Postfix logging.
+.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+.PP
+Available in Postfix 2.11 and later:
+.IP "\fBlmdb_map_size (16777216)\fR"
+The initial OpenLDAP LMDB database size limit in bytes.
+.SH "SEE ALSO"
+.na
+.nf
+postalias(1), create/update/query alias database
+postconf(1), supported database types
+postconf(5), configuration parameters
+postlogd(8), Postfix logging
+syslogd(8), system logging
+.SH "README FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or
+"\fBpostconf html_directory\fR" to locate this information.
+.na
+.nf
+DATABASE_README, Postfix lookup table overview
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postmulti.1 b/man/man1/postmulti.1
new file mode 100644
index 0000000..6db035e
--- /dev/null
+++ b/man/man1/postmulti.1
@@ -0,0 +1,434 @@
+.TH POSTMULTI 1
+.ad
+.fi
+.SH NAME
+postmulti
+\-
+Postfix multi\-instance manager
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+.ti -4
+\fBEnabling multi\-instance management:\fR
+
+\fBpostmulti\fR \fB\-e init\fR [\fB\-v\fR]
+
+.ti -4
+\fBIterator mode:\fR
+
+\fBpostmulti\fR \fB\-l\fR [\fB\-aRv\fR] [\fB\-g \fIgroup\fR]
+[\fB\-i \fIname\fR]
+
+\fBpostmulti\fR \fB\-p\fR [\fB\-av\fR] [\fB\-g \fIgroup\fR]
+[\fB\-i \fIname\fR] \fIpostfix\-command...\fR
+
+\fBpostmulti\fR \fB\-x\fR [\fB\-aRv\fR] [\fB\-g \fIgroup\fR]
+[\fB\-i \fIname\fR] \fIunix\-command...\fR
+
+.ti -4
+\fBLife\-cycle management:\fR
+
+\fBpostmulti\fR \fB\-e create\fR [\fB\-av\fR]
+[\fB\-g \fIgroup\fR] [\fB\-i \fIname\fR] [\fB\-G \fIgroup\fR]
+[\fB\-I \fIname\fR] [\fIparam=value\fR ...]
+
+\fBpostmulti\fR \fB\-e import\fR [\fB\-av\fR]
+[\fB\-g \fIgroup\fR] [\fB\-i \fIname\fR] [\fB\-G \fIgroup\fR]
+[\fB\-I \fIname\fR] [\fBconfig_directory=\fI/path\fR]
+
+\fBpostmulti\fR \fB\-e destroy\fR [\fB\-v\fR] \fB\-i \fIname\fR
+
+\fBpostmulti\fR \fB\-e deport\fR [\fB\-v\fR] \fB\-i \fIname\fR
+
+\fBpostmulti\fR \fB\-e enable\fR [\fB\-v\fR] \fB\-i \fIname\fR
+
+\fBpostmulti\fR \fB\-e disable\fR [\fB\-v\fR] \fB\-i \fIname\fR
+
+\fBpostmulti\fR \fB\-e assign\fR [\fB\-v\fR] \fB\-i \fIname\fR
+[\fB\-I \fIname\fR] [\-G \fIgroup\fR]
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostmulti\fR(1) command allows a Postfix administrator
+to manage multiple Postfix instances on a single host.
+
+\fBpostmulti\fR(1) implements two fundamental modes of
+operation. In \fBiterator\fR mode, it executes the same
+command for multiple Postfix instances. In \fBlife\-cycle
+management\fR mode, it adds or deletes one instance, or
+changes the multi\-instance status of one instance.
+
+Each mode of operation has its own command syntax. For this
+reason, each mode is documented in separate sections below.
+.SH "BACKGROUND"
+.na
+.nf
+.ad
+.fi
+A multi\-instance configuration consists of one primary
+Postfix instance, and one or more secondary instances whose
+configuration directory pathnames are recorded in the primary
+instance's main.cf file. Postfix instances share program
+files and documentation, but have their own configuration,
+queue and data directories.
+
+Currently, only the default Postfix instance can be used
+as primary instance in a multi\-instance configuration. The
+\fBpostmulti\fR(1) command does not currently support a \fB\-c\fR
+option to select an alternative primary instance, and exits
+with a fatal error if the \fBMAIL_CONFIG\fR environment
+variable is set to a non\-default configuration directory.
+
+See the MULTI_INSTANCE_README tutorial for a more detailed
+discussion of multi\-instance management with \fBpostmulti\fR(1).
+.SH "ITERATOR MODE"
+.na
+.nf
+.ad
+.fi
+In iterator mode, \fBpostmulti\fR performs the same operation
+on all Postfix instances in turn.
+
+If multi\-instance support is not enabled, the requested
+command is performed just for the primary instance.
+.PP
+Iterator mode implements the following command options:
+.SH "Instance selection"
+.IP \fB\-a\fR
+Perform the operation on all instances. This is the default.
+.IP "\fB\-g \fIgroup\fR"
+Perform the operation only for members of the named \fIgroup\fR.
+.IP "\fB\-i \fIname\fR"
+Perform the operation only for the instance with the specified
+\fIname\fR. You can specify either the instance name
+or the absolute pathname of the instance's configuration
+directory. Specify "\-" to select the primary Postfix instance.
+.IP \fB\-R\fR
+Reverse the iteration order. This may be appropriate when
+updating a multi\-instance system, where "sink" instances
+are started before "source" instances.
+.sp
+This option cannot be used with \fB\-p\fR.
+.SH "List mode"
+.IP \fB\-l\fR
+List Postfix instances with their instance name, instance
+group name, enable/disable status and configuration directory.
+.SH "Postfix\-wrapper mode"
+.IP "\fB\-p \fIpostfix\-command\fR"
+Invoke \fBpostfix(1)\fR to execute \fIpostfix\-command\fR.
+This option implements the \fBpostfix\-wrapper\fR(5) interface.
+.RS
+.IP \(bu
+With "start"\-like commands, "postfix check" is executed for
+instances that are not enabled. The full list of commands
+is specified with the postmulti_start_commands parameter.
+.IP \(bu
+With "stop"\-like commands, the iteration order is reversed,
+and disabled instances are skipped. The full list of commands
+is specified with the postmulti_stop_commands parameter.
+.IP \(bu
+With "reload" and other commands that require a started
+instance, disabled instances are skipped. The full list of
+commands is specified with the postmulti_control_commands
+parameter.
+.IP \(bu
+With "status" and other commands that don't require a started
+instance, the command is executed for all instances.
+.RE
+.IP
+The \fB\-p\fR option can also be used interactively to
+start/stop/etc. a named instance or instance group. For
+example, to start just the instances in the group "msa",
+invoke \fBpostmulti\fR(1) as follows:
+.RS
+.IP
+# postmulti \-g msa \-p start
+.RE
+.SH "Command mode"
+.IP "\fB\-x \fIunix\-command\fR"
+Execute the specified \fIunix\-command\fR for all Postfix instances.
+The command runs with appropriate environment settings for
+MAIL_CONFIG, command_directory, daemon_directory,
+config_directory, queue_directory, data_directory,
+multi_instance_name, multi_instance_group and
+multi_instance_enable.
+.SH "Other options"
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple
+\fB\-v\fR options make the software increasingly verbose.
+.SH "LIFE-CYCLE MANAGEMENT MODE"
+.na
+.nf
+.ad
+.fi
+With the \fB\-e\fR option \fBpostmulti\fR(1) can be used to
+add or delete a Postfix instance, and to manage the
+multi\-instance status of an existing instance.
+.PP
+The following options are implemented:
+.SH "Existing instance selection"
+.IP \fB\-a\fR
+When creating or importing an instance, place the new
+instance at the front of the secondary instance list.
+.IP "\fB\-g \fIgroup\fR"
+When creating or importing an instance, place the new
+instance before the first secondary instance that is a
+member of the specified group.
+.IP "\fB\-i \fIname\fR"
+When creating or importing an instance, place the new
+instance before the matching secondary instance.
+.sp
+With other life\-cycle operations, apply the operation to
+the named existing instance. Specify "\-" to select the
+primary Postfix instance.
+.SH "New or existing instance name assignment"
+.IP "\fB\-I \fIname\fR"
+Assign the specified instance \fIname\fR to an existing
+instance, newly\-created instance, or imported instance.
+Instance
+names other than "\-" (which makes the instance "nameless")
+must start with "postfix\-". This restriction reduces the
+likelihood of name collisions with system files.
+.IP "\fB\-G \fIgroup\fR"
+Assign the specified \fIgroup\fR name to an existing instance
+or to a newly created or imported instance.
+.SH "Instance creation/deletion/status change"
+.IP "\fB\-e \fIaction\fR"
+"Edit" managed instances. The following actions are supported:
+.RS
+.IP \fBinit\fR
+This command is required before \fBpostmulti\fR(1) can be
+used to manage Postfix instances. The "postmulti \-e init"
+command updates the primary instance's main.cf file by
+setting:
+.RS
+.IP
+.nf
+multi_instance_wrapper =
+ ${command_directory}/postmulti \-p \-\-
+multi_instance_enable = yes
+.fi
+.RE
+.IP
+You can set these by other means if you prefer.
+.IP \fBcreate\fR
+Create a new Postfix instance and add it to the
+multi_instance_directories parameter of the primary instance.
+The "\fB\-I \fIname\fR" option is recommended to give the
+instance a short name that is used to construct default
+values for the private directories of the new instance. The
+"\fB\-G \fIgroup\fR" option may be specified to assign the
+instance to a group, otherwise, the new instance is not a
+member of any group.
+.sp
+The new instance main.cf is the stock main.cf with the
+parameters that specify the locations of shared files cloned
+from the primary instance. For "nameless" instances, you
+should manually adjust "syslog_name" to yield a unique
+"logtag" starting with "postfix\-" that will uniquely identify
+the instance in the mail logs. It is simpler to assign the
+instance a short name with the "\fB\-I \fIname\fR" option.
+.sp
+Optional "name=value" arguments specify the instance
+config_directory, queue_directory and data_directory.
+For example:
+.RS
+.IP
+.nf
+# postmulti \-I postfix\-mumble \e
+ \-G mygroup \-e create \e
+ config_directory=/my/config/dir \e
+ queue_directory=/my/queue/dir \e
+ data_directory=/my/data/dir
+.fi
+.RE
+.IP
+If any of these pathnames is not supplied, the program
+attempts to generate the missing pathname(s) by taking the
+corresponding primary instance pathname, and replacing the
+last pathname component by the value of the \fB\-I\fR option.
+.sp
+If the instance configuration directory already exists, and
+contains both a main.cf and master.cf file, \fBcreate\fR
+will "import" the instance as\-is. For existing instances,
+\fBcreate\fR and \fBimport\fR are identical.
+.IP \fBimport\fR
+Import an existing instance into the list of instances
+managed by the \fBpostmulti\fR(1) multi\-instance manager.
+This adds the instance to the multi_instance_directories
+list of the primary instance. If the "\fB\-I \fIname\fR"
+option is provided it specifies the new name for the instance
+and is used to define a default location for the instance
+configuration directory (as with \fBcreate\fR above). The
+"\fB\-G \fIgroup\fR" option may be used to assign the instance
+to a group. Add a "\fBconfig_directory=\fI/path\fR" argument
+to override a default pathname based on "\fB\-I \fIname\fR".
+.IP \fBdestroy\fR
+Destroy a secondary Postfix instance. To be a candidate for
+destruction an instance must be disabled, stopped and its
+queue must not contain any messages. Attempts to destroy
+the primary Postfix instance trigger a fatal error, without
+destroying the instance.
+.sp
+The instance is removed from the primary instance main.cf
+file's alternate_config_directories parameter and its data,
+queue and configuration directories are cleaned of files
+and directories created by the Postfix system. The main.cf
+and master.cf files are removed from the configuration
+directory even if they have been modified since initial
+creation. Finally, the instance is "deported" from the list
+of managed instances.
+.sp
+If other files are present in instance private directories,
+the directories may not be fully removed, a warning is
+logged to alert the administrator. It is expected that an
+instance built using "fresh" directories via the \fBcreate\fR
+action will be fully removed by the \fBdestroy\fR action
+(if first disabled). If the instance configuration and queue
+directories are populated with additional files (access and
+rewriting tables, chroot jail content, etc.) the instance
+directories will not be fully removed.
+.sp
+The \fBdestroy\fR action triggers potentially dangerous
+file removal operations. Make sure the instance's data,
+queue and configuration directories are set correctly and
+do not contain any valuable files.
+.IP \fBdeport\fR
+Deport a secondary instance from the list of managed
+instances. This deletes the instance configuration directory
+from the primary instance's multi_instance_directories list,
+but does not remove any files or directories.
+.IP \fBassign\fR
+Assign a new instance name or a new group name to the
+selected instance. Use "\fB\-G \-\fR" to specify "no group"
+and "\fB\-I \-\fR" to specify "no name". If you choose to
+make an instance "nameless", set a suitable syslog_name in
+the corresponding main.cf file.
+.IP \fBenable\fR
+Mark the selected instance as enabled. This just sets the
+multi_instance_enable parameter to "yes" in the instance's
+main.cf file.
+.IP \fBdisable\fR
+Mark the selected instance as disabled. This means that
+the instance will not be started etc. with "postfix start",
+"postmulti \-p start" and so on. The instance can still be
+started etc. with "postfix \-c config\-directory start".
+.SH "Other options"
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple
+\fB\-v\fR options make the software increasingly verbose.
+.RE
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+The \fBpostmulti\fR(1) command exports the following environment
+variables before executing the requested \fIcommand\fR for a given
+instance:
+.IP \fBMAIL_VERBOSE\fR
+This is set when the \-v command\-line option is present.
+.IP \fBMAIL_CONFIG\fR
+The location of the configuration directory of the instance.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBdaemon_directory (see 'postconf -d' output)\fR"
+The directory with Postfix support programs and daemon programs.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment variables that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBmulti_instance_directories (empty)\fR"
+An optional list of non\-default Postfix configuration directories;
+these directories belong to additional Postfix instances that share
+the Postfix executable files and documentation with the default
+Postfix instance, and that are started, stopped, etc., together
+with the default Postfix instance.
+.IP "\fBmulti_instance_group (empty)\fR"
+The optional instance group name of this Postfix instance.
+.IP "\fBmulti_instance_name (empty)\fR"
+The optional instance name of this Postfix instance.
+.IP "\fBmulti_instance_enable (no)\fR"
+Allow this Postfix instance to be started, stopped, etc., by a
+multi\-instance manager.
+.IP "\fBpostmulti_start_commands (start)\fR"
+The \fBpostfix\fR(1) commands that the \fBpostmulti\fR(1) instance manager treats
+as "start" commands.
+.IP "\fBpostmulti_stop_commands (see 'postconf -d' output)\fR"
+The \fBpostfix\fR(1) commands that the \fBpostmulti\fR(1) instance manager treats
+as "stop" commands.
+.IP "\fBpostmulti_control_commands (reload flush)\fR"
+The \fBpostfix\fR(1) commands that the \fBpostmulti\fR(1) instance manager
+treats as "control" commands, that operate on running instances.
+.IP "\fBsyslog_facility (mail)\fR"
+The syslog facility of Postfix logging.
+.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+.PP
+Available in Postfix 3.0 and later:
+.IP "\fBmeta_directory (see 'postconf -d' output)\fR"
+The location of non\-executable files that are shared among
+multiple Postfix instances, such as postfix\-files, dynamicmaps.cf,
+and the multi\-instance template files main.cf.proto and master.cf.proto.
+.IP "\fBshlib_directory (see 'postconf -d' output)\fR"
+The location of Postfix dynamically\-linked libraries
+(libpostfix\-*.so), and the default location of Postfix database
+plugins (postfix\-*.so) that have a relative pathname in the
+dynamicmaps.cf file.
+.SH "FILES"
+.na
+.nf
+$meta_directory/main.cf.proto, stock configuration file
+$meta_directory/master.cf.proto, stock configuration file
+$daemon_directory/postmulti\-script, life\-cycle helper program
+.SH "SEE ALSO"
+.na
+.nf
+postfix(1), Postfix control program
+postfix\-wrapper(5), Postfix multi\-instance API
+.SH "README FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or "\fBpostconf
+html_directory\fR" to locate this information.
+.nf
+.na
+MULTI_INSTANCE_README, Postfix multi\-instance management
+.SH HISTORY
+.ad
+.fi
+.ad
+.fi
+The \fBpostmulti\fR(1) command was introduced with Postfix
+version 2.6.
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Victor Duchovni
+Morgan Stanley
+
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postqueue.1 b/man/man1/postqueue.1
new file mode 100644
index 0000000..c8020c1
--- /dev/null
+++ b/man/man1/postqueue.1
@@ -0,0 +1,271 @@
+.TH POSTQUEUE 1
+.ad
+.fi
+.SH NAME
+postqueue
+\-
+Postfix queue control
+.SH "SYNOPSIS"
+.na
+.nf
+.ti -4
+\fBTo flush the mail queue\fR:
+
+\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-f\fR
+
+\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-i \fIqueue_id\fR
+
+\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-s \fIsite\fR
+
+.ti -4
+\fBTo list the mail queue\fR:
+
+\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-j\fR
+
+\fBpostqueue\fR [\fB\-v\fR] [\fB\-c \fIconfig_dir\fR] \fB\-p\fR
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostqueue\fR(1) command implements the Postfix user interface
+for queue management. It implements operations that are
+traditionally available via the \fBsendmail\fR(1) command.
+See the \fBpostsuper\fR(1) command for queue operations
+that require super\-user privileges such as deleting a message
+from the queue or changing the status of a message.
+
+The following options are recognized:
+.IP "\fB\-c \fIconfig_dir\fR"
+The \fBmain.cf\fR configuration file is in the named directory
+instead of the default configuration directory. See also the
+MAIL_CONFIG environment setting below.
+.IP \fB\-f\fR
+Flush the queue: attempt to deliver all queued mail.
+
+This option implements the traditional "\fBsendmail \-q\fR" command,
+by contacting the Postfix \fBqmgr\fR(8) daemon.
+
+Warning: flushing undeliverable mail frequently will result in
+poor delivery performance of all other mail.
+.IP "\fB\-i \fIqueue_id\fR"
+Schedule immediate delivery of deferred mail with the
+specified queue ID.
+
+This option implements the traditional \fBsendmail \-qI\fR
+command, by contacting the \fBflush\fR(8) server.
+
+This feature is available with Postfix version 2.4 and later.
+.IP "\fB\-j\fR"
+Produce a queue listing in JSON format, based on output
+from the showq(8) daemon. The result is a stream of zero
+or more JSON objects, one per queue file. Each object is
+followed by a newline character to support simple streaming
+parsers. See "\fBJSON OBJECT FORMAT\fR" below for details.
+
+This feature is available in Postfix 3.1 and later.
+.IP \fB\-p\fR
+Produce a traditional sendmail\-style queue listing.
+This option implements the traditional \fBmailq\fR command,
+by contacting the Postfix \fBshowq\fR(8) daemon.
+
+Each queue entry shows the queue file ID, message
+size, arrival time, sender, and the recipients that still need to
+be delivered. If mail could not be delivered upon the last attempt,
+the reason for failure is shown. The queue ID string
+is followed by an optional status character:
+.RS
+.IP \fB*\fR
+The message is in the \fBactive\fR queue, i.e. the message is
+selected for delivery.
+.IP \fB!\fR
+The message is in the \fBhold\fR queue, i.e. no further delivery
+attempt will be made until the mail is taken off hold.
+.IP \fB#\fR
+The message is forced to expire. See the \fBpostsuper\fR(1)
+options \fB\-e\fR or \fB\-f\fR.
+.sp
+This feature is available in Postfix 3.5 and later.
+.RE
+.IP "\fB\-s \fIsite\fR"
+Schedule immediate delivery of all mail that is queued for the named
+\fIsite\fR. A numerical site must be specified as a valid RFC 5321
+address literal enclosed in [], just like in email addresses.
+The site must be eligible for the "fast flush" service.
+See \fBflush\fR(8) for more information about the "fast flush"
+service.
+
+This option implements the traditional "\fBsendmail \-qR\fIsite\fR"
+command, by contacting the Postfix \fBflush\fR(8) daemon.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose. As of Postfix 2.3,
+this option is available for the super\-user only.
+.SH "JSON OBJECT FORMAT"
+.na
+.nf
+.ad
+.fi
+Each JSON object represents one queue file; it is emitted
+as a single text line followed by a newline character.
+
+Object members have string values unless indicated otherwise.
+Programs should ignore object members that are not listed
+here; the list of members is expected to grow over time.
+.IP \fBqueue_name\fR
+The name of the queue where the message was found. Note
+that the contents of the mail queue may change while it is
+being listed; some messages may appear more than once, and
+some messages may be missed.
+.IP \fBqueue_id\fR
+The queue file name. The queue_id may be reused within a
+Postfix instance unless "enable_long_queue_ids = true" and
+time is monotonic. Even then, the queue_id is not expected
+to be unique between different Postfix instances. Management
+tools that require a unique name should combine the queue_id
+with the myhostname setting of the Postfix instance.
+.IP \fBarrival_time\fR
+The number of seconds since the start of the UNIX epoch.
+.IP \fBmessage_size\fR
+The number of bytes in the message header and body. This
+number does not include message envelope information. It
+is approximately equal to the number of bytes that would
+be transmitted via SMTP including the <CR><LF> line endings.
+.IP \fBforced_expire\fR
+The message is forced to expire (\fBtrue\fR or \fBfalse\fR).
+See the \fBpostsuper\fR(1) options \fB\-e\fR or \fB\-f\fR.
+.sp
+This feature is available in Postfix 3.5 and later.
+.IP \fBsender\fR
+The envelope sender address.
+.IP \fBrecipients\fR
+An array containing zero or more objects with members:
+.RS
+.IP \fBaddress\fR
+One recipient address.
+.IP \fBdelay_reason\fR
+If present, the reason for delayed delivery. Delayed
+recipients may have no delay reason, for example, while
+delivery is in progress, or after the system was stopped
+before it could record the reason.
+.RE
+.SH "SECURITY"
+.na
+.nf
+.ad
+.fi
+This program is designed to run with set\-group ID privileges, so
+that it can connect to Postfix daemon processes.
+.SH "STANDARDS"
+.na
+.nf
+RFC 7159 (JSON notation)
+.SH DIAGNOSTICS
+.ad
+.fi
+Problems are logged to \fBsyslogd\fR(8) or \fBpostlogd\fR(8),
+and to the standard error stream.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP MAIL_CONFIG
+Directory with the \fBmain.cf\fR file. In order to avoid exploitation
+of set\-group ID privileges, a non\-standard directory is allowed only
+if:
+.RS
+.IP \(bu
+The name is listed in the standard \fBmain.cf\fR file with the
+\fBalternate_config_directories\fR configuration parameter.
+.IP \(bu
+The command is invoked by the super\-user.
+.RE
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.IP "\fBalternate_config_directories (empty)\fR"
+A list of non\-default Postfix configuration directories that may
+be specified with "\-c config_directory" on the command line (in the
+case of \fBsendmail\fR(1), with the "\-C" option), or via the MAIL_CONFIG
+environment parameter.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBcommand_directory (see 'postconf -d' output)\fR"
+The location of all postfix administrative commands.
+.IP "\fBfast_flush_domains ($relay_domains)\fR"
+Optional list of destinations that are eligible for per\-destination
+logfiles with mail that is queued to those destinations.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment variables that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
+The location of the Postfix top\-level queue directory.
+.IP "\fBsyslog_facility (mail)\fR"
+The syslog facility of Postfix logging.
+.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+.IP "\fBtrigger_timeout (10s)\fR"
+The time limit for sending a trigger to a Postfix daemon (for
+example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
+.PP
+Available in Postfix version 2.2 and later:
+.IP "\fBauthorized_flush_users (static:anyone)\fR"
+List of users who are authorized to flush the queue.
+.IP "\fBauthorized_mailq_users (static:anyone)\fR"
+List of users who are authorized to view the queue.
+.SH "FILES"
+.na
+.nf
+/var/spool/postfix, mail queue
+.SH "SEE ALSO"
+.na
+.nf
+qmgr(8), queue manager
+showq(8), list mail queue
+flush(8), fast flush service
+sendmail(1), Sendmail\-compatible user interface
+postsuper(1), privileged queue operations
+postlogd(8), Postfix logging
+syslogd(8), system logging
+.SH "README FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or
+"\fBpostconf html_directory\fR" to locate this information.
+.na
+.nf
+ETRN_README, Postfix ETRN howto
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH HISTORY
+.ad
+.fi
+.ad
+.fi
+The postqueue command was introduced with Postfix version 1.1.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/postsuper.1 b/man/man1/postsuper.1
new file mode 100644
index 0000000..885330f
--- /dev/null
+++ b/man/man1/postsuper.1
@@ -0,0 +1,343 @@
+.TH POSTSUPER 1
+.ad
+.fi
+.SH NAME
+postsuper
+\-
+Postfix superintendent
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBpostsuper\fR [\fB\-psSv\fR]
+ [\fB\-c \fIconfig_dir\fR] [\fB\-d \fIqueue_id\fR]
+ [\fB\-e \fIqueue_id\fR] [\fB\-f \fIqueue_id\fR]
+ [\fB\-h \fIqueue_id\fR] [\fB\-H \fIqueue_id\fR]
+ [\fB\-r \fIqueue_id\fR] [\fIdirectory ...\fR]
+.SH DESCRIPTION
+.ad
+.fi
+The \fBpostsuper\fR(1) command does maintenance jobs on the Postfix
+queue. Use of the command is restricted to the superuser.
+See the \fBpostqueue\fR(1) command for unprivileged queue operations
+such as listing or flushing the mail queue.
+
+By default, \fBpostsuper\fR(1) performs the operations
+requested with the
+\fB\-s\fR and \fB\-p\fR command\-line options on all Postfix queue
+directories \- this includes the \fBincoming\fR, \fBactive\fR,
+\fBdeferred\fR, and \fBhold\fR directories with message
+files and the \fBbounce\fR,
+\fBdefer\fR, \fBtrace\fR and \fBflush\fR directories with log files.
+
+Options:
+.IP "\fB\-c \fIconfig_dir\fR"
+The \fBmain.cf\fR configuration file is in the named directory
+instead of the default configuration directory. See also the
+MAIL_CONFIG environment setting below.
+.IP "\fB\-d \fIqueue_id\fR"
+Delete one message with the named queue ID from the named
+mail queue(s) (default: \fBhold\fR, \fBincoming\fR, \fBactive\fR and
+\fBdeferred\fR).
+
+To delete multiple files, specify the \fB\-d\fR option multiple
+times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs
+from standard input. For example, to delete all mail
+with exactly one recipient \fBuser@example.com\fR:
+.sp
+.nf
+postqueue \-j | jq -r '
+ # See JSON OBJECT FORMAT section in the postqueue(1) manpage
+ select(.recipients[0].address == "user@example.com")
+ | select(.recipients[1].address == null)
+ | .queue_id
+ ' | postsuper \-d \-
+.fi
+.sp
+(note the "jq -r" option), or the historical form:
+.sp
+.nf
+mailq | tail \-n +2 | grep \-v '^ *(' | awk 'BEGIN { RS = "" }
+ # $7=sender, $8=recipient1, $9=recipient2
+ { if ($8 == "user@example.com" && $9 == "")
+ print $1 }
+ ' | tr \-d '*!' | postsuper \-d \-
+.fi
+.sp
+Specify "\fB\-d ALL\fR" to remove all messages; for example, specify
+"\fB\-d ALL deferred\fR" to delete all mail in the \fBdeferred\fR queue.
+As a safety measure, the word \fBALL\fR must be specified in upper
+case.
+.sp
+Warning: Postfix queue IDs are reused (always with Postfix
+<= 2.8; and with Postfix >= 2.9 when enable_long_queue_ids=no).
+There is a very small possibility that postsuper deletes the
+wrong message file when it is executed while the Postfix mail
+system is delivering mail.
+.sp
+The scenario is as follows:
+.RS
+.IP 1)
+The Postfix queue manager deletes the message that \fBpostsuper\fR(1)
+is asked to delete, because Postfix is finished with the
+message (it is delivered, or it is returned to the sender).
+.IP 2)
+New mail arrives, and the new message is given the same queue ID
+as the message that \fBpostsuper\fR(1) is supposed to delete.
+The probability for reusing a deleted queue ID is about 1 in 2**15
+(the number of different microsecond values that the system clock
+can distinguish within a second).
+.IP 3)
+\fBpostsuper\fR(1) deletes the new message, instead of the old
+message that it should have deleted.
+.RE
+.IP "\fB\-e \fIqueue_id\fR"
+.IP "\fB\-f \fIqueue_id\fR"
+Request forced expiration for one message with the named
+queue ID in the named mail queue(s) (default: \fBhold\fR,
+\fBincoming\fR, \fBactive\fR and \fBdeferred\fR).
+.RS
+.IP \(bu
+The message will be returned to the sender when the queue
+manager attempts to deliver that message (note that Postfix
+will never deliver messages in the \fBhold\fR queue).
+.IP \(bu
+The \fB\-e\fR and \fB\-f\fR options both request forced
+expiration. The difference is that \fB\-f\fR will also release
+a message if it is in the \fBhold\fR queue. With \fB\-e\fR, such
+a message would not be returned to the sender until it is
+released with \fB\-f\fR or \fB\-H\fR.
+.IP \(bu
+When a deferred message is force\-expired, the return message
+will state the reason for the delay. Otherwise, the reason
+will be "message is administratively expired".
+.RE
+.IP
+To expire multiple files, specify the \fB\-e\fR or \fB\-f\fR
+option multiple times, or specify a \fIqueue_id\fR of \fB\-\fR
+to read queue IDs from standard input (see the \fB\-d\fR option
+above for an example, but be sure to replace \fB\-d\fR in
+the example).
+.sp
+Specify "\fB\-e ALL\fR" or "\fB\-f ALL\fR" to expire all
+messages; for example, specify "\fB\-e ALL deferred\fR" to
+expire all mail in the \fBdeferred\fR queue. As a safety
+measure, the word \fBALL\fR must be specified in upper case.
+.sp
+These features are available in Postfix 3.5 and later.
+.IP "\fB\-h \fIqueue_id\fR"
+Put mail "on hold" so that no attempt is made to deliver it.
+Move one message with the named queue ID from the named
+mail queue(s) (default: \fBincoming\fR, \fBactive\fR and
+\fBdeferred\fR) to the \fBhold\fR queue.
+
+To hold multiple files, specify the \fB\-h\fR option multiple
+times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs
+from standard input.
+.sp
+Specify "\fB\-h ALL\fR" to hold all messages; for example, specify
+"\fB\-h ALL deferred\fR" to hold all mail in the \fBdeferred\fR queue.
+As a safety measure, the word \fBALL\fR must be specified in upper
+case.
+.sp
+Note: while mail is "on hold" it will not expire when its
+time in the queue exceeds the \fBmaximal_queue_lifetime\fR
+or \fBbounce_queue_lifetime\fR setting. It becomes subject to
+expiration after it is released from "hold".
+.sp
+This feature is available in Postfix 2.0 and later.
+.IP "\fB\-H \fIqueue_id\fR"
+Release mail that was put "on hold".
+Move one message with the named queue ID from the named
+mail queue(s) (default: \fBhold\fR) to the \fBdeferred\fR queue.
+
+To release multiple files, specify the \fB\-H\fR option multiple
+times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs
+from standard input.
+.sp
+Note: specify "\fBpostsuper \-r\fR" to release mail that was kept on
+hold for a significant fraction of \fB$maximal_queue_lifetime\fR
+or \fB$bounce_queue_lifetime\fR, or longer.
+.sp
+Specify "\fB\-H ALL\fR" to release all mail that is "on hold".
+As a safety measure, the word \fBALL\fR must be specified in upper
+case.
+.sp
+This feature is available in Postfix 2.0 and later.
+.IP \fB\-p\fR
+Purge old temporary files that are left over after system or
+software crashes.
+The \fB\-p\fR, \fB\-s\fR, and \fB\-S\fR operations are done
+before other operations.
+.IP "\fB\-r \fIqueue_id\fR"
+Requeue the message with the named queue ID from the named
+mail queue(s) (default: \fBhold\fR, \fBincoming\fR, \fBactive\fR and
+\fBdeferred\fR).
+
+To requeue multiple files, specify the \fB\-r\fR option multiple
+times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs
+from standard input.
+.sp
+Specify "\fB\-r ALL\fR" to requeue all messages. As a safety
+measure, the word \fBALL\fR must be specified in upper case.
+.sp
+A requeued message is moved to the \fBmaildrop\fR queue,
+from where it is copied by the \fBpickup\fR(8) and
+\fBcleanup\fR(8) daemons to a new queue file. In many
+respects its handling differs from that of a new local
+submission.
+.RS
+.IP \(bu
+The message is not subjected to the smtpd_milters or
+non_smtpd_milters settings. When mail has passed through
+an external content filter, this would produce incorrect
+results with Milter applications that depend on original
+SMTP connection state information.
+.IP \(bu
+The message is subjected again to mail address rewriting
+and substitution. This is useful when rewriting rules or
+virtual mappings have changed.
+.sp
+The address rewriting context (local or remote) is the same
+as when the message was received.
+.IP \(bu
+The message is subjected to the same content_filter settings
+(if any) as used for new local mail submissions. This is
+useful when content_filter settings have changed.
+.RE
+.IP
+Warning: Postfix queue IDs are reused (always with Postfix
+<= 2.8; and with Postfix >= 2.9 when enable_long_queue_ids=no).
+There is a very small possibility that \fBpostsuper\fR(1) requeues
+the wrong message file when it is executed while the Postfix mail
+system is running, but no harm should be done.
+.sp
+This feature is available in Postfix 1.1 and later.
+.IP \fB\-s\fR
+Structure check and structure repair. This should be done once
+before Postfix startup.
+The \fB\-p\fR, \fB\-s\fR, and \fB\-S\fR operations are done
+before other operations.
+.RS
+.IP \(bu
+Rename files whose name does not match the message file inode
+number. This operation is necessary after restoring a mail
+queue from a different machine or from backup, when queue
+files were created with Postfix <= 2.8 or with
+"enable_long_queue_ids = no".
+.IP \(bu
+Move queue files that are in the wrong place in the file system
+hierarchy and remove subdirectories that are no longer needed.
+File position rearrangements are necessary after a change in the
+\fBhash_queue_names\fR and/or \fBhash_queue_depth\fR
+configuration parameters.
+.IP \(bu
+Rename queue files created with "enable_long_queue_ids =
+yes" to short names, for migration to Postfix <= 2.8. The
+procedure is as follows:
+.sp
+.nf
+.na
+# postfix stop
+# postconf enable_long_queue_ids=no
+# postsuper
+.ad
+.fi
+.sp
+Run \fBpostsuper\fR(1) repeatedly until it stops reporting
+file name changes.
+.RE
+.IP \fB\-S\fR
+A redundant version of \fB\-s\fR that requires that long
+file names also match the message file inode number. This
+option exists for testing purposes, and is available with
+Postfix 2.9 and later.
+The \fB\-p\fR, \fB\-s\fR, and \fB\-S\fR operations are done
+before other operations.
+.IP \fB\-v\fR
+Enable verbose logging for debugging purposes. Multiple \fB\-v\fR
+options make the software increasingly verbose.
+.SH DIAGNOSTICS
+.ad
+.fi
+Problems are reported to the standard error stream and to
+\fBsyslogd\fR(8) or \fBpostlogd\fR(8).
+
+\fBpostsuper\fR(1) reports the number of messages deleted
+with \fB\-d\fR, the number of messages expired with \fB\-e\fR,
+the number of messages expired or released with \fB\-f\fR,
+the number of messages held or released with \fB\-h\fR or
+\fB\-H\fR, the number of messages requeued with \fB\-r\fR,
+and the number of messages whose queue file name was fixed
+with \fB\-s\fR. The report is written to the standard error
+stream and to \fBsyslogd\fR(8) or \fBpostlogd\fR(8).
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP MAIL_CONFIG
+Directory with the \fBmain.cf\fR file.
+.SH BUGS
+.ad
+.fi
+Mail that is not sanitized by Postfix (i.e. mail in the \fBmaildrop\fR
+queue) cannot be placed "on hold".
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBhash_queue_depth (1)\fR"
+The number of subdirectory levels for queue directories listed with
+the hash_queue_names parameter.
+.IP "\fBhash_queue_names (deferred, defer)\fR"
+The names of queue directories that are split across multiple
+subdirectory levels.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment parameters that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
+The location of the Postfix top\-level queue directory.
+.IP "\fBsyslog_facility (mail)\fR"
+The syslog facility of Postfix logging.
+.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+.PP
+Available in Postfix version 2.9 and later:
+.IP "\fBenable_long_queue_ids (no)\fR"
+Enable long, non\-repeating, queue IDs (queue file names).
+.SH "SEE ALSO"
+.na
+.nf
+sendmail(1), Sendmail\-compatible user interface
+postqueue(1), unprivileged queue operations
+postlogd(8), Postfix logging
+syslogd(8), system logging
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/posttls-finger.1 b/man/man1/posttls-finger.1
new file mode 100644
index 0000000..54b72ab
--- /dev/null
+++ b/man/man1/posttls-finger.1
@@ -0,0 +1,343 @@
+.TH POSTTLS-FINGER 1
+.ad
+.fi
+.SH NAME
+posttls-finger
+\-
+Probe the TLS properties of an ESMTP or LMTP server.
+.SH "SYNOPSIS"
+.na
+.nf
+\fBposttls\-finger\fR [\fIoptions\fR] [\fBinet:\fR]\fIdomain\fR[:\fIport\fR] [\fImatch ...\fR]
+.br
+\fBposttls\-finger\fR \-S [\fIoptions\fR] \fBunix:\fIpathname\fR [\fImatch ...\fR]
+.SH DESCRIPTION
+.ad
+.fi
+\fBposttls\-finger\fR(1) connects to the specified destination
+and reports TLS\-related information about the server. With SMTP, the
+destination is a domainname; with LMTP it is either a domainname
+prefixed with \fBinet:\fR or a pathname prefixed with \fBunix:\fR. If
+Postfix is built without TLS support, the resulting \fBposttls\-finger\fR(1)
+program has very limited functionality, and only the \fB\-a\fR, \fB\-c\fR,
+\fB\-h\fR, \fB\-o\fR, \fB\-S\fR, \fB\-t\fR, \fB\-T\fR and \fB\-v\fR options
+are available.
+
+Note: this is an unsupported test program. No attempt is made
+to maintain compatibility between successive versions.
+
+For SMTP servers that don't support ESMTP, only the greeting banner
+and the negative EHLO response are reported. Otherwise, the reported
+EHLO response details further server capabilities.
+
+If TLS support is enabled when \fBposttls\-finger\fR(1) is compiled, and
+the server supports \fBSTARTTLS\fR, a TLS handshake is attempted.
+
+If DNSSEC support is available, the connection TLS security level
+(\fB\-l\fR option) defaults to \fBdane\fR; see TLS_README for
+details. Otherwise, it defaults to \fBsecure\fR. This setting
+determines the certificate matching policy.
+
+If TLS negotiation succeeds, the TLS protocol and cipher details are
+reported. The server certificate is then verified in accordance with
+the policy at the chosen (or default) security level. With public
+CA\-based trust, when the \fB\-L\fR option includes \fBcertmatch\fR,
+(true by default) name matching is performed even if the certificate
+chain is not trusted. This logs the names found in the remote SMTP
+server certificate and which if any would match, were the certificate
+chain trusted.
+
+Note: \fBposttls\-finger\fR(1) does not perform any table lookups, so
+the TLS policy table and obsolete per\-site tables are not consulted.
+It does not communicate with the \fBtlsmgr\fR(8) daemon (or any other
+Postfix daemons); its TLS session cache is held in private memory, and
+disappears when the process exits.
+
+With the \fB\-r \fIdelay\fR option, if the server assigns a TLS
+session id, the TLS session is cached. The connection is then closed
+and re\-opened after the specified delay, and \fBposttls\-finger\fR(1)
+then reports whether the cached TLS session was re\-used.
+
+When the destination is a load balancer, it may be distributing
+load between multiple server caches. Typically, each server returns
+its unique name in its EHLO response. If, upon reconnecting with
+\fB\-r\fR, a new server name is detected, another session is cached
+for the new server, and the reconnect is repeated up to a maximum
+number of times (default 5) that can be specified via the \fB\-m\fR
+option.
+
+The choice of SMTP or LMTP (\fB\-S\fR option) determines the syntax of
+the destination argument. With SMTP, one can specify a service on a
+non\-default port as \fIhost\fR:\fIservice\fR, and disable MX (mail
+exchanger) DNS lookups with [\fIhost\fR] or [\fIhost\fR]:\fIport\fR.
+The [] form is required when you specify an IP address instead of a
+hostname. An IPv6 address takes the form [\fBipv6:\fIaddress\fR].
+The default port for SMTP is taken from the \fBsmtp/tcp\fR entry in
+/etc/services, defaulting to 25 if the entry is not found.
+
+With LMTP, specify \fBunix:\fIpathname\fR to connect to a local server
+listening on a unix\-domain socket bound to the specified pathname;
+otherwise, specify an optional \fBinet:\fR prefix followed by a
+\fIdomain\fR and an optional port, with the same syntax as for
+SMTP. The default TCP port for LMTP is 24.
+
+Arguments:
+.IP "\fB\-a\fR \fIfamily\fR (default: \fBany\fR)"
+Address family preference: \fBipv4\fR, \fBipv6\fR or \fBany\fR. When
+using \fBany\fR, \fBposttls\-finger\fR(1) will randomly select one of
+the two as the more preferred, and exhaust all MX preferences for the
+first address family before trying any addresses for the other.
+.IP "\fB\-A\fR \fItrust\-anchor.pem\fR (default: none)"
+A list of PEM trust\-anchor files that overrides CAfile and CApath
+trust chain verification. Specify the option multiple times to
+specify multiple files. See the main.cf documentation for
+smtp_tls_trust_anchor_file for details.
+.IP "\fB\-c\fR"
+Disable SMTP chat logging; only TLS\-related information is logged.
+.IP "\fB\-C\fR"
+Print the remote SMTP server certificate trust chain in PEM format.
+The issuer DN, subject DN, certificate and public key fingerprints
+(see \fB\-d \fImdalg\fR option below) are printed above each PEM
+certificate block. If you specify \fB\-F \fICAfile\fR or
+\fB\-P \fICApath\fR, the OpenSSL library may augment the chain with
+missing issuer certificates. To see the actual chain sent by the
+remote SMTP server leave \fICAfile\fR and \fICApath\fR unset.
+.IP "\fB\-d \fImdalg\fR (default: \fB$smtp_tls_fingerprint_digest\fR)"
+The message digest algorithm to use for reporting remote SMTP server
+fingerprints and matching against user provided certificate
+fingerprints (with DANE TLSA records the algorithm is specified
+in the DNS). In Postfix versions prior to 3.6, the default value
+was "md5".
+.IP "\fB\-f\fR"
+Lookup the associated DANE TLSA RRset even when a hostname is not an
+alias and its address records lie in an unsigned zone. See
+smtp_tls_force_insecure_host_tlsa_lookup for details.
+.IP "\fB\-F \fICAfile.pem\fR (default: none)"
+The PEM formatted CAfile for remote SMTP server certificate
+verification. By default no CAfile is used and no public CAs
+are trusted.
+.IP "\fB\-g \fIgrade\fR (default: medium)"
+The minimum TLS cipher grade used by \fBposttls\-finger\fR(1).
+See smtp_tls_mandatory_ciphers for details.
+.IP "\fB\-h \fIhost_lookup\fR (default: \fBdns\fR)"
+The hostname lookup methods used for the connection. See the
+documentation of smtp_host_lookup for syntax and semantics.
+.IP "\fB\-H \fIchainfiles\fR (default: \fInone\fR)\fR"
+List of files with a sequence PEM\-encoded TLS client certificate
+chains. The list can be built\-up incrementally, by specifying
+the option multiple times, or all at once via a comma or
+whitespace separated list of filenames. Each chain starts with
+a private key, which is followed immediately by the
+corresponding certificate, and optionally by additional issuer
+certificates. Each new key begins a new chain for the
+corresponding algorithm. This option is mutually exclusive with
+the below \fB\-k\fR and \fB\-K\fR options.
+.IP "\fB\-k \fIcertfile\fR (default: \fIkeyfile\fR)\fR"
+File with PEM\-encoded TLS client certificate chain. This
+defaults to \fIkeyfile\fR if one is specified.
+.IP "\fB\-K \fIkeyfile\fR (default: \fIcertfile\fR)"
+File with PEM\-encoded TLS client private key.
+This defaults to \fIcertfile\fR if one is specified.
+.IP "\fB\-l \fIlevel\fR (default: \fBdane\fR or \fBsecure\fR)"
+The security level for the connection, default \fBdane\fR or
+\fBsecure\fR depending on whether DNSSEC is available. For syntax
+and semantics, see the documentation of smtp_tls_security_level.
+When \fBdane\fR or \fBdane\-only\fR is supported and selected, if no
+TLSA records are found, or all the records found are unusable, the
+\fIsecure\fR level will be used instead. The \fBfingerprint\fR
+security level allows you to test certificate or public\-key
+fingerprint matches before you deploy them in the policy table.
+.IP
+Note, since \fBposttls\-finger\fR(1) does not actually deliver any email,
+the \fBnone\fR, \fBmay\fR and \fBencrypt\fR security levels are not
+very useful. Since \fBmay\fR and \fBencrypt\fR don't require peer
+certificates, they will often negotiate anonymous TLS ciphersuites,
+so you won't learn much about the remote SMTP server's certificates
+at these levels if it also supports anonymous TLS (though you may
+learn that the server supports anonymous TLS).
+.IP "\fB\-L \fIlogopts\fR (default: \fBroutine,certmatch\fR)"
+Fine\-grained TLS logging options. To tune the TLS features logged
+during the TLS handshake, specify one or more of:
+.RS
+.IP "\fB0, none\fR"
+These yield no TLS logging; you'll generally want more, but this
+is handy if you just want the trust chain:
+.RS
+.ad
+.nf
+$ posttls\-finger \-cC \-L none destination
+.fi
+.RE
+.IP "\fB1, routine, summary\fR"
+These synonymous values yield a normal one\-line summary of the TLS
+connection.
+.IP "\fB2, debug\fR"
+These synonymous values combine routine, ssl\-debug, cache and verbose.
+.IP "\fB3, ssl\-expert\fR"
+These synonymous values combine debug with ssl\-handshake\-packet\-dump.
+For experts only.
+.IP "\fB4, ssl\-developer\fR"
+These synonymous values combine ssl\-expert with ssl\-session\-packet\-dump.
+For experts only, and in most cases, use wireshark instead.
+.IP "\fBssl\-debug\fR"
+Turn on OpenSSL logging of the progress of the SSL handshake.
+.IP "\fBssl\-handshake\-packet\-dump\fR"
+Log hexadecimal packet dumps of the SSL handshake; for experts only.
+.IP "\fBssl\-session\-packet\-dump\fR"
+Log hexadecimal packet dumps of the entire SSL session; only useful
+to those who can debug SSL protocol problems from hex dumps.
+.IP "\fBuntrusted\fR"
+Logs trust chain verification problems. This is turned on
+automatically at security levels that use peer names signed
+by Certification Authorities to validate certificates. So while
+this setting is recognized, you should never need to set it
+explicitly.
+.IP "\fBpeercert\fR"
+This logs a one line summary of the remote SMTP server certificate
+subject, issuer, and fingerprints.
+.IP "\fBcertmatch\fR"
+This logs remote SMTP server certificate matching, showing the CN
+and each subjectAltName and which name matched. With DANE, logs
+matching of TLSA record trust\-anchor and end\-entity certificates.
+.IP "\fBcache\fR"
+This logs session cache operations, showing whether session caching
+is effective with the remote SMTP server. Automatically used when
+reconnecting with the \fB\-r\fR option; rarely needs to be set
+explicitly.
+.IP "\fBverbose\fR"
+Enables verbose logging in the Postfix TLS driver; includes all of
+peercert..cache and more.
+.RE
+.IP
+The default is \fBroutine,certmatch\fR. After a reconnect,
+\fBpeercert\fR, \fBcertmatch\fR and \fBverbose\fR are automatically
+disabled while \fBcache\fR and \fBsummary\fR are enabled.
+.IP "\fB\-m \fIcount\fR (default: \fB5\fR)"
+When the \fB\-r \fIdelay\fR option is specified, the \fB\-m\fR option
+determines the maximum number of reconnect attempts to use with
+a server behind a load balancer, to see whether connection caching
+is likely to be effective for this destination. Some MTAs
+don't expose the underlying server identity in their EHLO
+response; with these servers there will never be more than
+1 reconnection attempt.
+.IP "\fB\-M \fIinsecure_mx_policy\fR (default: \fBdane\fR)"
+The TLS policy for MX hosts with "secure" TLSA records when the
+nexthop destination security level is \fBdane\fR, but the MX
+record was found via an "insecure" MX lookup. See the main.cf
+documentation for smtp_tls_dane_insecure_mx_policy for details.
+.IP "\fB\-o \fIname=value\fR"
+Specify zero or more times to override the value of the main.cf
+parameter \fIname\fR with \fIvalue\fR. Possible use\-cases include
+overriding the values of TLS library parameters, or "myhostname" to
+configure the SMTP EHLO name sent to the remote server.
+.IP "\fB\-p \fIprotocols\fR (default: >=TLSv1)"
+TLS protocols that \fBposttls\-finger\fR(1) will exclude or include. See
+smtp_tls_mandatory_protocols for details.
+.IP "\fB\-P \fICApath/\fR (default: none)"
+The OpenSSL CApath/ directory (indexed via c_rehash(1)) for remote
+SMTP server certificate verification. By default no CApath is used
+and no public CAs are trusted.
+.IP "\fB\-r \fIdelay\fR"
+With a cacheable TLS session, disconnect and reconnect after \fIdelay\fR
+seconds. Report whether the session is re\-used. Retry if a new server
+is encountered, up to 5 times or as specified with the \fB\-m\fR option.
+By default reconnection is disabled, specify a positive delay to
+enable this behavior.
+.IP "\fB\-s \fIservername\fR"
+The server name to send with the TLS Server Name Indication (SNI)
+extension. When the server has DANE TLSA records, this parameter
+is ignored and the TLSA base domain is used instead. Otherwise, SNI is
+not used by default, but can be enabled by specifying the desired value
+with this option.
+.IP "\fB\-S\fR"
+Disable SMTP; that is, connect to an LMTP server. The default port for
+LMTP over TCP is 24. Alternative ports can specified by appending
+"\fI:servicename\fR" or ":\fIportnumber\fR" to the destination
+argument.
+.IP "\fB\-t \fItimeout\fR (default: \fB30\fR)"
+The TCP connection timeout to use. This is also the timeout for
+reading the remote server's 220 banner.
+.IP "\fB\-T \fItimeout\fR (default: \fB30\fR)"
+The SMTP/LMTP command timeout for EHLO/LHLO, STARTTLS and QUIT.
+.IP "\fB\-v\fR"
+Enable verbose Postfix logging. Specify more than once to increase
+the level of verbose logging.
+.IP "\fB\-w\fR"
+Enable outgoing TLS wrapper mode, or SUBMISSIONS/SMTPS support. This
+is typically provided on port 465 by servers that are compatible with
+the SMTP\-in\-SSL protocol, rather than the STARTTLS protocol.
+The destination \fIdomain\fR:\fIport\fR must of course provide such
+a service.
+.IP "\fB\-X\fR"
+Enable \fBtlsproxy\fR(8) mode. This is an unsupported mode,
+for program development only.
+.IP "[\fBinet:\fR]\fIdomain\fR[:\fIport\fR]"
+Connect via TCP to domain \fIdomain\fR, port \fIport\fR. The default
+port is \fBsmtp\fR (or 24 with LMTP). With SMTP an MX lookup is
+performed to resolve the domain to a host, unless the domain is
+enclosed in \fB[]\fR. If you want to connect to a specific MX host,
+for instance \fImx1.example.com\fR, specify [\fImx1.example.com\fR]
+as the destination and \fIexample.com\fR as a \fBmatch\fR argument.
+When using DNS, the destination domain is assumed fully qualified
+and no default domain or search suffixes are applied; you must use
+fully\-qualified names or also enable \fBnative\fR host lookups
+(these don't support \fBdane\fR or \fBdane\-only\fR as no DNSSEC
+validation information is available via \fBnative\fR lookups).
+.IP "\fBunix:\fIpathname\fR"
+Connect to the UNIX\-domain socket at \fIpathname\fR. LMTP only.
+.IP "\fBmatch ...\fR"
+With no match arguments specified, certificate peername matching uses
+the compiled\-in default strategies for each security level. If you
+specify one or more arguments, these will be used as the list of
+certificate or public\-key digests to match for the \fBfingerprint\fR
+level, or as the list of DNS names to match in the certificate at the
+\fBverify\fR and \fBsecure\fR levels. If the security level is
+\fBdane\fR, or \fBdane\-only\fR the match names are ignored, and
+\fBhostname, nexthop\fR strategies are used.
+.ad
+.fi
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP \fBMAIL_CONFIG\fR
+Read configuration parameters from a non\-default location.
+.IP \fBMAIL_VERBOSE\fR
+Same as \fB\-v\fR option.
+.SH "SEE ALSO"
+.na
+.nf
+smtp\-source(1), SMTP/LMTP message source
+smtp\-sink(1), SMTP/LMTP message dump
+
+.SH "README FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or "\fBpostconf
+html_directory\fR" to locate this information.
+.na
+.nf
+TLS_README, Postfix STARTTLS howto
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
+
+Viktor Dukhovni
diff --git a/man/man1/qmqp-sink.1 b/man/man1/qmqp-sink.1
new file mode 100644
index 0000000..1556b51
--- /dev/null
+++ b/man/man1/qmqp-sink.1
@@ -0,0 +1,69 @@
+.TH QMQP-SINK 1
+.ad
+.fi
+.SH NAME
+qmqp-sink
+\-
+parallelized QMQP test server
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBqmqp\-sink\fR [\fB\-46cv\fR] [\fB\-x \fItime\fR]
+[\fBinet:\fR][\fIhost\fR]:\fIport\fR \fIbacklog\fR
+
+\fBqmqp\-sink\fR [\fB\-46cv\fR] [\fB\-x \fItime\fR]
+\fBunix:\fR\fIpathname\fR \fIbacklog\fR
+.SH DESCRIPTION
+.ad
+.fi
+\fBqmqp\-sink\fR listens on the named host (or address) and port.
+It receives messages from the network and throws them away.
+The purpose is to measure QMQP client performance, not protocol
+compliance.
+Connections can be accepted on IPv4 or IPv6 endpoints, or on
+UNIX\-domain sockets.
+IPv4 and IPv6 are the default.
+This program is the complement of the \fBqmqp\-source\fR(1) program.
+
+Note: this is an unsupported test program. No attempt is made
+to maintain compatibility between successive versions.
+
+Arguments:
+.IP \fB\-4\fR
+Support IPv4 only. This option has no effect when
+Postfix is built without IPv6 support.
+.IP \fB\-6\fR
+Support IPv6 only. This option is not available when
+Postfix is built without IPv6 support.
+.IP \fB\-c\fR
+Display a running counter that is updated whenever a delivery
+is completed.
+.IP \fB\-v\fR
+Increase verbosity. Specify \fB\-v \-v\fR to see some of the QMQP
+conversation.
+.IP "\fB\-x \fItime\fR"
+Terminate after \fItime\fR seconds. This is to facilitate memory
+leak testing.
+.SH "SEE ALSO"
+.na
+.nf
+qmqp\-source(1), QMQP message generator
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/qmqp-source.1 b/man/man1/qmqp-source.1
new file mode 100644
index 0000000..86f23b9
--- /dev/null
+++ b/man/man1/qmqp-source.1
@@ -0,0 +1,90 @@
+.TH QMQP-SOURCE 1
+.ad
+.fi
+.SH NAME
+qmqp-source
+\-
+parallelized QMQP test generator
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBqmqp\-source\fR [\fIoptions\fR] [\fBinet:\fR]\fIhost\fR[:\fIport\fR]
+
+\fBqmqp\-source\fR [\fIoptions\fR] \fBunix:\fIpathname\fR
+.SH DESCRIPTION
+.ad
+.fi
+\fBqmqp\-source\fR connects to the named host and TCP port (default 628)
+and sends one or more messages to it, either sequentially
+or in parallel. The program speaks the QMQP protocol.
+Connections can be made to UNIX\-domain and IPv4 or IPv6 servers.
+IPv4 and IPv6 are the default.
+
+Note: this is an unsupported test program. No attempt is made
+to maintain compatibility between successive versions.
+
+Arguments:
+.IP \fB\-4\fR
+Connect to the server with IPv4. This option has no effect when
+Postfix is built without IPv6 support.
+.IP \fB\-6\fR
+Connect to the server with IPv6. This option is not available when
+Postfix is built without IPv6 support.
+.IP \fB\-c\fR
+Display a running counter that is incremented each time
+a delivery completes.
+.IP "\fB\-C \fIcount\fR"
+When a host sends RESET instead of SYN|ACK, try \fIcount\fR times
+before giving up. The default count is 1. Specify a larger count in
+order to work around a problem with TCP/IP stacks that send RESET
+when the listen queue is full.
+.IP "\fB\-f \fIfrom\fR"
+Use the specified sender address (default: <foo@myhostname>).
+.IP "\fB\-l \fIlength\fR"
+Send \fIlength\fR bytes as message payload. The length
+includes the message headers.
+.IP "\fB\-m \fImessage_count\fR"
+Send the specified number of messages (default: 1).
+.IP "\fB\-M \fImyhostname\fR"
+Use the specified hostname or [address] in the default
+sender and recipient addresses, instead of the machine
+hostname.
+.IP "\fB\-r \fIrecipient_count\fR"
+Send the specified number of recipients per transaction (default: 1).
+Recipient names are generated by prepending a number to the
+recipient address.
+.IP "\fB\-s \fIsession_count\fR"
+Run the specified number of QMQP sessions in parallel (default: 1).
+.IP "\fB\-t \fIto\fR"
+Use the specified recipient address (default: <foo@myhostname>).
+.IP "\fB\-R \fIinterval\fR"
+Wait for a random period of time 0 <= n <= interval between messages.
+Suspending one thread does not affect other delivery threads.
+.IP \fB\-v\fR
+Make the program more verbose, for debugging purposes.
+.IP "\fB\-w \fIinterval\fR"
+Wait a fixed time between messages.
+Suspending one thread does not affect other delivery threads.
+.SH "SEE ALSO"
+.na
+.nf
+qmqp\-sink(1), QMQP message dump
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/qshape.1 b/man/man1/qshape.1
new file mode 100644
index 0000000..5a6352f
--- /dev/null
+++ b/man/man1/qshape.1
@@ -0,0 +1,118 @@
+.TH QSHAPE 1
+.ad
+.fi
+.SH NAME
+qshape
+\-
+Print Postfix queue domain and age distribution
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBqshape\fR [\fB\-s\fR] [\fB\-p\fR] [\fB\-m \fImin_subdomains\fR]
+ [\fB\-b \fIbucket_count\fR] [\fB\-t \fIbucket_time\fR]
+ [\fB\-l\fR] [\fB\-w \fIterminal_width\fR]
+ [\fB\-N \fIbatch_msg_count\fR] [\fB\-n \fIbatch_top_domains\fR]
+ [\fB\-c \fIconfig_directory\fR] [\fIqueue_name\fR ...]
+.SH DESCRIPTION
+.ad
+.fi
+The \fBqshape\fR program helps the administrator understand the
+Postfix queue message distribution in time and by sender domain
+or recipient domain. The program needs read access to the queue
+directories and queue files, so it must run as the superuser or
+the \fBmail_owner\fR specified in \fBmain.cf\fR (typically
+\fBpostfix\fR).
+
+Options:
+.IP \fB\-s\fR
+Display the sender domain distribution instead of the recipient
+domain distribution. By default the recipient distribution is
+displayed. There can be more recipients than messages, but as
+each message has only one sender, the sender distribution is a
+message distribution.
+.IP \fB\-p\fR
+Generate aggregate statistics for parent domains. Top level domains
+are not shown, nor are domains with fewer than \fImin_subdomains\fR
+subdomains. The names of parent domains are shown with a leading dot,
+(e.g. \fI.example.com\fR).
+.IP "\fB\-m \fImin_subdomains\fR"
+When used with the \fB\-p\fR option, sets the minimum subdomain count
+needed to show a separate line for a parent domain. The default is 5.
+.IP "\fB\-b \fIbucket_count\fR"
+The age distribution is broken up into a sequence of geometrically
+increasing intervals. This option sets the number of intervals
+or "buckets". Each bucket has a maximum queue age that is twice
+as large as that of the previous bucket. The last bucket has no
+age limit.
+.IP "\fB\-t \fIbucket_time\fR"
+The age limit in minutes for the first time bucket. The default
+value is 5, meaning that the first bucket counts messages between
+0 and 5 minutes old.
+.IP "\fB\-l\fR"
+Instead of using a geometric age sequence, use a linear age sequence,
+in other words simple multiples of \fBbucket_time\fR.
+
+This feature is available in Postfix 2.2 and later.
+.IP "\fB\-w \fIterminal_width\fR"
+The output is right justified, with the counts for the last
+bucket shown on the 80th column, the \fIterminal_width\fR can be
+adjusted for wider screens allowing more buckets to be displayed
+without truncating the domain names on the left. When a row for a
+full domain name and its counters does not fit in the specified
+number of columns, only the last 17 bytes of the domain name
+are shown with the prefix replaced by a '+' character. Truncated
+parent domain rows are shown as '.+' followed by the last 16 bytes
+of the domain name. If this is still too narrow to show the domain
+name and all the counters, the terminal_width limit is violated.
+.IP "\fB\-N \fIbatch_msg_count\fR"
+When the output device is a terminal, intermediate results are
+shown each "batch_msg_count" messages. This produces usable results
+in a reasonable time even when the deferred queue is large. The
+default is to show intermediate results every 1000 messages.
+.IP "\fB\-n \fIbatch_top_domains\fR"
+When reporting intermediate or final results to a termainal, report
+only the top "batch_top_domains" domains. The default limit is 20
+domains.
+.IP "\fB\-c \fIconfig_directory\fR"
+The \fBmain.cf\fR configuration file is in the named directory
+instead of the default configuration directory.
+.PP
+Arguments:
+.IP \fIqueue_name\fR
+By default \fBqshape\fR displays the combined distribution of
+the incoming and active queues. To display a different set of
+queues, just list their directory names on the command line.
+Absolute paths are used as is, other paths are taken relative
+to the \fBmain.cf\fR \fBqueue_directory\fR parameter setting.
+While \fBmain.cf\fR supports the use of \fI$variable\fR expansion
+in the definition of the \fBqueue_directory\fR parameter, the
+\fBqshape\fR program does not. If you must use variable expansions
+in the \fBqueue_directory\fR setting, you must specify an explicit
+absolute path for each queue subdirectory even if you want the
+default incoming and active queue distribution.
+.SH "SEE ALSO"
+.na
+.nf
+mailq(1), List all messages in the queue.
+QSHAPE_README Examples and background material.
+.SH "FILES"
+.na
+.nf
+$config_directory/main.cf, Postfix installation parameters.
+$queue_directory/maildrop/, local submission directory.
+$queue_directory/incoming/, new message queue.
+$queue_directory/hold/, messages waiting for tech support.
+$queue_directory/active/, messages scheduled for delivery.
+$queue_directory/deferred/, messages postponed for later delivery.
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Victor Duchovni
+Morgan Stanley
diff --git a/man/man1/sendmail.1 b/man/man1/sendmail.1
new file mode 100644
index 0000000..22affe6
--- /dev/null
+++ b/man/man1/sendmail.1
@@ -0,0 +1,512 @@
+.TH SENDMAIL 1
+.ad
+.fi
+.SH NAME
+sendmail
+\-
+Postfix to Sendmail compatibility interface
+.SH "SYNOPSIS"
+.na
+.nf
+\fBsendmail\fR [\fIoption ...\fR] [\fIrecipient ...\fR]
+
+\fBmailq\fR
+\fBsendmail \-bp\fR
+
+\fBnewaliases\fR
+\fBsendmail \-I\fR
+.SH DESCRIPTION
+.ad
+.fi
+The Postfix \fBsendmail\fR(1) command implements the Postfix
+to Sendmail compatibility interface.
+For the sake of compatibility with existing applications, some
+Sendmail command\-line options are recognized but silently ignored.
+
+By default, Postfix \fBsendmail\fR(1) reads a message from
+standard input
+until EOF or until it reads a line with only a \fB.\fR character,
+and arranges for delivery. Postfix \fBsendmail\fR(1) relies on the
+\fBpostdrop\fR(1) command to create a queue file in the \fBmaildrop\fR
+directory.
+
+Specific command aliases are provided for other common modes of
+operation:
+.IP \fBmailq\fR
+List the mail queue. Each entry shows the queue file ID, message
+size, arrival time, sender, and the recipients that still need to
+be delivered. If mail could not be delivered upon the last attempt,
+the reason for failure is shown. The queue ID string is
+followed by an optional status character:
+.RS
+.IP \fB*\fR
+The message is in the \fBactive\fR queue, i.e. the message is
+selected for delivery.
+.IP \fB!\fR
+The message is in the \fBhold\fR queue, i.e. no further delivery
+attempt will be made until the mail is taken off hold.
+.IP \fB#\fR
+The message is forced to expire. See the \fBpostsuper\fR(1)
+options \fB\-e\fR or \fB\-f\fR.
+.RE
+.IP
+This mode of operation is implemented by executing the
+\fBpostqueue\fR(1) command.
+.IP \fBnewaliases\fR
+Initialize the alias database. If no input file is specified (with
+the \fB\-oA\fR option, see below), the program processes the file(s)
+specified with the \fBalias_database\fR configuration parameter.
+If no alias database type is specified, the program uses the type
+specified with the \fBdefault_database_type\fR configuration parameter.
+This mode of operation is implemented by running the \fBpostalias\fR(1)
+command.
+.sp
+Note: it may take a minute or so before an alias database update
+becomes visible. Use the "\fBpostfix reload\fR" command to eliminate
+this delay.
+.PP
+These and other features can be selected by specifying the
+appropriate combination of command\-line options. Some features are
+controlled by parameters in the \fBmain.cf\fR configuration file.
+
+The following options are recognized:
+.IP "\fB\-Am\fR (ignored)"
+.IP "\fB\-Ac\fR (ignored)"
+Postfix sendmail uses the same configuration file regardless of
+whether or not a message is an initial submission.
+.IP "\fB\-B \fIbody_type\fR"
+The message body MIME type: \fB7BIT\fR or \fB8BITMIME\fR.
+.IP \fB\-bd\fR
+Go into daemon mode. This mode of operation is implemented by
+executing the "\fBpostfix start\fR" command.
+.IP "\fB\-bh\fR (ignored)"
+.IP "\fB\-bH\fR (ignored)"
+Postfix has no persistent host status database.
+.IP \fB\-bi\fR
+Initialize alias database. See the \fBnewaliases\fR
+command above.
+.IP \fB\-bl\fR
+Go into daemon mode. To accept only local connections as
+with Sendmail's \fB\-bl\fR option, specify "\fBinet_interfaces
+= loopback\fR" in the Postfix \fBmain.cf\fR configuration
+file.
+.IP \fB\-bm\fR
+Read mail from standard input and arrange for delivery.
+This is the default mode of operation.
+.IP \fB\-bp\fR
+List the mail queue. See the \fBmailq\fR command above.
+.IP \fB\-bs\fR
+Stand\-alone SMTP server mode. Read SMTP commands from
+standard input, and write responses to standard output.
+In stand\-alone SMTP server mode, mail relaying and other
+access controls are disabled by default. To enable them,
+run the process as the \fBmail_owner\fR user.
+.sp
+This mode of operation is implemented by running the
+\fBsmtpd\fR(8) daemon.
+.IP \fB\-bv\fR
+Do not collect or deliver a message. Instead, send an email
+report after verifying each recipient address. This is useful
+for testing address rewriting and routing configurations.
+.sp
+This feature is available in Postfix version 2.1 and later.
+.IP "\fB\-C \fIconfig_file\fR"
+.IP "\fB\-C \fIconfig_dir\fR"
+The path name of the Postfix \fBmain.cf\fR file, or of its
+parent directory. This information is ignored with Postfix
+versions before 2.3.
+
+With Postfix version 3.2 and later, a non\-default directory
+must be authorized in the default \fBmain.cf\fR file, through
+the alternate_config_directories or multi_instance_directories
+parameters.
+
+With all Postfix versions, you can specify a directory pathname
+with the MAIL_CONFIG environment variable to override the
+location of configuration files.
+.IP "\fB\-F \fIfull_name\fR"
+Set the sender full name. This overrides the NAME environment
+variable, and is used only with messages that
+have no \fBFrom:\fR message header.
+.IP "\fB\-f \fIsender\fR"
+Set the envelope sender address. This is the address where
+delivery problems are sent to. With Postfix versions before 2.1, the
+\fBErrors\-To:\fR message header overrides the error return address.
+.IP \fB\-G\fR
+Gateway (relay) submission, as opposed to initial user
+submission. Either do not rewrite addresses at all, or
+update incomplete addresses with the domain information
+specified with \fBremote_header_rewrite_domain\fR.
+
+This option is ignored before Postfix version 2.3.
+.IP "\fB\-h \fIhop_count\fR (ignored)"
+Hop count limit. Use the \fBhopcount_limit\fR configuration
+parameter instead.
+.IP \fB\-I\fR
+Initialize alias database. See the \fBnewaliases\fR
+command above.
+.IP "\fB\-i\fR"
+When reading a message from standard input, don't treat a line
+with only a \fB.\fR character as the end of input.
+.IP "\fB\-L \fIlabel\fR (ignored)"
+The logging label. Use the \fBsyslog_name\fR configuration
+parameter instead.
+.IP "\fB\-m\fR (ignored)"
+Backwards compatibility.
+.IP "\fB\-N \fIdsn\fR (default: 'delay, failure')"
+Delivery status notification control. Specify either a
+comma\-separated list with one or more of \fBfailure\fR (send
+notification when delivery fails), \fBdelay\fR (send
+notification when delivery is delayed), or \fBsuccess\fR
+(send notification when the message is delivered); or specify
+\fBnever\fR (don't send any notifications at all).
+
+This feature is available in Postfix 2.3 and later.
+.IP "\fB\-n\fR (ignored)"
+Backwards compatibility.
+.IP "\fB\-oA\fIalias_database\fR"
+Non\-default alias database. Specify \fIpathname\fR or
+\fItype\fR:\fIpathname\fR. See \fBpostalias\fR(1) for
+details.
+.IP "\fB\-O \fIoption=value\fR (ignored)"
+Set the named \fIoption\fR to \fIvalue\fR. Use the equivalent
+configuration parameter in \fBmain.cf\fR instead.
+.IP "\fB\-o7\fR (ignored)"
+.IP "\fB\-o8\fR (ignored)"
+To send 8\-bit or binary content, use an appropriate MIME encapsulation
+and specify the appropriate \fB\-B\fR command\-line option.
+.IP "\fB\-oi\fR"
+When reading a message from standard input, don't treat a line
+with only a \fB.\fR character as the end of input.
+.IP "\fB\-om\fR (ignored)"
+The sender is never eliminated from alias etc. expansions.
+.IP "\fB\-o \fIx value\fR (ignored)"
+Set option \fIx\fR to \fIvalue\fR. Use the equivalent
+configuration parameter in \fBmain.cf\fR instead.
+.IP "\fB\-r \fIsender\fR"
+Set the envelope sender address. This is the address where
+delivery problems are sent to. With Postfix versions before 2.1, the
+\fBErrors\-To:\fR message header overrides the error return address.
+.IP "\fB\-R \fIreturn\fR"
+Delivery status notification control. Specify "hdrs" to
+return only the header when a message bounces, "full" to
+return a full copy (the default behavior).
+
+The \fB\-R\fR option specifies an upper bound; Postfix will
+return only the header, when a full copy would exceed the
+bounce_size_limit setting.
+
+This option is ignored before Postfix version 2.10.
+.IP \fB\-q\fR
+Attempt to deliver all queued mail. This is implemented by
+executing the \fBpostqueue\fR(1) command.
+
+Warning: flushing undeliverable mail frequently will result in
+poor delivery performance of all other mail.
+.IP "\fB\-q\fIinterval\fR (ignored)"
+The interval between queue runs. Use the \fBqueue_run_delay\fR
+configuration parameter instead.
+.IP \fB\-qI\fIqueueid\fR
+Schedule immediate delivery of mail with the specified queue
+ID. This option is implemented by executing the
+\fBpostqueue\fR(1) command, and is available with Postfix
+version 2.4 and later.
+.IP \fB\-qR\fIsite\fR
+Schedule immediate delivery of all mail that is queued for the named
+\fIsite\fR. This option accepts only \fIsite\fR names that are
+eligible for the "fast flush" service, and is implemented by
+executing the \fBpostqueue\fR(1) command.
+See \fBflush\fR(8) for more information about the "fast flush"
+service.
+.IP \fB\-qS\fIsite\fR
+This command is not implemented. Use the slower "\fBsendmail \-q\fR"
+command instead.
+.IP \fB\-t\fR
+Extract recipients from message headers. These are added to any
+recipients specified on the command line.
+
+With Postfix versions prior to 2.1, this option requires that
+no recipient addresses are specified on the command line.
+.IP "\fB\-U\fR (ignored)"
+Initial user submission.
+.IP "\fB\-V \fIenvid\fR"
+Specify the envelope ID for notification by servers that
+support DSN.
+
+This feature is available in Postfix 2.3 and later.
+.IP "\fB\-XV\fR (Postfix 2.2 and earlier: \fB\-V\fR)"
+Variable Envelope Return Path. Given an envelope sender address
+of the form \fIowner\-listname\fR@\fIorigin\fR, each recipient
+\fIuser\fR@\fIdomain\fR receives mail with a personalized envelope
+sender address.
+.sp
+By default, the personalized envelope sender address is
+\fIowner\-listname\fB+\fIuser\fB=\fIdomain\fR@\fIorigin\fR. The default
+\fB+\fR and \fB=\fR characters are configurable with the
+\fBdefault_verp_delimiters\fR configuration parameter.
+.IP "\fB\-XV\fIxy\fR (Postfix 2.2 and earlier: \fB\-V\fIxy\fR)"
+As \fB\-XV\fR, but uses \fIx\fR and \fIy\fR as the VERP delimiter
+characters, instead of the characters specified with the
+\fBdefault_verp_delimiters\fR configuration parameter.
+.IP \fB\-v\fR
+Send an email report of the first delivery attempt (Postfix
+versions 2.1 and later). Mail delivery
+always happens in the background. When multiple \fB\-v\fR
+options are given, enable verbose logging for debugging purposes.
+.IP "\fB\-X \fIlog_file\fR (ignored)"
+Log mailer traffic. Use the \fBdebug_peer_list\fR and
+\fBdebug_peer_level\fR configuration parameters instead.
+.SH "SECURITY"
+.na
+.nf
+.ad
+.fi
+By design, this program is not set\-user (or group) id.
+It is prepared to handle message content from untrusted,
+possibly remote, users.
+
+However, like most Postfix programs, this program does not
+enforce a security policy on its command\-line arguments.
+Instead, it relies on the UNIX system to enforce access
+policies based on the effective user and group IDs of the
+process. Concretely, this means that running Postfix commands
+as root (from sudo or equivalent) on behalf of a non\-root
+user is likely to create privilege escalation opportunities.
+
+If an application runs any Postfix programs on behalf of
+users that do not have normal shell access to Postfix
+commands, then that application MUST restrict user\-specified
+command\-line arguments to avoid privilege escalation.
+.IP \(bu
+Filter all command\-line arguments, for example arguments
+that contain a pathname or that specify a database access
+method. These pathname checks must reject user\-controlled
+symlinks or hardlinks to sensitive files, and must not be
+vulnerable to TOCTOU race attacks.
+.IP \(bu
+Disable command options processing for all command arguments
+that contain user\-specified data. For example, the Postfix
+\fBsendmail\fR(1) command line MUST be structured as follows:
+
+.nf
+ \fB/path/to/sendmail\fR \fIsystem\-arguments\fR \fB\-\-\fR \fIuser\-arguments\fR
+.fi
+
+Here, the "\fB\-\-\fR" disables command option processing for
+all \fIuser\-arguments\fR that follow.
+.IP
+Without the "\fB\-\-\fR", a malicious user could enable Postfix
+\fBsendmail\fR(1) command options, by specifying an email
+address that starts with "\fB\-\fR".
+.SH DIAGNOSTICS
+.ad
+.fi
+Problems are logged to \fBsyslogd\fR(8) or \fBpostlogd\fR(8),
+and to the standard error stream.
+.SH "ENVIRONMENT"
+.na
+.nf
+.ad
+.fi
+.IP \fBMAIL_CONFIG\fR
+Directory with Postfix configuration files.
+.IP "\fBMAIL_VERBOSE\fR (value does not matter)"
+Enable verbose logging for debugging purposes.
+.IP "\fBMAIL_DEBUG\fR (value does not matter)"
+Enable debugging with an external command, as specified with the
+\fBdebugger_command\fR configuration parameter.
+.IP \fBNAME\fR
+The sender full name. This is used only with messages that
+have no \fBFrom:\fR message header. See also the \fB\-F\fR
+option above.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+The following \fBmain.cf\fR parameters are especially relevant to
+this program.
+The text below provides only a parameter summary. See
+\fBpostconf\fR(5) for more details including examples.
+.SH "COMPATIBILITY CONTROLS"
+.na
+.nf
+.ad
+.fi
+Available with Postfix 2.9 and later:
+.IP "\fBsendmail_fix_line_endings (always)\fR"
+Controls how the Postfix sendmail command converts email message
+line endings from <CR><LF> into UNIX format (<LF>).
+.SH "TROUBLE SHOOTING CONTROLS"
+.na
+.nf
+.ad
+.fi
+The DEBUG_README file gives examples of how to troubleshoot a
+Postfix system.
+.IP "\fBdebugger_command (empty)\fR"
+The external command to execute when a Postfix daemon program is
+invoked with the \-D option.
+.IP "\fBdebug_peer_level (2)\fR"
+The increment in verbose logging level when a nexthop destination,
+remote client or server name or network address matches a pattern
+given with the debug_peer_list parameter.
+.IP "\fBdebug_peer_list (empty)\fR"
+Optional list of nexthop destination, remote client or server
+name or network address patterns that, if matched, cause the verbose
+logging level to increase by the amount specified in $debug_peer_level.
+.SH "ACCESS CONTROLS"
+.na
+.nf
+.ad
+.fi
+Available in Postfix version 2.2 and later:
+.IP "\fBauthorized_flush_users (static:anyone)\fR"
+List of users who are authorized to flush the queue.
+.IP "\fBauthorized_mailq_users (static:anyone)\fR"
+List of users who are authorized to view the queue.
+.IP "\fBauthorized_submit_users (static:anyone)\fR"
+List of users who are authorized to submit mail with the \fBsendmail\fR(1)
+command (and with the privileged \fBpostdrop\fR(1) helper command).
+.SH "RESOURCE AND RATE CONTROLS"
+.na
+.nf
+.ad
+.fi
+.IP "\fBbounce_size_limit (50000)\fR"
+The maximal amount of original message text that is sent in a
+non\-delivery notification.
+.IP "\fBfork_attempts (5)\fR"
+The maximal number of attempts to fork() a child process.
+.IP "\fBfork_delay (1s)\fR"
+The delay between attempts to fork() a child process.
+.IP "\fBhopcount_limit (50)\fR"
+The maximal number of Received: message headers that is allowed
+in the primary message headers.
+.IP "\fBqueue_run_delay (300s)\fR"
+The time between deferred queue scans by the queue manager;
+prior to Postfix 2.4 the default value was 1000s.
+.SH "FAST FLUSH CONTROLS"
+.na
+.nf
+.ad
+.fi
+The ETRN_README file describes configuration and operation
+details for the Postfix "fast flush" service.
+.IP "\fBfast_flush_domains ($relay_domains)\fR"
+Optional list of destinations that are eligible for per\-destination
+logfiles with mail that is queued to those destinations.
+.SH "VERP CONTROLS"
+.na
+.nf
+.ad
+.fi
+The VERP_README file describes configuration and operation
+details of Postfix support for variable envelope return
+path addresses.
+.IP "\fBdefault_verp_delimiters (+=)\fR"
+The two default VERP delimiter characters.
+.IP "\fBverp_delimiter_filter (\-=+)\fR"
+The characters Postfix accepts as VERP delimiter characters on the
+Postfix \fBsendmail\fR(1) command line and in SMTP commands.
+.SH "MISCELLANEOUS CONTROLS"
+.na
+.nf
+.ad
+.fi
+.IP "\fBalias_database (see 'postconf -d' output)\fR"
+The alias databases for \fBlocal\fR(8) delivery that are updated with
+"\fBnewaliases\fR" or with "\fBsendmail \-bi\fR".
+.IP "\fBcommand_directory (see 'postconf -d' output)\fR"
+The location of all postfix administrative commands.
+.IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+The default location of the Postfix main.cf and master.cf
+configuration files.
+.IP "\fBdaemon_directory (see 'postconf -d' output)\fR"
+The directory with Postfix support programs and daemon programs.
+.IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
+The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+and \fBpostmap\fR(1) commands.
+.IP "\fBdelay_warning_time (0h)\fR"
+The time after which the sender receives a copy of the message
+headers of mail that is still queued.
+.IP "\fBimport_environment (see 'postconf -d' output)\fR"
+The list of environment variables that a privileged Postfix
+process will import from a non\-Postfix parent process, or name=value
+environment overrides.
+.IP "\fBmail_owner (postfix)\fR"
+The UNIX system account that owns the Postfix queue and most Postfix
+daemon processes.
+.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
+The location of the Postfix top\-level queue directory.
+.IP "\fBremote_header_rewrite_domain (empty)\fR"
+Don't rewrite message headers from remote clients at all when
+this parameter is empty; otherwise, rewrite message headers and
+append the specified domain name to incomplete addresses.
+.IP "\fBsyslog_facility (mail)\fR"
+The syslog facility of Postfix logging.
+.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+.PP
+Postfix 3.2 and later:
+.IP "\fBalternate_config_directories (empty)\fR"
+A list of non\-default Postfix configuration directories that may
+be specified with "\-c config_directory" on the command line (in the
+case of \fBsendmail\fR(1), with the "\-C" option), or via the MAIL_CONFIG
+environment parameter.
+.IP "\fBmulti_instance_directories (empty)\fR"
+An optional list of non\-default Postfix configuration directories;
+these directories belong to additional Postfix instances that share
+the Postfix executable files and documentation with the default
+Postfix instance, and that are started, stopped, etc., together
+with the default Postfix instance.
+.SH "FILES"
+.na
+.nf
+/var/spool/postfix, mail queue
+/etc/postfix, configuration files
+.SH "SEE ALSO"
+.na
+.nf
+pickup(8), mail pickup daemon
+qmgr(8), queue manager
+smtpd(8), SMTP server
+flush(8), fast flush service
+postsuper(1), queue maintenance
+postalias(1), create/update/query alias database
+postdrop(1), mail posting utility
+postfix(1), mail system control
+postqueue(1), mail queue control
+postlogd(8), Postfix logging
+syslogd(8), system logging
+.SH "README_FILES"
+.na
+.nf
+.ad
+.fi
+Use "\fBpostconf readme_directory\fR" or
+"\fBpostconf html_directory\fR" to locate this information.
+.na
+.nf
+DEBUG_README, Postfix debugging howto
+ETRN_README, Postfix ETRN howto
+VERP_README, Postfix VERP howto
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/smtp-sink.1 b/man/man1/smtp-sink.1
new file mode 100644
index 0000000..17bb89c
--- /dev/null
+++ b/man/man1/smtp-sink.1
@@ -0,0 +1,276 @@
+.TH SMTP-SINK 1
+.ad
+.fi
+.SH NAME
+smtp-sink
+\-
+parallelized SMTP/LMTP test server
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBsmtp\-sink\fR [\fIoptions\fR] [\fBinet:\fR][\fIhost\fR]:\fIport\fR
+\fIbacklog\fR
+
+\fBsmtp\-sink\fR [\fIoptions\fR] \fBunix:\fR\fIpathname\fR \fIbacklog\fR
+.SH DESCRIPTION
+.ad
+.fi
+\fBsmtp\-sink\fR listens on the named host (or address) and port.
+It takes SMTP messages from the network and throws them away.
+The purpose is to measure client performance, not protocol
+compliance.
+
+\fBsmtp\-sink\fR may also be configured to capture each mail
+delivery transaction to file. Since disk latencies are large
+compared to network delays, this mode of operation can
+reduce the maximal performance by several orders of magnitude.
+
+Connections can be accepted on IPv4 or IPv6 endpoints, or on
+UNIX\-domain sockets.
+IPv4 and IPv6 are the default.
+This program is the complement of the \fBsmtp\-source\fR(1) program.
+
+Note: this is an unsupported test program. No attempt is made
+to maintain compatibility between successive versions.
+
+Arguments:
+.IP \fB\-4\fR
+Support IPv4 only. This option has no effect when
+Postfix is built without IPv6 support.
+.IP \fB\-6\fR
+Support IPv6 only. This option is not available when
+Postfix is built without IPv6 support.
+.IP \fB\-8\fR
+Do not announce 8BITMIME support.
+.IP \fB\-a\fR
+Do not announce SASL authentication support.
+.IP "\fB\-A \fIdelay\fR"
+Wait \fIdelay\fR seconds after responding to DATA, then
+abort prematurely with a 550 reply status. Do not read
+further input from the client; this is an attempt to block
+the client before it sends ".". Specify a zero delay value
+to abort immediately.
+.IP "\fB\-b \fIsoft\-bounce\-reply\fR"
+Use \fIsoft\-bounce\-reply\fR for soft reject responses. The
+default reply is "450 4.3.0 Error: command failed".
+.IP "\fB\-B \fIhard\-bounce\-reply\fR"
+Use \fIhard\-bounce\-reply\fR for hard reject responses. The
+default reply is "500 5.3.0 Error: command failed".
+.IP \fB\-c\fR
+Display running counters that are updated whenever an SMTP
+session ends, a QUIT command is executed, or when "." is
+received.
+.IP \fB\-C\fR
+Disable XCLIENT support.
+.IP "\fB\-d \fIdump\-template\fR"
+Dump each mail transaction to a single\-message file whose
+name is created by expanding the \fIdump\-template\fR via
+strftime(3) and appending a pseudo\-random hexadecimal number
+(example: "%Y%m%d%H/%M." expands into "2006081203/05.809a62e3").
+If the template contains "/" characters, missing directories
+are created automatically. The message dump format is
+described below.
+.sp
+Note: this option keeps one capture file open for every
+mail transaction in progress.
+.IP "\fB\-D \fIdump\-template\fR"
+Append mail transactions to a multi\-message dump file whose
+name is created by expanding the \fIdump\-template\fR via
+strftime(3).
+If the template contains "/" characters, missing directories
+are created automatically. The message dump format is
+described below.
+.sp
+Note: this option keeps one capture file open for every
+mail transaction in progress.
+.IP \fB\-e\fR
+Do not announce ESMTP support.
+.IP \fB\-E\fR
+Do not announce ENHANCEDSTATUSCODES support.
+.IP "\fB\-f \fIcommand,command,...\fR"
+Reject the specified commands with a hard (5xx) error code.
+This option implies \fB\-p\fR.
+.sp
+Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY,
+DATA, ., RSET, NOOP, and QUIT. Separate command names by
+white space or commas, and use quotes to protect white space
+from the shell. Command names are case\-insensitive.
+.IP \fB\-F\fR
+Disable XFORWARD support.
+.IP "\fB\-h\fI hostname\fR"
+Use \fIhostname\fR in the SMTP greeting, in the HELO response,
+and in the EHLO response. The default hostname is "smtp\-sink".
+.IP "\fB\-H\fI delay\fR"
+Delay the first read operation after receiving DATA (time
+in seconds). Combine with a large test message and a small
+TCP window size (see the \fB\-T\fR option) to test the Postfix
+client write_wait() implementation.
+.IP \fB\-L\fR
+Enable LMTP instead of SMTP.
+.IP "\fB\-m \fIcount\fR (default: 256)"
+An upper bound on the maximal number of simultaneous
+connections that \fBsmtp\-sink\fR will handle. This prevents
+the process from running out of file descriptors. Excess
+connections will stay queued in the TCP/IP stack.
+.IP "\fB\-M \fIcount\fR"
+Terminate after receiving \fIcount\fR messages.
+.IP "\fB\-n \fIcount\fR"
+Terminate after \fIcount\fR sessions.
+.IP \fB\-N\fR
+Do not announce support for DSN.
+.IP \fB\-p\fR
+Do not announce support for ESMTP command pipelining.
+.IP \fB\-P\fR
+Change the server greeting so that it appears to come through
+a CISCO PIX system. Implies \fB\-e\fR.
+.IP "\fB\-q \fIcommand,command,...\fR"
+Disconnect (without replying) after receiving one of the
+specified commands.
+.sp
+Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY,
+DATA, ., RSET, NOOP, and QUIT. Separate command names by
+white space or commas, and use quotes to protect white space
+from the shell. Command names are case\-insensitive.
+.IP "\fB\-Q \fIcommand,command,...\fR"
+Send a 421 reply and disconnect after receiving one
+of the specified commands.
+.sp
+Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY,
+DATA, ., RSET, NOOP, and QUIT. Separate command names by
+white space or commas, and use quotes to protect white space
+from the shell. Command names are case\-insensitive.
+.IP "\fB\-r \fIcommand,command,...\fR"
+Reject the specified commands with a soft (4xx) error code.
+This option implies \fB\-p\fR.
+.sp
+Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY,
+DATA, ., RSET, NOOP, and QUIT. Separate command names by
+white space or commas, and use quotes to protect white space
+from the shell. Command names are case\-insensitive.
+.IP "\fB\-R \fIroot\-directory\fR"
+Change the process root directory to the specified location.
+This option requires super\-user privileges. See also the
+\fB\-u\fR option.
+.IP "\fB\-s \fIcommand,command,...\fR"
+Log the named commands to syslogd.
+.sp
+Examples of commands are CONNECT, HELO, EHLO, LHLO, MAIL, RCPT, VRFY,
+DATA, ., RSET, NOOP, and QUIT. Separate command names by
+white space or commas, and use quotes to protect white space
+from the shell. Command names are case\-insensitive.
+.IP "\fB\-S start\-string\fR"
+An optional string that is prepended to each message that is
+written to a dump file (see the dump file format description
+below). The following C escape sequences are supported: \ea
+(bell), \eb (backspace), \ef (formfeed), \en (newline), \er
+(carriage return), \et (horizontal tab), \ev (vertical tab),
+\e\fIddd\fR (up to three octal digits) and \e\e (the backslash
+character).
+.IP "\fB\-t \fItimeout\fR (default: 100)"
+Limit the time for receiving a command or sending a response.
+The time limit is specified in seconds.
+.IP "\fB\-T \fIwindowsize\fR"
+Override the default TCP window size. To work around
+broken TCP window scaling implementations, specify a
+value > 0 and < 65536.
+.IP "\fB\-u \fIusername\fR"
+Switch to the specified user privileges after opening the
+network socket and optionally changing the process root
+directory. This option is required when the process runs
+with super\-user privileges. See also the \fB\-R\fR option.
+.IP \fB\-v\fR
+Show the SMTP conversations.
+.IP "\fB\-w \fIdelay\fR"
+Wait \fIdelay\fR seconds before responding to a DATA command.
+.IP "\fB\-W \fIcommand:delay[:odds]\fR"
+Wait \fIdelay\fR seconds before responding to \fIcommand\fR.
+If \fIodds\fR is also specified (a number between 1\-99
+inclusive), wait for a random multiple of \fIdelay\fR. The
+random multiplier is equal to the number of times the program
+needs to roll a dice with a range of 0..99 inclusive, before
+the dice produces a result greater than or equal to \fIodds\fR.
+.IP [\fBinet:\fR][\fIhost\fR]:\fIport\fR
+Listen on network interface \fIhost\fR (default: any interface)
+TCP port \fIport\fR. Both \fIhost\fR and \fIport\fR may be
+specified in numeric or symbolic form.
+.IP \fBunix:\fR\fIpathname\fR
+Listen on the UNIX\-domain socket at \fIpathname\fR.
+.IP \fIbacklog\fR
+The maximum length of the queue of pending connections,
+as defined by the \fBlisten\fR(2) system call.
+.SH "DUMP FILE FORMAT"
+.na
+.nf
+.ad
+.fi
+Each dumped message contains a sequence of text lines,
+terminated with the newline character. The sequence of
+information is as follows:
+.IP \(bu
+The optional string specified with the \fB\-S\fR option.
+.IP \(bu
+The \fBsmtp\-sink\fR generated headers as documented below.
+.IP \(bu
+The message header and body as received from the SMTP client.
+.IP \(bu
+An empty line.
+.PP
+The format of the \fBsmtp\-sink\fR generated headers is as
+follows:
+.IP "\fBX\-Client\-Addr: \fItext\fR"
+The client IP address without enclosing []. An IPv6 address
+is prefixed with "ipv6:". This record is always present.
+.IP "\fBX\-Client\-Proto: \fItext\fR"
+The client protocol: SMTP, ESMTP or LMTP. This record is
+always present.
+.IP "\fBX\-Helo\-Args: \fItext\fR"
+The arguments of the last HELO or EHLO command before this
+mail delivery transaction. This record is present only if
+the client sent a recognizable HELO or EHLO command before
+the DATA command.
+.IP "\fBX\-Mail\-Args: \fItext\fR"
+The arguments of the MAIL command that started this mail
+delivery transaction. This record is present exactly once.
+.IP "\fBX\-Rcpt\-Args: \fItext\fR"
+The arguments of an RCPT command within this mail delivery
+transaction. There is one record for each RCPT command, and
+they are in the order as sent by the client.
+.IP "\fBReceived: \fItext\fR"
+A message header for compatibility with mail processing
+software. This three\-line header marks the end of the headers
+provided by \fBsmtp\-sink\fR, and is formatted as follows:
+.RS
+.IP "\fBfrom \fIhelo\fR ([\fIaddr\fR])"
+The HELO or EHLO command argument and client IP address.
+If the client did not send HELO or EHLO, the client IP
+address is used instead.
+.IP "\fBby \fIhost\fB (smtp\-sink) with \fIproto\fB id \fIrandom\fB;\fR"
+The hostname specified with the \fB\-h\fR option, the client
+protocol (see \fBX\-Client\-Proto\fR above), and the pseudo\-random
+portion of the per\-message capture file name.
+.IP \fItime\-stamp\fR
+A time stamp as defined in RFC 2822.
+.RE
+.SH "SEE ALSO"
+.na
+.nf
+smtp\-source(1), SMTP/LMTP message generator
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA
diff --git a/man/man1/smtp-source.1 b/man/man1/smtp-source.1
new file mode 100644
index 0000000..014ee10
--- /dev/null
+++ b/man/man1/smtp-source.1
@@ -0,0 +1,127 @@
+.TH SMTP-SOURCE 1
+.ad
+.fi
+.SH NAME
+smtp-source
+\-
+parallelized SMTP/LMTP test generator
+.SH "SYNOPSIS"
+.na
+.nf
+.fi
+\fBsmtp\-source\fR [\fIoptions\fR] [\fBinet:\fR]\fIhost\fR[:\fIport\fR]
+
+\fBsmtp\-source\fR [\fIoptions\fR] \fBunix:\fIpathname\fR
+.SH DESCRIPTION
+.ad
+.fi
+\fBsmtp\-source\fR connects to the named \fIhost\fR and TCP \fIport\fR
+(default: port 25)
+and sends one or more messages to it, either sequentially
+or in parallel. The program speaks either SMTP (default) or
+LMTP.
+Connections can be made to UNIX\-domain and IPv4 or IPv6 servers.
+IPv4 and IPv6 are the default.
+
+Note: this is an unsupported test program. No attempt is made
+to maintain compatibility between successive versions.
+
+Arguments:
+.IP \fB\-4\fR
+Connect to the server with IPv4. This option has no effect when
+Postfix is built without IPv6 support.
+.IP \fB\-6\fR
+Connect to the server with IPv6. This option is not available when
+Postfix is built without IPv6 support.
+.IP "\fB\-A\fR"
+Don't abort when the server sends something other than the
+expected positive reply code.
+.IP \fB\-c\fR
+Display a running counter that is incremented each time
+an SMTP DATA command completes.
+.IP "\fB\-C \fIcount\fR"
+When a host sends RESET instead of SYN|ACK, try \fIcount\fR times
+before giving up. The default count is 1. Specify a larger count in
+order to work around a problem with TCP/IP stacks that send RESET
+when the listen queue is full.
+.IP \fB\-d\fR
+Don't disconnect after sending a message; send the next
+message over the same connection.
+.IP "\fB\-f \fIfrom\fR"
+Use the specified sender address (default: <foo@myhostname>).
+.IP "\fB\-F \fIfile\fR"
+Send the pre\-formatted message header and body in the
+specified \fIfile\fR, while prepending '.' before lines that
+begin with '.', and while appending CRLF after each line.
+.IP "\fB\-l \fIlength\fR"
+Send \fIlength\fR bytes as message payload. The length does not
+include message headers.
+.IP \fB\-L\fR
+Speak LMTP rather than SMTP.
+.IP "\fB\-m \fImessage_count\fR"
+Send the specified number of messages (default: 1).
+.IP "\fB\-M \fImyhostname\fR"
+Use the specified hostname or [address] in the HELO command
+and in the default sender and recipient addresses, instead
+of the machine hostname.
+.IP "\fB\-N\fR"
+Prepend a non\-repeating sequence number to each recipient
+address. This avoids the artificial 100% hit rate in the
+resolve and rewrite client caches and exercises the
+trivial\-rewrite daemon, better approximating Postfix
+performance under real\-life work\-loads.
+.IP \fB\-o\fR
+Old mode: don't send HELO, and don't send message headers.
+.IP "\fB\-r \fIrecipient_count\fR"
+Send the specified number of recipients per transaction (default: 1).
+Recipient names are generated by prepending a number to the
+recipient address.
+.IP "\fB\-R \fIinterval\fR"
+Wait for a random period of time 0 <= n <= interval between messages.
+Suspending one thread does not affect other delivery threads.
+.IP "\fB\-s \fIsession_count\fR"
+Run the specified number of SMTP sessions in parallel (default: 1).
+.IP "\fB\-S \fIsubject\fR"
+Send mail with the named subject line (default: none).
+.IP "\fB\-t \fIto\fR"
+Use the specified recipient address (default: <foo@myhostname>).
+.IP "\fB\-T \fIwindowsize\fR"
+Override the default TCP window size. To work around
+broken TCP window scaling implementations, specify a
+value > 0 and < 65536.
+.IP \fB\-v\fR
+Make the program more verbose, for debugging purposes.
+.IP "\fB\-w \fIinterval\fR"
+Wait a fixed time between messages.
+Suspending one thread does not affect other delivery threads.
+.IP [\fBinet:\fR]\fIhost\fR[:\fIport\fR]
+Connect via TCP to host \fIhost\fR, port \fIport\fR. The default
+port is \fBsmtp\fR.
+.IP \fBunix:\fIpathname\fR
+Connect to the UNIX\-domain socket at \fIpathname\fR.
+.SH BUGS
+.ad
+.fi
+No SMTP command pipelining support.
+.SH "SEE ALSO"
+.na
+.nf
+smtp\-sink(1), SMTP/LMTP message dump
+.SH "LICENSE"
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH "AUTHOR(S)"
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
+
+Wietse Venema
+Google, Inc.
+111 8th Avenue
+New York, NY 10011, USA