diff options
Diffstat (limited to 'html/verify.8.html')
-rw-r--r-- | html/verify.8.html | 241 |
1 files changed, 241 insertions, 0 deletions
diff --git a/html/verify.8.html b/html/verify.8.html new file mode 100644 index 0000000..0d17eea --- /dev/null +++ b/html/verify.8.html @@ -0,0 +1,241 @@ +<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" + "http://www.w3.org/TR/html4/loose.dtd"> +<html> <head> +<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> +<title> Postfix manual - verify(8) </title> +</head> <body> <pre> +VERIFY(8) VERIFY(8) + +<b>NAME</b> + verify - Postfix address verification server + +<b>SYNOPSIS</b> + <b>verify</b> [generic Postfix daemon options] + +<b>DESCRIPTION</b> + The <a href="verify.8.html"><b>verify</b>(8)</a> address verification server maintains a record of what + recipient addresses are known to be deliverable or undeliverable. + + Addresses are verified by injecting probe messages into the Postfix + queue. Probe messages are run through all the routing and rewriting + machinery except for final delivery, and are discarded rather than + being deferred or bounced. + + Address verification relies on the answer from the nearest MTA for the + specified address, and will therefore not detect all undeliverable + addresses. + + The <a href="verify.8.html"><b>verify</b>(8)</a> server is designed to run under control by the Postfix + master server. It maintains an optional persistent database. To avoid + being interrupted by "postfix stop" in the middle of a database update, + the process runs in a separate process group. + + The <a href="verify.8.html"><b>verify</b>(8)</a> server implements the following requests: + + <b>update</b> <i>address status text</i> + Update the status and text of the specified address. + + <b>query</b> <i>address</i> + Look up the <i>status</i> and <i>text</i> for the specified <i>address</i>. If the + status is unknown, a probe is sent and an "in progress" status + is returned. + +<b>SECURITY</b> + The address verification server is not security-sensitive. It does not + talk to the network, and it does not talk to local users. The verify + server can run chrooted at fixed low privilege. + + The address verification server can be coerced to store unlimited + amounts of garbage. Limiting the cache expiry time trades one problem + (disk space exhaustion) for another one (poor response time to client + requests). + + With Postfix version 2.5 and later, the <a href="verify.8.html"><b>verify</b>(8)</a> server no longer uses + root privileges when opening the <b><a href="postconf.5.html#address_verify_map">address_verify_map</a></b> cache file. The + file should now be stored under the Postfix-owned <b><a href="postconf.5.html#data_directory">data_directory</a></b>. As a + migration aid, an attempt to open a cache file under a non-Postfix + directory is redirected to the Postfix-owned <b><a href="postconf.5.html#data_directory">data_directory</a></b>, and a + warning is logged. + +<b>DIAGNOSTICS</b> + Problems and transactions are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>. + +<b>BUGS</b> + Address verification probe messages add additional traffic to the mail + queue. Recipient verification may cause an increased load on + down-stream servers in the case of a dictionary attack or a flood of + backscatter bounces. Sender address verification may cause your site + to be denylisted by some providers. + + If the persistent database ever gets corrupted then the world comes to + an end and human intervention is needed. This violates a basic Postfix + principle. + +<b>CONFIGURATION PARAMETERS</b> + Changes to <a href="postconf.5.html"><b>main.cf</b></a> are not picked up automatically, as <a href="verify.8.html"><b>verify</b>(8)</a> pro- + cesses are long-lived. Use the command "<b>postfix reload</b>" after a config- + uration change. + + The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for + more details including examples. + +<b>PROBE MESSAGE CONTROLS</b> + <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> ($<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b> + The sender address to use in address verification probes; prior + to Postfix 2.5 the default was "postmaster". + + Available with Postfix 2.9 and later: + + <b><a href="postconf.5.html#address_verify_sender_ttl">address_verify_sender_ttl</a> (0s)</b> + The time between changes in the time-dependent portion of + address verification probe sender addresses. + +<b>CACHE CONTROLS</b> + <b><a href="postconf.5.html#address_verify_map">address_verify_map</a> (see 'postconf -d' output)</b> + Lookup table for persistent address verification status storage. + + <b><a href="postconf.5.html#address_verify_positive_expire_time">address_verify_positive_expire_time</a> (31d)</b> + The time after which a successful probe expires from the address + verification cache. + + <b><a href="postconf.5.html#address_verify_positive_refresh_time">address_verify_positive_refresh_time</a> (7d)</b> + The time after which a successful address verification probe + needs to be refreshed. + + <b><a href="postconf.5.html#address_verify_negative_cache">address_verify_negative_cache</a> (yes)</b> + Enable caching of failed address verification probe results. + + <b><a href="postconf.5.html#address_verify_negative_expire_time">address_verify_negative_expire_time</a> (3d)</b> + The time after which a failed probe expires from the address + verification cache. + + <b><a href="postconf.5.html#address_verify_negative_refresh_time">address_verify_negative_refresh_time</a> (3h)</b> + The time after which a failed address verification probe needs + to be refreshed. + + Available with Postfix 2.7 and later: + + <b><a href="postconf.5.html#address_verify_cache_cleanup_interval">address_verify_cache_cleanup_interval</a> (12h)</b> + The amount of time between <a href="verify.8.html"><b>verify</b>(8)</a> address verification data- + base cleanup runs. + +<b>PROBE MESSAGE ROUTING CONTROLS</b> + By default, probe messages are delivered via the same route as regular + messages. The following parameters can be used to override specific + message routing mechanisms. + + <b><a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> ($<a href="postconf.5.html#relayhost">relayhost</a>)</b> + Overrides the <a href="postconf.5.html#relayhost">relayhost</a> parameter setting for address verifica- + tion probes. + + <b><a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a> ($<a href="postconf.5.html#transport_maps">transport_maps</a>)</b> + Overrides the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting for address veri- + fication probes. + + <b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b> + Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for address ver- + ification probes. + + <b><a href="postconf.5.html#address_verify_virtual_transport">address_verify_virtual_transport</a> ($<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b> + Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting for address + verification probes. + + <b><a href="postconf.5.html#address_verify_relay_transport">address_verify_relay_transport</a> ($<a href="postconf.5.html#relay_transport">relay_transport</a>)</b> + Overrides the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter setting for address ver- + ification probes. + + <b><a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> ($<a href="postconf.5.html#default_transport">default_transport</a>)</b> + Overrides the <a href="postconf.5.html#default_transport">default_transport</a> parameter setting for address + verification probes. + + Available in Postfix 2.3 and later: + + <b><a href="postconf.5.html#address_verify_sender_dependent_relayhost_maps">address_verify_sender_dependent_relayhost_maps</a> ($<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_depen</a>-</b> + <b><a href="postconf.5.html#sender_dependent_relayhost_maps">dent_relayhost_maps</a>)</b> + Overrides the <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> parameter setting + for address verification probes. + + Available in Postfix 2.7 and later: + + <b><a href="postconf.5.html#address_verify_sender_dependent_default_transport_maps">address_verify_sender_dependent_default_transport_maps</a> ($<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_depen</a>-</b> + <b><a href="postconf.5.html#sender_dependent_default_transport_maps">dent_default_transport_maps</a>)</b> + Overrides the <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> parameter + setting for address verification probes. + +<b>SMTPUTF8 CONTROLS</b> + Preliminary SMTPUTF8 support is introduced with Postfix 3.0. + + <b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b> + Detect that a message requires SMTPUTF8 support for the speci- + fied mail origin classes. + + Available in Postfix version 3.2 and later: + + <b><a href="postconf.5.html#enable_idna2003_compatibility">enable_idna2003_compatibility</a> (no)</b> + Enable 'transitional' compatibility between IDNA2003 and + IDNA2008, when converting UTF-8 domain names to/from the ASCII + form that is used for DNS lookups. + +<b>MISCELLANEOUS CONTROLS</b> + <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> + The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con- + figuration files. + + <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b> + How much time a Postfix daemon process may take to handle a + request before it is terminated by a built-in watchdog timer. + + <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b> + The time limit for sending or receiving information over an + internal communication channel. + + <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b> + The process ID of a Postfix command or daemon process. + + <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b> + The process name of a Postfix command or daemon process. + + <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b> + The location of the Postfix top-level queue directory. + + <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b> + The syslog facility of Postfix logging. + + <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b> + A prefix that is prepended to the process name in syslog + records, so that, for example, "smtpd" becomes "prefix/smtpd". + + Available in Postfix 3.3 and later: + + <b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b> + The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process. + +<b>SEE ALSO</b> + <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server + <a href="cleanup.8.html">cleanup(8)</a>, enqueue Postfix message + <a href="postconf.5.html">postconf(5)</a>, configuration parameters + <a href="postlogd.8.html">postlogd(8)</a>, Postfix logging + syslogd(8), system logging + +<b>README FILES</b> + <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a>, address verification howto + +<b>LICENSE</b> + The Secure Mailer license must be distributed with this software. + +<b>HISTORY</b> + This service was introduced with Postfix version 2.1. + +<b>AUTHOR(S)</b> + Wietse Venema + IBM T.J. Watson Research + P.O. Box 704 + Yorktown Heights, NY 10598, USA + + Wietse Venema + Google, Inc. + 111 8th Avenue + New York, NY 10011, USA + + VERIFY(8) +</pre> </body> </html> |