summaryrefslogtreecommitdiffstats
path: root/html/verify.8.html
diff options
context:
space:
mode:
Diffstat (limited to 'html/verify.8.html')
-rw-r--r--html/verify.8.html241
1 files changed, 241 insertions, 0 deletions
diff --git a/html/verify.8.html b/html/verify.8.html
new file mode 100644
index 0000000..0d17eea
--- /dev/null
+++ b/html/verify.8.html
@@ -0,0 +1,241 @@
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+<html> <head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title> Postfix manual - verify(8) </title>
+</head> <body> <pre>
+VERIFY(8) VERIFY(8)
+
+<b>NAME</b>
+ verify - Postfix address verification server
+
+<b>SYNOPSIS</b>
+ <b>verify</b> [generic Postfix daemon options]
+
+<b>DESCRIPTION</b>
+ The <a href="verify.8.html"><b>verify</b>(8)</a> address verification server maintains a record of what
+ recipient addresses are known to be deliverable or undeliverable.
+
+ Addresses are verified by injecting probe messages into the Postfix
+ queue. Probe messages are run through all the routing and rewriting
+ machinery except for final delivery, and are discarded rather than
+ being deferred or bounced.
+
+ Address verification relies on the answer from the nearest MTA for the
+ specified address, and will therefore not detect all undeliverable
+ addresses.
+
+ The <a href="verify.8.html"><b>verify</b>(8)</a> server is designed to run under control by the Postfix
+ master server. It maintains an optional persistent database. To avoid
+ being interrupted by "postfix stop" in the middle of a database update,
+ the process runs in a separate process group.
+
+ The <a href="verify.8.html"><b>verify</b>(8)</a> server implements the following requests:
+
+ <b>update</b> <i>address status text</i>
+ Update the status and text of the specified address.
+
+ <b>query</b> <i>address</i>
+ Look up the <i>status</i> and <i>text</i> for the specified <i>address</i>. If the
+ status is unknown, a probe is sent and an "in progress" status
+ is returned.
+
+<b>SECURITY</b>
+ The address verification server is not security-sensitive. It does not
+ talk to the network, and it does not talk to local users. The verify
+ server can run chrooted at fixed low privilege.
+
+ The address verification server can be coerced to store unlimited
+ amounts of garbage. Limiting the cache expiry time trades one problem
+ (disk space exhaustion) for another one (poor response time to client
+ requests).
+
+ With Postfix version 2.5 and later, the <a href="verify.8.html"><b>verify</b>(8)</a> server no longer uses
+ root privileges when opening the <b><a href="postconf.5.html#address_verify_map">address_verify_map</a></b> cache file. The
+ file should now be stored under the Postfix-owned <b><a href="postconf.5.html#data_directory">data_directory</a></b>. As a
+ migration aid, an attempt to open a cache file under a non-Postfix
+ directory is redirected to the Postfix-owned <b><a href="postconf.5.html#data_directory">data_directory</a></b>, and a
+ warning is logged.
+
+<b>DIAGNOSTICS</b>
+ Problems and transactions are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>.
+
+<b>BUGS</b>
+ Address verification probe messages add additional traffic to the mail
+ queue. Recipient verification may cause an increased load on
+ down-stream servers in the case of a dictionary attack or a flood of
+ backscatter bounces. Sender address verification may cause your site
+ to be denylisted by some providers.
+
+ If the persistent database ever gets corrupted then the world comes to
+ an end and human intervention is needed. This violates a basic Postfix
+ principle.
+
+<b>CONFIGURATION PARAMETERS</b>
+ Changes to <a href="postconf.5.html"><b>main.cf</b></a> are not picked up automatically, as <a href="verify.8.html"><b>verify</b>(8)</a> pro-
+ cesses are long-lived. Use the command "<b>postfix reload</b>" after a config-
+ uration change.
+
+ The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
+ more details including examples.
+
+<b>PROBE MESSAGE CONTROLS</b>
+ <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> ($<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b>
+ The sender address to use in address verification probes; prior
+ to Postfix 2.5 the default was "postmaster".
+
+ Available with Postfix 2.9 and later:
+
+ <b><a href="postconf.5.html#address_verify_sender_ttl">address_verify_sender_ttl</a> (0s)</b>
+ The time between changes in the time-dependent portion of
+ address verification probe sender addresses.
+
+<b>CACHE CONTROLS</b>
+ <b><a href="postconf.5.html#address_verify_map">address_verify_map</a> (see 'postconf -d' output)</b>
+ Lookup table for persistent address verification status storage.
+
+ <b><a href="postconf.5.html#address_verify_positive_expire_time">address_verify_positive_expire_time</a> (31d)</b>
+ The time after which a successful probe expires from the address
+ verification cache.
+
+ <b><a href="postconf.5.html#address_verify_positive_refresh_time">address_verify_positive_refresh_time</a> (7d)</b>
+ The time after which a successful address verification probe
+ needs to be refreshed.
+
+ <b><a href="postconf.5.html#address_verify_negative_cache">address_verify_negative_cache</a> (yes)</b>
+ Enable caching of failed address verification probe results.
+
+ <b><a href="postconf.5.html#address_verify_negative_expire_time">address_verify_negative_expire_time</a> (3d)</b>
+ The time after which a failed probe expires from the address
+ verification cache.
+
+ <b><a href="postconf.5.html#address_verify_negative_refresh_time">address_verify_negative_refresh_time</a> (3h)</b>
+ The time after which a failed address verification probe needs
+ to be refreshed.
+
+ Available with Postfix 2.7 and later:
+
+ <b><a href="postconf.5.html#address_verify_cache_cleanup_interval">address_verify_cache_cleanup_interval</a> (12h)</b>
+ The amount of time between <a href="verify.8.html"><b>verify</b>(8)</a> address verification data-
+ base cleanup runs.
+
+<b>PROBE MESSAGE ROUTING CONTROLS</b>
+ By default, probe messages are delivered via the same route as regular
+ messages. The following parameters can be used to override specific
+ message routing mechanisms.
+
+ <b><a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> ($<a href="postconf.5.html#relayhost">relayhost</a>)</b>
+ Overrides the <a href="postconf.5.html#relayhost">relayhost</a> parameter setting for address verifica-
+ tion probes.
+
+ <b><a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a> ($<a href="postconf.5.html#transport_maps">transport_maps</a>)</b>
+ Overrides the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting for address veri-
+ fication probes.
+
+ <b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b>
+ Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for address ver-
+ ification probes.
+
+ <b><a href="postconf.5.html#address_verify_virtual_transport">address_verify_virtual_transport</a> ($<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b>
+ Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting for address
+ verification probes.
+
+ <b><a href="postconf.5.html#address_verify_relay_transport">address_verify_relay_transport</a> ($<a href="postconf.5.html#relay_transport">relay_transport</a>)</b>
+ Overrides the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter setting for address ver-
+ ification probes.
+
+ <b><a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> ($<a href="postconf.5.html#default_transport">default_transport</a>)</b>
+ Overrides the <a href="postconf.5.html#default_transport">default_transport</a> parameter setting for address
+ verification probes.
+
+ Available in Postfix 2.3 and later:
+
+ <b><a href="postconf.5.html#address_verify_sender_dependent_relayhost_maps">address_verify_sender_dependent_relayhost_maps</a> ($<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_depen</a>-</b>
+ <b><a href="postconf.5.html#sender_dependent_relayhost_maps">dent_relayhost_maps</a>)</b>
+ Overrides the <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> parameter setting
+ for address verification probes.
+
+ Available in Postfix 2.7 and later:
+
+ <b><a href="postconf.5.html#address_verify_sender_dependent_default_transport_maps">address_verify_sender_dependent_default_transport_maps</a> ($<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_depen</a>-</b>
+ <b><a href="postconf.5.html#sender_dependent_default_transport_maps">dent_default_transport_maps</a>)</b>
+ Overrides the <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> parameter
+ setting for address verification probes.
+
+<b>SMTPUTF8 CONTROLS</b>
+ Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
+
+ <b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
+ Detect that a message requires SMTPUTF8 support for the speci-
+ fied mail origin classes.
+
+ Available in Postfix version 3.2 and later:
+
+ <b><a href="postconf.5.html#enable_idna2003_compatibility">enable_idna2003_compatibility</a> (no)</b>
+ Enable 'transitional' compatibility between IDNA2003 and
+ IDNA2008, when converting UTF-8 domain names to/from the ASCII
+ form that is used for DNS lookups.
+
+<b>MISCELLANEOUS CONTROLS</b>
+ <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
+ figuration files.
+
+ <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
+ How much time a Postfix daemon process may take to handle a
+ request before it is terminated by a built-in watchdog timer.
+
+ <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
+ The time limit for sending or receiving information over an
+ internal communication channel.
+
+ <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
+ The process ID of a Postfix command or daemon process.
+
+ <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
+ The process name of a Postfix command or daemon process.
+
+ <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
+ The location of the Postfix top-level queue directory.
+
+ <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
+ The syslog facility of Postfix logging.
+
+ <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
+ A prefix that is prepended to the process name in syslog
+ records, so that, for example, "smtpd" becomes "prefix/smtpd".
+
+ Available in Postfix 3.3 and later:
+
+ <b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b>
+ The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process.
+
+<b>SEE ALSO</b>
+ <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server
+ <a href="cleanup.8.html">cleanup(8)</a>, enqueue Postfix message
+ <a href="postconf.5.html">postconf(5)</a>, configuration parameters
+ <a href="postlogd.8.html">postlogd(8)</a>, Postfix logging
+ syslogd(8), system logging
+
+<b>README FILES</b>
+ <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a>, address verification howto
+
+<b>LICENSE</b>
+ The Secure Mailer license must be distributed with this software.
+
+<b>HISTORY</b>
+ This service was introduced with Postfix version 2.1.
+
+<b>AUTHOR(S)</b>
+ Wietse Venema
+ IBM T.J. Watson Research
+ P.O. Box 704
+ Yorktown Heights, NY 10598, USA
+
+ Wietse Venema
+ Google, Inc.
+ 111 8th Avenue
+ New York, NY 10011, USA
+
+ VERIFY(8)
+</pre> </body> </html>