1 <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "https://www.w3.org/TR/html4/loose.dtd"> 3 4 <html> 5 6 <head> 7 8 <title>Postfix VERP Howto</title> 9 10 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 11 <link rel='stylesheet' type='text/css' href='postfix-doc.css'> 12 13 </head> 14 15 <body> 16 17 <h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix VERP Howto</h1> 18 19 <hr> 20 21 <h2>Postfix VERP support</h2> 22 23 <p> Postfix versions 1.1 and later support variable envelope return 24 path addresses on request. When VERP style delivery is requested, 25 each recipient of a message receives a customized copy of the 26 message, with his/her own recipient address encoded in the envelope 27 sender address. </p> 28 29 <p> For example, when VERP style delivery is requested, Postfix 30 delivers mail from "<tt>owner-listname@origin</tt>" for a recipient 31 "<tt>user@domain</tt>", with a sender address that encodes the 32 recipient as follows: </p> 33 34 <blockquote> 35 <pre> 36 owner-listname+user=domain@origin 37 </pre> 38 </blockquote> 39 40 <p> Thus, undeliverable mail can reveal the undeliverable recipient 41 address without requiring the list owner to parse bounce messages. 42 </p> 43 44 <p> The VERP concept was popularized by the qmail MTA and by the ezmlm 45 mailing list manager. See <a href="https://cr.yp.to/proto/verp.txt">https://cr.yp.to/proto/verp.txt</a> for the 46 ideas behind this concept. </p> 47 48 <p> Topics covered in this document: </p> 49 50 <ul> 51 52 <li> <a href="#config"> Postfix VERP configuration parameters </a> 53 54 <li> <a href="#majordomo"> Using VERP with majordomo etc. mailing lists </a> 55 56 <li> <a href="#smtp"> VERP support in the Postfix SMTP server</a> 57 58 <li> <a href="#sendmail"> VERP support in the Postfix sendmail command </a> 59 60 <li> <a href="#qmqp"> VERP support in the Postfix QMQP server </a> 61 62 </ul> 63 64 <h2> <a name="config"> Postfix VERP configuration parameters </a> </h2> 65 66 With Postfix, the whole process is controlled by four configuration 67 parameters. 68 69 <dl> 70 71 <dt> <a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (default value: +=) 72 73 <dd> <p> What VERP delimiter characters Postfix uses when VERP 74 style delivery is requested but no explicit delimiters are 75 specified. </p> 76 77 <dt> <a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (default: -+=) 78 79 <dd> <p> What characters Postfix accepts as VERP delimiter 80 characters on the sendmail command line and in SMTP commands. 81 Many characters must not be used as VERP delimiter characters, 82 either because they already have a special meaning in email 83 addresses (such as the @ or the %), because they are used as 84 part of a username or domain name (such as alphanumerics), or 85 because they are non-ASCII or control characters. And who 86 knows, some characters may tickle bugs in vulnerable software, 87 and we would not want that to happen. </p> </dd> 88 89 <dt> <a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> (default value: none) 90 91 <dd> <p> What SMTP clients are allowed to request VERP style 92 delivery. The Postfix QMQP server uses its own access control 93 mechanism, and local submission (via /usr/sbin/sendmail etc.) 94 is always authorized. To authorize a host, list its name, IP 95 address, subnet (net/mask) or parent .domain. </p> 96 97 <p> With Postfix versions 1.1 and 2.0, this parameter is called 98 <a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a> (default: $<a href="postconf.5.html#mynetworks">mynetworks</a>). </p> </dd> 99 100 <dt> <a href="postconf.5.html#disable_verp_bounces">disable_verp_bounces</a> (default: no) 101 102 <dd> <p> Send one bounce report for multi-recipient VERP mail, 103 instead of one bounce report per recipient. The default, 104 one per recipient, is what ezmlm needs. </p> </dd> 105 106 </dl> 107 108 <h2> <a name="majordomo"> Using VERP with majordomo etc. mailing lists </a> </h2> 109 110 <p> In order to make VERP useful with majordomo etc. mailing lists, 111 you would configure the list manager to submit mail according 112 to one of the following two forms: </p> 113 114 <p> Postfix 2.3 and later: </p> 115 116 <blockquote> 117 <pre> 118 % sendmail -XV -f owner-listname other-arguments... 119 120 % sendmail -XV+= -f owner-listname other-arguments... 121 </pre> 122 </blockquote> 123 124 <p> Postfix 2.2 and earlier (Postfix 2.3 understands the old syntax 125 for backwards compatibility, but will log a warning that reminds 126 you of the new syntax): </p> 127 128 <blockquote> 129 <pre> 130 % sendmail -V -f owner-listname other-arguments... 131 132 % sendmail -V+= -f owner-listname other-arguments... 133 </pre> 134 </blockquote> 135 136 <p> The first form uses the default <a href="postconf.5.html">main.cf</a> VERP delimiter characters. 137 The second form allows you to explicitly specify the VERP delimiter 138 characters. The example shows the recommended values. </p> 139 140 <p> This text assumes that you have set up an owner-listname alias 141 that routes undeliverable mail to a real person: </p> 142 143 <blockquote> 144 <pre> 145 /etc/aliases: 146 owner-listname: yourname+listname 147 </pre> 148 </blockquote> 149 150 <p> In order to process bounces we are going to make extensive use 151 of address extension tricks. </p> 152 153 <p> You need to tell Postfix that + is the separator between an 154 address and its optional address extension, that address extensions 155 are appended to .forward file names, and that address extensions 156 are to be discarded when doing alias expansions: </p> 157 158 <blockquote> 159 <pre> 160 /etc/postfix/<a href="postconf.5.html">main.cf</a>: 161 <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> = + 162 <a href="postconf.5.html#forward_path">forward_path</a> = $home/.forward${<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a>}${extension}, 163 $home/.forward 164 <a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> = canonical, virtual 165 </pre> 166 </blockquote> 167 168 <p> (the last two parameter settings are default settings). </p> 169 170 <p> You need to set up a file named .forward+listname with the 171 commands that process all the mail that is sent to the owner-listname 172 address: </p> 173 174 <blockquote> 175 <pre> 176 ~/.forward+listname: 177 "|/some/where/command ..." 178 </pre> 179 </blockquote> 180 181 <p> With this set up, undeliverable mail for user@domain will be returned 182 to the following address: </p> 183 184 <blockquote> 185 <pre> 186 owner-listname+user=domain (a] your.domain 187 </pre> 188 </blockquote> 189 190 <p> which is processed by the command in your .forward+listname file. 191 The message should contain, among others, a To: header with the 192 encapsulated recipient sender address: </p> 193 194 <blockquote> 195 <pre> 196 To: owner-listname+user=domain (a] your.domain 197 </pre> 198 </blockquote> 199 200 <p> It is left as an exercise for the reader to parse the To: header 201 line and to pull out the user=domain part from the recipient address. 202 </p> 203 204 <h2> <a name="smtp"> VERP support in the Postfix SMTP server </a> </h2> 205 206 <p> The Postfix SMTP server implements a command XVERP to enable 207 VERP style delivery. The syntax allows two forms: </p> 208 209 <blockquote> 210 <pre> 211 MAIL FROM:<sender@domain> XVERP 212 213 MAIL FROM:<sender@domain> XVERP=+= 214 </pre> 215 </blockquote> 216 217 <p> The first form uses the default <a href="postconf.5.html">main.cf</a> VERP delimiters, the 218 second form overrides them explicitly. The values shown are the 219 recommended ones. </p> 220 221 <p> You can use the <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a> feature to append XVERP 222 to SMTP commands from legacy software. This requires Postfix 2.7 223 or later. </p> 224 225 <blockquote> 226 <pre> 227 /etc/postfix/<a href="postconf.5.html">main.cf</a>: 228 <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/append_verp.pcre 229 <a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> = $<a href="postconf.5.html#mynetworks">mynetworks</a> 230 231 /etc/postfix/append_verp.<a href="pcre_table.5.html">pcre</a>: 232 /^(MAIL FROM:<listname@example\.com>.*)/ $1 XVERP 233 </pre> 234 </blockquote> 235 236 <h2> <a name="sendmail"> VERP support in the Postfix sendmail command </a> </h2> 237 238 <p> The Postfix sendmail command has a -V flag to request VERP style 239 delivery. Specify one of the following two forms: </p> 240 241 <p> Postfix 2.3 and later:</p> 242 <blockquote> 243 <pre> 244 % sendmail -XV -f owner-listname .... 245 246 % sendmail -XV+= -f owner-listname .... 247 </pre> 248 </blockquote> 249 250 <p> Postfix 2.2 and earlier (Postfix 2.3 understands the old syntax 251 for backwards compatibility, but will log a warning that reminds 252 you of the new syntax): </p> 253 254 <blockquote> 255 <pre> 256 % sendmail -V -f owner-listname .... 257 258 % sendmail -V+= -f owner-listname .... 259 </pre> 260 </blockquote> 261 262 <p> The first form uses the default <a href="postconf.5.html">main.cf</a> VERP delimiters, the 263 second form overrides them explicitly. The values shown are the 264 recommended ones. </p> 265 266 <h2> <a name="qmqp"> VERP support in the Postfix QMQP server </a> </h2> 267 268 <p> When the Postfix QMQP server receives mail with an envelope 269 sender address of the form: </p> 270 271 <blockquote> 272 <pre> 273 listname- (a] your.domain-@[] 274 </pre> 275 </blockquote> 276 277 <p> Postfix generates sender addresses 278 "<tt>listname-user=domain (a] your.domain</tt>", using "-=" as the VERP 279 delimiters because qmail/ezmlm expect this. </p> 280 281 <p> More generally, a sender address of "<tt>prefix@origin-@[]</tt>" 282 requests VERP style delivery with sender addresses of the form 283 "<tt>prefixuser=domain@origin</tt>". However, Postfix allows only 284 VERP delimiters that are specified with the <a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> 285 parameter. In particular, the "=" delimiter is required for qmail 286 compatibility (see the qmail addresses(5) manual page for details). 287 288 </body> 289 290 </html> 291
Indexes created Fri Apr 17 00:22:50 UTC 2026