1 <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "https://www.w3.org/TR/html4/loose.dtd"> 3 4 <html> 5 6 <head> 7 8 <title>Postfix ETRN Howto</title> 9 10 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 11 <link rel='stylesheet' type='text/css' href='postfix-doc.css'> 12 13 </head> 14 15 <body> 16 17 <h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix ETRN Howto</h1> 18 19 <hr> 20 21 <h2>Purpose of the Postfix fast ETRN service</h2> 22 23 <p> The SMTP ETRN command was designed for sites that have intermittent 24 Internet connectivity. With ETRN, a site can tell the mail server 25 of its provider to "Please deliver all my mail now". The SMTP server 26 searches the queue for mail to the customer, and delivers that mail 27 <b>by connecting to the customer's SMTP server</b>. The mail is 28 not delivered via the connection that was used for sending ETRN. 29 </p> 30 31 <p> As of version 1.0, Postfix has a fast ETRN implementation that 32 does not require Postfix to examine every queue file. Instead, 33 Postfix maintains a record of what queue files contain mail for 34 destinations that are configured for ETRN service. ETRN service 35 is no longer available for domains that aren't configured for the 36 service. </p> 37 38 <p> This document provides information on the following topics: </p> 39 40 <ul> 41 42 <li><a href="#using">Using the Postfix fast ETRN service</a> 43 44 <li><a href="#how">How Postfix fast ETRN works</a> 45 46 <li><a href="#dirty_secret">Postfix fast ETRN service limitations</a> 47 48 <li><a href="#config">Configuring the Postfix fast ETRN service</a> 49 50 <li><a href="#only">Configuring a domain for ETRN service only</a> 51 52 <li><a href="#testing">Testing the Postfix fast ETRN service</a> 53 54 </ul> 55 56 <p> Other documents with information on this subject: </p> 57 58 <ul> 59 60 <li> flush(8), flush service implementation 61 62 </ul> 63 64 <h2><a name="using">Using the Postfix fast ETRN service</a> </h2> 65 66 <p> The following is an example SMTP session that shows how an SMTP 67 client requests the ETRN service. Client commands are shown in bold 68 font. </p> 69 70 <blockquote> 71 <pre> 72 220 my.server.tld ESMTP Postfix 73 <b>HELO my.client.tld</b> 74 250 Ok 75 <b>ETRN some.customer.domain</b> 76 250 Queuing started 77 <b>QUIT</b> 78 221 Bye 79 </pre> 80 </blockquote> 81 82 <p> As mentioned in the introduction, the mail is delivered by 83 connecting to the customer's SMTP server; it is not sent over 84 the connection that was used to send the ETRN command. </p> 85 86 <p> The Postfix operator can request delivery for a specific customer 87 by using the command "sendmail -qR<i>destination</i>" and, with 88 Postfix version 1.1 and later, "postqueue -s<i>destination</i>". 89 Access to this feature is controlled with the authorized_flush_users 90 configuration parameter (Postfix version 2.2 and later). 91 </p> 92 93 <h2><a name="how">How Postfix fast ETRN works</a></h2> 94 95 <p> When a Postfix delivery agent decides that mail must be delivered 96 later, it sends the destination domain name and the queue file name 97 to the flush(8) daemon which maintains per-destination logfiles 98 with file names of queued mail. These logfiles are kept below 99 $queue_directory/flush. Per-destination logfiles are maintained 100 only for destinations that are listed with the $fast_flush_domains 101 parameter and that have syntactically valid domain names. </p> 102 103 <blockquote> 104 105 <table> 106 107 <tr> 108 109 <td bgcolor="#f0f0ff" align="center" valign="middle"> Postfix<br> 110 delivery<br> agent</td> 111 112 <td> <tt>-</tt>(domain, queue ID)<tt>-></tt> </td> 113 114 <td bgcolor="#f0f0ff" align="center" valign="middle"> Postfix<br> 115 flush<br> daemon</td> 116 117 <td> <tt>-</tt>(queue ID)<tt>-></tt> </td> 118 119 <td bgcolor="#f0f0ff" align="center" valign="middle"> One logfile <br> 120 per eligible<br> domain </td> 121 122 </tr> 123 124 </table> 125 126 </blockquote> 127 128 <p> When Postfix receives a request to "deliver mail for a domain 129 now", the flush(8) daemon moves all deferred queue files that are 130 listed for that domain to the incoming queue, and requests that 131 the queue manager deliver them. In order to force delivery, the 132 queue manager temporarily ignores the lists of undeliverable 133 destinations: the volatile in-memory list of dead domains, and 134 the list of message delivery transports specified with the 135 defer_transports configuration parameter. </p> 136 137 <h2><a name="dirty_secret">Postfix fast ETRN service limitations</a></h2> 138 139 <p> The design of the flush(8) server and of the flush queue 140 introduce a few limitations that should not be an issue unless you 141 want to turn on fast ETRN service for every possible destination. 142 </p> 143 144 <ul> 145 146 <li> <p> The flush(8) daemon maintains per-destination logfiles 147 with queue file names. When a request to "deliver mail now" arrives, 148 Postfix will attempt to deliver all recipients in the queue files 149 that have mail for the destination in question. This does not 150 perform well with queue files that have recipients in many different 151 domains, such as queue files with outbound mailing list traffic. 152 </p> 153 154 <li> <p> The flush(8) daemon maintains per-destination logfiles 155 only for destinations listed with $fast_flush_domains. With other 156 destinations you cannot request delivery with "sendmail 157 -qR<i>destination</i>" or, with Postfix version 1.1 and later, 158 "postqueue -s<i>destination</i>". </p> 159 160 <li> <p> Up to and including early versions of Postfix version 2.1, 161 the "fast flush" service may not deliver some messages if the 162 request to "deliver mail now" is received while a deferred queue 163 scan is already in progress. The reason is that the queue manager 164 does not ignore the volatile in-memory list of dead domains, and 165 the list of message delivery transports specified with the 166 defer_transports configuration parameter. </p> 167 168 <li> <p> Up to and including Postfix version 2.3, the "fast flush" 169 service may not deliver some messages if the request to "deliver 170 mail now" arrives while an incoming queue scan is already in progress. 171 </p> 172 173 </ul> 174 175 <h2><a name="config">Configuring the Postfix fast ETRN service</a></h2> 176 177 <p> The behavior of the flush(8) daemon is controlled by parameters 178 in the main.cf configuration file. </p> 179 180 <p> By default, Postfix "fast ETRN" service is available only for 181 destinations that Postfix is willing to relay mail to: </p> 182 183 <blockquote> 184 <pre> 185 /etc/postfix/main.cf: 186 fast_flush_domains = $relay_domains 187 smtpd_etrn_restrictions = permit_mynetworks, reject 188 </pre> 189 </blockquote> 190 191 <p> Notes: </p> 192 193 <ul> 194 195 <li> <p> The relay_domains parameter specifies what destinations 196 Postfix will relay to. For destinations that are not eligible for 197 the "fast ETRN" service, Postfix replies with an error message. 198 </p> 199 200 <li> <p> The smtpd_etrn_restrictions parameter limits what clients 201 may execute the ETRN command. By default, any client has permission. 202 </p> 203 204 </ul> 205 206 <p> To enable "fast ETRN" for some other destination, specify: </p> 207 208 <blockquote> 209 <pre> 210 /etc/postfix/main.cf: 211 fast_flush_domains = $relay_domains, some.other.domain 212 </pre> 213 </blockquote> 214 215 <p> To disable "fast ETRN", so that Postfix rejects all ETRN requests 216 and so that it maintains no per-destination logfiles, specify: </p> 217 218 <blockquote> 219 <pre> 220 /etc/postfix/main.cf: 221 fast_flush_domains = 222 </pre> 223 </blockquote> 224 225 <h2><a name="only">Configuring a domain for ETRN service only</a></h2> 226 227 <p> While an "ETRN" customer is off-line, Postfix will make 228 spontaneous attempts to deliver mail to it. These attempts are 229 separated in time by increasing time intervals, ranging from 230 $minimal_backoff_time to $maximal_backoff_time, and should not be 231 a problem unless a lot of mail is queued. </p> 232 233 <p> To prevent Postfix from making spontaneous delivery attempts 234 you can configure Postfix to always defer mail for the "ETRN" 235 customer. Mail is delivered only after the ETRN command or with 236 "sendmail -q", with "sendmail -qR<i>domain</i>", or with "postqueue 237 -s<i>domain</i>"(Postfix version 1.1 and later only), </p> 238 239 <p> In the example below we configure an "etrn-only" delivery 240 transport which is simply a duplicate of the "smtp" and "relay" 241 mail delivery transports. The only difference is that mail destined 242 for this delivery transport is deferred as soon as it arrives. 243 </p> 244 245 <blockquote> 246 <pre> 247 1 /etc/postfix/master.cf: 248 2 # ============================================================= 249 3 # service type private unpriv chroot wakeup maxproc command 250 4 # (yes) (yes) (yes) (never) (100) 251 5 # ============================================================= 252 6 smtp unix - - n - - smtp 253 7 relay unix - - n - - smtp 254 8 etrn-only unix - - n - - smtp 255 9 256 10 /etc/postfix/main.cf: 257 11 relay_domains = customer.tld ...other domains... 258 12 defer_transports = etrn-only 259 13 transport_maps = hash:/etc/postfix/transport 260 14 261 15 /etc/postfix/transport: 262 16 customer.tld etrn-only:[mailhost.customer.tld] 263 </pre> 264 </blockquote> 265 266 <p>Translation: </p> 267 268 <ul> 269 270 <li> <p> Line 8: The "etrn-only" mail delivery service is a copy of the 271 "smtp" and "relay" service. </p> 272 273 <li> <p> Line 11: Don't forget to authorize relaying for this 274 customer, either via relay_domains or with the permit_mx_backup 275 feature. </p> 276 277 <li> <p> Line 12: The "etrn-only" mail delivery service is configured 278 so that spontaneous mail delivery is disabled. </p> 279 280 <li> <p> Lines 13-16: Mail for the customer is given to the 281 "etrn-only" mail delivery service. </p> 282 283 <li> <p> Line 16: The "[mailhost.customer.tld]" turns off MX record 284 lookups; you must specify this if your Postfix server is the primary 285 MX host for the customer's domain. </p> 286 287 </ul> 288 289 <h2><a name="testing">Testing the Postfix fast ETRN service</a></h2> 290 291 <p> By default, "fast ETRN" service is enabled for all domains that 292 match $relay_domains. If you run Postfix with "fast ETRN" service 293 for the very first time, you need to run "sendmail -q" once 294 in order to populate the per-site deferred mail logfiles. If you 295 omit this step, no harm is done. The logfiles will eventually 296 become populated as Postfix routinely attempts to deliver delayed 297 mail, but that will take a couple hours. After the "sendmail 298 -q" command has completed all delivery attempts (this can take 299 a while), you're ready to test the "fast ETRN" service. 300 301 <p> To test the "fast ETRN" service, telnet to the Postfix SMTP 302 server from a client that is allowed to execute ETRN commands (by 303 default, that's every client), and type the commands shown in 304 boldface: </p> 305 306 <blockquote> 307 <pre> 308 220 my.server.tld ESMTP Postfix 309 <b>HELO my.client.tld</b> 310 250 Ok 311 <b>ETRN some.customer.domain</b> 312 250 Queuing started 313 </pre> 314 </blockquote> 315 316 <p> where "some.customer.domain" is the name of a domain that has 317 a non-empty logfile somewhere under $queue_directory/flush. </p> 318 319 <p> In the maillog file, you should immediately see a couple of 320 logfile records, as evidence that the queue manager has opened 321 queue files: </p> 322 323 <blockquote> 324 <pre> 325 Oct 2 10:51:19 myhostname postfix/qmgr[51999]: 682E8440A4: 326 from=<whatever>, size=12345, nrcpt=1 (queue active) 327 Oct 2 10:51:19 myhostname postfix/qmgr[51999]: 02249440B7: 328 from=<whatever>, size=4711, nrcpt=1 (queue active) 329 </pre> 330 </blockquote> 331 332 <p> What happens next depends on whether the destination is reachable. 333 If it's not reachable, the mail queue IDs will be added back to 334 the some.customer.domain logfile under $queue_directory/flush. 335 </p> 336 337 <p> Repeat the exercise with some other destination that your server 338 is willing to relay to (any domain listed in $relay_domains), but 339 that has no mail queued. The text in bold face stands for the 340 commands that you type: </p> 341 342 <blockquote> 343 <pre> 344 220 my.server.tld ESMTP Postfix 345 <b>HELO my.client.tld</b> 346 250 Ok 347 <b>ETRN some.other.customer.domain</b> 348 250 Queuing started 349 </pre> 350 </blockquote> 351 352 <p> This time, the "ETRN"" command should trigger NO mail deliveries 353 at all. If this triggers delivery of all mail, then you used the 354 wrong domain name, or "fast ETRN" service is turned off. </p> 355 356 <p> Finally, repeat the exercise with a destination that your mail 357 server is not willing to relay to. It does not matter if your 358 server has mail queued for that destination. </p> 359 360 <blockquote> 361 <pre> 362 220 my.server.tld ESMTP Postfix 363 <b>HELO my.client.tld</b> 364 250 Ok 365 <b>ETRN not.a.customer.domain</b> 366 459 <not.a.customer.domain>: service unavailable 367 </pre> 368 </blockquote> 369 370 <p> In this case, Postfix should reject the request 371 as shown above. </p> 372 373 </body> 374 375 </html> 376
Indexes created Sat Jun 06 00:24:59 UTC 2026