1 <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "https://www.w3.org/TR/html4/loose.dtd"> 3 4 <html> 5 6 <head> 7 8 <title>Postfix Architecture Overview </title> 9 10 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 11 <link rel='stylesheet' type='text/css' href='postfix-doc.css'> 12 13 </head> 14 15 <body> 16 17 <h1> <img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix 18 Architecture Overview </h1> 19 20 <hr> 21 22 <h2> Introduction </h2> 23 24 <p> This document presents an overview of the Postfix architecture, 25 and provides pointers to descriptions of every Postfix command 26 or server program. The text gives the general context in which 27 each command or server program is used, and provides pointers to 28 documents with specific usage examples and background information. 29 </p> 30 31 <p> Topics covered by this document: </p> 32 33 <ul> 34 35 <li> <a href="#receiving"> How Postfix receives mail </a> 36 37 <li> <a href="#delivering"> How Postfix delivers mail </a> 38 39 <li> <a href="#behind"> Postfix behind the scenes </a> 40 41 <li> <a href="#commands"> Postfix support commands </a> 42 43 </ul> 44 45 <h2><a name="receiving"> How Postfix receives mail </a> </h2> 46 47 <p> When a message enters the Postfix mail system, the first stop 48 on the inside is the incoming queue. The figure below shows the 49 main processes that are involved with new mail. Names followed by 50 a number are Postfix commands or server programs, while unnumbered 51 names inside shaded areas represent Postfix queues. </p> 52 53 <blockquote> 54 55 <table> 56 57 <tr> 58 59 <td colspan="3"> </td> 60 61 <td> </td> 62 63 <td rowspan="2" bgcolor="#f0f0ff" align="center"> trivial-<br>rewrite(8) </td> 64 65 </tr> 66 67 <tr> <td colspan="3"> </td> <td> / </td> </tr> 68 69 <tr> 70 71 <td> Network </td> <td> <tt> -> </tt> </td> 72 73 <td bgcolor="#f0f0ff" align="center" valign="middle"> smtpd(8) 74 </td> 75 76 <td> </td> 77 78 <td rowspan="2" align="center"> <table> <tr> <td align="center"> 79 ^<br> <tt> | </tt> </td> <td align="center"> <tt> |<br> v </tt> 80 </td> </tr> </table> </td> 81 82 </tr> 83 84 <tr> 85 86 <td colspan="3"> </td> <td> <tt> \ </tt> </td> 87 88 </tr> 89 90 <tr> 91 92 <td> Network </td> <td> <tt> -> </tt> </td> 93 94 <td bgcolor="#f0f0ff" align="center" valign="middle"> qmqpd(8) 95 </td> 96 97 <td> <tt> -> </tt> </td> 98 99 <td bgcolor="#f0f0ff" align="center" valign="middle"> cleanup(8) 100 </td> 101 102 <td> <tt> -> </tt> </td> 103 104 <td bgcolor="#f0f0ff" align="center" valign="middle"> <a 105 href="QSHAPE_README.html#incoming_queue"> incoming </a> </td> 106 107 </tr> 108 109 <tr> 110 111 <td colspan="3"> </td> <td> <tt> / </tt> </td> 112 113 </tr> 114 115 <tr> 116 117 <td colspan="2"> </td> 118 119 <td bgcolor="#f0f0ff" align="center" valign="middle"> pickup(8) 120 </td> 121 122 <td> <tt> <- </tt> </td> 123 124 <td bgcolor="#f0f0ff" align="center" valign="middle"> <a 125 href="QSHAPE_README.html#maildrop_queue"> maildrop </a> </td> 126 127 </tr> 128 129 <tr> 130 131 <td colspan="4" align="center"> </td> 132 133 <td align="center"> ^<br> <tt> | </tt> </td> 134 135 </tr> 136 137 <tr> 138 139 <td> Local </td> <td> <tt> -> </tt> </td> 140 141 <td bgcolor="#f0f0ff" align="center" valign="middle"> sendmail(1) 142 </td> 143 144 <td> <tt> -> </tt> </td> 145 146 <td bgcolor="#f0f0ff" align="center" valign="middle"> postdrop(1) 147 </td> 148 149 </tr> 150 151 </table> 152 153 </blockquote> 154 155 <ul> 156 157 <li> <p> Network mail enters Postfix via the smtpd(8) or qmqpd(8) 158 servers. These servers remove the SMTP or QMQP protocol encapsulation, 159 enforce some sanity checks to protect Postfix, and give the sender, 160 recipients and message content to the cleanup(8) server. The 161 smtpd(8) server can be configured to block unwanted mail, as 162 described in the SMTPD_ACCESS_README document. </p> 163 164 <li> <p> Local submissions are received with the Postfix sendmail(1) 165 compatibility command, and are queued in the maildrop queue by 166 the privileged postdrop(1) command. This arrangement even works 167 while the Postfix mail system is not running. The local pickup(8) 168 server picks up local submissions, enforces some sanity checks to 169 protect Postfix, and gives the sender, recipients and message 170 content to the cleanup(8) server. </p> 171 172 <li> <p> Mail from internal sources is given directly to the 173 cleanup(8) server. These sources are not shown in the figure, and 174 include: mail that is forwarded by the local(8) delivery agent (see 175 next section), messages that are returned to the sender by the 176 bounce(8) server (see second-next section), and postmaster 177 notifications about problems with Postfix. </p> 178 179 <li> <p> The cleanup(8) server implements the final processing 180 stage before mail is queued. It adds missing From: and other message 181 headers, and transforms addresses as described in the 182 ADDRESS_REWRITING_README 183 document. Optionally, the cleanup(8) server can be configured to 184 do light-weight content inspection with regular expressions as 185 described in the BUILTIN_FILTER_README document. The cleanup(8) 186 server places the result as a single file into the incoming queue, 187 and notifies the queue manager (see next section) of the arrival 188 of new mail. </p> 189 190 <li> <p> The trivial-rewrite(8) server rewrites addresses to the 191 standard "user (a] fully.qualified.domain" form, as described in the 192 ADDRESS_REWRITING_README document. Postfix currently does not 193 implement a rewriting language, but a lot can be done via table 194 lookups and, if need be, regular expressions. </p> 195 196 </ul> 197 198 <h2> <a name="delivering"> How Postfix delivers mail </a> </h2> 199 200 <p> Once a message has reached the incoming queue the next step is 201 to deliver it. The figure shows the main components of the Postfix 202 mail delivery apparatus. Names followed by a number are Postfix 203 commands or server programs, while unnumbered names inside shaded 204 areas represent Postfix queues. </p> 205 206 <blockquote> 207 208 <table> 209 210 <tr> 211 212 <td rowspan="2" colspan="4"> </td> 213 214 <td rowspan="2" bgcolor="#f0f0ff" align="center"> trivial-<br>rewrite(8) 215 </td> 216 217 <td> </td> 218 219 <td bgcolor="#f0f0ff" align="center"> smtp(8) </td> 220 221 <td> <tt> -> </tt> </td> <td> Network </td> 222 223 </tr> 224 225 <tr> 226 227 <td align="right"> <tt> / </tt> </td> 228 229 </tr> 230 231 <tr> 232 233 <td rowspan="2" colspan="4"> </td> 234 235 <td rowspan="2" align="center"> <table> <tr> <td align="center"> 236 ^<br> <tt> | </tt> </td> <td align="center"> <tt> |<br> v </tt> 237 </td> </tr> </table> </td> 238 239 <td align="right"> <tt> - </tt> </td> 240 241 <td bgcolor="#f0f0ff" align="center"> lmtp(8) </td> 242 243 <td> <tt> -> </tt> </td> <td> Network </td> 244 245 </tr> 246 247 <tr> 248 249 <td align="left"> <tt> / </tt> </td> 250 251 </tr> 252 253 <tr> 254 255 <td bgcolor="#f0f0ff" align="center"> <a 256 href="QSHAPE_README.html#incoming_queue"> incoming </a> </td> 257 258 <td> <tt> -> </tt> </td> 259 260 <td bgcolor="#f0f0ff" align="center"> <a 261 href="QSHAPE_README.html#active_queue"> active </a> </td> 262 263 <td> <tt> -> </tt> </td> 264 265 <td bgcolor="#f0f0ff" align="center"> qmgr(8) </td> 266 267 <td align="right"> <tt> --- </tt> </td> 268 269 <td bgcolor="#f0f0ff" align="center"> local(8) </td> 270 271 <td> <tt> -> </tt> </td> <td> File, command </td> 272 273 </tr> 274 275 <tr> 276 277 <td rowspan="2" colspan="2"> </td> 278 279 <td rowspan="2" align="center"> <table> <tr> <td align="center"> 280 ^<br> <tt> | </tt> </td> <td align="center"> <tt> |<br> v </tt> 281 </td> </tr> </table> </td> 282 283 <td rowspan="2" colspan="2"> </td> 284 285 <td align="left"> <tt> \ </tt> </td> 286 287 </tr> 288 289 <tr> 290 291 <td align="right"> <tt> - </tt> </td> 292 293 <td bgcolor="#f0f0ff" align="center"> virtual(8) </td> 294 295 <td> <tt> -> </tt> </td> <td> File </td> 296 297 </tr> 298 299 <tr> 300 301 <td colspan="2"> </td> 302 303 <td bgcolor="#f0f0ff" align="center"> <a 304 href="QSHAPE_README.html#deferred_queue"> deferred </a> </td> 305 306 <td colspan="2"> </td> 307 308 <td align="right"> <tt> \ </tt> </td> 309 310 </tr> 311 312 <tr> 313 314 <td colspan="6"> 315 316 <td bgcolor="#f0f0ff" align="center"> pipe(8) </td> 317 318 <td> <tt> -> </tt> </td> <td> Command </td> 319 320 </tr> 321 322 </table> 323 324 </blockquote> 325 326 <ul> 327 328 <li> <p> The queue manager (the qmgr(8) server process in the 329 figure) is the heart of Postfix mail delivery. It contacts the 330 smtp(8), lmtp(8), local(8), virtual(8), pipe(8), discard(8) or 331 error(8) delivery agents, and sends a delivery request for one 332 or more recipient addresses. The discard(8) and error(8) delivery 333 agents are special: they discard or bounce all mail, and are not 334 shown in the figure above. </p> 335 336 <p> The queue manager maintains a limited active queue with the 337 messages that it has opened for delivery. The active queue acts as 338 a limited window on potentially large incoming or deferred queues. 339 The limited active queue prevents the queue manager from running 340 out of memory under heavy load. </p> 341 342 <p> The queue manager maintains a separate deferred queue for mail 343 that cannot be delivered, so that a large mail backlog will not 344 slow down normal queue accesses. The queue manager's strategy for 345 delayed mail delivery attempts is described in the QSHAPE_README 346 and TUNING_README documents. </p> 347 348 <li> <p> The trivial-rewrite(8) server resolves each recipient 349 address according to its local or remote address class, as defined 350 in the ADDRESS_CLASS_README document. Additional routing information 351 can be specified with the optional transport(5) table. The 352 trivial-rewrite(8) server optionally queries the relocated(5) table 353 for recipients whose address has changed; mail for such recipients is 354 returned to the sender with an explanation. </p> 355 356 <li> <p> The smtp(8) client looks up a list of SMTP servers for 357 the destination(s) in a delivery request, sorts the list by preference, 358 and tries each server in turn until it has delivered or bounced all 359 recipients in the delivery request. It encapsulates the sender, 360 recipients and message content as required by the SMTP protocol; 361 this includes message body conversion from 8-bit MIME to 7-bit 362 encoding, but does not include RFC 2047 header encoding. </p> 363 364 <li> <p> The lmtp(8) client speaks a protocol similar to SMTP that 365 is optimized for delivery to mailbox servers such as Cyrus. The 366 advantage of this setup is that one Postfix machine can feed multiple 367 mailbox servers over LMTP. The opposite is true as well: one 368 mailbox server can be fed over LMTP by multiple Postfix machines. 369 </p> 370 371 <li> <p> The local(8) delivery agent understands UNIX-style mailboxes, 372 qmail-compatible maildir files, Sendmail-style system-wide aliases(5) 373 databases, and Sendmail-style per-user .forward files. Multiple 374 local delivery agents can be run in parallel, but parallel delivery 375 to the same user is usually limited. </p> 376 377 <p> The local(8) delivery agent has hooks for alternative forms of 378 local delivery: you can configure it to deliver to mailbox files 379 in user home directories, you can configure it to delegate mailbox 380 delivery to an external command such as procmail, or you can delegate 381 delivery to a different Postfix delivery agent. </p> 382 383 <li> <p> The virtual(8) delivery agent is a bare-bones delivery 384 agent that delivers to UNIX-style mailbox or qmail-style maildir 385 files only. This delivery agent can deliver mail for multiple 386 domains, which makes it especially suitable for hosting lots of 387 small domains on a single machine. This is described in the 388 VIRTUAL_README document. </p> 389 390 <li> <p> The pipe(8) mailer is the outbound interface to other mail 391 processing systems (the Postfix sendmail(1) command being the 392 inbound interface). The interface is UNIX compatible: the pipe(8) 393 mailer provides information to a child process command line, 394 environment variables, and standard input stream, and expects a 395 child process exit status code as defined in <sysexits.h>. 396 Examples of delivery via the pipe(8) mailer are in the FILTER_README, 397 MAILDROP_README, 398 and UUCP_README documents. 399 400 </ul> 401 402 <h2> <a name="behind"> Postfix behind the scenes </a> </h2> 403 404 <p> The previous sections gave an overview of how Postfix server 405 processes send and receive mail. These server processes rely on 406 other server processes that do things behind the scenes. The text 407 below attempts to visualize each service in its own context. As 408 before, names followed by a number are Postfix commands or server 409 programs, while unnumbered names inside shaded areas represent 410 Postfix queues. </p> 411 412 <ul> 413 414 <li> <p> The resident master(8) server is the supervisor that keeps 415 an eye on the well-being of the Postfix mail system. It is typically 416 started at system boot time with the "postfix start" command, and 417 keeps running until the system goes down. The master(8) server is 418 responsible for starting Postfix server processes to receive and 419 deliver mail, and for restarting servers that terminate prematurely 420 because of some problem. The master(8) server is also responsible 421 for enforcing the server process count limits as specified in the 422 <b>master.cf</b> configuration file. The picture below gives the 423 program hierarchy when Postfix is started up. Only some of the mail 424 handling daemon processes are shown. </p> 425 426 <table> 427 428 <tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff"> 429 postfix(1) </td> </tr> 430 431 <tr> <td colspan="2"> </td> <td align="center"> |<br> |</td> </tr> 432 433 <tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff"> 434 postfix-script(1) </td> </tr> 435 436 <tr> <td> </td> <td> <table> <tr> <td> </td> <td> / </td> </tr> 437 <tr> <td> / </td> <td> </td> </tr> </table> </td> <td align="center"> 438 |<br> |</td> <td> <table> <tr> <td> \ </td> <td> </td> </tr> <tr> 439 <td> </td> <td> \ </td> </tr> </table> </td> </tr> 440 441 <tr> <td align="center" bgcolor="#f0f0ff"> postsuper(1) </td> <td> 442 </td> <td align="center" bgcolor="#f0f0ff"> master(8) </td> <td> 443 </td> <td align="center" bgcolor="#f0f0ff"> postlog(1) </td> </tr> 444 445 <tr> <td> </td> <td> <table> <tr> <td> </td> <td> / </td> </tr> 446 <tr> <td> / </td> <td> </td> </tr> </table> </td> <td align="center"> 447 |<br> |</td> <td> <table> <tr> <td> \ </td> <td> </td> </tr> <tr> 448 <td> </td> <td> \ </td> </tr> </table> </td> </tr> 449 450 <tr> <td align="center" bgcolor="#f0f0ff"> smtpd(8) </td> <td> 451 </td> <td align="center" bgcolor="#f0f0ff"> qmgr(8) </td> <td> 452 </td> <td align="center" bgcolor="#f0f0ff"> local(8) </td> </tr> 453 454 </table> 455 456 <li> <p> The anvil(8) server implements client connection and 457 request rate 458 limiting for all smtpd(8) servers. The TUNING_README document 459 provides guidance for dealing with mis-behaving SMTP clients. The 460 anvil(8) service is available in Postfix version 2.2 and later. 461 </p> 462 463 <table> 464 465 <tr> <td> Network </td> <td> <tt> -> </tt> </td> <td align="center" 466 bgcolor="#f0f0ff"> <br> smtpd(8)<br><br> </td> <td> <tt> <-> 467 </tt> </td> <td align="center" bgcolor="#f0f0ff"> <br> anvil(8)<br><br> 468 </td> </tr> 469 470 </table> 471 472 <li> <p> The bounce(8), defer(8) and trace(8) services each maintain 473 their own queue directory trees with per-message logfiles. Postfix 474 uses this information when sending "failed", "delayed" or "success" 475 delivery status notifications to the sender. </p> 476 477 <p> The trace(8) service also implements support for the Postfix 478 "sendmail 479 -bv" and "sendmail -v" commands which produce reports about how 480 Postfix delivers mail, and is available with Postfix version 2.1 481 and later. See <a href="DEBUG_README.html#trace_mail"> DEBUG_README 482 </a> for examples. </p> 483 484 <table> 485 486 <tr> <td align="center" bgcolor="#f0f0ff"> cleanup(8) </td> <td 487 valign="middle"> <tt> -> </tt> </td> <td align="center" 488 bgcolor="#f0f0ff"> qmgr(8)<br> Postfix<br> queue </td> <td 489 valign="middle"> <tt> -> </tt> </td> <td align="center" 490 bgcolor="#f0f0ff"> Delivery<br> agents</td> </tr> 491 492 <tr> <td align="center"> ^<br> <tt> | </tt> </td> <td> </td> <td 493 align="center"> <tt> |<br> v </tt> </td> <td> </td> <td align="center"> 494 <tt> |<br> v </tt> </td> </tr> 495 496 <tr> <td align="center"> (Non-)<br> delivery<br> notice </td> <td 497 valign="middle"> <tt> <- </tt> </td> <td align="center" 498 bgcolor="#f0f0ff"> bounce(8)<br> defer(8)<br> trace(8) </td> <td 499 valign="middle"> <tt> <- </tt> </td> <td align="center"> Queue 500 id,<br> recipient,<br> status</td> </tr> 501 502 <tr> <td colspan="2"> </td> <td align="center"> <table> <tr> <td 503 align="center"> ^<br> <tt> | </tt> </td> <td align="center"> <tt> 504 |<br> v </tt> </td> </tr> </table> </td> </tr> 505 506 <tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff"> 507 Per- <br> message<br> logfiles </td> </tr> 508 509 </table> 510 511 <li> <p> The flush(8) servers maintain per-destination logs and 512 implement "sendmail -qR<i>site</i>", "sendmail -qI<i>queueid</i>" 513 "postqueue -s <i>site</i>", "postqueue -i <i>queueid</i>", and ETRN 514 as described 515 in the ETRN_README document. This moves selected queue files from 516 the deferred queue back to the incoming queue and requests their 517 delivery. The flush(8) service is available with Postfix version 518 1.0 and later. </p> 519 520 <table> 521 522 <tr> <td colspan="4"> </td> <td align="center" bgcolor="#f0f0ff"> 523 <a href="QSHAPE_README.html#incoming_queue"> incoming </a><br>^ 524 <br><a href="QSHAPE_README.html#deferred_queue"> deferred </a> 525 </td> </tr> 526 527 <tr> <td colspan="4"> </td> <td align="center"> ^<br> |</td> </tr> 528 529 <tr> <td align="center" bgcolor="#f0f0ff"> smtpd(8)<br> sendmail(1)<br> 530 postqueue(1) </td> <td> <tt> - </tt> </td> <td align="center"> 531 Destination<br> to flush</td> <td> <tt> -> </tt> </td> <td 532 align="center" bgcolor="#f0f0ff"> flush(8) </td> <td> <tt> <- 533 </tt> </td> <td align="center"> Deferred<br> destination,<br> queue 534 id </td> <td> <tt> - </tt> </td> <td align="center" bgcolor="#f0f0ff"> 535 Delivery<br> agents,<br> qmgr(8) </td> </tr> 536 537 <tr> <td colspan="4"> </td> <td align="center"> <table> <tr> <td 538 align="center"> ^<br> <tt> | </tt> </td> <td align="center"> <tt> 539 |<br> v </tt> </td> </tr> </table> </td> </tr> 540 541 <tr> <td colspan="4"> </td> <td align="center"> Per-dest-<br> 542 ination<br> logs </td> </tr> 543 544 </table> 545 546 <li> <p> The proxymap(8) servers provide read-only and read-write 547 table lookup 548 service to Postfix processes. This overcomes chroot restrictions, 549 reduces the number of open lookup tables by sharing one open 550 table among multiple processes, and implements single-updater 551 tables. </p> 552 553 <li> <p> The scache(8) server maintains the connection cache for 554 the Postfix smtp(8) client. When connection caching is enabled for 555 selected destinations, the smtp(8) client does not disconnect 556 immediately after a mail transaction, but gives the connection to 557 the connection cache server which keeps the connection open for a 558 limited amount of time. The smtp(8) client continues with some 559 other mail delivery request. Meanwhile, any smtp(8) process can 560 ask the scache(8) server for that cached connection and reuse it 561 for mail delivery. As a safety measure, Postfix limits the number 562 of times that a connection may be reused. </p> 563 564 <p> When delivering mail to a destination with multiple mail servers, 565 connection caching can help to skip over a non-responding server, 566 and thus dramatically speed up delivery. SMTP connection caching 567 is available in Postfix version 2.2 and later. More information 568 about this feature is in the CONNECTION_CACHE_README document. </p> 569 570 <table> 571 572 <tr> <td> </td> <td> <tt> /-- </tt> </td> <td align="center" 573 colspan="3" bgcolor="#f0f0ff"> smtp(8) </td> <td colspan="2"> <tt> 574 --> </tt> </td> <td> Internet </td> </tr> 575 576 <tr> <td align="center" bgcolor="#f0f0ff"> qmgr(8) </td> <td> </td> 577 <td align="center" rowspan="3"><tt>|<br>|<br>|<br>|<br>v</tt></td> 578 </tr> 579 580 <tr> <td> </td> <td> <tt> \-- </tt> </td> <td align="center" 581 colspan="4" bgcolor="#f0f0ff"> smtp(8) </td> <td align="left"> 582 </td> </tr> 583 584 <tr> <td colspan="2"> </td> <td> </td> <td 585 align="center"><tt>^<br>|</tt></td> </tr> 586 587 <tr> <td colspan="2"> </td> <td align="center" colspan="3" 588 bgcolor="#f0f0ff"> scache(8) </td> </tr> 589 590 </table> 591 592 <p> A Postfix smtp(8) client can reuse a TLS-encrypted connection 593 (with "smtp_tls_connection_reuse = yes"). This can greatly reduce 594 the overhead of connection setup and improves message delivery 595 rates. After a Postfix smtp(8) client connects to a remote SMTP 596 server and sends plaintext EHLO and STARTTLS commands, the smtp(8) 597 client inserts a tlsproxy(8) process into the connection as shown 598 in the top of the figure below. </p> 599 600 <table> 601 602 <tr> <td> </td> <td> <tt> /-- </tt> </td> <td align="center" 603 colspan="3" bgcolor="#f0f0ff"> smtp(8) </td> <td colspan="2"> <tt> 604 --> </tt> </td> <td align="center"bgcolor="#f0f0ff"> tlsproxy(8) 605 </td> <td> <tt> --> </tt> </td> <td> Internet </td> </tr> 606 607 <tr> <td align="center" bgcolor="#f0f0ff"> qmgr(8) </td> <td> </td> 608 <td align="center" rowspan="3"><tt>|<br>|<br>|<br>|<br>v</tt></td> 609 </tr> 610 611 <tr> <td> </td> <td> <tt> \-- </tt> </td> <td align="center" 612 colspan="4" bgcolor="#f0f0ff"> smtp(8) </td> <td align="left"> 613 </td> </tr> 614 615 <tr> <td colspan="2"> </td> <td> </td> <td 616 align="center"><tt>^<br>|</tt></td> </tr> 617 618 <tr> <td colspan="2"> </td> <td align="center" colspan="3" 619 bgcolor="#f0f0ff"> scache(8) </td> </tr> 620 621 </table> 622 623 <p> After the mail transaction completes, the Postfix smtp(8) client 624 gives the smtp(8)-to-tlsproxy(8) connection to the scache(8) 625 server, which keeps the connection open for a limited amount of 626 time. The smtp(8) client continues with some other mail delivery 627 request. Meanwhile, any Postfix smtp(8) client can ask the scache(8) 628 server for that cached connection and reuse it for mail delivery. 629 </p> 630 631 <li> <p> The showq(8) servers list the Postfix queue status. This 632 is the queue listing service that does the work for the mailq(1) 633 and postqueue(1) commands. </p> 634 635 <table> 636 637 <tr> <td> Output </td> <td> <tt> <- </tt> </td> <td align="center" 638 bgcolor="#f0f0ff"> mailq(1)<br> 639 640 <a href="postqueue.1.html"> post-<br>queue(1) </a> <br> </td> <td> 641 <tt> <- </tt> </td> <td align="center" valign="middle" 642 bgcolor="#f0f0ff"> showq(8) </td> <td> <tt> <- </tt></td> <td 643 align="center" valign="middle" bgcolor="#f0f0ff"> Postfix<br> queue 644 </td> </tr> 645 646 </table> 647 648 <li> <p> The spawn(8) servers run non-Postfix commands on request, 649 with the client connected via socket or FIFO to the command's 650 standard input, output and error streams. You can find examples of 651 its use in the SMTPD_POLICY_README document. </p> 652 653 <li> <p> The tlsmgr(8) server runs when TLS (Transport Layer 654 Security, formerly known as SSL) is turned on in the Postfix smtp(8) 655 client or smtpd(8) server. This process has two duties: </p> 656 657 <ul> 658 659 <li> <p> Maintain the pseudo-random number generator (PRNG) that 660 is used to seed the TLS engines in Postfix smtp(8) client or smtpd(8) 661 server processes. The state of this PRNG is periodically saved to 662 a file, and is read when tlsmgr(8) starts up. </p> 663 664 <li> <p> Maintain the optional Postfix smtp(8) client or smtpd(8) 665 server caches with TLS session keys. Saved keys can improve 666 performance by reducing the amount of computation at the start of 667 a TLS session. </p> 668 669 </ul> 670 671 <p> TLS support is available in Postfix version 2.2 and later. 672 Information about the Postfix TLS implementation is in the TLS_README 673 document. </p> 674 675 <table> 676 677 <tr> <td>Network<tt>-> </tt> </td> <td align="center" 678 bgcolor="#f0f0ff"> <br> smtpd(8) <br> </td> <td colspan="2"> 679 <tt> <---seed---<br><br><-session-> </tt> </td> <td 680 align="center" bgcolor="#f0f0ff"> <br> tlsmgr(8) <br> </td> 681 <td colspan="3"> <tt> ---seed---><br> <br><-session-> 682 </tt> </td> <td align="center" bgcolor="#f0f0ff"> <br> smtp(8) <br> 683 </td> <td> <tt> -></tt>Network </td> </tr> 684 685 <tr> <td colspan="3"> </td> <td align="right"> <table> <tr> <td> 686 </td> <td> / </td> </tr> <tr> <td> / </td> <td> </td> </tr> </table> 687 </td> <td align="center"> |<br> |</td> <td align="left"> <table> 688 <tr> <td> \ </td> <td> </td> </tr> <tr> <td> </td> <td> \ </td> 689 </tr> </table> </td> <td colspan="3"> </td> </tr> 690 691 <tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff"> 692 smtpd<br> session<br> cache </td> <td> </td> <td align="center" 693 bgcolor="#f0f0ff"> PRNG<br> state <br>file </td> <td> </td> <td 694 align="center" bgcolor="#f0f0ff"> smtp<br> session<br> cache </td> 695 <td colspan="2"> </td> </tr> 696 697 </table> 698 699 700 <li> <p> The verify(8) server verifies that a sender or recipient 701 address is deliverable before the smtpd(8) server accepts it. The 702 verify(8) server queries a cache with address verification results. 703 If a result is not found, the verify(8) server injects a probe 704 message into the Postfix queue and processes the status update from 705 a delivery agent or queue manager. 706 This process is described in the ADDRESS_VERIFICATION_README 707 document. The verify(8) service is available with Postfix version 708 2.1 and later. </p> 709 710 <table> 711 712 <tr> 713 714 <td rowspan="2" colspan="5" align="center" valign="middle"> 715 </td> <td rowspan="3" align="center" valign="bottom"> 716 <tt> -> </tt> </td> <td rowspan="3" align="center" 717 valign="middle"> probe<br> message </td> <td rowspan="3" 718 align="center" valign="middle"> <tt> -> </tt> </td> <td 719 rowspan="3" bgcolor="#f0f0ff" align="center" valign="middle"> 720 Postfix<br> mail<br> queue </td> 721 722 </tr> 723 724 <tr> <td> </td> </tr> 725 726 <tr> 727 728 <td rowspan="3" align="center" valign="middle"> Network </td> 729 <td rowspan="3" align="center" valign="middle"> <tt> -> </tt> 730 </td> <td rowspan="3" bgcolor="#f0f0ff" align="center" 731 valign="middle"> smtpd(8) </td> <td rowspan="3" align="center" 732 valign="middle"> <tt> <-> </tt> </td> <td rowspan="3" 733 bgcolor="#f0f0ff" align="center" valign="middle"> verify(8) 734 </td> 735 736 </tr> 737 738 <tr> 739 740 <td rowspan="1" colspan="3"> </td> <td rowspan="1" align="center" 741 valign="middle"> <tt> |</tt><br> <tt> v</tt> </td> 742 743 </tr> 744 745 <tr> 746 747 <td rowspan="3" align="center" valign="top"> <tt> <- </tt> 748 </td> <td rowspan="3" align="center" valign="middle"> probe<br> 749 status </td> <td rowspan="3" align="center" valign="middle"> 750 <tt> <- </tt> </td> <td rowspan="3" bgcolor="#f0f0ff" 751 align="center" valign="middle"> Postfix<br> delivery<br> agents 752 </td> <td rowspan="3" align="left" valign="middle"> <tt>-></tt> 753 Local<br> <tt>-></tt> Network</td> 754 755 </tr> 756 757 <tr> 758 759 <td rowspan="3" colspan="4" align="center" valign="middle"> 760 </td> <td rowspan="3" align="center" valign="middle"> 761 <tt> ^</tt><br> <tt> |</tt><br> <tt> v</tt> </td> 762 763 </tr> 764 765 <tr> <td> </td> </tr> 766 767 <tr> <td colspan="4"> </td> </tr> 768 769 <tr> 770 771 <td colspan="4" align="center" valign="middle"> </td> 772 <td bgcolor="#f0f0ff" align="center" valign="middle"> Address<br> 773 verification<br> cache </td> 774 775 </tr> 776 777 </table> 778 779 <li> <p> The postscreen(8) server can be put "in front" of Postfix 780 smtpd(8) processes. Its purpose is to accept connections from the 781 network and to decide what SMTP clients are allowed to talk to 782 Postfix. According to the 2008 MessageLabs annual report, 81% of 783 all email was spam, and 90% of that was sent by botnets; by 2010, 784 those numbers were 92% and 95%, respectively. While postscreen(8) 785 keeps the zombies away, more smtpd(8) processes remain available 786 for legitimate clients. </p> 787 788 <p> postscreen(8) maintains a temporary allowlist for clients that 789 pass its tests; by allowing allowlisted clients to skip tests, 790 postscreen(8) minimizes its impact on legitimate email traffic. 791 </p> 792 793 <p> The postscreen(8) server is available with Postfix 2.8 and 794 later. To keep the implementation simple, postscreen(8) delegates 795 DNS allow/denylist lookups to dnsblog(8) server processes, and 796 delegates TLS encryption/decryption to tlsproxy(8) server processes. 797 This delegation is invisible to the remote SMTP client. </p> 798 799 <table> 800 801 <tr> <td colspan="2"> </td> <td align="center"> zombie </td> </tr> 802 803 <tr> <td colspan="3"> </td> <td align="left"> <tt> \ </tt> </td> </tr> 804 805 <tr> <td> zombie </td> <td> <tt> - </tt> </td> <td bgcolor="#f0f0ff" align="center"> tlsproxy(8) </td> <td align="left"> <tt> - </tt> </td> <td> 806 </td> <td> </td> <td> </td> <td align="right"> <tt> - </tt> </td> 807 <td bgcolor="#f0f0ff" align="center"> smtpd(8) </td> </tr> 808 809 <tr> <td colspan="3"> </td> <td align="right"> <tt> \ </tt> </td> <td> </td> 810 <td align="left"> <tt> / </tt> </td> </tr> 811 812 <tr> <td colspan="2"> </td> <td bgcolor="#f0f0ff" align="center"> other </td> <td> <tt> 813 --- </tt> </td> <td bgcolor="#f0f0ff" align="center" valign="middle"> 814 postscreen(8) </td> </tr> 815 816 <tr> <td colspan="3"> </td> <td align="right"> <tt> / </tt> </td> <td> </td> 817 <td align="right"> <tt> \ </tt> </td> </tr> 818 819 <tr> <td colspan="2"> </td> <td bgcolor="#f0f0ff" align="center"> other </td> <td align="left"> 820 <tt> - </tt> </td> <td> </td> <td> </td> <td> </td> <td align="right"> 821 <tt> - </tt> </td> <td bgcolor="#f0f0ff" align="center"> smtpd(8) 822 </td> </tr> 823 824 <tr> <td colspan="3"> </td> <td align="left"> <tt> / </tt> </td> </tr> 825 826 <tr> <td colspan="2"> </td> <td align="center"> zombie </td> </tr> 827 828 </table> 829 830 <li> <p>The postlogd(8) server provides an alternative to syslog 831 logging, which remains the default. This feature is available with 832 Postfix version 3.4 or later, and supports the following modes: 833 </p> 834 835 836 <ul> 837 838 <li> <p>Logging to file, which addresses a usability problem with 839 MacOS, and eliminates information loss caused by systemd rate limits. 840 </p> 841 842 <table> 843 844 <tr> <td bgcolor="#f0f0ff" rowspan="3" valign="middle" align="center"> 845 commands<br>or daemons</td> <td colspan="4"> </td> </tr> 846 847 <tr> <td colspan="2"> <td> <tt> -> </tt> </td> <td bgcolor="#f0f0ff"> 848 postlogd(8) </td> <td> <tt> -> </tt> </td> <td> /path/to/file 849 </td> </tr> 850 851 <tr> <td colspan=6> </td> </tr> 852 853 </table> 854 855 <li> <p>Logging to stdout, which eliminates a syslog dependency 856 when Postfix runs inside a container. </p> 857 858 <table> 859 860 <tr> <td bgcolor="#f0f0ff" rowspan="3" valign="middle" align="center"> 861 commands<br>or daemons</td> <td colspan="4"> </td> <td 862 rowspan="3" align="center"> stdout inherited<br>from "postfix 863 start-fg" </td> </tr> 864 865 <tr> <td colspan="2"> <tt> -> </tt> </td> <td bgcolor="#f0f0ff"> 866 postlogd(8) </td> <td> <tt> -> </tt> </td> </tr> 867 868 <tr> <td colspan=5> </td> </tr> 869 870 </table> 871 872 </ul> 873 874 <p> See MAILLOG_README for details and limitations. </p> 875 876 </ul> 877 878 <h2> <a name="commands"> Postfix support commands </a> </h2> 879 880 <p> The Postfix architecture overview ends with a summary of 881 command-line utilities for day-to-day use of the Postfix mail 882 system. Besides the Sendmail-compatible sendmail(1), mailq(1), and 883 newaliases(1) commands, the Postfix system comes with it own 884 collection of command-line utilities. For consistency, these are 885 all named post<i>something</i>. </p> 886 887 <ul> 888 889 <li> <p> The postfix(1) command controls the operation of the mail 890 system. It is the interface for starting, stopping, and restarting 891 the mail system, as well as for some other administrative operations. 892 This command is reserved to the super-user. </p> 893 894 <li> <p> The postalias(1) command maintains Postfix aliases(5) type 895 databases. This is the program that does the work for the 896 newaliases(1) command. </p> 897 898 <li> <p> The postcat(1) command displays the contents of Postfix 899 queue files. This is a limited, preliminary utility. This program 900 is likely to be superseded by something more powerful that can also 901 edit Postfix queue files. </p> 902 903 <li> <p> The postconf(1) command displays or updates Postfix main.cf 904 parameters and displays system dependent information about the 905 supported file locking methods, and the supported types of lookup 906 tables. </p> 907 908 <li> <p> The postdrop(1) command is the mail posting utility that 909 is run by the Postfix sendmail(1) command in order to deposit mail 910 into the maildrop queue directory. </p> 911 912 <li> <p> The postkick(1) command makes some Postfix internal 913 communication channels available for use in, for example, shell 914 scripts. </p> 915 916 <li> <p> The postlock(1) command provides Postfix-compatible mailbox 917 locking for use in, for example, shell scripts. </p> 918 919 <li> <p> The postlog(1) command provides Postfix-compatible logging 920 for shell scripts. </p> 921 922 <li> <p> The postmap(1) command maintains Postfix lookup tables 923 such as canonical(5), virtual(5) and others. It is a cousin of the 924 UNIX makemap command. </p> 925 926 <li> <p> The postmulti(1) command repeats the "postfix start" etc. 927 command for each Postfix instance, and supports creation, deletion 928 etc. of Postfix instances. For a tutorial, see MULTI_INSTANCE_README. 929 </p> 930 931 <li> <p> The postqueue(1) command is the privileged command that 932 is run by Postfix sendmail(1) and mailq(1) in order to flush or 933 list the 934 mail queue. </p> 935 936 <li> <p> The postsuper(1) command maintains the Postfix queue. It 937 removes old temporary files, and moves queue files into the right 938 directory after a change in the hashing depth of queue directories. 939 This command is run at mail system startup time and when Postfix 940 is restarted. </p> 941 942 </ul> 943 944 </body> 945 946 </html> 947
Indexes created Sat Jun 06 00:24:59 UTC 2026