1 1.1 tron #++ 2 1.1 tron # NAME 3 1.1 tron # memcache_table 5 4 1.1 tron # SUMMARY 5 1.1 tron # Postfix memcache client configuration 6 1.1 tron # SYNOPSIS 7 1.1.1.3 tron # \fBpostmap -q "\fIstring\fB" memcache:/etc/postfix/\fIfilename\fR 8 1.1 tron # 9 1.1.1.3 tron # \fBpostmap -q - memcache:/etc/postfix/\fIfilename\fB <\fIinputfile\fR 10 1.1 tron # DESCRIPTION 11 1.1 tron # The Postfix mail system uses optional tables for address 12 1.1 tron # rewriting or mail routing. These tables are usually in 13 1.1.1.5 christos # \fBlmdb:\fR, \fBcdb:\fR, \fBhash:\fR, or \fBdbm:\fR format. 14 1.1 tron # 15 1.1 tron # Alternatively, lookup tables can be specified as memcache 16 1.1.1.5 christos # instances. To use memcache lookups, define a memcache 17 1.1 tron # source as a lookup table in main.cf, for example: 18 1.1 tron # 19 1.1 tron # .nf 20 1.1 tron # virtual_alias_maps = memcache:/etc/postfix/memcache-aliases.cf 21 1.1 tron # .fi 22 1.1 tron # 23 1.1 tron # The file /etc/postfix/memcache-aliases.cf has the same 24 1.1 tron # format as the Postfix main.cf file, and specifies the 25 1.1 tron # parameters described below. 26 1.1 tron # 27 1.1 tron # The Postfix memcache client supports the lookup, update, 28 1.1 tron # delete and sequence (first/next) operations. The sequence 29 1.1 tron # operation requires a backup database that supports the 30 1.1 tron # operation. 31 1.1 tron # MEMCACHE MAIN PARAMETERS 32 1.1 tron # .ad 33 1.1 tron # .fi 34 1.1 tron # .IP "\fBmemcache (default: inet:localhost:11211)\fR" 35 1.1 tron # The memcache server (note: singular) that Postfix will try 36 1.1 tron # to connect to. For a TCP server specify "inet:" followed by 37 1.1 tron # a hostname or address, ":", and a port name or number. 38 1.1 tron # Specify an IPv6 address inside "[]". 39 1.1 tron # For a UNIX-domain server specify "unix:" followed by the 40 1.1 tron # socket pathname. Examples: 41 1.1 tron # 42 1.1 tron # .nf 43 1.1 tron # memcache = inet:memcache.example.com:11211 44 1.1 tron # memcache = inet:127.0.0.1:11211 45 1.1 tron # memcache = inet:[fc00:8d00:189::3]:11211 46 1.1 tron # memcache = unix:/path/to/socket 47 1.1 tron # .fi 48 1.1 tron # 49 1.1 tron # NOTE: to access a UNIX-domain socket with the proxymap(8) 50 1.1 tron # server, the socket must be accessible by the unprivileged 51 1.1 tron # postfix user. 52 1.1 tron # .IP "\fBbackup (default: undefined)\fR" 53 1.1 tron # An optional Postfix database that provides persistent backup 54 1.1 tron # for the memcache database. The Postfix memcache client will 55 1.1 tron # update the memcache database whenever it looks up or changes 56 1.1 tron # information in the persistent database. Specify a Postfix 57 1.1 tron # "type:table" database. Examples: 58 1.1 tron # 59 1.1 tron # .nf 60 1.1 tron # # Non-shared postscreen cache. 61 1.1 tron # backup = btree:/var/lib/postfix/postscreen_cache_map 62 1.1 tron # 63 1.1 tron # # Shared postscreen cache for processes on the same host. 64 1.1 tron # backup = proxy:btree:/var/lib/postfix/postscreen_cache_map 65 1.1 tron # .fi 66 1.1 tron # 67 1.1 tron # Access to remote proxymap servers is under development. 68 1.1 tron # 69 1.1.1.2 tron # NOTE 1: When sharing a persistent \fBpostscreen\fR(8) or 70 1.1.1.2 tron # \fBverify\fR(8) cache, disable automatic cache cleanup (set 71 1.1.1.2 tron # *_cache_cleanup_interval = 0) except with one Postfix 72 1.1.1.2 tron # instance that will be responsible for cache cleanup. 73 1.1.1.2 tron # 74 1.1.1.3 tron # NOTE 2: When multiple tables share the same memcache 75 1.1.1.2 tron # database, each table should use the \fBkey_format\fR feature 76 1.1.1.2 tron # (see below) to prepend its own unique string to the lookup 77 1.1.1.2 tron # key. Otherwise, automatic \fBpostscreen\fR(8) or \fBverify\fR(8) 78 1.1.1.2 tron # cache cleanup may not work. 79 1.1.1.2 tron # 80 1.1.1.2 tron # NOTE 3: When the backup database is accessed with "proxy:" 81 1.1.1.2 tron # lookups, the full backup database name (including the 82 1.1.1.2 tron # "proxy:" prefix) must be specified in the proxymap server's 83 1.1.1.2 tron # proxy_read_maps or proxy_write_maps setting (depending on 84 1.1.1.2 tron # whether the access is read-only or read-write). 85 1.1 tron # .IP "\fBflags (default: 0)\fR" 86 1.1 tron # Optional flags that should be stored along with a memcache 87 1.1.1.2 tron # update. The flags are ignored when looking up information. 88 1.1 tron # .IP "\fBttl (default: 3600)\fR" 89 1.1 tron # The expiration time in seconds of memcache updates. 90 1.1 tron # 91 1.1 tron # NOTE 1: When using a memcache table as \fBpostscreen\fR(8) 92 1.1 tron # or \fBverify\fR(8) cache without persistent backup, specify 93 1.1 tron # a zero *_cache_cleanup_interval value with all Postfix 94 1.1 tron # instances that use the memcache, and specify the largest 95 1.1 tron # \fBpostscreen\fR(8) *_ttl value or \fBverify\fR(8) *_expire_time 96 1.1 tron # value as the memcache table's \fBttl\fR value. 97 1.1 tron # 98 1.1 tron # NOTE 2: According to memcache protocol documentation, a 99 1.1 tron # value greater than 30 days (2592000 seconds) specifies 100 1.1 tron # absolute UNIX 101 1.1 tron # time. Smaller values are relative to the time of the update. 102 1.1 tron # MEMCACHE KEY PARAMETERS 103 1.1 tron # .ad 104 1.1 tron # .fi 105 1.1.1.5 christos # .IP "\fBkey_digest (default: empty)\fB" 106 1.1.1.5 christos # After processing the \fBkey_format\fR setting, and before sending 107 1.1.1.5 christos # a request to the memcache server, run the key through the named 108 1.1.1.5 christos # message digest algorithm and convert the result to lowercase 109 1.1.1.5 christos # hexadecimal characters. This prevents a database access error 110 1.1.1.5 christos # when keys may exceed the memcache server's key length limit 111 1.1.1.5 christos # (usually, 250 bytes). Specify the name of a message digest 112 1.1.1.5 christos # algorithm that is supported by OpenSSL, for example, \fBsha256\fR. 113 1.1.1.5 christos # 114 1.1.1.5 christos # This feature is available in Postfix 3.11 and later, and requires 115 1.1.1.5 christos # that Postfix is built with TLS support. 116 1.1 tron # .IP "\fBkey_format (default: %s)\fB" 117 1.1.1.3 tron # Format of the lookup and update keys that the Postfix 118 1.1.1.3 tron # memcache client sends to the memcache server. 119 1.1 tron # By default, these are the same as the lookup and update 120 1.1.1.3 tron # keys that the memcache client receives from Postfix 121 1.1.1.3 tron # applications. 122 1.1 tron # 123 1.1.1.2 tron # NOTE 1: The \fBkey_format\fR feature is not used for \fBbackup\fR 124 1.1 tron # database requests. 125 1.1 tron # 126 1.1.1.3 tron # NOTE 2: When multiple tables share the same memcache 127 1.1.1.2 tron # database, each table should prepend its own unique string 128 1.1.1.2 tron # to the lookup key. Otherwise, automatic \fBpostscreen\fR(8) 129 1.1.1.2 tron # or \fBverify\fR(8) cache cleanup may not work. 130 1.1.1.2 tron # 131 1.1.1.2 tron # Examples: 132 1.1 tron # 133 1.1 tron # .nf 134 1.1 tron # key_format = aliases:%s 135 1.1.1.2 tron # key_format = verify:%s 136 1.1.1.2 tron # key_format = postscreen:%s 137 1.1 tron # .fi 138 1.1 tron # 139 1.1 tron # The \fBkey_format\fR parameter supports the following '%' 140 1.1 tron # expansions: 141 1.1 tron # .RS 142 1.1.1.4 christos # .IP "\fB%%\fR" 143 1.1 tron # This is replaced by a literal '%' character. 144 1.1.1.4 christos # .IP "\fB%s\fR" 145 1.1 tron # This is replaced by the memcache client input key. 146 1.1.1.4 christos # .IP "\fB%u\fR" 147 1.1 tron # When the input key is an address of the form user@domain, 148 1.1 tron # \fB%u\fR is replaced by the SQL quoted local part of the 149 1.1 tron # address. Otherwise, \fB%u\fR is replaced by the entire 150 1.1 tron # search string. If the localpart is empty, a lookup is 151 1.1 tron # silently suppressed and returns no results (an update is 152 1.1 tron # skipped with a warning). 153 1.1.1.4 christos # .IP "\fB%d\fR" 154 1.1 tron # When the input key is an address of the form user@domain, 155 1.1 tron # \fB%d\fR is replaced by the domain part of the address. 156 1.1 tron # Otherwise, a lookup is silently suppressed and returns no 157 1.1 tron # results (an update is skipped with a warning). 158 1.1.1.4 christos # .IP "\fB%[SUD]\fR" 159 1.1 tron # The upper-case equivalents of the above expansions behave 160 1.1 tron # in the \fBkey_format\fR parameter identically to their 161 1.1 tron # lower-case counter-parts. 162 1.1.1.4 christos # .IP "\fB%[1-9]\fR" 163 1.1 tron # The patterns %1, %2, ... %9 are replaced by the corresponding 164 1.1 tron # most significant component of the input key's domain. If 165 1.1 tron # the input key is \fIuser (a] mail.example.com\fR, then %1 is 166 1.1 tron # \fBcom\fR, %2 is \fBexample\fR and %3 is \fBmail\fR. If the 167 1.1 tron # input key is unqualified or does not have enough domain 168 1.1 tron # components to satisfy all the specified patterns, a lookup 169 1.1 tron # is silently suppressed and returns no results (an update 170 1.1 tron # is skipped with a warning). 171 1.1 tron # .RE 172 1.1 tron # .IP "\fBdomain (default: no domain list)\fR" 173 1.1 tron # This feature can significantly reduce database server load. 174 1.1 tron # Specify a list of domain names, paths to files, or "type:table" 175 1.1 tron # databases. 176 1.1 tron # When specified, only fully qualified search keys with a 177 1.1 tron # *non-empty* localpart and a matching domain are eligible 178 1.1 tron # for lookup or update: bare 'user' lookups, bare domain 179 1.1 tron # lookups and "@domain" lookups are silently skipped (updates 180 1.1 tron # are skipped with a warning). Example: 181 1.1 tron # 182 1.1 tron # .nf 183 1.1 tron # domain = example.com, hash:/etc/postfix/searchdomains 184 1.1 tron # .fi 185 1.1 tron # MEMCACHE ERROR CONTROLS 186 1.1 tron # .ad 187 1.1 tron # .fi 188 1.1 tron # .IP "\fBdata_size_limit (default: 10240)\fR" 189 1.1 tron # The maximal memcache reply data length in bytes. 190 1.1 tron # .IP "\fBline_size_limit (default: 1024)\fR" 191 1.1 tron # The maximal memcache reply line length in bytes. 192 1.1 tron # .IP "\fBmax_try (default: 2)\fR" 193 1.1 tron # The number of times to try a memcache command before giving 194 1.1 tron # up. The memcache client does not retry a command when the 195 1.1 tron # memcache server accepts no connection. 196 1.1 tron # .IP "\fBretry_pause (default: 1)\fR" 197 1.1 tron # The time in seconds before retrying a failed memcache command. 198 1.1 tron # .IP "\fBtimeout (default: 2)\fR" 199 1.1 tron # The time limit for sending a memcache command and for 200 1.1 tron # receiving a memcache reply. 201 1.1 tron # BUGS 202 1.1 tron # The Postfix memcache client cannot be used for security-sensitive 203 1.1 tron # tables such as \fBalias_maps\fR (these may contain 204 1.1 tron # "\fI|command\fR and "\fI/file/name\fR" destinations), or 205 1.1 tron # \fBvirtual_uid_maps\fR, \fBvirtual_gid_maps\fR and 206 1.1 tron # \fBvirtual_mailbox_maps\fR (these specify UNIX process 207 1.1.1.5 christos # privileges for "\fI/file/name\fR" destinations). In a typical 208 1.1 tron # deployment a memcache database is writable by any process 209 1.1 tron # that can talk to the memcache server; in contrast, 210 1.1 tron # security-sensitive tables must never be writable by the 211 1.1 tron # unprivileged Postfix user. 212 1.1 tron # 213 1.1 tron # The Postfix memcache client requires additional configuration 214 1.1 tron # when used as \fBpostscreen\fR(8) or \fBverify\fR(8) cache. 215 1.1 tron # For details see the \fBbackup\fR and \fBttl\fR parameter 216 1.1 tron # discussions in the MEMCACHE MAIN PARAMETERS section above. 217 1.1 tron # SEE ALSO 218 1.1 tron # postmap(1), Postfix lookup table manager 219 1.1 tron # postconf(5), configuration parameters 220 1.1 tron # README FILES 221 1.1 tron # .ad 222 1.1 tron # .fi 223 1.1 tron # Use "\fBpostconf readme_directory\fR" or 224 1.1 tron # "\fBpostconf html_directory\fR" to locate this information. 225 1.1 tron # .na 226 1.1 tron # .nf 227 1.1 tron # DATABASE_README, Postfix lookup table overview 228 1.1 tron # MEMCACHE_README, Postfix memcache client guide 229 1.1 tron # LICENSE 230 1.1 tron # .ad 231 1.1 tron # .fi 232 1.1 tron # The Secure Mailer license must be distributed with this software. 233 1.1 tron # HISTORY 234 1.1 tron # .ad 235 1.1 tron # .fi 236 1.1 tron # Memcache support was introduced with Postfix version 2.9. 237 1.1 tron # AUTHOR(S) 238 1.1 tron # Wietse Venema 239 1.1 tron # IBM T.J. Watson Research 240 1.1 tron # P.O. Box 704 241 1.1 tron # Yorktown Heights, NY 10598, USA 242 1.1.1.4 christos # 243 1.1.1.4 christos # Wietse Venema 244 1.1.1.4 christos # Google, Inc. 245 1.1.1.4 christos # 111 8th Avenue 246 1.1.1.4 christos # New York, NY 10011, USA 247 1.1 tron #-- 248
Indexes created Sat Jun 27 00:24:51 UTC 2026