oracular (8) cleanup.8postfix.gz

Provided by: postfix_3.9.0-3_amd64 bug

NAME

       cleanup - canonicalize and enqueue Postfix message

SYNOPSIS

       cleanup [generic Postfix daemon options]

DESCRIPTION

       The cleanup(8) daemon processes inbound mail, inserts it into the incoming mail queue, and
       informs the queue manager of its arrival.

       The cleanup(8) daemon performs the following transformations:

       •      Insert missing message headers: (Resent-) From:, To:, Message-Id:, and Date:.
              This     is     enabled     with     the      local_header_rewrite_clients      and
              always_add_missing_headers parameter settings.

       •      Transform envelope and header addresses to the standard user@fully-qualified-domain
              form that is expected  by  other  Postfix  programs.   This  task  depends  on  the
              trivial-rewrite(8) daemon.
              The   header   transformation  is  enabled  with  the  local_header_rewrite_clients
              parameter setting.

       •      Eliminate duplicate envelope recipient addresses.
              This is enabled with the duplicate_filter_limit parameter setting.

       •      Remove message headers: Bcc, Content-Length, Resent-Bcc, Return-Path.
              This is enabled with the message_drop_headers parameter setting.

       •      Optionally, rewrite all envelope and header addresses  according  to  the  mappings
              specified in the canonical(5) lookup tables.
              The   header   transformation  is  enabled  with  the  local_header_rewrite_clients
              parameter setting.

       •      Optionally, masquerade envelope sender addresses and message header addresses (i.e.
              strip host or domain information below all domains listed in the masquerade_domains
              parameter, except for user names listed  in  masquerade_exceptions).   By  default,
              address masquerading does not affect envelope recipients.
              The   header   transformation  is  enabled  with  the  local_header_rewrite_clients
              parameter setting.

       •      Optionally, expand envelope  recipients  according  to  information  found  in  the
              virtual_alias_maps lookup tables.

       The cleanup(8) daemon performs sanity checks on the content of each message. When it finds
       a problem, by default it returns a diagnostic status to the cleanup  service  client,  and
       leaves it up to the client to deal with the problem. Alternatively, the client can request
       the cleanup(8) daemon to bounce the message back to the sender in case of trouble.

STANDARDS

       RFC 822 (ARPA Internet Text Messages)
       RFC 2045 (MIME: Format of Internet Message Bodies)
       RFC 2046 (MIME: Media Types)
       RFC 2822 (Internet Message Format)
       RFC 3463 (Enhanced Status Codes)
       RFC 3464 (Delivery status notifications)
       RFC 5322 (Internet Message Format)

DIAGNOSTICS

       Problems and transactions are logged to syslogd(8) or postlogd(8).

BUGS

       Table-driven rewriting rules make it hard to  express  if  then  else  and  other  logical
       relationships.

CONFIGURATION PARAMETERS

       Changes  to  main.cf  are  picked up automatically, as cleanup(8) processes run for only a
       limited amount of time. Use the command "postfix reload" to speed up a change.

       The text below provides only  a  parameter  summary.  See  postconf(5)  for  more  details
       including examples.

COMPATIBILITY CONTROLS

       undisclosed_recipients_header (see 'postconf -d' output)
              Message  header  that the Postfix cleanup(8) server inserts when a message contains
              no To: or Cc: message header.

       Available in Postfix version 2.1 only:

       enable_errors_to (no)
              Report mail  delivery  errors  to  the  address  specified  with  the  non-standard
              Errors-To:  message header, instead of the envelope sender address (this feature is
              removed with Postfix version 2.2, is turned off by  default  with  Postfix  version
              2.1, and is always turned on with older Postfix versions).

       Available in Postfix version 2.6 and later:

       always_add_missing_headers (no)
              Always add (Resent-) From:, To:, Date: or Message-ID: headers when not present.

       Available in Postfix version 2.9 and later:

       enable_long_queue_ids (no)
              Enable long, non-repeating, queue IDs (queue file names).

       Available in Postfix version 3.0 and later:

       message_drop_headers (bcc, content-length, resent-bcc, return-path)
              Names  of  message  headers  that  the cleanup(8) daemon will remove after applying
              header_checks(5) and before invoking Milter applications.

       header_from_format (standard)
              The format of the Postfix-generated From: header.

BUILT-IN CONTENT FILTERING CONTROLS

       Postfix built-in content filtering is meant to stop a flood of worms or viruses. It is not
       a general content filter.

       body_checks (empty)
              Optional  lookup  tables  for content inspection as specified in the body_checks(5)
              manual page.

       header_checks (empty)
              Optional lookup tables for content inspection of primary non-MIME message  headers,
              as specified in the header_checks(5) manual page.

       Available in Postfix version 2.0 and later:

       body_checks_size_limit (51200)
              How  much  text in a message body segment (or attachment, if you prefer to use that
              term) is subjected to body_checks inspection.

       mime_header_checks ($header_checks)
              Optional lookup tables for content inspection of MIME related message  headers,  as
              described in the header_checks(5) manual page.

       nested_header_checks ($header_checks)
              Optional  lookup  tables  for  content  inspection  of  non-MIME message headers in
              attached messages, as described in the header_checks(5) manual page.

       Available in Postfix version 2.3 and later:

       message_reject_characters (empty)
              The set of characters that Postfix will reject in message content.

       message_strip_characters (empty)
              The set of characters that Postfix will remove from message content.

       Available in Postfix version 3.9, 3.8.5, 3.7.10, 3.6.14, 3.5.24, and later:

       cleanup_replace_stray_cr_lf (yes)
              Replace each stray  <CR>  or  <LF>  character  in  message  content  with  a  space
              character,  to  prevent  outbound  SMTP  smuggling,  and  to make the evaluation of
              Postfix-added DKIM or other signatures independent from how a  remote  mail  server
              handles such characters.

BEFORE QUEUE MILTER CONTROLS

       As  of version 2.3, Postfix supports the Sendmail version 8 Milter (mail filter) protocol.
       When mail is not received via the smtpd(8) server, the  cleanup(8)  server  will  simulate
       SMTP  events  to  the  extent  that  this  is  possible. For details see the MILTER_README
       document.

       non_smtpd_milters (empty)
              A list of Milter (mail filter) applications for new mail that does not  arrive  via
              the Postfix smtpd(8) server.

       milter_protocol (6)
              The mail filter protocol version and optional protocol extensions for communication
              with a Milter application; prior to Postfix 2.6 the default protocol is 2.

       milter_default_action (tempfail)
              The default action when  a  Milter  (mail  filter)  response  is  unavailable  (for
              example, bad Postfix configuration or Milter failure).

       milter_macro_daemon_name ($myhostname)
              The {daemon_name} macro value for Milter (mail filter) applications.

       milter_macro_v ($mail_name $mail_version)
              The {v} macro value for Milter (mail filter) applications.

       milter_connect_timeout (30s)
              The  time  limit  for  connecting  to  a  Milter (mail filter) application, and for
              negotiating protocol options.

       milter_command_timeout (30s)
              The time limit for sending an SMTP command to a Milter (mail  filter)  application,
              and for receiving the response.

       milter_content_timeout (300s)
              The  time  limit for sending message content to a Milter (mail filter) application,
              and for receiving the response.

       milter_connect_macros (see 'postconf -d' output)
              The macros that are sent to Milter (mail filter) applications after  completion  of
              an SMTP connection.

       milter_helo_macros (see 'postconf -d' output)
              The  macros  that are sent to Milter (mail filter) applications after the SMTP HELO
              or EHLO command.

       milter_mail_macros (see 'postconf -d' output)
              The macros that are sent to Milter (mail filter) applications after the  SMTP  MAIL
              FROM command.

       milter_rcpt_macros (see 'postconf -d' output)
              The  macros  that are sent to Milter (mail filter) applications after the SMTP RCPT
              TO command.

       milter_data_macros (see 'postconf -d' output)
              The macros that are sent to version 4 or higher Milter (mail  filter)  applications
              after the SMTP DATA command.

       milter_unknown_command_macros (see 'postconf -d' output)
              The  macros  that are sent to version 3 or higher Milter (mail filter) applications
              after an unknown SMTP command.

       milter_end_of_data_macros (see 'postconf -d' output)
              The macros that are sent to Milter (mail filter)  applications  after  the  message
              end-of-data.

       Available in Postfix version 2.5 and later:

       milter_end_of_header_macros (see 'postconf -d' output)
              The  macros that are sent to Milter (mail filter) applications after the end of the
              message header.

       Available in Postfix version 2.7 and later:

       milter_header_checks (empty)
              Optional lookup tables for content inspection of message headers that are  produced
              by Milter applications.

       Available in Postfix version 3.1 and later:

       milter_macro_defaults (empty)
              Optional  list of name=value pairs that specify default values for arbitrary macros
              that Postfix may send to Milter applications.

MIME PROCESSING CONTROLS

       Available in Postfix version 2.0 and later:

       disable_mime_input_processing (no)
              Turn off MIME processing while receiving mail.

       mime_boundary_length_limit (2048)
              The maximal length of MIME multipart boundary strings.

       mime_nesting_limit (100)
              The maximal recursion level that the MIME processor will handle.

       strict_8bitmime (no)
              Enable both strict_7bit_headers and strict_8bitmime_body.

       strict_7bit_headers (no)
              Reject mail with 8-bit text in message headers.

       strict_8bitmime_body (no)
              Reject 8-bit message body text without 8-bit MIME content encoding information.

       strict_mime_encoding_domain (no)
              Reject mail with invalid Content-Transfer-Encoding: information for  the  message/*
              or multipart/* MIME content types.

       Available in Postfix version 2.5 and later:

       detect_8bit_encoding_header (yes)
              Automatically detect 8BITMIME body content by looking at Content-Transfer-Encoding:
              message headers; historically, this behavior was hard-coded to be "always on".

AUTOMATIC BCC RECIPIENT CONTROLS

       Postfix can automatically add BCC (blind carbon copy) when mail enters the mail system:

       always_bcc (empty)
              Optional address that receives a "blind  carbon  copy"  of  each  message  that  is
              received by the Postfix mail system.

       Available in Postfix version 2.1 and later:

       sender_bcc_maps (empty)
              Optional  BCC (blind carbon-copy) address lookup tables, indexed by envelope sender
              address.

       recipient_bcc_maps (empty)
              Optional BCC  (blind  carbon-copy)  address  lookup  tables,  indexed  by  envelope
              recipient address.

ADDRESS TRANSFORMATION CONTROLS

       Address  rewriting  is  delegated to the trivial-rewrite(8) daemon.  The cleanup(8) server
       implements table driven address mapping.

       empty_address_recipient (MAILER-DAEMON)
              The recipient of mail addressed to the null address.

       canonical_maps (empty)
              Optional address mapping lookup tables for message headers and envelopes.

       recipient_canonical_maps (empty)
              Optional address mapping lookup tables for envelope and header recipient addresses.

       sender_canonical_maps (empty)
              Optional address mapping lookup tables for envelope and header sender addresses.

       masquerade_classes (envelope_sender, header_sender, header_recipient)
              What addresses are subject to address masquerading.

       masquerade_domains (empty)
              Optional list of domains whose subdomain structure will be stripped  off  in  email
              addresses.

       masquerade_exceptions (empty)
              Optional  list  of  user names that are not subjected to address masquerading, even
              when their addresses match $masquerade_domains.

       propagate_unmatched_extensions (canonical, virtual)
              What address lookup tables copy an address extension from the  lookup  key  to  the
              lookup result.

       Available before Postfix version 2.0:

       virtual_maps (empty)
              Optional lookup tables with a) names of domains for which all addresses are aliased
              to addresses in other local or remote domains, and b) addresses that are aliased to
              addresses in other local or remote domains.

       Available in Postfix version 2.0 and later:

       virtual_alias_maps ($virtual_maps)
              Optional  lookup  tables  with  aliases  that  apply  to  all recipients: local(8),
              virtual, and remote;  this  is  unlike  alias_maps  that  apply  only  to  local(8)
              recipients.

       Available in Postfix version 2.2 and later:

       canonical_classes (envelope_sender, envelope_recipient, header_sender, header_recipient)
              What addresses are subject to canonical_maps address mapping.

       recipient_canonical_classes (envelope_recipient, header_recipient)
              What addresses are subject to recipient_canonical_maps address mapping.

       sender_canonical_classes (envelope_sender, header_sender)
              What addresses are subject to sender_canonical_maps address mapping.

       remote_header_rewrite_domain (empty)
              Rewrite   or   add   message   headers   in   mail   from  remote  clients  if  the
              remote_header_rewrite_domain parameter  value  is  non-empty,  updating  incomplete
              addresses  with the domain specified in the remote_header_rewrite_domain parameter,
              and adding missing headers.

RESOURCE AND RATE CONTROLS

       duplicate_filter_limit (1000)
              The maximal number of addresses remembered by  the  address  duplicate  filter  for
              aliases(5) or virtual(5) alias expansion, or for showq(8) queue displays.

       header_size_limit (102400)
              The maximal amount of memory in bytes for storing a message header.

       hopcount_limit (50)
              The  maximal  number  of  Received:  message headers that is allowed in the primary
              message headers.

       in_flow_delay (1s)
              Time to pause before accepting a new message, when the message arrival rate exceeds
              the message delivery rate.

       message_size_limit (10240000)
              The maximal size in bytes of a message, including envelope information.

       Available in Postfix version 2.0 and later:

       header_address_token_limit (10240)
              The maximal number of address tokens are allowed in an address message header.

       mime_boundary_length_limit (2048)
              The maximal length of MIME multipart boundary strings.

       mime_nesting_limit (100)
              The maximal recursion level that the MIME processor will handle.

       queue_file_attribute_count_limit (100)
              The maximal number of (name=value) attributes that may be stored in a Postfix queue
              file.

       Available in Postfix version 2.1 and later:

       virtual_alias_expansion_limit (1000)
              The maximal number of addresses that virtual alias  expansion  produces  from  each
              original recipient.

       virtual_alias_recursion_limit (1000)
              The maximal nesting depth of virtual alias expansion.

       Available in Postfix version 3.0 and later:

       virtual_alias_address_length_limit (1000)
              The maximal length of an email address after virtual alias expansion.

SMTPUTF8 CONTROLS

       Preliminary SMTPUTF8 support is introduced with Postfix 3.0.

       smtputf8_enable (yes)
              Enable  preliminary  SMTPUTF8  support for the protocols described in RFC 6531, RFC
              6532, and RFC 6533.

       smtputf8_autodetect_classes (sendmail, verify)
              Detect that a message requires SMTPUTF8  support  for  the  specified  mail  origin
              classes.

       Available in Postfix version 3.2 and later:

       enable_idna2003_compatibility (no)
              Enable  'transitional' compatibility between IDNA2003 and IDNA2008, when converting
              UTF-8 domain names to/from the ASCII form that is used for DNS lookups.

MISCELLANEOUS CONTROLS

       config_directory (see 'postconf -d' output)
              The default location of the Postfix main.cf and master.cf configuration files.

       daemon_timeout (18000s)
              How much time a Postfix daemon process may take to handle a request  before  it  is
              terminated by a built-in watchdog timer.

       delay_logging_resolution_limit (2)
              The  maximal number of digits after the decimal point when logging sub-second delay
              values.

       delay_warning_time (0h)
              The time after which the sender receives a copy of the message headers of mail that
              is still queued.

       ipc_timeout (3600s)
              The  time limit for sending or receiving information over an internal communication
              channel.

       max_idle (100s)
              The maximum amount of time that  an  idle  Postfix  daemon  process  waits  for  an
              incoming connection before terminating voluntarily.

       max_use (100)
              The  maximal  number  of  incoming  connections  that a Postfix daemon process will
              service before terminating voluntarily.

       myhostname (see 'postconf -d' output)
              The internet hostname of this mail system.

       myorigin ($myhostname)
              The domain name that locally-posted mail appears to come  from,  and  that  locally
              posted mail is delivered to.

       process_id (read-only)
              The process ID of a Postfix command or daemon process.

       process_name (read-only)
              The process name of a Postfix command or daemon process.

       queue_directory (see 'postconf -d' output)
              The location of the Postfix top-level queue directory.

       soft_bounce (no)
              Safety net to keep mail queued that would otherwise be returned to the sender.

       syslog_facility (mail)
              The syslog facility of Postfix logging.

       syslog_name (see 'postconf -d' output)
              A  prefix  that  is  prepended  to the process name in syslog records, so that, for
              example, "smtpd" becomes "prefix/smtpd".

       Available in Postfix version 2.1 and later:

       enable_original_recipient (yes)
              Enable support for the original recipient address after an address is rewritten  to
              a different address (for example with aliasing or with canonical mapping).

       Available in Postfix 3.3 and later:

       service_name (read-only)
              The master.cf service name of a Postfix daemon process.

       Available in Postfix 3.5 and later:

       info_log_address_format (external)
              The  email  address  form  that  will  be used in non-debug logging (info, warning,
              etc.).

       Available in Postfix 3.9 and later:

       force_mime_input_conversion (no)
              Convert body  content  that  claims  to  be  8-bit  into  quoted-printable,  before
              header_checks, body_checks, Milters, and before after-queue content filters.

FILES

       /etc/postfix/canonical*, canonical mapping table
       /etc/postfix/virtual*, virtual mapping table

SEE ALSO

       trivial-rewrite(8), address rewriting
       qmgr(8), queue manager
       header_checks(5), message header content inspection
       body_checks(5), body parts content inspection
       canonical(5), canonical address lookup table format
       virtual(5), virtual alias lookup table format
       postconf(5), configuration parameters
       master(5), generic daemon options
       master(8), process manager
       postlogd(8), Postfix logging
       syslogd(8), system logging

README FILES

       Use "postconf readme_directory" or "postconf html_directory" to locate this information.
       ADDRESS_REWRITING_README Postfix address manipulation
       CONTENT_INSPECTION_README content inspection

LICENSE

       The Secure Mailer license must be distributed with this software.

AUTHOR(S)

       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

       Wietse Venema
       Google, Inc.
       111 8th Avenue
       New York, NY 10011, USA

                                                                                CLEANUP(8postfix)