1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "http://www.w3.org/TR/html4/loose.dtd"> 3 4<html> 5 6<head> 7 8<title>Postfix Architecture Overview </title> 9 10<meta http-equiv="Content-Type" content="text/html; charset=us-ascii"> 11 12</head> 13 14<body> 15 16<h1> <img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix 17Architecture Overview </h1> 18 19<hr> 20 21<h2> Introduction </h2> 22 23<p> This document presents an overview of the Postfix architecture, 24and provides pointers to descriptions of every Postfix command 25or server program. The text gives the general context in which 26each command or server program is used, and provides pointers to 27documents with specific usage examples and background information. 28</p> 29 30<p> Topics covered by this document: </p> 31 32<ul> 33 34<li> <a href="#receiving"> How Postfix receives mail </a> 35 36<li> <a href="#delivering"> How Postfix delivers mail </a> 37 38<li> <a href="#behind"> Postfix behind the scenes </a> 39 40<li> <a href="#commands"> Postfix support commands </a> 41 42</ul> 43 44<h2><a name="receiving"> How Postfix receives mail </a> </h2> 45 46<p> When a message enters the Postfix mail system, the first stop 47on the inside is the <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>. The figure below shows the 48main processes that are involved with new mail. Names followed by 49a number are Postfix commands or server programs, while unnumbered 50names inside shaded areas represent Postfix queues. </p> 51 52<blockquote> 53 54<table> 55 56<tr> 57 58<td colspan="4"> </td> 59 60<td bgcolor="#f0f0ff" align="center"> <a href="trivial-rewrite.8.html">trivial-<br>rewrite(8)</a> </td> 61 62</tr> 63 64<tr> 65 66<td> Network </td> <td> <tt> -> </tt> </td> 67 68<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="smtpd.8.html">smtpd(8)</a> 69</td> 70 71<td> </td> 72 73<td rowspan="2" align="center"> <table> <tr> <td align="center"> 74^<br> <tt> | </tt> </td> <td align="center"> <tt> |<br> v </tt> 75</td> </tr> </table> </td> 76 77</tr> 78 79<tr> 80 81<td colspan="3"> </td> <td> <tt> \ </tt> </td> 82 83</tr> 84 85<tr> 86 87<td> Network </td> <td> <tt> -> </tt> </td> 88 89<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="qmqpd.8.html">qmqpd(8)</a> 90</td> 91 92<td> <tt> -> </tt> </td> 93 94<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="cleanup.8.html">cleanup(8)</a> 95</td> 96 97<td> <tt> -> </tt> </td> 98 99<td bgcolor="#f0f0ff" align="center" valign="middle"> <a 100href="QSHAPE_README.html#incoming_queue"> incoming </a> </td> 101 102</tr> 103 104<tr> 105 106<td colspan="3"> </td> <td> <tt> / </tt> </td> 107 108</tr> 109 110<tr> 111 112<td colspan="2"> </td> 113 114<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="pickup.8.html">pickup(8)</a> 115</td> 116 117<td> <tt> <- </tt> </td> 118 119<td bgcolor="#f0f0ff" align="center" valign="middle"> <a 120href="QSHAPE_README.html#maildrop_queue"> maildrop </a> </td> 121 122</tr> 123 124<tr> 125 126<td colspan="4" align="center"> </td> 127 128<td align="center"> ^<br> <tt> | </tt> </td> 129 130</tr> 131 132<tr> 133 134<td> Local </td> <td> <tt> -> </tt> </td> 135 136<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="sendmail.1.html">sendmail(1)</a> 137</td> 138 139<td> <tt> -> </tt> </td> 140 141<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="postdrop.1.html">postdrop(1)</a> 142</td> 143 144</tr> 145 146</table> 147 148</blockquote> 149 150<ul> 151 152<li> <p> Network mail enters Postfix via the <a href="smtpd.8.html">smtpd(8)</a> or <a href="qmqpd.8.html">qmqpd(8)</a> 153servers. These servers remove the SMTP or QMQP protocol encapsulation, 154enforce some sanity checks to protect Postfix, and give the sender, 155recipients and message content to the <a href="cleanup.8.html">cleanup(8)</a> server. The 156<a href="smtpd.8.html">smtpd(8)</a> server can be configured to block unwanted mail, as 157described in the <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document. </p> 158 159<li> <p> Local submissions are received with the Postfix <a href="sendmail.1.html">sendmail(1)</a> 160compatibility command, and are queued in the <a href="QSHAPE_README.html#maildrop_queue">maildrop queue</a> by 161the privileged <a href="postdrop.1.html">postdrop(1)</a> command. This arrangement even works 162while the Postfix mail system is not running. The local <a href="pickup.8.html">pickup(8)</a> 163server picks up local submissions, enforces some sanity checks to 164protect Postfix, and gives the sender, recipients and message 165content to the <a href="cleanup.8.html">cleanup(8)</a> server. </p> 166 167<li> <p> Mail from internal sources is given directly to the 168<a href="cleanup.8.html">cleanup(8)</a> server. These sources are not shown in the figure, and 169include: mail that is forwarded by the <a href="local.8.html">local(8)</a> delivery agent (see 170next section), messages that are returned to the sender by the 171<a href="bounce.8.html">bounce(8)</a> server (see second-next section), and postmaster 172notifications about problems with Postfix. </p> 173 174<li> <p> The <a href="cleanup.8.html">cleanup(8)</a> server implements the final processing 175stage before mail is queued. It adds missing From: and other message 176headers, and transforms addresses as described in the 177<a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> 178document. Optionally, the <a href="cleanup.8.html">cleanup(8)</a> server can be configured to 179do light-weight content inspection with regular expressions as 180described in the <a href="BUILTIN_FILTER_README.html">BUILTIN_FILTER_README</a> document. The <a href="cleanup.8.html">cleanup(8)</a> 181server places the result as a single file into the <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>, 182and notifies the queue manager (see next section) of the arrival 183of new mail. </p> 184 185<li> <p> The <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> server rewrites addresses to the 186standard "user@fully.qualified.domain" form, as described in the 187<a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> document. Postfix currently does not 188implement a rewriting language, but a lot can be done via table 189lookups and, if need be, regular expressions. </p> 190 191</ul> 192 193<h2> <a name="delivering"> How Postfix delivers mail </a> </h2> 194 195<p> Once a message has reached the <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> the next step is 196to deliver it. The figure shows the main components of the Postfix 197mail delivery apparatus. Names followed by a number are Postfix 198commands or server programs, while unnumbered names inside shaded 199areas represent Postfix queues. </p> 200 201<blockquote> 202 203<table> 204 205<tr> 206 207<td rowspan="2" colspan="4"> </td> 208 209<td rowspan="2" bgcolor="#f0f0ff" align="center"> <a href="trivial-rewrite.8.html">trivial-<br>rewrite(8)</a> 210</td> 211 212<td> </td> 213 214<td bgcolor="#f0f0ff" align="center"> <a href="smtp.8.html">smtp(8)</a> </td> 215 216<td> <tt> -> </tt> </td> <td> Network </td> 217 218</tr> 219 220<tr> 221 222<td align="right"> <tt> / </tt> </td> 223 224</tr> 225 226<tr> 227 228<td rowspan="2" colspan="4"> </td> 229 230<td rowspan="2" align="center"> <table> <tr> <td align="center"> 231^<br> <tt> | </tt> </td> <td align="center"> <tt> |<br> v </tt> 232</td> </tr> </table> </td> 233 234<td align="right"> <tt> - </tt> </td> 235 236<td bgcolor="#f0f0ff" align="center"> <a href="lmtp.8.html">lmtp(8)</a> </td> 237 238<td> <tt> -> </tt> </td> <td> Network </td> 239 240</tr> 241 242<tr> 243 244<td align="left"> <tt> / </tt> </td> 245 246</tr> 247 248<tr> 249 250<td bgcolor="#f0f0ff" align="center"> <a 251href="QSHAPE_README.html#incoming_queue"> incoming </a> </td> 252 253<td> <tt> -> </tt> </td> 254 255<td bgcolor="#f0f0ff" align="center"> <a 256href="QSHAPE_README.html#active_queue"> active </a> </td> 257 258<td> <tt> -> </tt> </td> 259 260<td bgcolor="#f0f0ff" align="center"> <a href="qmgr.8.html">qmgr(8)</a> </td> 261 262<td align="right"> <tt> --- </tt> </td> 263 264<td bgcolor="#f0f0ff" align="center"> <a href="local.8.html">local(8)</a> </td> 265 266<td> <tt> -> </tt> </td> <td> File, command </td> 267 268</tr> 269 270<tr> 271 272<td rowspan="2" colspan="2"> </td> 273 274<td rowspan="2" align="center"> <table> <tr> <td align="center"> 275^<br> <tt> | </tt> </td> <td align="center"> <tt> |<br> v </tt> 276</td> </tr> </table> </td> 277 278<td rowspan="2" colspan="2"> </td> 279 280<td align="left"> <tt> \ </tt> </td> 281 282</tr> 283 284<tr> 285 286<td align="right"> <tt> - </tt> </td> 287 288<td bgcolor="#f0f0ff" align="center"> <a href="virtual.8.html">virtual(8)</a> </td> 289 290<td> <tt> -> </tt> </td> <td> File </td> 291 292</tr> 293 294<tr> 295 296<td colspan="2"> </td> 297 298<td bgcolor="#f0f0ff" align="center"> <a 299href="QSHAPE_README.html#deferred_queue"> deferred </a> </td> 300 301<td colspan="2"> </td> 302 303<td align="right"> <tt> \ </tt> </td> 304 305</tr> 306 307<tr> 308 309<td colspan="6"> 310 311<td bgcolor="#f0f0ff" align="center"> <a href="pipe.8.html">pipe(8)</a> </td> 312 313<td> <tt> -> </tt> </td> <td> Command </td> 314 315</tr> 316 317</table> 318 319</blockquote> 320 321<ul> 322 323<li> <p> The queue manager (the <a href="qmgr.8.html">qmgr(8)</a> server process in the 324figure) is the heart of Postfix mail delivery. It contacts the 325<a href="smtp.8.html">smtp(8)</a>, <a href="lmtp.8.html">lmtp(8)</a>, <a href="local.8.html">local(8)</a>, <a href="virtual.8.html">virtual(8)</a>, <a href="pipe.8.html">pipe(8)</a>, <a href="discard.8.html">discard(8)</a> or 326<a href="error.8.html">error(8)</a> delivery agents, and sends a delivery request for one 327or more recipient addresses. The <a href="discard.8.html">discard(8)</a> and <a href="error.8.html">error(8)</a> delivery 328agents are special: they discard or bounce all mail, and are not 329shown in the figure above. </p> 330 331<p> The queue manager maintains a small <a href="QSHAPE_README.html#active_queue">active queue</a> with the 332messages that it has opened for delivery. The <a href="QSHAPE_README.html#active_queue">active queue</a> acts as 333a limited window on potentially large <a href="QSHAPE_README.html#incoming_queue">incoming</a> or <a href="QSHAPE_README.html#deferred_queue">deferred queues</a>. 334The limited <a href="QSHAPE_README.html#active_queue">active queue</a> prevents the queue manager from running 335out of memory under heavy load. </p> 336 337<p> The queue manager maintains a separate <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> for mail 338that cannot be delivered, so that a large mail backlog will not 339slow down normal queue accesses. The queue manager's strategy for 340delayed mail delivery attempts is described in the <a href="QSHAPE_README.html">QSHAPE_README</a> 341and <a href="TUNING_README.html">TUNING_README</a> documents. </p> 342 343<li> <p> The <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> server resolves each recipient 344address according to its local or remote address class, as defined 345in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> document. Additional routing information 346can be specified with the optional <a href="transport.5.html">transport(5)</a> table. The 347<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> server optionally queries the <a href="relocated.5.html">relocated(5)</a> table 348for recipients whose address has changed; mail for such recipients is 349returned to the sender with an explanation. </p> 350 351<li> <p> The <a href="smtp.8.html">smtp(8)</a> client looks up a list of mail exchangers for 352the destination host, sorts the list by preference, and tries each 353server in turn until it finds a server that responds. It then 354encapsulates the sender, recipient and message content as required 355by the SMTP protocol; this includes conversion of 8-bit MIME to 3567-bit encoding. </p> 357 358<li> <p> The <a href="lmtp.8.html">lmtp(8)</a> client speaks a protocol similar to SMTP that 359is optimized for delivery to mailbox servers such as Cyrus. The 360advantage of this setup is that one Postfix machine can feed multiple 361mailbox servers over LMTP. The opposite is true as well: one 362mailbox server can be fed over LMTP by multiple Postfix machines. 363</p> 364 365<li> <p> The <a href="local.8.html">local(8)</a> delivery agent understands UNIX-style mailboxes, 366qmail-compatible maildir files, Sendmail-style system-wide <a href="aliases.5.html">aliases(5)</a> 367databases, and Sendmail-style per-user .forward files. Multiple 368local delivery agents can be run in parallel, but parallel delivery 369to the same user is usually limited. </p> 370 371<p> The <a href="local.8.html">local(8)</a> delivery agent has hooks for alternative forms of 372local delivery: you can configure it to deliver to mailbox files 373in user home directories, you can configure it to delegate mailbox 374delivery to an external command such as procmail, or you can delegate 375delivery to a different Postfix delivery agent. </p> 376 377<li> <p> The <a href="virtual.8.html">virtual(8)</a> delivery agent is a bare-bones delivery 378agent that delivers to UNIX-style mailbox or qmail-style maildir 379files only. This delivery agent can deliver mail for multiple 380domains, which makes it especially suitable for hosting lots of 381small domains on a single machine. This is described in the 382<a href="VIRTUAL_README.html">VIRTUAL_README</a> document. </p> 383 384<li> <p> The <a href="pipe.8.html">pipe(8)</a> mailer is the outbound interface to other mail 385processing systems (the Postfix <a href="sendmail.1.html">sendmail(1)</a> command being the 386inbound interface). The interface is UNIX compatible: it provides 387information on the command line and on the standard input stream, 388and expects a process exit status code as defined in <sysexits.h>. 389Examples of delivery via the <a href="pipe.8.html">pipe(8)</a> mailer are in the <a href="MAILDROP_README.html">MAILDROP_README</a> 390and <a href="UUCP_README.html">UUCP_README</a> documents. 391 392</ul> 393 394<h2> <a name="behind"> Postfix behind the scenes </a> </h2> 395 396<p> The previous sections gave an overview of how Postfix server 397processes send and receive mail. These server processes rely on 398other server processes that do things behind the scenes. The text 399below attempts to visualize each service in its own context. As 400before, names followed by a number are Postfix commands or server 401programs, while unnumbered names inside shaded areas represent 402Postfix queues. </p> 403 404<ul> 405 406<li> <p> The resident <a href="master.8.html">master(8)</a> server is the supervisor that keeps 407an eye on the well-being of the Postfix mail system. It is typically 408started at system boot time with the "postfix start" command, and 409keeps running until the system goes down. The <a href="master.8.html">master(8)</a> server is 410responsible for starting Postfix server processes to receive and 411deliver mail, and for restarting servers that terminate prematurely 412because of some problem. The <a href="master.8.html">master(8)</a> server is also responsible 413for enforcing the server process count limits as specified in the 414<a href="master.5.html"><b>master.cf</b></a> configuration file. The picture below gives the 415program hierarchy when Postfix is started up. Only some of the mail 416handling daemon processes are shown. </p> 417 418<table> 419 420<tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff"> 421<a href="postfix.1.html">postfix(1)</a> </td> </tr> 422 423<tr> <td colspan="2"> </td> <td align="center"> |<br> |</td> </tr> 424 425<tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff"> 426postfix-script(1) </td> </tr> 427 428<tr> <td> </td> <td> <table> <tr> <td> </td> <td> / </td> </tr> 429<tr> <td> / </td> <td> </td> </tr> </table> </td> <td align="center"> 430|<br> |</td> <td> <table> <tr> <td> \ </td> <td> </td> </tr> <tr> 431<td> </td> <td> \ </td> </tr> </table> </td> </tr> 432 433<tr> <td align="center" bgcolor="#f0f0ff"> <a href="postsuper.1.html">postsuper(1)</a> </td> <td> 434</td> <td align="center" bgcolor="#f0f0ff"> <a href="master.8.html">master(8)</a> </td> <td> 435</td> <td align="center" bgcolor="#f0f0ff"> <a href="postlog.1.html">postlog(1)</a> </td> </tr> 436 437<tr> <td> </td> <td> <table> <tr> <td> </td> <td> / </td> </tr> 438<tr> <td> / </td> <td> </td> </tr> </table> </td> <td align="center"> 439|<br> |</td> <td> <table> <tr> <td> \ </td> <td> </td> </tr> <tr> 440<td> </td> <td> \ </td> </tr> </table> </td> </tr> 441 442<tr> <td align="center" bgcolor="#f0f0ff"> <a href="smtpd.8.html">smtpd(8)</a> </td> <td> 443</td> <td align="center" bgcolor="#f0f0ff"> <a href="qmgr.8.html">qmgr(8)</a> </td> <td> 444</td> <td align="center" bgcolor="#f0f0ff"> <a href="local.8.html">local(8)</a> </td> </tr> 445 446</table> 447 448<li> <p> The <a href="anvil.8.html">anvil(8)</a> server implements client connection and 449request rate 450limiting for all <a href="smtpd.8.html">smtpd(8)</a> servers. The <a href="TUNING_README.html">TUNING_README</a> document 451provides guidance for dealing with mis-behaving SMTP clients. The 452<a href="anvil.8.html">anvil(8)</a> service is available in Postfix version 2.2 and later. 453</p> 454 455<table> 456 457<tr> <td> Network </td> <td> <tt> -> </tt> </td> <td align="center" 458bgcolor="#f0f0ff"> <br> <a href="smtpd.8.html">smtpd(8)</a><br><br> </td> <td> <tt> <-> 459</tt> </td> <td align="center" bgcolor="#f0f0ff"> <br> <a href="anvil.8.html">anvil(8)</a><br><br> 460</td> </tr> 461 462</table> 463 464<li> <p> The <a href="bounce.8.html">bounce(8)</a>, <a href="defer.8.html">defer(8)</a> and <a href="trace.8.html">trace(8)</a> services each maintain 465their own queue directory trees with per-message logfiles. Postfix 466uses this information when sending "failed", "delayed" or "success" 467delivery status notifications to the sender. </p> 468 469<p> The <a href="trace.8.html">trace(8)</a> service also implements support for the Postfix 470"sendmail 471-bv" and "sendmail -v" commands which produce reports about how 472Postfix delivers mail, and is available with Postfix version 2.1 473and later. See <a href="DEBUG_README.html#trace_mail"> DEBUG_README 474</a> for examples. </p> 475 476<table> 477 478<tr> <td align="center" bgcolor="#f0f0ff"> <a href="cleanup.8.html">cleanup(8)</a> </td> <td 479valign="middle"> <tt> -> </tt> </td> <td align="center" 480bgcolor="#f0f0ff"> <a href="qmgr.8.html">qmgr(8)</a><br> Postfix<br> queue </td> <td 481valign="middle"> <tt> -> </tt> </td> <td align="center" 482bgcolor="#f0f0ff"> Delivery<br> agents</td> </tr> 483 484<tr> <td align="center"> ^<br> <tt> | </tt> </td> <td> </td> <td 485align="center"> <tt> |<br> v </tt> </td> <td> </td> <td align="center"> 486<tt> |<br> v </tt> </td> </tr> 487 488<tr> <td align="center"> (Non-)<br> delivery<br> notice </td> <td 489valign="middle"> <tt> <- </tt> </td> <td align="center" 490bgcolor="#f0f0ff"> <a href="bounce.8.html">bounce(8)</a><br> <a href="defer.8.html">defer(8)</a><br> <a href="trace.8.html">trace(8)</a> </td> <td 491valign="middle"> <tt> <- </tt> </td> <td align="center"> Queue 492id,<br> recipient,<br> status</td> </tr> 493 494<tr> <td colspan="2"> </td> <td align="center"> <table> <tr> <td 495align="center"> ^<br> <tt> | </tt> </td> <td align="center"> <tt> 496|<br> v </tt> </td> </tr> </table> </td> </tr> 497 498<tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff"> 499Per- <br> message<br> logfiles </td> </tr> 500 501</table> 502 503<li> <p> The <a href="flush.8.html">flush(8)</a> servers maintain per-destination logs and 504implement both ETRN and "sendmail -qRdestination", as described 505in the <a href="ETRN_README.html">ETRN_README</a> document. This moves selected queue files from 506the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> back to the <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> and requests their 507delivery. The <a href="flush.8.html">flush(8)</a> service is available with Postfix version 5081.0 and later. </p> 509 510<table> 511 512<tr> <td colspan="4"> </td> <td align="center" bgcolor="#f0f0ff"> 513<a href="QSHAPE_README.html#incoming_queue"> incoming </a><br>^ 514<br><a href="QSHAPE_README.html#deferred_queue"> deferred </a> 515</td> </tr> 516 517<tr> <td colspan="4"> </td> <td align="center"> ^<br> |</td> </tr> 518 519<tr> <td align="center" bgcolor="#f0f0ff"> <a href="smtpd.8.html">smtpd(8)</a><br> <a href="sendmail.1.html">sendmail(1)</a><br> 520<a href="postqueue.1.html">postqueue(1)</a> </td> <td> <tt> - </tt> </td> <td align="center"> 521Destination<br> to flush</td> <td> <tt> -> </tt> </td> <td 522align="center" bgcolor="#f0f0ff"> <a href="flush.8.html">flush(8)</a> </td> <td> <tt> <- 523</tt> </td> <td align="center"> Deferred<br> destination,<br> queue 524id </td> <td> <tt> - </tt> </td> <td align="center" bgcolor="#f0f0ff"> 525Delivery<br> agents,<br> <a href="qmgr.8.html">qmgr(8)</a> </td> </tr> 526 527<tr> <td colspan="4"> </td> <td align="center"> <table> <tr> <td 528align="center"> ^<br> <tt> | </tt> </td> <td align="center"> <tt> 529|<br> v </tt> </td> </tr> </table> </td> </tr> 530 531<tr> <td colspan="4"> </td> <td align="center"> Per-dest-<br> 532ination<br> logs </td> </tr> 533 534</table> 535 536<li> <p> The <a href="proxymap.8.html">proxymap(8)</a> servers provide read-only and read-write 537table lookup 538service to Postfix processes. This overcomes chroot restrictions, 539reduces the number of open lookup tables by sharing one open 540table among multiple processes, and implements single-updater 541tables. </p> 542 543<li> <p> The <a href="scache.8.html">scache(8)</a> server maintains the connection cache for 544the Postfix <a href="smtp.8.html">smtp(8)</a> client. When connection caching is enabled for 545selected destinations, the <a href="smtp.8.html">smtp(8)</a> client does not disconnect 546immediately after a mail transaction, but gives the connection to 547the connection cache server which keeps the connection open for a 548limited amount of time. The <a href="smtp.8.html">smtp(8)</a> client continues with some 549other mail delivery request. Meanwhile, any <a href="smtp.8.html">smtp(8)</a> process can 550ask the <a href="scache.8.html">scache(8)</a> server for that cached connection and reuse it 551for mail delivery. As a safety measure, Postfix limits the number 552of times that a connection may be reused. </p> 553 554<p> When delivering mail to a destination with multiple mail servers, 555connection caching can help to skip over a non-responding server, 556and thus dramatically speed up delivery. SMTP connection caching 557is available in Postfix version 2.2 and later. More information 558about this feature is in the <a href="CONNECTION_CACHE_README.html">CONNECTION_CACHE_README</a> document. </p> 559 560<table> 561 562<tr> <td> </td> <td> <tt> /-- </tt> </td> <td align="center" 563colspan="3" bgcolor="#f0f0ff"> <a href="smtp.8.html">smtp(8)</a> </td> <td colspan="2"> <tt> 564--> </tt> Internet </td> </tr> 565 566<tr> <td align="center" bgcolor="#f0f0ff"> <a href="qmgr.8.html">qmgr(8)</a> </td> <td> </td> 567<td align="center" rowspan="3"> </td> <td align="center" 568rowspan="3"><tt>|<br>|<br>|<br>|<br>v</tt></td> <td> </td> 569</tr> 570 571<tr> <td> </td> <td> <tt> \-- </tt> </td> <td align="center" 572colspan="2" bgcolor="#f0f0ff"> <a href="smtp.8.html">smtp(8)</a> </td> <td align="left"> <tt> 573--> </tt> Internet </td> </tr> 574 575<tr> <td colspan="3"> </td> <td align="center"><tt>^<br>|</tt></td> 576<td> </td> </tr> 577 578<tr> <td colspan="3"> </td> <td align="center" colspan="3" 579bgcolor="#f0f0ff"> <a href="scache.8.html">scache(8)</a> </td> </tr> 580 581</table> 582 583<li> <p> The <a href="showq.8.html">showq(8)</a> servers list the Postfix queue status. This 584is the queue listing service that does the work for the <a href="mailq.1.html">mailq(1)</a> 585and <a href="postqueue.1.html">postqueue(1)</a> commands. </p> 586 587<table> 588 589<tr> <td> Output </td> <td> <tt> <- </tt> </td> <td align="center" 590bgcolor="#f0f0ff"> <a href="mailq.1.html">mailq(1)</a><br> 591 592<a href="postqueue.1.html"> post-<br>queue(1) </a> <br> </td> <td> 593<tt> <- </tt> </td> <td align="center" valign="middle" 594bgcolor="#f0f0ff"> <a href="showq.8.html">showq(8)</a> </td> <td> <tt> <- </tt></td> <td 595align="center" valign="middle" bgcolor="#f0f0ff"> Postfix<br> queue 596</td> </tr> 597 598</table> 599 600<li> <p> The <a href="spawn.8.html">spawn(8)</a> servers run non-Postfix commands on request, 601with the client connected via socket or FIFO to the command's 602standard input, output and error streams. You can find examples of 603its use in the <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> document. </p> 604 605<li> <p> The <a href="tlsmgr.8.html">tlsmgr(8)</a> server runs when TLS (Transport Layer 606Security, formerly known as SSL) is turned on in the Postfix <a href="smtp.8.html">smtp(8)</a> 607client or <a href="smtpd.8.html">smtpd(8)</a> server. This process has two duties: </p> 608 609<ul> 610 611<li> <p> Maintain the pseudo-random number generator (PRNG) that 612is used to seed the TLS engines in Postfix <a href="smtp.8.html">smtp(8)</a> client or <a href="smtpd.8.html">smtpd(8)</a> 613server processes. The state of this PRNG is periodically saved to 614a file, and is read when <a href="tlsmgr.8.html">tlsmgr(8)</a> starts up. </p> 615 616<li> <p> Maintain the optional Postfix <a href="smtp.8.html">smtp(8)</a> client or <a href="smtpd.8.html">smtpd(8)</a> 617server caches with TLS session keys. Saved keys can improve 618performance by reducing the amount of computation at the start of 619a TLS session. </p> 620 621</ul> 622 623<p> TLS support is available in Postfix version 2.2 and later. 624Information about the Postfix TLS implementation is in the <a href="TLS_README.html">TLS_README</a> 625document. </p> 626 627<table> 628 629<tr> <td>Network<tt>-> </tt> </td> <td align="center" 630bgcolor="#f0f0ff"> <br> <a href="smtpd.8.html">smtpd(8)</a> <br> </td> <td colspan="2"> 631<tt> <---seed---<br><br><-session-> </tt> </td> <td 632align="center" bgcolor="#f0f0ff"> <br> <a href="tlsmgr.8.html">tlsmgr(8)</a> <br> </td> 633<td colspan="3"> <tt> ---seed---><br> <br><-session-> 634</tt> </td> <td align="center" bgcolor="#f0f0ff"> <br> <a href="smtp.8.html">smtp(8)</a> <br> 635 </td> <td> <tt> -></tt>Network </td> </tr> 636 637<tr> <td colspan="3"> </td> <td align="right"> <table> <tr> <td> 638</td> <td> / </td> </tr> <tr> <td> / </td> <td> </td> </tr> </table> 639</td> <td align="center"> |<br> |</td> <td align="left"> <table> 640<tr> <td> \ </td> <td> </td> </tr> <tr> <td> </td> <td> \ </td> 641</tr> </table> </td> <td colspan="3"> </td> </tr> 642 643<tr> <td colspan="2"> </td> <td align="center" bgcolor="#f0f0ff"> 644smtpd<br> session<br> cache </td> <td> </td> <td align="center" 645bgcolor="#f0f0ff"> PRNG<br> state <br>file </td> <td> </td> <td 646align="center" bgcolor="#f0f0ff"> smtp<br> session<br> cache </td> 647<td colspan="2"> </td> </tr> 648 649</table> 650 651 652<li> <p> The <a href="verify.8.html">verify(8)</a> server verifies that a sender or recipient 653address is deliverable before the <a href="smtpd.8.html">smtpd(8)</a> server accepts it. The 654<a href="verify.8.html">verify(8)</a> server queries a cache with address verification results. 655If a result is not found, the <a href="verify.8.html">verify(8)</a> server injects a probe 656message into the Postfix queue and processes the status update from 657a delivery agent or queue manager. 658This process is described in the <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> 659document. The <a href="verify.8.html">verify(8)</a> service is available with Postfix version 6602.1 and later. </p> 661 662<table> 663 664<tr> 665 666 <td rowspan="2" colspan="5" align="center" valign="middle"> 667 </td> <td rowspan="3" align="center" valign="bottom"> 668 <tt> -> </tt> </td> <td rowspan="3" align="center" 669 valign="middle"> probe<br> message </td> <td rowspan="3" 670 align="center" valign="middle"> <tt> -> </tt> </td> <td 671 rowspan="3" bgcolor="#f0f0ff" align="center" valign="middle"> 672 Postfix<br> mail<br> queue </td> 673 674</tr> 675 676<tr> </tr> 677 678<tr> 679 680 <td rowspan="3" align="center" valign="middle"> Network </td> 681 <td rowspan="3" align="center" valign="middle"> <tt> -> </tt> 682 </td> <td rowspan="3" bgcolor="#f0f0ff" align="center" 683 valign="middle"> <a href="smtpd.8.html">smtpd(8)</a> </td> <td rowspan="3" align="center" 684 valign="middle"> <tt> <-> </tt> </td> <td rowspan="3" 685 bgcolor="#f0f0ff" align="center" valign="middle"> <a href="verify.8.html">verify(8)</a> 686 </td> 687 688</tr> 689 690<tr> 691 692 <td rowspan="1" colspan="3"> </td> <td rowspan="1" align="center" 693 valign="middle"> <tt> |</tt><br> <tt> v</tt> </td> 694 695</tr> 696 697<tr> 698 699 <td rowspan="3" align="center" valign="top"> <tt> <- </tt> 700 </td> <td rowspan="3" align="center" valign="middle"> probe<br> 701 status </td> <td rowspan="3" align="center" valign="middle"> 702 <tt> <- </tt> </td> <td rowspan="3" bgcolor="#f0f0ff" 703 align="center" valign="middle"> Postfix<br> delivery<br> agents 704 </td> <td rowspan="3" align="left" valign="middle"> <tt>-></tt> 705 Local<br> <tt>-></tt> Network</td> 706 707</tr> 708 709<tr> 710 711 <td rowspan="3" colspan="4" align="center" valign="middle"> 712 </td> <td rowspan="3" align="center" valign="middle"> 713 <tt> ^</tt><br> <tt> |</tt><br> <tt> v</tt> </td> 714 715</tr> 716 717<tr> </tr> 718 719<tr> <td colspan="4"> </td> </tr> 720 721<tr> 722 723 <td colspan="4" align="center" valign="middle"> </td> 724 <td bgcolor="#f0f0ff" align="center" valign="middle"> Address<br> 725 verification<br> cache </td> 726 727</tr> 728 729</table> 730 731<li> <p> The <a href="postscreen.8.html">postscreen(8)</a> server can be put "in front" of Postfix 732<a href="smtpd.8.html">smtpd(8)</a> processes. Its purpose is to accept connections from the 733network and to decide what SMTP clients are allowed to talk to 734Postfix. According to the 2008 MessageLabs annual report, 81% of 735all email was spam, and 90% of that was sent by botnets. While 736<a href="postscreen.8.html">postscreen(8)</a> keeps the zombies away, more <a href="smtpd.8.html">smtpd(8)</a> processes remain 737available for legitimate clients. </p> 738 739<p> The <a href="postscreen.8.html">postscreen(8)</a> server is still evolving, and is likely to 740undergo changes that break compatibility with earlier versions. 741For this reason the <a href="postscreen.8.html">postscreen(8)</a> server is not installed with the 742stable Postfix release. </p> 743 744<table> 745 746<tr> <td> zombie </td> </tr> 747 748<tr> <td> </td> <td align="left"> <tt> \ </tt> </td> </tr> 749 750<tr> <td> zombie </td> <td align="left"> <tt> - </tt> </td> <td> 751</td> <td> </td> <td> </td> <td align="right"> <tt> - </tt> </td> 752<td bgcolor="#f0f0ff" align="center"> <a href="smtpd.8.html">smtpd(8)</a> </td> </tr> 753 754<tr> <td> </td> <td align="right"> <tt> \ </tt> </td> <td> </td> 755<td align="left"> <tt> / </tt> </td> </tr> 756 757<tr> <td bgcolor="#f0f0ff" align="center"> other </td> <td> <tt> 758--- </tt> </td> <td bgcolor="#f0f0ff" align="center" valign="middle"> 759<a href="postscreen.8.html">postscreen(8)</a> </td> </tr> 760 761<tr> <td> </td> <td align="right"> <tt> / </tt> </td> <td> </td> 762<td align="right"> <tt> \ </tt> </td> </tr> 763 764<tr> <td bgcolor="#f0f0ff" align="center"> other </td> <td align="left"> 765<tt> - </tt> </td> <td> </td> <td> </td> <td> </td> <td align="right"> 766<tt> - </tt> </td> <td bgcolor="#f0f0ff" align="center"> <a href="smtpd.8.html">smtpd(8)</a> 767</td> </tr> 768 769<tr> <td> </td> <td align="left"> <tt> / </tt> </td> </tr> 770 771<tr> <td> zombie </td> </tr> 772 773 774</table> 775 776</ul> 777 778<h2> <a name="commands"> Postfix support commands </a> </h2> 779 780<p> The Postfix architecture overview ends with a summary of 781command-line utilities for day-to-day use of the Postfix mail 782system. Besides the Sendmail-compatible <a href="sendmail.1.html">sendmail(1)</a>, <a href="mailq.1.html">mailq(1)</a>, and 783<a href="newaliases.1.html">newaliases(1)</a> commands, the Postfix system comes with it own 784collection of command-line utilities. For consistency, these are 785all named post<i>something</i>. </p> 786 787<ul> 788 789<li> <p> The <a href="postfix.1.html">postfix(1)</a> command controls the operation of the mail 790system. It is the interface for starting, stopping, and restarting 791the mail system, as well as for some other administrative operations. 792This command is reserved to the super-user. </p> 793 794<li> <p> The <a href="postalias.1.html">postalias(1)</a> command maintains Postfix <a href="aliases.5.html">aliases(5)</a> type 795databases. This is the program that does the work for the 796<a href="newaliases.1.html">newaliases(1)</a> command. </p> 797 798<li> <p> The <a href="postcat.1.html">postcat(1)</a> command displays the contents of Postfix 799queue files. This is a limited, preliminary utility. This program 800is likely to be superseded by something more powerful that can also 801edit Postfix queue files. </p> 802 803<li> <p> The <a href="postconf.1.html">postconf(1)</a> command displays or updates Postfix <a href="postconf.5.html">main.cf</a> 804parameters and displays system dependent information about the 805supported file locking methods, and the supported types of lookup 806tables. </p> 807 808<li> <p> The <a href="postdrop.1.html">postdrop(1)</a> command is the mail posting utility that 809is run by the Postfix <a href="sendmail.1.html">sendmail(1)</a> command in order to deposit mail 810into the <a href="QSHAPE_README.html#maildrop_queue">maildrop queue</a> directory. </p> 811 812<li> <p> The <a href="postkick.1.html">postkick(1)</a> command makes some Postfix internal 813communication channels available for use in, for example, shell 814scripts. </p> 815 816<li> <p> The <a href="postlock.1.html">postlock(1)</a> command provides Postfix-compatible mailbox 817locking for use in, for example, shell scripts. </p> 818 819<li> <p> The <a href="postlog.1.html">postlog(1)</a> command provides Postfix-compatible logging 820for shell scripts. </p> 821 822<li> <p> The <a href="postmap.1.html">postmap(1)</a> command maintains Postfix lookup tables 823such as <a href="canonical.5.html">canonical(5)</a>, <a href="virtual.5.html">virtual(5)</a> and others. It is a cousin of the 824UNIX makemap command. </p> 825 826<li> <p> The <a href="postmulti.1.html">postmulti(1)</a> command repeats the "postfix start" etc. 827command for each Postfix instance, and supports creation, deletion 828etc. of Postfix instances. For a tutorial, see <a href="MULTI_INSTANCE_README.html">MULTI_INSTANCE_README</a>. 829</p> 830 831<li> <p> The <a href="postqueue.1.html">postqueue(1)</a> command is the privileged command that 832is run by Postfix <a href="sendmail.1.html">sendmail(1)</a> and <a href="mailq.1.html">mailq(1)</a> in order to flush or 833list the 834mail queue. </p> 835 836<li> <p> The <a href="postsuper.1.html">postsuper(1)</a> command maintains the Postfix queue. It 837removes old temporary files, and moves queue files into the right 838directory after a change in the hashing depth of queue directories. 839This command is run at mail system startup time and when Postfix 840is restarted. </p> 841 842</ul> 843 844</body> 845 846</html> 847