• file
• revisions
• annotate
• diff
• comparison
• raw

postfix/postfix.txt@01294b31a79e (annotated)

postfix/postfix.txt

Thu, 09 Aug 2012 00:41:14 +0200

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Thu, 09 Aug 2012 00:41:14 +0200

changeset 495

01294b31a79e

parent 190

35b9f699911a

child 664

3045cab269c7

permissions

-rw-r--r--

Introduce a lot of changes to correct source and build logic including:
Correct URLs, reorder existing patch hunks, update vendor version and
patch accordingly, integrate optional SQLite storage, modernize package
(remove boilerplate RPM logic), correct preprocessor definitions as
NIS+was removed from Solaris 11, use parallel make, improve configuration
spacing and whitespace, and remove now uneeded postfix-script(1) and
post-install(1) relocation.

michael@146	1	<file name="Makefile">
michael@146	2	##
michael@146	3	## @l_prefix@/etc/postfix/Makefile -- maintainance procedures
michael@146	4	##
michael@146	5
michael@146	6	# path configuration
michael@146	7	PREFIX = @l_prefix@
michael@146	8	SBINDIR = $(PREFIX)/sbin
michael@146	9	ETCDIR = $(PREFIX)/etc
michael@146	10
michael@146	11	# program configuration
michael@146	12	RC = $(ETCDIR)/rc
michael@146	13	POSTALIAS = $(SBINDIR)/postalias
michael@146	14	POSTMAP = $(SBINDIR)/postmap
michael@146	15	POSTFIX = $(SBINDIR)/postfix
michael@146	16
michael@146	17	# table filename configuration
michael@146	18	T_ACCESS = access
michael@146	19	T_CANONICAL = canonical
michael@146	20	T_GENERIC = generic
michael@146	21	T_VIRTUAL = virtual
michael@146	22	T_RELOCATED = relocated
michael@146	23	T_TRANSPORT = transport
michael@146	24	T_ALIASES = aliases
michael@179	25	T_CLIENTS = clients
michael@179	26	T_SENDERS = senders
michael@181	27	T_CLICRT = clicrt
michael@146	28
michael@146	29	# dependency tracking
michael@146	30	TIMESTAMP = .up-to-date
michael@146	31	DEPENDENCIES = Makefile master.cf main.cf $(TABLES)
michael@146	32
michael@146	33	# managed tables:
michael@146	34	# - use extension ".db" for hash tables ("hash")
michael@146	35	# - use no extension for regex tables ("pcre")
michael@146	36	TABLES = \
michael@146	37	$(T_ACCESS).db \
michael@146	38	$(T_CANONICAL).db \
michael@146	39	$(T_GENERIC).db \
michael@146	40	$(T_VIRTUAL).db \
michael@146	41	$(T_RELOCATED).db \
michael@146	42	$(T_TRANSPORT).db \
michael@179	43	$(T_ALIASES).db \
michael@179	44	$(T_CLIENTS).db \
michael@179	45	$(T_SENDERS).db \
michael@181	46	$(T_CLICRT).db
michael@146	47
michael@146	48	# default target
michael@146	49	all: $(TABLES) $(TIMESTAMP)
michael@146	50
michael@146	51	# implicit checking and reloading
michael@146	52	$(TIMESTAMP): $(DEPENDENCIES)
michael@146	53	$(POSTFIX) check
michael@146	54	$(POSTFIX) reload >/dev/null 2>&1 || true
michael@146	55	touch $(TIMESTAMP) && chmod 600 $(TIMESTAMP)
michael@146	56
michael@146	57	# explicit checking
michael@146	58	check:
michael@146	59	$(POSTFIX) check
michael@146	60
michael@146	61	# hash table update targets
michael@146	62	$(T_ACCESS).db: $(T_ACCESS) $(MAKEFILE)
michael@146	63	$(POSTMAP) hash:$(T_ACCESS)
michael@146	64	$(T_CANONICAL).db: $(T_CANONICAL) $(MAKEFILE)
michael@146	65	$(POSTMAP) hash:$(T_CANONICAL)
michael@146	66	$(T_GENERIC).db: $(T_GENERIC) $(MAKEFILE)
michael@146	67	$(POSTMAP) hash:$(T_GENERIC)
michael@146	68	$(T_VIRTUAL).db: $(T_VIRTUAL) $(MAKEFILE)
michael@146	69	$(POSTMAP) hash:$(T_VIRTUAL)
michael@146	70	$(T_RELOCATED).db: $(T_RELOCATED) $(MAKEFILE)
michael@146	71	$(POSTMAP) hash:$(T_RELOCATED)
michael@146	72	$(T_TRANSPORT).db: $(T_TRANSPORT) $(MAKEFILE)
michael@146	73	$(POSTMAP) hash:$(T_TRANSPORT)
michael@146	74	$(T_ALIASES).db: $(T_ALIASES) $(MAKEFILE)
michael@146	75	$(POSTALIAS) hash:$(T_ALIASES)
michael@179	76	$(T_CLIENTS).db: $(T_CLIENTS) $(MAKEFILE)
michael@179	77	$(POSTMAP) hash:$(T_CLIENTS)
michael@179	78	$(T_SENDERS).db: $(T_SENDERS) $(MAKEFILE)
michael@179	79	$(POSTMAP) hash:$(T_SENDERS)
michael@181	80	$(T_CLICRT).db: $(T_CLICRT) $(MAKEFILE)
michael@181	81	$(POSTMAP) hash:$(T_CLICRT)
michael@146	82
michael@146	83	# cleanup target
michael@146	84	clean:
michael@146	85	-rm -f $(TABLES)
michael@146	86	-rm -f $(TIMESTAMP)
michael@146	87
michael@146	88	# process management
michael@146	89	start:
michael@146	90	$(RC) postfix start
michael@146	91	reload:
michael@146	92	$(RC) postfix reload
michael@146	93	stop:
michael@146	94	$(RC) postfix stop
michael@146	95
michael@146	96	</file>
michael@146	97	<file name="master.cf">
michael@146	98	##
michael@146	99	## @l_prefix@/etc/postfix/master.cf -- Postfix master process table
michael@146	100	##
michael@146	101	# ==========================================================================
michael@146	102	# service type private unpriv chroot wakeup maxproc command + args
michael@146	103	# (yes) (yes) (yes) (never) (100)
michael@146	104	# ==========================================================================
michael@146	105	smtp inet n - n - - smtpd
michael@495	106	#smtp inet n - n - - smtpd -o content_filter=spamass
michael@495	107	#smtp inet n - n - 1 postscreen
michael@495	108	#smtpd pass - - n - - smtpd
michael@495	109	#dnsblog unix - - n - 0 dnsblog
michael@495	110	#tlsproxy unix - - n - 0 tlsproxy
michael@146	111	#628 inet n - n - - qmqpd
michael@146	112	pickup fifo n - n 60 1 pickup
michael@146	113	cleanup unix n - n - 0 cleanup
michael@146	114	qmgr fifo n - n 300 1 qmgr
michael@146	115	tlsmgr unix - - n 1000? 1 tlsmgr
michael@146	116	rewrite unix - - n - - trivial-rewrite
michael@146	117	bounce unix - - n - 0 bounce
michael@146	118	defer unix - - n - 0 bounce
michael@146	119	trace unix - - n - 0 bounce
michael@146	120	verify unix - - n - 1 verify
michael@146	121	flush unix n - n 1000? 0 flush
michael@146	122	proxymap unix - - n - - proxymap
michael@146	123	proxywrite unix - - n - - proxymap
michael@146	124	smtp unix - - n - - smtp
michael@146	125	relay unix - - n - - smtp -o fallback_relay=
michael@146	126	showq unix n - n - - showq
michael@146	127	error unix - - n - - error
michael@146	128	retry unix - - n - - error
michael@146	129	local unix - n n - - local
michael@146	130	virtual unix - n n - - virtual
michael@146	131	lmtp unix - - n - - lmtp
michael@146	132	anvil unix - - n - 1 anvil
michael@146	133	scache unix - - n - 1 scache
michael@146	134	#maildrop unix - n n - - pipe flags=DRhu user=@l_nusr@ argv=@l_prefix@/bin/maildrop -d ${recipient}
michael@146	135	#cyrus unix - n n - - pipe user=@l_nusr@ argv=@l_prefix@/bin/cyrdeliver -e -r ${sender} -m ${extension} ${user}
michael@495	136	#dovecot unix - n n - - pipe flags=DR user=@l_rusr@ argv=@l_prefix@/libexec/dovecot/deliver -f ${sender} -d ${user} -n -m ${extension}
michael@495	137	#spamass unix - n n - - pipe flags=R user=@l_rusr@ argv=@l_prefix@/bin/spamc -f -u ${user} -e @l_prefix@/sbin/sendmail -oi -f ${sender} ${recipient}
michael@146	138	#uucp unix - n n - - pipe flags=Fqhu user=@l_nusr@ argv=@l_prefix@/bin/uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
michael@146	139	#ifmail unix - n n - - pipe flags=F user=@l_nusr@ argv=@l_prefix@/bin/ifmail -r $nexthop ($recipient)
michael@146	140	#bsmtp unix - n n - - pipe flags=Fq. user=@l_nusr@ argv=@l_prefix@/bin/bsmtp -f $sender $nexthop $recipient
michael@146	141	</file>
michael@146	142	<file name="main.cf">
michael@146	143	##
michael@146	144	## @l_prefix@/etc/postfix/main.cf -- Postfix main configuration
michael@146	145	##
michael@146	146	## Run "@l_prefix@/sbin/postconf -n" to see all parameters overriding
michael@146	147	## defaults, run "@l_prefix@/sbin/postconf -d" to see all possible
michael@146	148	## parameters and their defaults and read the following manual
michael@146	149	## pages for description of each parameter: bounce(8), cleanup(8),
michael@146	150	## defer(8), error(8), flush(8), lmtp(8), local(8), master(8),
michael@146	151	## pickup(8), pipe(8), qmgr(8), showq(8), smtp(8), smtpd(8), spawn(8),
michael@146	152	## trivial-rewrite(8).
michael@146	153	##
michael@146	154
michael@146	155	# users
michael@146	156	mail_owner = @l_musr@
michael@146	157	setgid_group = @l_rgrp@
michael@146	158	default_privs = @l_nusr@
michael@146	159
michael@146	160	# local host
michael@146	161	myhostname = mail.example.com
michael@146	162	mydomain = example.com
michael@146	163	myorigin = $myhostname
michael@146	164
michael@146	165	# smtp daemon
michael@146	166	#smtpd_banner = $myhostname ESMTP $mail_name
michael@146	167	inet_interfaces = 127.0.0.1
michael@146	168
michael@146	169	# smtp client
michael@146	170	smtp_bind_address = 127.0.0.1
michael@146	171
michael@146	172	# relaying
michael@146	173	mynetworks = 127.0.0.0/8
michael@146	174	#mydestination = $myhostname, localhost.$mydomain
michael@146	175	#relay_domains = $mydestination,
michael@146	176	# hash:@l_prefix@/etc/postfix/access
michael@181	177	#relay_clientcerts = hash:@l_prefix@/etc//postfix/clicrt
michael@146	178	#smtpd_recipient_restrictions = permit_mynetworks,
michael@146	179	# check_client_access hash:@l_prefix@/etc/postfix/access,
michael@146	180	# reject_unauth_destination
michael@146	181
michael@146	182	# maps
michael@146	183	#canonical_maps = hash:@l_prefix@/etc/postfix/canonical
michael@146	184	#smtp_generic_maps = hash:@l_prefix@/etc/postfix/generic
michael@146	185	#virtual_alias_maps = hash:@l_prefix@/etc/postfix/virtual
michael@146	186	#relocated_maps = hash:@l_prefix@/etc/postfix/relocated
michael@146	187	#transport_maps = hash:@l_prefix@/etc/postfix/transport
michael@146	188	alias_maps = hash:@l_prefix@/etc/postfix/aliases
michael@146	189	alias_database = hash:@l_prefix@/etc/postfix/aliases
michael@146	190
michael@146	191	# local delivery
michael@146	192	#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
michael@146	193	recipient_delimiter = +
michael@146	194	mailbox_command = @l_prefix@/bin/procmail -a "$EXTENSION"
michael@146	195
michael@146	196	</file>
michael@146	197	<file name="access">
michael@146	198	##
michael@146	199	## @l_prefix@/etc/postfix/access -- access control for relaying
michael@146	200	##
michael@146	201	## Searched for both the client (hostname, parent domains, IP address,
michael@146	202	## networks obtained by stripping least significant octets from IP
michael@146	203	## address) and destination address (resolved destination address,
michael@146	204	## parent domain, or localpart@) in order to allow relaying. Rejects
michael@146	205	## the request if the result is REJECT or "[45]XX text". Permits the
michael@146	206	## request if the result is OK or RELAY or all-numerical.
michael@146	207	##
michael@146	208
michael@146	209	# Syntax (see access(5)):
michael@146	210	# | user@domain action
michael@146	211	# | domain action
michael@146	212	# | user@ action
michael@146	213	# | net.work.addr.ess action
michael@146	214	# | net.work.addr action
michael@146	215	# | net.work action
michael@146	216	# | net action
michael@146	217	# where "action" is one of:
michael@146	218	# "[45]NN text", "REJECT", "OK", "restriction..."
michael@146	219	#
michael@146	220	# Examples:
michael@146	221	# | mail.example.com OK
michael@146	222	# | example.com REJECT
michael@146	223	# | 192.168.0.1 OK
michael@146	224	# | 192.168 REJECT
michael@146	225	# | postmaster@ OK
michael@146	226
michael@146	227	</file>
michael@146	228	<file name="virtual">
michael@146	229	##
michael@146	230	## @l_prefix@/etc/postfix/virtual -- virtual address translation
michael@146	231	##
michael@146	232	## Searched for virtual addresses user@domain, user and @domain
michael@146	233	## (in this order). It redirect mail for all recipients, local or
michael@146	234	## remote. The mapping affects only envelope recipients.
michael@146	235	##
michael@146	236
michael@146	237	# Syntax (see virtual(5)):
michael@146	238	# | user@domain address, address, ...
michael@146	239	# | user address, address, ...
michael@146	240	# | @domain address, address, ...
michael@146	241	#
michael@146	242	# Examples:
michael@146	243	# | @example.com john@example.com
michael@146	244	# | postmaster@example.com postmaster
michael@146	245	# | john@example1.com john1
michael@146	246	# | john@example2.com john2
michael@146	247
michael@146	248	</file>
michael@146	249	<file name="aliases">
michael@146	250	##
michael@146	251	## @l_prefix@/etc/postfix/aliases -- local mailbox aliases
michael@146	252	##
michael@146	253	## Searched for virtual addresses user@domain, user and @domain
michael@146	254	## (in this order). It redirect mail for all recipients, local or
michael@146	255	## remote. The mapping affects only envelope recipients.
michael@146	256	##
michael@146	257
michael@146	258	# Syntax (see aliases(5)):
michael@146	259	# | name: value, value, ...
michael@146	260	# where value is one of:
michael@146	261	# "address", "/file/name", "|command", ":include:/file/name"
michael@146	262	#
michael@146	263	# Examples:
michael@146	264	# | john.doe: john, doe
michael@146	265	# | robot: |/path/to/robot
michael@146	266	# | archive: /path/to/archive
michael@146	267	# | users: :include:/path/to/users.list
michael@146	268	# | owner-users: john.doe
michael@146	269
michael@146	270	# standard mail targets
michael@146	271	nobody: /dev/null
michael@146	272	MAILER-DAEMON: postmaster
michael@146	273
michael@146	274	# mailbox names for common services, roles and functions
michael@146	275	# (see RFC2142 for more details and expanded list of names)
michael@146	276	postmaster: root
michael@146	277	hostmaster: root
michael@146	278	security: root
michael@146	279	abuse: root
michael@146	280
michael@146	281	# save unprivileged user storage of careless admins
michael@146	282	root: /dev/null
michael@146	283
michael@146	284	</file>
michael@146	285	<file name="canonical">
michael@146	286	##
michael@146	287	## @l_prefix@/etc/postfix/canonical -- address canonification on mail receiving
michael@146	288	##
michael@146	289	## Searched for canonical addresses for user@domain, user and @domain
michael@146	290	## (in this order).
michael@146	291	##
michael@146	292
michael@146	293	# Syntax (see canonical(5)):
michael@146	294	# | user@domain address
michael@146	295	# | user address
michael@146	296	# | @domain address
michael@146	297	#
michael@146	298	# Examples:
michael@146	299	# | postmaster@mail.example.com postmaster@example.com
michael@146	300	# | john John.Doe
michael@146	301	# | @example.com @example.com
michael@146	302
michael@146	303	</file>
michael@146	304	<file name="relocated">
michael@146	305	##
michael@146	306	## @l_prefix@/etc/postfix/relocated -- relocate obsolete addresses
michael@146	307	##
michael@146	308	## Searched for relocated addresses user@domain, user and @domain
michael@146	309	## (in this order). It bounces mail for all recipients.
michael@146	310	##
michael@146	311
michael@146	312	# Syntax (see relocated(5)):
michael@146	313	# | user@domain address
michael@146	314	# | user address
michael@146	315	# | @domain address
michael@146	316	#
michael@146	317	# Examples:
michael@146	318	# | john@invalid john@example.com
michael@146	319	# | john john@example.com
michael@146	320	# | @invalid john@example.com
michael@146	321
michael@146	322	</file>
michael@146	323	<file name="generic">
michael@146	324	##
michael@146	325	## @l_prefix@/etc/postfix/generic -- address canonification on mail sending
michael@146	326	##
michael@146	327	## Searched for canonical addresses for user@domain, user and @domain
michael@146	328	## (in this order).
michael@146	329	##
michael@146	330
michael@146	331	# Syntax (see generic(5)):
michael@146	332	# | user@domain address
michael@146	333	# | user address
michael@146	334	# | @domain address
michael@146	335	#
michael@146	336	# Examples:
michael@146	337	# | postmaster@mail.example.com postmaster@example.com
michael@146	338	# | john John.Doe
michael@146	339	# | @example.com @example.com
michael@146	340
michael@146	341	</file>
michael@146	342	<file name="transport">
michael@146	343	##
michael@146	344	## @l_prefix@/etc/postfix/transport -- transport selection
michael@146	345	##
michael@146	346	## Searched for domain and .domain (in this order). It selects the
michael@146	347	## specified transport facility for delivery.
michael@146	348	##
michael@146	349
michael@146	350	# Syntax (see transport(5)):
michael@146	351	# | domain transport:nexthop
michael@146	352	# | .domain transport:nexthop
michael@146	353	#
michael@146	354	# Examples:
michael@146	355	# | me.example.com local:
michael@146	356	# | you.example.com smtp:mail.example.com:2525
michael@146	357	# | example.com smtp:mail.example.com
michael@146	358	# | .example.com smtp:mail.example.com
michael@146	359
michael@146	360	</file>
michael@181	361	<file name="clients">
michael@179	362	##
michael@181	363	## @l_prefix@/etc/postfix/clients -- control for relaying clients
michael@181	364	##
michael@181	365	## Searched for both the client (hostname, parent domains, IP address,
michael@181	366	## networks obtained by stripping least significant octets from IP
michael@181	367	## address) and destination address (resolved destination address,
michael@181	368	## parent domain, or localpart@) in order to allow relaying. Rejects
michael@181	369	## the request if the result is REJECT or "[45]XX text". Permits the
michael@181	370	## request if the result is OK or RELAY or all-numerical.
michael@181	371	##
michael@181	372
michael@181	373	# Syntax (see postmap(5)):
michael@181	374	# | user@domain action
michael@181	375	# | domain action
michael@181	376	# | user@ action
michael@181	377	# | net.work.addr.ess action
michael@181	378	# | net.work.addr action
michael@181	379	# | net.work action
michael@181	380	# | net action
michael@181	381	# where "action" is one of:
michael@181	382	# "[45]NN text", "REJECT", "OK", "restriction..."
michael@181	383	#
michael@181	384	# Examples:
michael@181	385	# | mail.example.com OK
michael@181	386	# | example.com REJECT
michael@181	387	# | 192.168.0.1 OK
michael@181	388	# | 192.168 REJECT
michael@181	389	# | postmaster@ OK
michael@181	390
michael@181	391	</file>
michael@181	392	<file name="senders">
michael@181	393	##
michael@181	394	## @l_prefix@/etc/postfix/senders -- control for relaying senders
michael@181	395	##
michael@181	396	## Searched for both the client (hostname, parent domains, IP address,
michael@181	397	## networks obtained by stripping least significant octets from IP
michael@181	398	## address) and destination address (resolved destination address,
michael@181	399	## parent domain, or localpart@) in order to allow relaying. Rejects
michael@181	400	## the request if the result is REJECT or "[45]XX text". Permits the
michael@181	401	## request if the result is OK or RELAY or all-numerical.
michael@181	402	##
michael@181	403
michael@181	404	# Syntax (see access(5)):
michael@181	405	# | user@domain action
michael@181	406	# | domain action
michael@181	407	# | user@ action
michael@181	408	# | net.work.addr.ess action
michael@181	409	# | net.work.addr action
michael@181	410	# | net.work action
michael@181	411	# | net action
michael@181	412	# where "action" is one of:
michael@181	413	# "[45]NN text", "REJECT", "OK", "restriction..."
michael@181	414	#
michael@181	415	# Examples:
michael@181	416	# | mail.example.com OK
michael@181	417	# | example.com REJECT
michael@181	418	# | 192.168.0.1 OK
michael@181	419	# | 192.168 REJECT
michael@181	420	# | postmaster@ OK
michael@181	421
michael@181	422	</file>
michael@181	423	<file name="clicrt">
michael@181	424	##
michael@181	425	## @l_prefix@/etc/postfix/clicrt -- user identity verification
michael@179	426	##
michael@179	427	## Searched for user names matching TLS certificate fingerprints
michael@179	428	## when a client responding to the MTA's client certificate request
michael@179	429	## presents a valid (signed from proper CA) certificate.
michael@179	430	##
michael@179	431	## To find such fingerprints given a valid client certificate:
michael@179	432	## @l_prefix@/bin/openssl x509 -noout -fingerprint -sha1 -in certfile.pem
michael@179	433	##
michael@179	434
michael@181	435	# Syntax (fingerprint according to smtpd_tls_fingerprint_digest):
michael@181	436	# | fingerprint arbitrary-value
michael@181	437	#
michael@179	438	# Examples:
michael@181	439	# | B8:B8:A8:AE:B8:2A:2B:74:EC:43:FF:4F:B2:B2:AC:1E:B4:CE:26:1D user1
michael@181	440	# | 18:81:F5:22:18:BA:EB:15:FF:40:30:00:EA:C0:B4:2E:EC:AE:86:8E user2
michael@179	441
michael@179	442	</file>