.\" $NetBSD: postfix.1,v 1.2.14.1 2023/12/25 12:54:40 martin Exp $ .\" .TH POSTFIX 1 .ad .fi .SH NAME postfix \- Postfix control program .SH "SYNOPSIS" .na .nf .fi \fBpostfix\fR [\fB\-Dv\fR] [\fB\-c \fIconfig_dir\fR] \fIcommand\fR .SH DESCRIPTION .ad .fi This command is reserved for the superuser. To submit mail, use the Postfix \fBsendmail\fR(1) command. The \fBpostfix\fR(1) command controls the operation of the Postfix mail system: start or stop the \fBmaster\fR(8) daemon, do a health check, and other maintenance. By default, the \fBpostfix\fR(1) command sets up a standardized environment and runs the \fBpostfix\-script\fR shell script to do the actual work. However, when support for multiple Postfix instances is configured, \fBpostfix\fR(1) executes the command specified with the \fBmulti_instance_wrapper\fR configuration parameter. This command will execute the \fIcommand\fR for each applicable Postfix instance. The following commands are implemented: .IP \fBcheck\fR Warn about bad directory/file ownership or permissions, and create missing directories. .IP \fBstart\fR Start the Postfix mail system. This also runs the configuration check described above. .IP \fBstart\-fg\fR Like \fBstart\fR, but keep the \fBmaster\fR(8) daemon running in the foreground, and enable \fBmaster\fR(8) "init" mode when running as PID 1. This command requires that multi\-instance support is disabled (i.e. the multi_instance_directories parameter value must be empty). When running Postfix inside a container, see MAILLOG_README for logging to stdout. Postfix logs to syslog by default, which requires a) running a syslogd process inside the container, or b) mounting the container host's /dev/log socket inside the container (example: "docker run \-v /dev/log:/dev/log ..."), and c) a distinct Postfix "syslog_name" prefix that identifies logging from the Postfix instance. .IP \fBstop\fR Stop the Postfix mail system in an orderly fashion. If possible, running processes are allowed to terminate at their earliest convenience. .sp Note: in order to refresh the Postfix mail system after a configuration change, do not use the \fBstart\fR and \fBstop\fR commands in succession. Use the \fBreload\fR command instead. .IP \fBabort\fR Stop the Postfix mail system abruptly. Running processes are signaled to stop immediately. .IP \fBflush\fR Force delivery: attempt to deliver every message in the deferred mail queue. Normally, attempts to deliver delayed mail happen at regular intervals, the interval doubling after each failed attempt. .sp Warning: flushing undeliverable mail frequently will result in poor delivery performance of all other mail. .IP \fBreload\fR Re\-read configuration files. Running processes terminate at their earliest convenience. .IP \fBstatus\fR Indicate if the Postfix mail system is currently running (zero exit status) or stopped (non\-zero exit status). .IP "\fBset\-permissions\fR [\fIname\fR=\fIvalue ...\fR]" Set the ownership and permissions of Postfix related files and directories, as specified in the \fBpostfix\-files\fR file. .sp Specify \fIname\fR=\fIvalue\fR to override and update specific main.cf configuration parameters. Use this, for example, to change the \fBmail_owner\fR or \fBsetgid_group\fR setting for an already installed Postfix system. .sp This feature is available in Postfix 2.1 and later. With Postfix 2.0 and earlier, use "\fB$config_directory/post\-install set\-permissions\fR". .IP "\fBlogrotate\fR" Rotate the logfile specified with $maillog_file, by appending a time\-stamp suffix that is formatted according to $maillog_file_rotate_suffix, and by compressing the file with the command specified with $maillog_file_compressor. This will not rotate /dev/* files. .sp This feature is available in Postfix 3.4 and later. .IP "\fBtls\fR \fIsubcommand\fR" Enable opportunistic TLS in the Postfix SMTP client or server, and manage Postfix SMTP server TLS private keys and certificates. See postfix\-tls(1) for documentation. .sp This feature is available in Postfix 3.1 and later. .IP "\fBupgrade\-configuration\fR [\fIname\fR=\fIvalue ...\fR]" Update the \fBmain.cf\fR and \fBmaster.cf\fR files with information that Postfix needs in order to run: add or update services, and add or update configuration parameter settings. .sp Specify \fIname\fR=\fIvalue\fR to override and update specific main.cf configuration parameters. .sp This feature is available in Postfix 2.1 and later. With Postfix 2.0 and earlier, use "\fB$config_directory/post\-install upgrade\-configuration\fR". .PP The following options are implemented: .IP "\fB\-c \fIconfig_dir\fR" Read the \fBmain.cf\fR and \fBmaster.cf\fR configuration files in the named directory instead of the default configuration directory. Use this to distinguish between multiple Postfix instances on the same host. With Postfix 2.6 and later, this option forces the postfix(1) command to operate on the specified Postfix instance only. This behavior is inherited by postfix(1) commands that run as a descendant of the current process. .IP "\fB\-D\fR (with \fBpostfix start\fR only)" Run each Postfix daemon under control of a debugger as specified via the \fBdebugger_command\fR configuration parameter. .IP \fB\-v\fR Enable verbose logging for debugging purposes. Multiple \fB\-v\fR options make the software increasingly verbose. .SH "ENVIRONMENT" .na .nf .ad .fi The \fBpostfix\fR(1) command exports the following environment variables before executing the \fBpostfix\-script\fR file: .IP \fBMAIL_CONFIG\fR This is set when the \-c command\-line option is present. With Postfix 2.6 and later, this environment variable forces the postfix(1) command to operate on the specified Postfix instance only. This behavior is inherited by postfix(1) commands that run as a descendant of the current process. .IP \fBMAIL_VERBOSE\fR This is set when the \-v command\-line option is present. .IP \fBMAIL_DEBUG\fR This is set when the \-D command\-line option is present. .PP When the internal logging service is enabled (by setting a non\-empty maillog_file parameter value) the postfix(1) command exports settings that are used by child processes before they have processed main.cf or command\-line settings. .IP \fBPOSTLOG_SERVICE The name of the public postlog service endpoint. .IP \fBPOSTLOG_HOSTNAME The hostname to prepend to internal logging. .SH "CONFIGURATION PARAMETERS" .na .nf .ad .fi The following \fBmain.cf\fR configuration parameters are exported as environment variables with the same names: .IP "\fBconfig_directory (see 'postconf -d' output)\fR" The default location of the Postfix main.cf and master.cf configuration files. .IP "\fBcommand_directory (see 'postconf -d' output)\fR" The location of all postfix administrative commands. .IP "\fBdaemon_directory (see 'postconf -d' output)\fR" The directory with Postfix support programs and daemon programs. .IP "\fBhtml_directory (see 'postconf -d' output)\fR" The location of Postfix HTML files that describe how to build, configure or operate a specific Postfix subsystem or feature. .IP "\fBmail_owner (postfix)\fR" The UNIX system account that owns the Postfix queue and most Postfix daemon processes. .IP "\fBmailq_path (see 'postconf -d' output)\fR" Sendmail compatibility feature that specifies where the Postfix \fBmailq\fR(1) command is installed. .IP "\fBmanpage_directory (see 'postconf -d' output)\fR" Where the Postfix manual pages are installed. .IP "\fBnewaliases_path (see 'postconf -d' output)\fR" Sendmail compatibility feature that specifies the location of the \fBnewaliases\fR(1) command. .IP "\fBqueue_directory (see 'postconf -d' output)\fR" The location of the Postfix top\-level queue directory. .IP "\fBreadme_directory (see 'postconf -d' output)\fR" The location of Postfix README files that describe how to build, configure or operate a specific Postfix subsystem or feature. .IP "\fBsendmail_path (see 'postconf -d' output)\fR" A Sendmail compatibility feature that specifies the location of the Postfix \fBsendmail\fR(1) command. .IP "\fBsetgid_group (postdrop)\fR" The group ownership of set\-gid Postfix commands and of group\-writable Postfix directories. .PP Available in Postfix version 2.5 and later: .IP "\fBdata_directory (see 'postconf -d' output)\fR" The directory with Postfix\-writable data files (for example: caches, pseudo\-random numbers). .PP Available in Postfix version 3.0 and later: .IP "\fBcompatibility_level (0)\fR" A safety net that causes Postfix to run with backwards\-compatible default settings after an upgrade to a newer Postfix version. .IP "\fBmeta_directory (see 'postconf -d' output)\fR" The location of non\-executable files that are shared among multiple Postfix instances, such as postfix\-files, dynamicmaps.cf, and the multi\-instance template files main.cf.proto and master.cf.proto. .IP "\fBshlib_directory (see 'postconf -d' output)\fR" The location of Postfix dynamically\-linked libraries (libpostfix\-*.so), and the default location of Postfix database plugins (postfix\-*.so) that have a relative pathname in the dynamicmaps.cf file. .PP Available in Postfix version 3.1 and later: .IP "\fBopenssl_path (openssl)\fR" The location of the OpenSSL command line program \fBopenssl\fR(1). .PP Other configuration parameters: .IP "\fBimport_environment (see 'postconf -d' output)\fR" The list of environment variables that a privileged Postfix process will import from a non\-Postfix parent process, or name=value environment overrides. .IP "\fBsyslog_facility (mail)\fR" The syslog facility of Postfix logging. .IP "\fBsyslog_name (see 'postconf -d' output)\fR" A prefix that is prepended to the process name in syslog records, so that, for example, "smtpd" becomes "prefix/smtpd". .PP Available in Postfix version 2.6 and later: .IP "\fBmulti_instance_directories (empty)\fR" An optional list of non\-default Postfix configuration directories; these directories belong to additional Postfix instances that share the Postfix executable files and documentation with the default Postfix instance, and that are started, stopped, etc., together with the default Postfix instance. .IP "\fBmulti_instance_wrapper (empty)\fR" The pathname of a multi\-instance manager command that the \fBpostfix\fR(1) command invokes when the multi_instance_directories parameter value is non\-empty. .IP "\fBmulti_instance_group (empty)\fR" The optional instance group name of this Postfix instance. .IP "\fBmulti_instance_name (empty)\fR" The optional instance name of this Postfix instance. .IP "\fBmulti_instance_enable (no)\fR" Allow this Postfix instance to be started, stopped, etc., by a multi\-instance manager. .PP Available in Postfix version 3.4 and later: .IP "\fBmaillog_file (empty)\fR" The name of an optional logfile that is written by the Postfix \fBpostlogd\fR(8) service. .IP "\fBmaillog_file_compressor (gzip)\fR" The program to run after rotating $maillog_file with "postfix logrotate". .IP "\fBmaillog_file_prefixes (/var, /dev/stdout)\fR" A list of allowed prefixes for a maillog_file value. .IP "\fBmaillog_file_rotate_suffix (%Y%m%d\-%H%M%S)\fR" The format of the suffix to append to $maillog_file while rotating the file with "postfix logrotate". .IP "\fBpostlog_service_name (postlog)\fR" The name of the \fBpostlogd\fR(8) service entry in master.cf. .SH "FILES" .na .nf .ad .fi Prior to Postfix version 2.6, all of the following files were in \fB$config_directory\fR. Some files are now in \fB$daemon_directory\fR or \fB$meta_directory\fR so that they can be shared among multiple instances that run the same Postfix version. Use the command "\fBpostconf config_directory\fR" or "\fBpostconf daemon_directory\fR" to expand the names into their actual values. .na .nf $config_directory/main.cf, Postfix configuration parameters $config_directory/master.cf, Postfix daemon processes $daemon_directory/postfix\-script, administrative commands $daemon_directory/post\-install, post\-installation configuration $meta_directory/dynamicmaps.cf, plug\-in database clients $meta_directory/postfix\-files, file/directory permissions .SH "SEE ALSO" .na .nf Commands: postalias(1), create/update/query alias database postcat(1), examine Postfix queue file postconf(1), Postfix configuration utility postdrop(1), Postfix mail posting utility postfix(1), Postfix control program postfix\-tls(1), Postfix TLS management postkick(1), trigger Postfix daemon postlock(1), Postfix\-compatible locking postlog(1), Postfix\-compatible logging postmap(1), Postfix lookup table manager postmulti(1), Postfix multi\-instance manager postqueue(1), Postfix mail queue control postsuper(1), Postfix housekeeping mailq(1), Sendmail compatibility interface newaliases(1), Sendmail compatibility interface sendmail(1), Sendmail compatibility interface Postfix configuration: bounce(5), Postfix bounce message templates master(5), Postfix master.cf file syntax postconf(5), Postfix main.cf file syntax postfix\-wrapper(5), Postfix multi\-instance API Table\-driven mechanisms: access(5), Postfix SMTP access control table aliases(5), Postfix alias database canonical(5), Postfix input address rewriting generic(5), Postfix output address rewriting header_checks(5), body_checks(5), Postfix content inspection relocated(5), Users that have moved transport(5), Postfix routing table virtual(5), Postfix virtual aliasing Table lookup mechanisms: cidr_table(5), Associate CIDR pattern with value ldap_table(5), Postfix LDAP client lmdb_table(5), Postfix LMDB database driver memcache_table(5), Postfix memcache client mysql_table(5), Postfix MYSQL client nisplus_table(5), Postfix NIS+ client pcre_table(5), Associate PCRE pattern with value pgsql_table(5), Postfix PostgreSQL client regexp_table(5), Associate POSIX regexp pattern with value socketmap_table(5), Postfix socketmap client sqlite_table(5), Postfix SQLite database driver tcp_table(5), Postfix client\-server table lookup Daemon processes: anvil(8), Postfix connection/rate limiting bounce(8), defer(8), trace(8), Delivery status reports cleanup(8), canonicalize and enqueue message discard(8), Postfix discard delivery agent dnsblog(8), DNS allow/denylist logger error(8), Postfix error delivery agent flush(8), Postfix fast ETRN service local(8), Postfix local delivery agent master(8), Postfix master daemon oqmgr(8), old Postfix queue manager pickup(8), Postfix local mail pickup pipe(8), deliver mail to non\-Postfix command postlogd(8), Postfix internal logging service postscreen(8), Postfix zombie blocker proxymap(8), Postfix lookup table proxy server qmgr(8), Postfix queue manager qmqpd(8), Postfix QMQP server scache(8), Postfix connection cache manager showq(8), list Postfix mail queue smtp(8), lmtp(8), Postfix SMTP+LMTP client smtpd(8), Postfix SMTP server spawn(8), run non\-Postfix server tlsmgr(8), Postfix TLS cache and randomness manager tlsproxy(8), Postfix TLS proxy server trivial\-rewrite(8), Postfix address rewriting verify(8), Postfix address verification virtual(8), Postfix virtual delivery agent Other: syslogd(8), system logging .SH "README FILES" .na .nf .ad .fi Use "\fBpostconf readme_directory\fR" or "\fBpostconf html_directory\fR" to locate this information. .na .nf OVERVIEW, overview of Postfix commands and processes BASIC_CONFIGURATION_README, Postfix basic configuration ADDRESS_REWRITING_README, Postfix address rewriting SMTPD_ACCESS_README, SMTP relay/access control CONTENT_INSPECTION_README, Postfix content inspection QSHAPE_README, Postfix queue analysis .SH "LICENSE" .na .nf .ad .fi The Secure Mailer license must be distributed with this software. .SH "AUTHOR(S)" .na .nf Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Heights, NY 10598, USA Wietse Venema Google, Inc. 111 8th Avenue New York, NY 10011, USA TLS support by: Lutz Jaenicke Brandenburg University of Technology Cottbus, Germany Victor Duchovni Morgan Stanley SASL support originally by: Till Franke SuSE Rhein/Main AG 65760 Eschborn, Germany LMTP support originally by: Philip A. Prindeville Mirapoint, Inc. USA. Amos Gouaux University of Texas at Dallas P.O. Box 830688, MC34 Richardson, TX 75083, USA IPv6 support originally by: Mark Huizer, Eindhoven University, The Netherlands Jun\-ichiro 'itojun' Hagino, KAME project, Japan The Linux PLD project Dean Strik, Eindhoven University, The Netherlands