NAME
cleanup - canonicalize and enqueue Postfix message
SYNOPSIS
cleanup [generic Postfix daemon options]
DESCRIPTION
The
cleanup(8) daemon processes inbound mail, inserts it into the
incoming mail queue, and informs the queue manager of its arrival.
The
cleanup(8) daemon always performs the following transformations:
- •
- Insert missing message headers: (Resent-)
From:, To:, Message-Id:, and Date:.
- •
- Transform envelope and header addresses to the standard
user@fully-qualified-domain form that is expected by other Postfix
programs. This task is delegated to the trivial-rewrite(8)
daemon.
- •
- Eliminate duplicate envelope recipient addresses.
- •
- Remove message headers: Bcc, Content-Length,
Resent-Bcc, Return-Path.
The following address transformations are optional:
- •
- Optionally, rewrite all envelope and header addresses
according to the mappings specified in the canonical(5) lookup
tables.
- •
- Optionally, masquerade envelope sender addresses and
message header addresses (i.e. strip host or domain information below all
domains listed in the masquerade_domains parameter, except for user
names listed in masquerade_exceptions). By default, address
masquerading does not affect envelope recipients.
- •
- Optionally, expand envelope recipients according to
information found in the virtual(5) lookup tables.
The
cleanup(8) daemon performs sanity checks on the content of each
message. When it finds a problem, by default it returns a diagnostic status to
the client, and leaves it up to the client to deal with the problem.
Alternatively, the client can request the
cleanup(8) daemon to bounce
the message back to the sender in case of trouble.
STANDARDS
RFC 822 (ARPA Internet Text Messages)
RFC 2045 (MIME: Format of Internet Message Bodies)
RFC 2046 (MIME: Media Types)
RFC 2822 (Internet Message Format)
RFC 3463 (Enhanced Status Codes)
RFC 3464 (Delivery status notifications)
RFC 5322 (Internet Message Format)
DIAGNOSTICS
Problems and transactions are logged to
syslogd(8).
BUGS
Table-driven rewriting rules make it hard to express
if then else
and other logical relationships.
CONFIGURATION PARAMETERS
Changes to
main.cf are picked up automatically, as
cleanup(8)
processes run for only a limited amount of time. Use the command "
postfix reload" to speed up a change.
The text below provides only a parameter summary. See
postconf(5) for
more details including examples.
COMPATIBILITY CONTROLS
- undisclosed_recipients_header (see 'postconf -d'
output)
- Message header that the Postfix cleanup(8) server
inserts when a message contains no To: or Cc: message header.
Available in Postfix version 2.1 only:
- enable_errors_to (no)
- Report mail delivery errors to the address specified with
the non-standard Errors-To: message header, instead of the envelope sender
address (this feature is removed with Postfix version 2.2, is turned off
by default with Postfix version 2.1, and is always turned on with older
Postfix versions).
Available in Postfix version 2.6 and later:
- always_add_missing_headers (no)
- Always add (Resent-) From:, To:, Date: or Message-ID:
headers when not present.
Available in Postfix version 2.9 and later:
- enable_long_queue_ids (no)
- Enable long, non-repeating, queue IDs (queue file
names).
Available in Postfix version 3.0 and later:
- message_drop_headers (bcc, content-length, resent-bcc,
return-path)
- Names of message headers that the cleanup(8) daemon
will remove after applying header_checks(5) and before invoking
Milter applications.
BUILT-IN CONTENT FILTERING CONTROLS
Postfix built-in content filtering is meant to stop a flood of worms or viruses.
It is not a general content filter.
- body_checks (empty)
- Optional lookup tables for content inspection as specified
in the body_checks(5) manual page.
- header_checks (empty)
- Optional lookup tables for content inspection of primary
non-MIME message headers, as specified in the header_checks(5)
manual page.
Available in Postfix version 2.0 and later:
- body_checks_size_limit (51200)
- How much text in a message body segment (or attachment, if
you prefer to use that term) is subjected to body_checks inspection.
- mime_header_checks ($header_checks)
- Optional lookup tables for content inspection of MIME
related message headers, as described in the header_checks(5)
manual page.
- nested_header_checks ($header_checks)
- Optional lookup tables for content inspection of non-MIME
message headers in attached messages, as described in the
header_checks(5) manual page.
Available in Postfix version 2.3 and later:
- message_reject_characters (empty)
- The set of characters that Postfix will reject in message
content.
- message_strip_characters (empty)
- The set of characters that Postfix will remove from message
content.
BEFORE QUEUE MILTER CONTROLS
As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail filter)
protocol. When mail is not received via the smtpd(8) server, the cleanup(8)
server will simulate SMTP events to the extent that this is possible. For
details see the MILTER_README document.
- non_smtpd_milters (empty)
- A list of Milter (mail filter) applications for new mail
that does not arrive via the Postfix smtpd(8) server.
- milter_protocol (6)
- The mail filter protocol version and optional protocol
extensions for communication with a Milter application; prior to Postfix
2.6 the default protocol is 2.
- milter_default_action (tempfail)
- The default action when a Milter (mail filter) application
is unavailable or mis-configured.
- milter_macro_daemon_name ($myhostname)
- The {daemon_name} macro value for Milter (mail filter)
applications.
- milter_macro_v ($mail_name $mail_version)
- The {v} macro value for Milter (mail filter)
applications.
- milter_connect_timeout (30s)
- The time limit for connecting to a Milter (mail filter)
application, and for negotiating protocol options.
- milter_command_timeout (30s)
- The time limit for sending an SMTP command to a Milter
(mail filter) application, and for receiving the response.
- milter_content_timeout (300s)
- The time limit for sending message content to a Milter
(mail filter) application, and for receiving the response.
- milter_connect_macros (see 'postconf -d'
output)
- The macros that are sent to Milter (mail filter)
applications after completion of an SMTP connection.
- milter_helo_macros (see 'postconf -d' output)
- The macros that are sent to Milter (mail filter)
applications after the SMTP HELO or EHLO command.
- milter_mail_macros (see 'postconf -d' output)
- The macros that are sent to Milter (mail filter)
applications after the SMTP MAIL FROM command.
- milter_rcpt_macros (see 'postconf -d' output)
- The macros that are sent to Milter (mail filter)
applications after the SMTP RCPT TO command.
- milter_data_macros (see 'postconf -d' output)
- The macros that are sent to version 4 or higher Milter
(mail filter) applications after the SMTP DATA command.
- milter_unknown_command_macros (see 'postconf -d'
output)
- The macros that are sent to version 3 or higher Milter
(mail filter) applications after an unknown SMTP command.
- milter_end_of_data_macros (see 'postconf -d'
output)
- The macros that are sent to Milter (mail filter)
applications after the message end-of-data.
Available in Postfix version 2.5 and later:
- milter_end_of_header_macros (see 'postconf -d'
output)
- The macros that are sent to Milter (mail filter)
applications after the end of the message header.
Available in Postfix version 2.7 and later:
- milter_header_checks (empty)
- Optional lookup tables for content inspection of message
headers that are produced by Milter applications.
Available in Postfix version 3.1 and later:
- milter_macro_defaults (empty)
- Optional list of name=value pairs that specify
default values for arbitrary macros that Postfix may send to Milter
applications.
MIME PROCESSING CONTROLS
Available in Postfix version 2.0 and later:
- disable_mime_input_processing (no)
- Turn off MIME processing while receiving mail.
- mime_boundary_length_limit (2048)
- The maximal length of MIME multipart boundary strings.
- mime_nesting_limit (100)
- The maximal recursion level that the MIME processor will
handle.
- strict_8bitmime (no)
- Enable both strict_7bit_headers and
strict_8bitmime_body.
- strict_7bit_headers (no)
- Reject mail with 8-bit text in message headers.
- strict_8bitmime_body (no)
- Reject 8-bit message body text without 8-bit MIME content
encoding information.
- strict_mime_encoding_domain (no)
- Reject mail with invalid Content-Transfer-Encoding:
information for the message/* or multipart/* MIME content types.
Available in Postfix version 2.5 and later:
- detect_8bit_encoding_header (yes)
- Automatically detect 8BITMIME body content by looking at
Content-Transfer-Encoding: message headers; historically, this behavior
was hard-coded to be "always on".
AUTOMATIC BCC RECIPIENT CONTROLS
Postfix can automatically add BCC (blind carbon copy) when mail enters the mail
system:
- always_bcc (empty)
- Optional address that receives a "blind carbon
copy" of each message that is received by the Postfix mail
system.
Available in Postfix version 2.1 and later:
- sender_bcc_maps (empty)
- Optional BCC (blind carbon-copy) address lookup tables,
indexed by sender address.
- recipient_bcc_maps (empty)
- Optional BCC (blind carbon-copy) address lookup tables,
indexed by recipient address.
ADDRESS TRANSFORMATION CONTROLS
Address rewriting is delegated to the
trivial-rewrite(8) daemon. The
cleanup(8) server implements table driven address mapping.
- empty_address_recipient (MAILER-DAEMON)
- The recipient of mail addressed to the null address.
- canonical_maps (empty)
- Optional address mapping lookup tables for message headers
and envelopes.
- recipient_canonical_maps (empty)
- Optional address mapping lookup tables for envelope and
header recipient addresses.
- sender_canonical_maps (empty)
- Optional address mapping lookup tables for envelope and
header sender addresses.
- masquerade_classes (envelope_sender, header_sender,
header_recipient)
- What addresses are subject to address masquerading.
- masquerade_domains (empty)
- Optional list of domains whose subdomain structure will be
stripped off in email addresses.
- masquerade_exceptions (empty)
- Optional list of user names that are not subjected to
address masquerading, even when their address matches
$masquerade_domains.
- propagate_unmatched_extensions (canonical,
virtual)
- What address lookup tables copy an address extension from
the lookup key to the lookup result.
Available before Postfix version 2.0:
- virtual_maps (empty)
- Optional lookup tables with a) names of domains for which
all addresses are aliased to addresses in other local or remote domains,
and b) addresses that are aliased to addresses in other local or remote
domains.
Available in Postfix version 2.0 and later:
- virtual_alias_maps ($virtual_maps)
- Optional lookup tables that alias specific mail addresses
or domains to other local or remote address.
Available in Postfix version 2.2 and later:
- canonical_classes (envelope_sender, envelope_recipient,
header_sender, header_recipient)
- What addresses are subject to canonical_maps address
mapping.
- recipient_canonical_classes (envelope_recipient,
header_recipient)
- What addresses are subject to recipient_canonical_maps
address mapping.
- sender_canonical_classes (envelope_sender,
header_sender)
- What addresses are subject to sender_canonical_maps address
mapping.
- remote_header_rewrite_domain (empty)
- Don't rewrite message headers from remote clients at all
when this parameter is empty; otherwise, rewrite message headers and
append the specified domain name to incomplete addresses.
RESOURCE AND RATE CONTROLS
- duplicate_filter_limit (1000)
- The maximal number of addresses remembered by the address
duplicate filter for aliases(5) or virtual(5) alias
expansion, or for showq(8) queue displays.
- header_size_limit (102400)
- The maximal amount of memory in bytes for storing a message
header.
- hopcount_limit (50)
- The maximal number of Received: message headers that is
allowed in the primary message headers.
- in_flow_delay (1s)
- Time to pause before accepting a new message, when the
message arrival rate exceeds the message delivery rate.
- message_size_limit (10240000)
- The maximal size in bytes of a message, including envelope
information.
Available in Postfix version 2.0 and later:
- header_address_token_limit (10240)
- The maximal number of address tokens are allowed in an
address message header.
- mime_boundary_length_limit (2048)
- The maximal length of MIME multipart boundary strings.
- mime_nesting_limit (100)
- The maximal recursion level that the MIME processor will
handle.
- queue_file_attribute_count_limit (100)
- The maximal number of (name=value) attributes that may be
stored in a Postfix queue file.
Available in Postfix version 2.1 and later:
- virtual_alias_expansion_limit (1000)
- The maximal number of addresses that virtual alias
expansion produces from each original recipient.
- virtual_alias_recursion_limit (1000)
- The maximal nesting depth of virtual alias expansion.
Available in Postfix version 3.0 and later:
- virtual_alias_address_length_limit (1000)
- The maximal length of an email address after virtual alias
expansion.
SMTPUTF8 CONTROLS
Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
- smtputf8_enable (yes)
- Enable preliminary SMTPUTF8 support for the protocols
described in RFC 6531..6533.
- smtputf8_autodetect_classes (sendmail, verify)
- Detect that a message requires SMTPUTF8 support for the
specified mail origin classes.
MISCELLANEOUS CONTROLS
- config_directory (see 'postconf -d' output)
- The default location of the Postfix main.cf and master.cf
configuration files.
- daemon_timeout (18000s)
- How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
- delay_logging_resolution_limit (2)
- The maximal number of digits after the decimal point when
logging sub-second delay values.
- delay_warning_time (0h)
- The time after which the sender receives a copy of the
message headers of mail that is still queued.
- ipc_timeout (3600s)
- The time limit for sending or receiving information over an
internal communication channel.
- max_idle (100s)
- The maximum amount of time that an idle Postfix daemon
process waits for an incoming connection before terminating
voluntarily.
- max_use (100)
- The maximal number of incoming connections that a Postfix
daemon process will service before terminating voluntarily.
- myhostname (see 'postconf -d' output)
- The internet hostname of this mail system.
- myorigin ($myhostname)
- The domain name that locally-posted mail appears to come
from, and that locally posted mail is delivered to.
- process_id (read-only)
- The process ID of a Postfix command or daemon process.
- process_name (read-only)
- The process name of a Postfix command or daemon
process.
- queue_directory (see 'postconf -d' output)
- The location of the Postfix top-level queue directory.
- soft_bounce (no)
- Safety net to keep mail queued that would otherwise be
returned to the sender.
- syslog_facility (mail)
- The syslog facility of Postfix logging.
- syslog_name (see 'postconf -d' output)
- The mail system name that is prepended to the process name
in syslog records, so that "smtpd" becomes, for example,
"postfix/smtpd".
Available in Postfix version 2.1 and later:
- enable_original_recipient (yes)
- Enable support for the X-Original-To message header.
FILES
/etc/postfix/canonical*, canonical mapping table
/etc/postfix/virtual*, virtual mapping table
SEE ALSO
trivial-rewrite(8), address rewriting
qmgr(8), queue manager
header_checks(5), message header content inspection
body_checks(5), body parts content inspection
canonical(5), canonical address lookup table format
virtual(5), virtual alias lookup table format
postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager
syslogd(8), system logging
README FILES
Use "
postconf readme_directory" or "
postconf
html_directory" to locate this information.
ADDRESS_REWRITING_README Postfix address manipulation
CONTENT_INSPECTION_README content inspection
LICENSE
The Secure Mailer license must be distributed with this software.
AUTHOR(S)
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA