NAME

virtual - Postfix virtual domain mail delivery agent

SYNOPSIS


vviirrttuuaall [generic Postfix daemon options]

DESCRIPTION

The vviirrttuuaall(8) delivery agent is designed for virtual mail hosting services. Originally based on the Postfix llooccaall(8) delivery agent, this agent looks up recipients with map lookups of their full recipient address, instead of using hard-coded unix password file lookups of the address local part only.

This delivery agent only delivers mail. Other features such as mail forwarding, out-of-office notifications, etc., must be configured via virtual_alias maps or via similar lookup mechanisms.

MAILBOX LOCATION



The mailbox location is controlled by the vviirrttuuaall__mmaaiillbbooxx__bbaassee
and vviirrttuuaall__mmaaiillbbooxx__mmaappss configuration parameters (see below).
The vviirrttuuaall__mmaaiillbbooxx__mmaappss table is indexed by the recipient
address as described under TABLE SEARCH ORDER below.
        

The mailbox pathname is constructed as follows:


  $$vviirrttuuaall__mmaaiillbbooxx__bbaassee//$$vviirrttuuaall__mmaaiillbbooxx__mmaappss((_r_e_c_i_p_i_e_n_t))

where _r_e_c_i_p_i_e_n_t is the full recipient address.

UNIX MAILBOX FORMAT



When the mailbox location does not end in //, the message
is delivered in UNIX mailbox format.   This format stores multiple
messages in one textfile.
        

The vviirrttuuaall(8) delivery agent prepends a "FFrroomm _s_e_n_d_e_r _t_i_m_e___s_t_a_m_p" envelope header to each message, prepends a DDeelliivveerreedd--TToo:: message header with the envelope recipient address, prepends an XX--OOrriiggiinnaall--TToo:: header with the recipient address as given to Postfix, prepends a RReettuurrnn--PPaatthh:: message header with the envelope sender address, prepends a >> character to lines beginning with "FFrroomm ", and appends an empty line.

The mailbox is locked for exclusive access while delivery is in progress. In case of problems, an attempt is made to truncate the mailbox to its original length.

QMAIL MAILDIR FORMAT



When the mailbox location ends in //, the message is delivered
in qmail mmaaiillddiirr format. This format stores one message per file.
        

The vviirrttuuaall(8) delivery agent prepends a DDeelliivveerreedd--TToo:: message header with the final envelope recipient address, prepends an XX--OOrriiggiinnaall--TToo:: header with the recipient address as given to Postfix, and prepends a RReettuurrnn--PPaatthh:: message header with the envelope sender address.

By definition, mmaaiillddiirr format does not require application-level file locking during mail delivery or retrieval.

MAILBOX OWNERSHIP



Mailbox ownership is controlled by the vviirrttuuaall__uuiidd__mmaappss
and vviirrttuuaall__ggiidd__mmaappss lookup tables, which are indexed
with the full recipient address. Each table provides
a string with the numerical user and group ID, respectively.
        

The vviirrttuuaall__mmiinniimmuumm__uuiidd parameter imposes a lower bound on numerical user ID values that may be specified in any vviirrttuuaall__uuiidd__mmaappss.

CASE FOLDING



All delivery decisions are made using the full recipient
address, folded to lower case. See also the next section
for a few exceptions with optional address extensions.



Normally, a lookup table is specified as a text file that
serves as input to the ppoossttmmaapp(1) command. The result, an
indexed file in ddbbmm or ddbb format, is used for fast
searching by the mail system.
        

The search order is as follows. The search stops upon the first successful lookup.

· When the recipient has an optional address extension the
_u_s_e_r_+_e_x_t_e_n_s_i_o_n_@_d_o_m_a_i_n_._t_l_d address is looked up first.

With Postfix versions before 2.1, the optional address extension is always ignored.
· The _u_s_e_r_@_d_o_m_a_i_n_._t_l_d address, without address extension,
is looked up next.
· Finally, the recipient _@_d_o_m_a_i_n is looked up.

When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary indexed files.

Alternatively, a table can be provided as a regular-expression map where patterns are given as regular expressions. In that case, only the full recipient address is given to the regular-expression map.

SECURITY



The vviirrttuuaall(8) delivery agent is not security sensitive, provided
that the lookup tables with recipient user/group ID information are
adequately protected. This program is not designed to run chrooted.
        

The vviirrttuuaall(8) delivery agent disallows regular expression substitution of $1 etc. in regular expression lookup tables, because that would open a security hole.

The vviirrttuuaall(8) delivery agent will silently ignore requests to use the pprrooxxyymmaapp(8) server. Instead it will open the table directly. Before Postfix version 2.2, the virtual delivery agent will terminate with a fatal error.

STANDARDS


RFC 822 (ARPA Internet Text Messages)

DIAGNOSTICS

Mail bounces when the recipient has no mailbox or when the recipient is over disk quota. In all other cases, mail for an existing recipient is deferred and a warning is logged.

Problems and transactions are logged to ssyyssllooggdd(8). Corrupted message files are marked so that the queue manager can move them to the ccoorrrruupptt queue afterwards.

Depending on the setting of the nnoottiiffyy__ccllaasssseess parameter, the postmaster is notified of bounces and of other trouble.

BUGS

This delivery agent supports address extensions in email addresses and in lookup table keys, but does not propagate address extension information to the result of table lookup.

Postfix should have lookup tables that can return multiple result attributes. In order to avoid the inconvenience of maintaining three tables, use an LDAP or MYSQL database.

CONFIGURATION PARAMETERS



Changes to mmaaiinn..ccff are picked up automatically, as
vviirrttuuaall(8)
processes run for only a limited amount of time. Use the command
"ppoossttffiixx rreellooaadd" to speed up a change.
        

The text below provides only a parameter summary. See ppoossttccoonnff(5) for more details including examples.

MAILBOX DELIVERY CONTROLS



vviirrttuuaall__mmaaiillbbooxx__bbaassee ((eemmppttyy)) A prefix that the vviirrttuuaall(8) delivery agent prepends to all pathname
results from $virtual_mailbox_maps table lookups.
vviirrttuuaall__mmaaiillbbooxx__mmaappss ((eemmppttyy)) Optional lookup tables with all valid addresses in the domains that
match $virtual_mailbox_domains.
vviirrttuuaall__mmiinniimmuumm__uuiidd ((110000)) The minimum user ID value that the vviirrttuuaall(8) delivery agent accepts
as a result from $virtual_uid_maps table lookup.
vviirrttuuaall__uuiidd__mmaappss ((eemmppttyy)) Lookup tables with the per-recipient user ID that the vviirrttuuaall(8)
delivery agent uses while writing to the recipient's mailbox.
vviirrttuuaall__ggiidd__mmaappss ((eemmppttyy)) Lookup tables with the per-recipient group ID for vviirrttuuaall(8) mailbox
delivery.

Available in Postfix version 2.0 and later:

vviirrttuuaall__mmaaiillbbooxx__ddoommaaiinnss (($$vviirrttuuaall__mmaaiillbbooxx__mmaappss)) Postfix is final destination for the specified list of domains;
mail is delivered via the $virtual_transport mail delivery transport.
vviirrttuuaall__ttrraannssppoorrtt ((vviirrttuuaall)) The default mail delivery transport and next-hop destination for
final delivery to domains listed with $virtual_mailbox_domains.

Available in Postfix version 2.5.3 and later:

ssttrriicctt__mmaaiillbbooxx__oowwnneerrsshhiipp ((yyeess)) Defer delivery when a mailbox file is not owned by its recipient.

LOCKING CONTROLS



vviirrttuuaall__mmaaiillbbooxx__lloocckk ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) How to lock a UNIX-style vviirrttuuaall(8) mailbox before attempting
delivery.
ddeelliivveerr__lloocckk__aatttteemmppttss ((2200)) The maximal number of attempts to acquire an exclusive lock on a
mailbox file or bboouunnccee(8) logfile.
ddeelliivveerr__lloocckk__ddeellaayy ((11ss)) The time between attempts to acquire an exclusive lock on a mailbox
file or bboouunnccee(8) logfile.
ssttaallee__lloocckk__ttiimmee ((550000ss)) The time after which a stale exclusive mailbox lockfile is removed.

RESOURCE AND RATE CONTROLS



vviirrttuuaall__ddeessttiinnaattiioonn__ccoonnccuurrrreennccyy__lliimmiitt (($$ddeeffaauulltt__ddeessttiinnaattiioonn__ccoonnccuurrrreennccyy__lliimmiitt)) The maximal number of parallel deliveries to the same destination
via the virtual message delivery transport.
vviirrttuuaall__ddeessttiinnaattiioonn__rreecciippiieenntt__lliimmiitt (($$ddeeffaauulltt__ddeessttiinnaattiioonn__rreecciippiieenntt__lliimmiitt)) The maximal number of recipients per message for the virtual
message delivery transport.
vviirrttuuaall__mmaaiillbbooxx__lliimmiitt ((5511220000000000)) The maximal size in bytes of an individual vviirrttuuaall(8) mailbox or
maildir file, or zero (no limit).

MISCELLANEOUS CONTROLS



ccoonnffiigg__ddiirreeccttoorryy ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The default location of the Postfix main.cf and master.cf
configuration files.
ddaaeemmoonn__ttiimmeeoouutt ((1188000000ss)) How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
ddeellaayy__llooggggiinngg__rreessoolluuttiioonn__lliimmiitt ((22)) The maximal number of digits after the decimal point when logging
sub-second delay values.
iippcc__ttiimmeeoouutt ((33660000ss)) The time limit for sending or receiving information over an internal
communication channel.
mmaaxx__iiddllee ((110000ss)) The maximum amount of time that an idle Postfix daemon process waits
for an incoming connection before terminating voluntarily.
mmaaxx__uussee ((110000)) The maximal number of incoming connections that a Postfix daemon
process will service before terminating voluntarily.
pprroocceessss__iidd ((rreeaadd--oonnllyy)) The process ID of a Postfix command or daemon process.
pprroocceessss__nnaammee ((rreeaadd--oonnllyy)) The process name of a Postfix command or daemon process.
qquueeuuee__ddiirreeccttoorryy ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The location of the Postfix top-level queue directory.
ssyysslloogg__ffaacciilliittyy ((mmaaiill)) The syslog facility of Postfix logging.
ssyysslloogg__nnaammee ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The mail system name that is prepended to the process name in syslog
records, so that "smtpd" becomes, for example, "postfix/smtpd".

SEE ALSO


qmgr(8), queue manager
bounce(8), delivery status reports
postconf(5), configuration parameters
syslogd(8), system logging

README_FILES


Use "ppoossttccoonnff rreeaaddmmee__ddiirreeccttoorryy" or
"ppoossttccoonnff hhttmmll__ddiirreeccttoorryy" to locate this information.
VIRTUAL_README, domain hosting howto

LICENSE



The Secure Mailer license must be distributed with this software.

HISTORY



This delivery agent was originally based on the Postfix local delivery
agent. Modifications mainly consisted of removing code that either
was not applicable or that was not safe in this context: aliases,
~user/.forward files, delivery to "|command" or to /file/name.
        

The DDeelliivveerreedd--TToo:: message header appears in the qqmmaaiill system by Daniel Bernstein.

The mmaaiillddiirr structure appears in the qqmmaaiill system by Daniel Bernstein.

AUTHOR(S)


Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA

Andrew McNamara andrewm@connect.com.au connect.com.au Pty. Ltd. Level 3, 213 Miller St North Sydney 2060, NSW, Australia