vviirrttuuaall [generic Postfix daemon options]
This delivery agent only delivers mail. Other features such as mail forwarding, out-of-office notifications, etc., must be configured via virtual_alias maps or via similar lookup mechanisms.
The mailbox location is controlled by the vviirrttuuaall__mmaaiillbbooxx__bbaassee and vviirrttuuaall__mmaaiillbbooxx__mmaappss configuration parameters (see below). The vviirrttuuaall__mmaaiillbbooxx__mmaappss table is indexed by the recipient address as described under TABLE SEARCH ORDER below.
The mailbox pathname is constructed as follows:
$$vviirrttuuaall__mmaaiillbbooxx__bbaassee//$$vviirrttuuaall__mmaaiillbbooxx__mmaappss((_r_e_c_i_p_i_e_n_t))
where _r_e_c_i_p_i_e_n_t is the full recipient address.
When the mailbox location does not end in //, the message is delivered in UNIX mailbox format. This format stores multiple messages in one textfile.
The vviirrttuuaall(8) delivery agent prepends a "FFrroomm _s_e_n_d_e_r _t_i_m_e___s_t_a_m_p" envelope header to each message, prepends a DDeelliivveerreedd--TToo:: message header with the envelope recipient address, prepends an XX--OOrriiggiinnaall--TToo:: header with the recipient address as given to Postfix, prepends a RReettuurrnn--PPaatthh:: message header with the envelope sender address, prepends a >> character to lines beginning with "FFrroomm ", and appends an empty line.
The mailbox is locked for exclusive access while delivery is in progress. In case of problems, an attempt is made to truncate the mailbox to its original length.
When the mailbox location ends in //, the message is delivered in qmail mmaaiillddiirr format. This format stores one message per file.
The vviirrttuuaall(8) delivery agent prepends a DDeelliivveerreedd--TToo:: message header with the final envelope recipient address, prepends an XX--OOrriiggiinnaall--TToo:: header with the recipient address as given to Postfix, and prepends a RReettuurrnn--PPaatthh:: message header with the envelope sender address.
By definition, mmaaiillddiirr format does not require application-level file locking during mail delivery or retrieval.
Mailbox ownership is controlled by the vviirrttuuaall__uuiidd__mmaappss and vviirrttuuaall__ggiidd__mmaappss lookup tables, which are indexed with the full recipient address. Each table provides a string with the numerical user and group ID, respectively.
The vviirrttuuaall__mmiinniimmuumm__uuiidd parameter imposes a lower bound on numerical user ID values that may be specified in any vviirrttuuaall__uuiidd__mmaappss.
All delivery decisions are made using the full recipient address, folded to lower case. See also the next section for a few exceptions with optional address extensions.
Normally, a lookup table is specified as a text file that serves as input to the ppoossttmmaapp(1) command. The result, an indexed file in ddbbmm or ddbb format, is used for fast searching by the mail system.
The search order is as follows. The search stops upon the first successful lookup.
When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary indexed files.
Alternatively, a table can be provided as a regular-expression map where patterns are given as regular expressions. In that case, only the full recipient address is given to the regular-expression map.
The vviirrttuuaall(8) delivery agent is not security sensitive, provided that the lookup tables with recipient user/group ID information are adequately protected. This program is not designed to run chrooted.
The vviirrttuuaall(8) delivery agent disallows regular expression substitution of $1 etc. in regular expression lookup tables, because that would open a security hole.
The vviirrttuuaall(8) delivery agent will silently ignore requests to use the pprrooxxyymmaapp(8) server. Instead it will open the table directly. Before Postfix version 2.2, the virtual delivery agent will terminate with a fatal error.
RFC 822 (ARPA Internet Text Messages)
Problems and transactions are logged to ssyyssllooggdd(8). Corrupted message files are marked so that the queue manager can move them to the ccoorrrruupptt queue afterwards.
Depending on the setting of the nnoottiiffyy__ccllaasssseess parameter, the postmaster is notified of bounces and of other trouble.
Postfix should have lookup tables that can return multiple result attributes. In order to avoid the inconvenience of maintaining three tables, use an LDAP or MYSQL database.
Changes to mmaaiinn..ccff are picked up automatically, as vviirrttuuaall(8) processes run for only a limited amount of time. Use the command "ppoossttffiixx rreellooaadd" to speed up a change.
The text below provides only a parameter summary. See ppoossttccoonnff(5) for more details including examples.
Available in Postfix version 2.0 and later:
Available in Postfix version 2.5.3 and later:
qmgr(8), queue manager bounce(8), delivery status reports postconf(5), configuration parameters syslogd(8), system logging
Use "ppoossttccoonnff rreeaaddmmee__ddiirreeccttoorryy" or "ppoossttccoonnff hhttmmll__ddiirreeccttoorryy" to locate this information. VIRTUAL_README, domain hosting howto
The Secure Mailer license must be distributed with this software.
This delivery agent was originally based on the Postfix local delivery agent. Modifications mainly consisted of removing code that either was not applicable or that was not safe in this context: aliases, ~user/.forward files, delivery to "|command" or to /file/name.
The DDeelliivveerreedd--TToo:: message header appears in the qqmmaaiill system by Daniel Bernstein.
The mmaaiillddiirr structure appears in the qqmmaaiill system by Daniel Bernstein.
Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Heights, NY 10598, USA
Andrew McNamara andrewm@connect.com.au connect.com.au Pty. Ltd. Level 3, 213 Miller St North Sydney 2060, NSW, Australia