NAME

verify - Postfix address verification server

SYNOPSIS


vveerriiffyy [generic Postfix daemon options]

DESCRIPTION

The vveerriiffyy(8) address verification server maintains a record of what recipient addresses are known to be deliverable or undeliverable.

Addresses are verified by injecting probe messages into the Postfix queue. Probe messages are run through all the routing and rewriting machinery except for final delivery, and are discarded rather than being deferred or bounced.

Address verification relies on the answer from the nearest MTA for the specified address, and will therefore not detect all undeliverable addresses.

The vveerriiffyy(8) server is designed to run under control by the Postfix master server. It maintains an optional persistent database. To avoid being interrupted by "postfix stop" in the middle of a database update, the process runs in a separate process group.

The vveerriiffyy(8) server implements the following requests:

uuppddaattee _a_d_d_r_e_s_s _s_t_a_t_u_s _t_e_x_t Update the status and text of the specified address.
qquueerryy _a_d_d_r_e_s_s Look up the _s_t_a_t_u_s and _t_e_x_t for the specified address.
If the status is unknown, a probe is sent and an "in progress" status is returned.

SECURITY



The address verification server is not security-sensitive. It does
not talk to the network, and it does not talk to local users.
The verify server can run chrooted at fixed low privilege.
        

The address verification server can be coerced to store unlimited amounts of garbage. Limiting the cache size trades one problem (disk space exhaustion) for another one (poor response time to client requests).

With Postfix version 2.5 and later, the vveerriiffyy(8) server no longer uses root privileges when opening the aaddddrreessss__vveerriiffyy__mmaapp cache file. The file should now be stored under the Postfix-owned ddaattaa__ddiirreeccttoorryy. As a migration aid, an attempt to open a cache file under a non-Postfix directory is redirected to the Postfix-owned ddaattaa__ddiirreeccttoorryy, and a warning is logged.

DIAGNOSTICS

Problems and transactions are logged to ssyyssllooggdd(8).

BUGS

The address verification service is suitable only for sites that handle a low mail volume. Verification probes add additional traffic to the mail queue and perform poorly under high load. Servers may blacklist sites that probe excessively, or that probe excessively for non-existent recipient addresses.

If the persistent database ever gets corrupted then the world comes to an end and human intervention is needed. This violates a basic Postfix principle.

CONFIGURATION PARAMETERS



Changes to mmaaiinn..ccff are not picked up automatically,
as vveerriiffyy(8)
processes are persistent. Use the command "ppoossttffiixx rreellooaadd" after
a configuration change.
        

The text below provides only a parameter summary. See ppoossttccoonnff(5) for more details including examples.

CACHE CONTROLS



aaddddrreessss__vveerriiffyy__mmaapp ((eemmppttyy)) Optional lookup table for persistent address verification status
storage.
aaddddrreessss__vveerriiffyy__sseennddeerr (($$ddoouubbllee__bboouunnccee__sseennddeerr)) The sender address to use in address verification probes; prior
to Postfix 2.5 the default was "postmaster".
aaddddrreessss__vveerriiffyy__ppoossiittiivvee__eexxppiirree__ttiimmee ((3311dd)) The time after which a successful probe expires from the address
verification cache.
aaddddrreessss__vveerriiffyy__ppoossiittiivvee__rreeffrreesshh__ttiimmee ((77dd)) The time after which a successful address verification probe needs
to be refreshed.
aaddddrreessss__vveerriiffyy__nneeggaattiivvee__ccaacchhee ((yyeess)) Enable caching of failed address verification probe results.
aaddddrreessss__vveerriiffyy__nneeggaattiivvee__eexxppiirree__ttiimmee ((33dd)) The time after which a failed probe expires from the address
verification cache.
aaddddrreessss__vveerriiffyy__nneeggaattiivvee__rreeffrreesshh__ttiimmee ((33hh)) The time after which a failed address verification probe needs to
be refreshed.

PROBE MESSAGE ROUTING CONTROLS



By default, probe messages are delivered via the same route
as regular messages.  The following parameters can be used to
override specific message routing mechanisms.
aaddddrreessss__vveerriiffyy__rreellaayyhhoosstt (($$rreellaayyhhoosstt)) Overrides the relayhost parameter setting for address verification
probes.
aaddddrreessss__vveerriiffyy__ttrraannssppoorrtt__mmaappss (($$ttrraannssppoorrtt__mmaappss)) Overrides the transport_maps parameter setting for address verification
probes.
aaddddrreessss__vveerriiffyy__llooccaall__ttrraannssppoorrtt (($$llooccaall__ttrraannssppoorrtt)) Overrides the local_transport parameter setting for address
verification probes.
aaddddrreessss__vveerriiffyy__vviirrttuuaall__ttrraannssppoorrtt (($$vviirrttuuaall__ttrraannssppoorrtt)) Overrides the virtual_transport parameter setting for address
verification probes.
aaddddrreessss__vveerriiffyy__rreellaayy__ttrraannssppoorrtt (($$rreellaayy__ttrraannssppoorrtt)) Overrides the relay_transport parameter setting for address
verification probes.
aaddddrreessss__vveerriiffyy__ddeeffaauulltt__ttrraannssppoorrtt (($$ddeeffaauulltt__ttrraannssppoorrtt)) Overrides the default_transport parameter setting for address
verification probes.

MISCELLANEOUS CONTROLS



ccoonnffiigg__ddiirreeccttoorryy ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The default location of the Postfix main.cf and master.cf
configuration files.
ddaaeemmoonn__ttiimmeeoouutt ((1188000000ss)) How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
iippcc__ttiimmeeoouutt ((33660000ss)) The time limit for sending or receiving information over an internal
communication channel.
pprroocceessss__iidd ((rreeaadd--oonnllyy)) The process ID of a Postfix command or daemon process.
pprroocceessss__nnaammee ((rreeaadd--oonnllyy)) The process name of a Postfix command or daemon process.
qquueeuuee__ddiirreeccttoorryy ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The location of the Postfix top-level queue directory.
ssyysslloogg__ffaacciilliittyy ((mmaaiill)) The syslog facility of Postfix logging.
ssyysslloogg__nnaammee ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The mail system name that is prepended to the process name in syslog
records, so that "smtpd" becomes, for example, "postfix/smtpd".

SEE ALSO


smtpd(8), Postfix SMTP server
cleanup(8), enqueue Postfix message
postconf(5), configuration parameters
syslogd(5), system logging

README FILES



Use "ppoossttccoonnff rreeaaddmmee__ddiirreeccttoorryy" or
"ppoossttccoonnff hhttmmll__ddiirreeccttoorryy" to locate this information.

ADDRESS_VERIFICATION_README, address verification howto

LICENSE



The Secure Mailer license must be distributed with this software.

HISTORY



This service was introduced with Postfix version 2.1.

AUTHOR(S)


Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA