postfix - Man Page

Postfix control program

Examples (TL;DR)

Synopsis

postfix [-Dv] [-c config_dir] command

Description

This command is reserved for the superuser. To submit mail, use the Postfix sendmail(1) command.

The postfix(1) command controls the operation of the Postfix mail system: start or stop the master(8) daemon, do a health check, and other maintenance.

By default, the postfix(1) command sets up a standardized environment and runs the postfix-script shell script to do the actual work.

However, when support for multiple Postfix instances is configured, postfix(1) executes the command specified with the multi_instance_wrapper configuration parameter. This command will execute the command for each applicable Postfix instance.

The following commands are implemented:

check

Warn about bad directory/file ownership or permissions, and create missing directories.

start

Start the Postfix mail system. This also runs the configuration check described above.

start-fg

Like start, but keep the master(8) daemon running in the foreground, and enable master(8) "init" mode when running as PID 1. This command requires that multi-instance support is disabled (i.e. the multi_instance_directories parameter value must be empty).

When running Postfix inside a container, see MAILLOG_README for logging to stdout. Postfix logs to syslog by default, which requires a) running a syslogd process inside the container, or b) mounting the container host's /dev/log socket inside the container (example: "docker run -v /dev/log:/dev/log ..."), and c) a distinct Postfix "syslog_name" prefix that identifies logging from the Postfix instance.

stop

Stop the Postfix mail system in an orderly fashion. If possible, running processes are allowed to terminate at their earliest convenience.

Note: in order to refresh the Postfix mail system after a configuration change, do not use the start and stop commands in succession. Use the reload command instead.

abort

Stop the Postfix mail system abruptly. Running processes are signaled to stop immediately.

flush

Force delivery: attempt to deliver every message in the deferred mail queue. Normally, attempts to deliver delayed mail happen at regular intervals, the interval doubling after each failed attempt.

Warning: flushing undeliverable mail frequently will result in poor delivery performance of all other mail.

reload

Re-read configuration files. Running processes terminate at their earliest convenience.

status

Indicate if the Postfix mail system is currently running (zero exit status) or stopped (non-zero exit status).

set-permissions [name=value ...]

Set the ownership and permissions of Postfix related files and directories, as specified in the postfix-files file.

Specify name=value to override and update specific main.cf configuration parameters. Use this, for example, to change the mail_owner or setgid_group setting for an already installed Postfix system.

This feature is available in Postfix 2.1 and later.  With Postfix 2.0 and earlier, use "$config_directory/post-install set-permissions".

logrotate

Rotate the logfile specified with $maillog_file, by appending a time-stamp suffix that is formatted according to $maillog_file_rotate_suffix, and by compressing the file with the command specified with $maillog_file_compressor. This will not rotate /dev/* files.

This feature is available in Postfix 3.4 and later.

tls subcommand

Enable opportunistic TLS in the Postfix SMTP client or server, and manage Postfix SMTP server TLS private keys and certificates.  See postfix-tls(1) for documentation.

This feature is available in Postfix 3.1 and later.

upgrade-configuration [name=value ...]

Update the main.cf and master.cf files with information that Postfix needs in order to run: add or update services, and add or update configuration parameter settings.

Specify name=value to override and update specific main.cf configuration parameters.

This feature is available in Postfix 2.1 and later.  With Postfix 2.0 and earlier, use "$config_directory/post-install upgrade-configuration".

The following options are implemented:

-c config_dir

Read the main.cf and master.cf configuration files in the named directory instead of the default configuration directory. Use this to distinguish between multiple Postfix instances on the same host.

With Postfix 2.6 and later, this option forces the postfix(1) command to operate on the specified Postfix instance only. This behavior is inherited by postfix(1) commands that run as a descendant of the current process.

-D (with postfix start only)

Run each Postfix daemon under control of a debugger as specified via the debugger_command configuration parameter.

-v

Enable verbose logging for debugging purposes. Multiple -v options make the software increasingly verbose.

Environment

The postfix(1) command exports the following environment variables before executing the postfix-script file:

MAIL_CONFIG

This is set when the -c command-line option is present.

With Postfix 2.6 and later, this environment variable forces the postfix(1) command to operate on the specified Postfix instance only.  This behavior is inherited by postfix(1) commands that run as a descendant of the current process.

MAIL_VERBOSE

This is set when the -v command-line option is present.

MAIL_DEBUG

This is set when the -D command-line option is present.

When the internal logging service is enabled (by setting a non-empty maillog_file parameter value) the postfix(1) command exports settings that are used by child processes before they have processed main.cf or command-line settings.

POSTLOG_SERVICE

The name of the public postlog service endpoint.

POSTLOG_HOSTNAME

The hostname to prepend to internal logging.

Configuration Parameters

The following main.cf configuration parameters are exported as environment variables with the same names:

config_directory (see 'postconf -d' output)

The default location of the Postfix main.cf and master.cf configuration files.

command_directory (see 'postconf -d' output)

The location of all postfix administrative commands.

daemon_directory (see 'postconf -d' output)

The directory with Postfix support programs and daemon programs.

html_directory (see 'postconf -d' output)

The location of Postfix HTML files that describe how to build, configure or operate a specific Postfix subsystem or feature.

mail_owner (postfix)

The UNIX system account that owns the Postfix queue and most Postfix daemon processes.

mailq_path (see 'postconf -d' output)

Sendmail compatibility feature that specifies where the Postfix mailq(1) command is installed.

manpage_directory (see 'postconf -d' output)

Where the Postfix manual pages are installed.

newaliases_path (see 'postconf -d' output)

Sendmail compatibility feature that specifies the location of the newaliases(1) command.

queue_directory (see 'postconf -d' output)

The location of the Postfix top-level queue directory.

readme_directory (see 'postconf -d' output)

The location of Postfix README files that describe how to build, configure or operate a specific Postfix subsystem or feature.

sendmail_path (see 'postconf -d' output)

A Sendmail compatibility feature that specifies the location of the Postfix sendmail(1) command.

setgid_group (postdrop)

The group ownership of set-gid Postfix commands and of group-writable Postfix directories.

Available in Postfix version 2.5 and later:

data_directory (see 'postconf -d' output)

The directory with Postfix-writable data files (for example: caches, pseudo-random numbers).

Available in Postfix version 3.0 and later:

compatibility_level (0)

A safety net that causes Postfix to run with backwards-compatible default settings after an upgrade to a newer Postfix version.

meta_directory (see 'postconf -d' output)

The location of non-executable files that are shared among multiple Postfix instances, such as postfix-files, dynamicmaps.cf, and the multi-instance template files main.cf.proto and master.cf.proto.

shlib_directory (see 'postconf -d' output)

The location of Postfix dynamically-linked libraries (libpostfix-*.so), and the default location of Postfix database plugins (postfix-*.so) that have a relative pathname in the dynamicmaps.cf file.

Available in Postfix version 3.1 and later:

openssl_path (openssl)

The location of the OpenSSL command line program openssl(1).

Other configuration parameters:

import_environment (see 'postconf -d' output)

The list of environment variables that a privileged Postfix process will import from a non-Postfix parent process, or name=value environment overrides.

syslog_facility (mail)

The syslog facility of Postfix logging.

syslog_name (see 'postconf -d' output)

A prefix that is prepended to the process name in syslog records, so that, for example, "smtpd" becomes "prefix/smtpd".

Available in Postfix version 2.6 and later:

multi_instance_directories (empty)

An optional list of non-default Postfix configuration directories; these directories belong to additional Postfix instances that share the Postfix executable files and documentation with the default Postfix instance, and that are started, stopped, etc., together with the default Postfix instance.

multi_instance_wrapper (empty)

The pathname of a multi-instance manager command that the postfix(1) command invokes when the multi_instance_directories parameter value is non-empty.

multi_instance_group (empty)

The optional instance group name of this Postfix instance.

multi_instance_name (empty)

The optional instance name of this Postfix instance.

multi_instance_enable (no)

Allow this Postfix instance to be started, stopped, etc., by a multi-instance manager.

Available in Postfix version 3.4 and later:

maillog_file (empty)

The name of an optional logfile that is written by the Postfix postlogd(8) service.

maillog_file_compressor (gzip)

The program to run after rotating $maillog_file with "postfix logrotate".

maillog_file_prefixes (/var, /dev/stdout)

A list of allowed prefixes for a maillog_file value.

maillog_file_rotate_suffix (%Y%m%d-%H%M%S)

The format of the suffix to append to $maillog_file while rotating the file with "postfix logrotate".

postlog_service_name (postlog)

The name of the postlogd(8) service entry in master.cf.

Files

Prior to Postfix version 2.6, all of the following files were in $config_directory. Some files are now in $daemon_directory or $meta_directory so that they can be shared among multiple instances that run the same Postfix version.

Use the command "postconf config_directory" or "postconf daemon_directory" to expand the names into their actual values.

$config_directory/main.cf, Postfix configuration parameters
$config_directory/master.cf, Postfix daemon processes
$daemon_directory/postfix-script, administrative commands
$daemon_directory/post-install, post-installation configuration
$meta_directory/dynamicmaps.cf, plug-in database clients
$meta_directory/postfix-files, file/directory permissions

See Also

Commands:
postalias(1), create/update/query alias database
postcat(1), examine Postfix queue file
postconf(1), Postfix configuration utility
postdrop(1), Postfix mail posting utility
postfix(1), Postfix control program
postfix-tls(1), Postfix TLS management
postkick(1), trigger Postfix daemon
postlock(1), Postfix-compatible locking
postlog(1), Postfix-compatible logging
postmap(1), Postfix lookup table manager
postmulti(1), Postfix multi-instance manager
postqueue(1), Postfix mail queue control
postsuper(1), Postfix housekeeping
mailq(1), Sendmail compatibility interface
newaliases(1), Sendmail compatibility interface
sendmail(1), Sendmail compatibility interface

Postfix configuration:
bounce(5), Postfix bounce message templates
master(5), Postfix master.cf file syntax
postconf(5), Postfix main.cf file syntax
postfix-wrapper(5), Postfix multi-instance API

Table-driven mechanisms:
access(5), Postfix SMTP access control table
aliases(5), Postfix alias database
canonical(5), Postfix input address rewriting
generic(5), Postfix output address rewriting
header_checks(5), body_checks(5), Postfix content inspection
relocated(5), Users that have moved
transport(5), Postfix routing table
virtual(5), Postfix virtual aliasing

Table lookup mechanisms:
cidr_table(5), Associate CIDR pattern with value
ldap_table(5), Postfix LDAP client
lmdb_table(5), Postfix LMDB database driver
memcache_table(5), Postfix memcache client
mysql_table(5), Postfix MYSQL client
nisplus_table(5), Postfix NIS+ client
pcre_table(5), Associate PCRE pattern with value
pgsql_table(5), Postfix PostgreSQL client
regexp_table(5), Associate POSIX regexp pattern with value
socketmap_table(5), Postfix socketmap client
sqlite_table(5), Postfix SQLite database driver
tcp_table(5), Postfix client-server table lookup

Daemon processes:
anvil(8), Postfix connection/rate limiting
bounce(8), defer(8), trace(8), Delivery status reports
cleanup(8), canonicalize and enqueue message
discard(8), Postfix discard delivery agent
dnsblog(8), DNS allow/denylist logger
error(8), Postfix error delivery agent
flush(8), Postfix fast ETRN service
local(8), Postfix local delivery agent
master(8), Postfix master daemon
oqmgr(8), old Postfix queue manager
pickup(8), Postfix local mail pickup
pipe(8), deliver mail to non-Postfix command
postlogd(8), Postfix internal logging service
postscreen(8), Postfix zombie blocker
proxymap(8), Postfix lookup table proxy server
qmgr(8), Postfix queue manager
qmqpd(8), Postfix QMQP server
scache(8), Postfix connection cache manager
showq(8), list Postfix mail queue
smtp(8), lmtp(8), Postfix SMTP+LMTP client
smtpd(8), Postfix SMTP server
spawn(8), run non-Postfix server
tlsmgr(8), Postfix TLS cache and randomness manager
tlsproxy(8), Postfix TLS proxy server
trivial-rewrite(8), Postfix address rewriting
verify(8), Postfix address verification
virtual(8), Postfix virtual delivery agent

Other:
syslogd(8), system logging

Readme Files

Use "postconf readme_directory" or "postconf html_directory" to locate this information.

OVERVIEW, overview of Postfix commands and processes
BASIC_CONFIGURATION_README, Postfix basic configuration
ADDRESS_REWRITING_README, Postfix address rewriting
SMTPD_ACCESS_README, SMTP relay/access control
CONTENT_INSPECTION_README, Postfix content inspection
QSHAPE_README, Postfix queue analysis

License

The Secure Mailer license must be distributed with this software.

Author(s)

Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA

Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA

TLS support by:
Lutz Jaenicke
Brandenburg University of Technology
Cottbus, Germany

Victor Duchovni
Morgan Stanley

SASL support originally by:
Till Franke
SuSE Rhein/Main AG
65760 Eschborn, Germany

LMTP support originally by:
Philip A. Prindeville
Mirapoint, Inc.
USA.

Amos Gouaux
University of Texas at Dallas
P.O. Box 830688, MC34
Richardson, TX 75083, USA

IPv6 support originally by:
Mark Huizer, Eindhoven University, The Netherlands
Jun-ichiro 'itojun' Hagino, KAME project, Japan
The Linux PLD project
Dean Strik, Eindhoven University, The Netherlands

Referenced By

ccze(1), policyd-spf.conf(5), postconf(5), postfix-tls(1), postfix-wrapper(5), postlogd(8), postmulti(1), qsf(1), sendmail.postfix(1).