The
cleanup(8) server receives mail from outside of Postfix as
well as mail from internal sources such as forwarded mail,
undeliverable mail that is bounced to the sender, and postmaster
notifications about problems with the mail system.
The
cleanup(8) server transforms the sender, recipients and
message content into a standard form before writing it to an incoming
queue file. The server cleans up sender and recipient addresses in
message headers and in the envelope, adds missing message headers
such as From: or Date: that are required by mail standards, and
removes message headers such as Bcc: that should not be present.
The
cleanup(8) server delegates the more complex address manipulations
to the
trivial-rewrite(8) server as described later in this document.
Address manipulations at this stage are:
Before the
cleanup(8) daemon runs an address through any address
mapping lookup table, it first rewrites the address to the standard
"[email protected]" form, by sending the address to the
trivial-rewrite(8) daemon. The purpose of rewriting to standard
form is to reduce the number of entries needed in lookup tables.
The Postfix
trivial-rewrite(8) daemon implements the following
hard-coded address manipulations:
- Rewrite "@hosta,@hostb:user@site" to "user@site"
-
In case you wonder what this is, the address form above
is called a route address, and specifies that mail for "user@site"
be delivered via "hosta" and "hostb". Usage of this form has been
deprecated for a long time. Postfix has no ability to handle route
addresses, other than to strip off the route part.
NOTE: Postfix versions 2.2 and later rewrite message headers
from remote SMTP clients only if the client matches the
local_header_rewrite_clients parameter, or if the
remote_header_rewrite_domain configuration parameter specifies a
non-empty value. To get the behavior before Postfix 2.2, specify
"
local_header_rewrite_clients = static:all".
- Rewrite "site!user" to "user@site"
-
This feature is controlled by the boolean
swap_bangpath
parameter (default: yes). The purpose is to rewrite UUCP-style
addresses to domain style. This is useful only when you receive
mail via UUCP, but it probably does not hurt otherwise.
NOTE: Postfix versions 2.2 and later rewrite message headers
from remote SMTP clients only if the client matches the
local_header_rewrite_clients parameter, or if the
remote_header_rewrite_domain configuration parameter specifies a
non-empty value. To get the behavior before Postfix 2.2, specify
"
local_header_rewrite_clients = static:all".
- Rewrite "user%domain" to "user@domain"
-
This feature is controlled by the boolean
allow_percent_hack
parameter (default: yes). Typically, this is used in order to deal
with monstrosities such as "user%domain@otherdomain".
NOTE: Postfix versions 2.2 and later rewrite message headers
from remote SMTP clients only if the client matches the
local_header_rewrite_clients parameter, or if the
remote_header_rewrite_domain configuration parameter specifies a
non-empty value. To get the behavior before Postfix 2.2, specify
"
local_header_rewrite_clients = static:all".
-
Rewrite "user" to "user@$
myorigin"
-
This feature is controlled by the boolean
append_at_myorigin
parameter (default: yes). You should never turn off this feature,
because a lot of Postfix components expect that all addresses have
the form "user@domain".
NOTE: Postfix versions 2.2 and later rewrite message headers
from remote SMTP clients only if the client matches the
local_header_rewrite_clients parameter; otherwise they append the
domain name specified with the
remote_header_rewrite_domain
configuration parameter, if one is specified. To get the behavior
before Postfix 2.2, specify "
local_header_rewrite_clients =
static:all".
If your machine is not the main machine for $
myorigin and you
wish to have some users delivered locally without going via that
main machine, make an entry in the
virtual
alias table that redirects "user@$myorigin" to
"user@$
myhostname". See also the "delivering some
users locally" section in the
STANDARD_CONFIGURATION_README
document.
-
Rewrite "user@host" to "user@host.$
mydomain"
-
This feature is controlled by the boolean
append_dot_mydomain
parameter (default: yes). The purpose is to get consistent treatment
of different forms of the same hostname.
NOTE: Postfix versions 2.2 and later rewrite message headers
from remote SMTP clients only if the client matches the
local_header_rewrite_clients parameter; otherwise they append the
domain name specified with the
remote_header_rewrite_domain
configuration parameter, if one is specified. To get the behavior
before Postfix 2.2, specify "
local_header_rewrite_clients =
static:all".
Some will argue that rewriting "host" to "host.domain"
is bad. That is why it can be turned off. Others like the convenience
of having Postfix's own domain appended automatically.
- Rewrite "user@site." to "user@site" (without the trailing dot).
-
A single trailing dot is silently removed. However, an
address that ends in multiple dots will be rejected as an invalid
address.
NOTE: Postfix versions 2.2 and later rewrite message headers
from remote SMTP clients only if the client matches the
local_header_rewrite_clients parameter, or if the
remote_header_rewrite_domain configuration parameter specifies a
non-empty value. To get the behavior before Postfix 2.2, specify
"
local_header_rewrite_clients = static:all".
The
cleanup(8) daemon uses the
canonical(5) tables to rewrite
addresses in message envelopes and in message headers. By default
all header and envelope addresses are rewritten; this is controlled
with the
canonical_classes configuration parameter.
NOTE: Postfix versions 2.2 and later rewrite message headers
from remote SMTP clients only if the client matches the
local_header_rewrite_clients parameter, or if the
remote_header_rewrite_domain configuration parameter specifies a
non-empty value. To get the behavior before Postfix 2.2, specify
"
local_header_rewrite_clients = static:all".
Address rewriting is
done for local and remote addresses. The mapping is useful to
replace login names by "Firstname.Lastname" style addresses, or to
clean up invalid domains in mail addresses produced by legacy mail
systems.
Canonical mapping is disabled by default. To enable, edit the
canonical_maps parameter in the
main.cf file and specify one or
more lookup tables, separated by whitespace or commas.
Example:
/etc/postfix/
main.cf:
canonical_maps = hash:/etc/postfix/canonical
/etc/postfix/canonical:
wietse Wietse.Venema
For static mappings as shown above, lookup tables such as hash:,
ldap:,
mysql: or
pgsql: are sufficient. For dynamic mappings you
can use regular expression tables. This requires that you become
intimately familiar with the ideas expressed in
regexp_table(5),
pcre_table(5) and
canonical(5).
In addition to the canonical maps which are applied to both sender
and recipient addresses, you can specify canonical maps that are
applied only to sender addresses or to recipient addresses.
Example:
/etc/postfix/
main.cf:
sender_canonical_maps = hash:/etc/postfix/sender_canonical
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
The sender and recipient canonical maps are applied before the
common canonical maps. The
sender_canonical_classes and
recipient_canonical_classes parameters control what addresses are
subject to
sender_canonical_maps and
recipient_canonical_maps
mappings, respectively.
Sender-specific rewriting is useful when you want to rewrite
ugly sender addresses to pretty ones, and still want to be able to
send mail to the those ugly address without creating a mailer loop.
Canonical mapping can be turned off selectively for mail received
by
smtpd(8),
qmqpd(8), or
pickup(8), by overriding
main.cf settings
in the
master.cf file. This feature is available in Postfix version
2.1 and later.
Example:
/etc/postfix/
master.cf:
:10026 inet n - n - - smtpd
-o
receive_override_options=
no_address_mappings
Note: do not specify whitespace around the "=" here.
Address masquerading is a method to hide hosts inside a domain
behind their mail gateway, and to make it appear as if the mail
comes from the gateway itself, instead of from individual machines.
NOTE: Postfix versions 2.2 and later rewrite message headers
from remote SMTP clients only if the client matches the
local_header_rewrite_clients parameter, or if the
remote_header_rewrite_domain configuration parameter specifies a
non-empty value. To get the behavior before Postfix 2.2, specify
"
local_header_rewrite_clients = static:all".
Address masquerading is disabled by default, and is implemented
by the
cleanup(8) server. To enable, edit the
masquerade_domains
parameter in the
main.cf file and specify one or more domain names
separated by whitespace or commas. When Postfix tries to masquerade
a domain, it processes the list from left to right, and processing
stops at the first match.
Example:
/etc/postfix/
main.cf:
masquerade_domains = foo.example.com example.com
strips "any.thing.foo.example.com" to "foo.example.com", but
strips "any.thing.else.example.com" to "example.com".
A domain name prefixed with "!" means do not masquerade
this domain or its subdomains:
/etc/postfix/
main.cf:
masquerade_domains = !foo.example.com example.com
does not change "any.thing.foo.example.com" and "foo.example.com",
but strips "any.thing.else.example.com" to "example.com".
The
masquerade_exceptions configuration parameter specifies
what user names should not be subjected to address masquerading.
Specify one or more user names separated by whitespace or commas.
Example:
/etc/postfix/
main.cf:
masquerade_exceptions = root
By default, Postfix makes no exceptions.
Subtle point: by default, address masquerading is applied only to
message headers and to envelope sender addresses, but not to envelope
recipients. This allows you to use address masquerading on a mail
gateway machine, while still being able to forward mail from outside
to users on individual machines.
In order to subject envelope recipient addresses to masquerading,
too, specify (Postfix version 1.1 and later):
/etc/postfix/
main.cf:
masquerade_classes = envelope_sender, envelope_recipient,
header_sender, header_recipient
If you rewrite the envelope recipient like this, Postfix will
no longer be able to send mail to individual machines.
Address masquerading can be turned off selectively for mail
received by
smtpd(8),
qmqpd(8), or
pickup(8), by overriding
main.cf
settings in the
master.cf file. This feature is available in
Postfix version 2.1 and later.
Example:
/etc/postfix/
master.cf:
:10026 inet n - n - - smtpd
-o
receive_override_options=
no_address_mappings
Note: do not specify whitespace around the "=" here.
After applying the canonical and masquerade mappings, the
cleanup(8) daemon can generate optional BCC (blind carbon-copy)
recipients. Postfix provides three mechanisms:
-
always_bcc = address
- Deliver a copy of all mail to
the specified address. In Postfix versions before 2.1, this feature
is implemented by
smtpd(8),
qmqpd(8), or
pickup(8).
-
sender_bcc_maps =
type:table
- Search the specified
"
type:table" lookup table with the envelope sender address for an
automatic BCC address. This feature is available in Postfix 2.1
and later.
-
recipient_bcc_maps =
type:table
- Search the specified
"
type:table" lookup table with the envelope recipient address for
an automatic BCC address. This feature is available in Postfix 2.1
and later.
Note: automatic BCC recipients are produced only for new mail.
To avoid mailer loops, automatic BCC recipients are not generated
for mail that Postfix forwards internally, nor for mail that Postfix
generates itself.
Automatic BCC recipients (including
always_bcc) can be turned
off selectively for mail received by
smtpd(8),
qmqpd(8), or
pickup(8),
by overriding
main.cf settings in the
master.cf file. This feature
is available in Postfix version 2.1 and later.
Example:
/etc/postfix/
master.cf:
:10026 inet n - n - - smtpd
-o
receive_override_options=
no_address_mappings
Note: do not specify whitespace around the "=" here.
Before writing the recipients to the queue file, the
cleanup(8)
daemon uses the optional
virtual(5) alias tables to redirect mail
for recipients. The mapping affects only envelope recipient
addresses; it has no effect on message headers or envelope sender
addresses. Virtual alias lookups are useful to redirect mail for
virtual alias domains to real user mailboxes, and to redirect mail
for domains that no longer exist. Virtual alias lookups can also
be used to transform " Firstname.Lastname " back into UNIX login
names, although it seems that local
aliases
may be a more appropriate vehicle. See the
VIRTUAL_README document
for an overview of methods to host virtual domains with Postfix.
Virtual aliasing is disabled by default. To enable, edit the
virtual_alias_maps parameter in the
main.cf file and
specify one or more lookup tables, separated by whitespace or
commas.
Example:
/etc/postfix/
main.cf:
virtual_alias_maps = hash:/etc/postfix/virtual
/etc/postfix/
virtual:
Wietse.Venema wietse
Addresses found in virtual alias maps are subjected to another
iteration of virtual aliasing, but are not subjected to canonical
mapping, in order to avoid loops.
For static mappings as shown above, lookup tables such as hash:,
ldap:,
mysql: or
pgsql: are sufficient. For dynamic mappings you
can use regular expression tables. This requires that you become
intimately familiar with the ideas expressed in
regexp_table(5),
pcre_table(5) and
virtual(5).
Virtual aliasing can be turned off selectively for mail received
by
smtpd(8),
qmqpd(8), or
pickup(8), by overriding
main.cf settings
in the
master.cf file. This feature is available in Postfix version
2.1 and later.
Example:
/etc/postfix/
master.cf:
:10026 inet n - n - - smtpd
-o
receive_override_options=
no_address_mappings
Note: do not specify whitespace around the "=" here.
At this point the message is ready to be stored into the
Postfix
incoming queue.
