verify.8.html   [plain text]

<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
<html> <head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - verify(8) </title>
</head> <body> <pre>
VERIFY(8)                                                            VERIFY(8)

       verify - Postfix address verification server

       <b>verify</b> [generic Postfix daemon options]

       The  <a href="verify.8.html"><b>verify</b>(8)</a>  address  verification  server  maintains a
       record of what recipient addresses are known to be  deliv-
       erable or undeliverable.

       Addresses  are  verified  by injecting probe messages into
       the Postfix queue. Probe messages are run through all  the
       routing and rewriting machinery except for final delivery,
       and are discarded rather than being deferred or bounced.

       Address verification relies on the answer from the nearest
       MTA  for  the  specified  address,  and will therefore not
       detect all undeliverable addresses.

       The <a href="verify.8.html"><b>verify</b>(8)</a> server is designed to run under  control  by
       the  Postfix  master server. It maintains an optional per-
       sistent database.  To avoid being interrupted by  "postfix
       stop" in the middle of a database update, the process runs
       in a separate process group.

       The <a href="verify.8.html"><b>verify</b>(8)</a> server implements the following requests:

       <b>update</b> <i>address status text</i>
              Update  the  status  and  text  of  the   specified

       <b>query</b> <i>address</i>
              Look  up  the  <i>status</i>  and  <i>text</i>  for the specified
              address.  If the status is unknown, a probe is sent
              and an "in progress" status is returned.

       The address verification server is not security-sensitive.
       It does not talk to the network, and it does not  talk  to
       local  users.  The verify server can run chrooted at fixed
       low privilege.

       The address verification server can be  coerced  to  store
       unlimited  amounts  of  garbage.  Limiting  the cache size
       trades one problem (disk space exhaustion) for another one
       (poor response time to client requests).

       With  Postfix  version 2.5 and later, the <a href="verify.8.html"><b>verify</b>(8)</a> server
       no  longer  uses  root   privileges   when   opening   the
       <b><a href="postconf.5.html#address_verify_map">address_verify_map</a></b>  cache  file.  The  file  should now be
       stored  under  the  Postfix-owned  <b><a href="postconf.5.html#data_directory">data_directory</a></b>.   As  a
       migration  aid,  an  attempt  to open a cache file under a
       non-Postfix directory is redirected to  the  Postfix-owned
       <b><a href="postconf.5.html#data_directory">data_directory</a></b>, and a warning is logged.

       Problems and transactions are logged to <b>syslogd</b>(8).

       The  address  verification  service  is  suitable only for
       sites that handle a low mail volume.  Verification  probes
       add  additional  traffic  to  the  mail  queue and perform
       poorly under high load.  Servers may blacklist sites  that
       probe excessively, or that probe excessively for non-exis-
       tent recipient addresses.

       If the persistent database ever gets  corrupted  then  the
       world  comes  to  an end and human intervention is needed.
       This violates a basic Postfix principle.

       Changes to <a href="postconf.5.html"><b></b></a> are not  picked  up  automatically,  as
       <a href="verify.8.html"><b>verify</b>(8)</a> processes are persistent. Use the command "<b>post-</b>
       <b>fix reload</b>" after a configuration change.

       The text below provides  only  a  parameter  summary.  See
       <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.

       <b><a href="postconf.5.html#address_verify_map">address_verify_map</a> (empty)</b>
              Optional  lookup table for persistent address veri-
              fication status storage.

       <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> ($<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b>
              The sender address to use in  address  verification
              probes; prior to Postfix 2.5 the default was "post-

       <b><a href="postconf.5.html#address_verify_positive_expire_time">address_verify_positive_expire_time</a> (31d)</b>
              The time after which  a  successful  probe  expires
              from the address verification cache.

       <b><a href="postconf.5.html#address_verify_positive_refresh_time">address_verify_positive_refresh_time</a> (7d)</b>
              The time after which a successful address verifica-
              tion probe needs to be refreshed.

       <b><a href="postconf.5.html#address_verify_negative_cache">address_verify_negative_cache</a> (yes)</b>
              Enable caching of failed address verification probe

       <b><a href="postconf.5.html#address_verify_negative_expire_time">address_verify_negative_expire_time</a> (3d)</b>
              The  time  after  which a failed probe expires from
              the address verification cache.

       <b><a href="postconf.5.html#address_verify_negative_refresh_time">address_verify_negative_refresh_time</a> (3h)</b>
              The time after which a failed address  verification
              probe needs to be refreshed.

       By  default,  probe  messages  are  delivered via the same
       route as regular messages.  The following  parameters  can
       be used to override specific message routing mechanisms.

       <b><a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> ($<a href="postconf.5.html#relayhost">relayhost</a>)</b>
              Overrides   the  <a href="postconf.5.html#relayhost">relayhost</a>  parameter  setting  for
              address verification probes.

       <b><a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a> ($<a href="postconf.5.html#transport_maps">transport_maps</a>)</b>
              Overrides the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting  for
              address verification probes.

       <b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b>
              Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for
              address verification probes.

       <b><a href="postconf.5.html#address_verify_virtual_transport">address_verify_virtual_transport</a> ($<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b>
              Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a>  parameter  setting
              for address verification probes.

       <b><a href="postconf.5.html#address_verify_relay_transport">address_verify_relay_transport</a> ($<a href="postconf.5.html#relay_transport">relay_transport</a>)</b>
              Overrides the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter setting for
              address verification probes.

       <b><a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> ($<a href="postconf.5.html#default_transport">default_transport</a>)</b>
              Overrides the <a href="postconf.5.html#default_transport">default_transport</a>  parameter  setting
              for address verification probes.

       <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
              The  default  location  of  the Postfix <a href="postconf.5.html"></a> and
              <a href="master.5.html"></a> configuration files.

       <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
              How much time a Postfix daemon process may take  to
              handle  a  request  before  it  is  terminated by a
              built-in watchdog timer.

       <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
              The time limit for sending or receiving information
              over an internal communication channel.

       <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
              The  process  ID  of  a  Postfix  command or daemon

       <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
              The process name of a  Postfix  command  or  daemon

       <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
              The  location of the Postfix top-level queue direc-

       <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
              The syslog facility of Postfix logging.

       <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
              The mail system  name  that  is  prepended  to  the
              process  name  in  syslog  records, so that "smtpd"
              becomes, for example, "postfix/smtpd".

<b>SEE ALSO</b>
       <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server
       <a href="cleanup.8.html">cleanup(8)</a>, enqueue Postfix message
       <a href="postconf.5.html">postconf(5)</a>, configuration parameters
       syslogd(5), system logging

       <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a>, address verification howto

       The  Secure  Mailer  license must be distributed with this

       This service was introduced with Postfix version 2.1.

       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

</pre> </body> </html>