1#++ 2# NAME 3# mysql_table 5 4# SUMMARY 5# Postfix MySQL client configuration 6# SYNOPSIS 7# \fBpostmap -q "\fIstring\fB" mysql:/etc/postfix/\fIfilename\fR 8# 9# \fBpostmap -q - mysql:/etc/postfix/\fIfilename\fB <\fIinputfile\fR 10# DESCRIPTION 11# The Postfix mail system uses optional tables for address 12# rewriting or mail routing. These tables are usually in 13# \fBdbm\fR or \fBdb\fR format. 14# 15# Alternatively, lookup tables can be specified as MySQL databases. 16# In order to use MySQL lookups, define a MySQL source as a lookup 17# table in main.cf, for example: 18# .nf 19# alias_maps = mysql:/etc/postfix/mysql-aliases.cf 20# .fi 21# 22# The file /etc/postfix/mysql-aliases.cf has the same format as 23# the Postfix main.cf file, and can specify the parameters 24# described below. 25# LIST MEMBERSHIP 26# .ad 27# .fi 28# When using SQL to store lists such as $mynetworks, 29# $mydestination, $relay_domains, $local_recipient_maps, 30# etc., it is important to understand that the table must 31# store each list member as a separate key. The table lookup 32# verifies the *existence* of the key. See "Postfix lists 33# versus tables" in the DATABASE_README document for a 34# discussion. 35# 36# Do NOT create tables that return the full list of domains 37# in $mydestination or $relay_domains etc., or IP addresses 38# in $mynetworks. 39# 40# DO create tables with each matching item as a key and with 41# an arbitrary value. With SQL databases it is not uncommon to 42# return the key itself or a constant value. 43# MYSQL PARAMETERS 44# .ad 45# .fi 46# .IP "\fBhosts\fR" 47# The hosts that Postfix will try to connect to and query from. 48# Specify \fIunix:\fR for UNIX domain sockets, \fIinet:\fR for TCP 49# connections (default). Examples: 50# .nf 51# hosts = inet:host1.some.domain inet:host2.some.domain:port 52# hosts = host1.some.domain host2.some.domain:port 53# hosts = unix:/file/name 54# .fi 55# 56# The hosts are tried in random order, with all connections over 57# UNIX domain sockets being tried before those over TCP. The 58# connections are automatically closed after being idle for about 59# 1 minute, and are re-opened as necessary. Postfix versions 2.0 60# and earlier do not randomize the host order. 61# 62# NOTE: if you specify localhost as a hostname (even if you 63# prefix it with \fIinet:\fR), MySQL will connect to the default 64# UNIX domain socket. In order to instruct MySQL to connect to 65# localhost over TCP you have to specify 66# .nf 67# hosts = 127.0.0.1 68# .fi 69# .IP "\fBuser\fR" 70# .IP "\fBpassword\fR" 71# The user name and password to log into the mysql server. 72# Example: 73# .nf 74# user = someone 75# password = some_password 76# .fi 77# .IP "\fBdbname\fR" 78# The database name on the servers. Example: 79# .nf 80# dbname = customer_database 81# .fi 82# .IP "\fBquery\fR" 83# The SQL query template used to search the database, where \fB%s\fR 84# is a substitute for the address Postfix is trying to resolve, 85# e.g. 86# .nf 87# query = SELECT replacement FROM aliases WHERE mailbox = '%s' 88# .fi 89# 90# By default, every query must return a result set (instead 91# of storing its results in a table); with "\fBrequire_result_set 92# = no\fR" (Postfix 3.2 and later), the absence of a result 93# set is treated as "not found". 94# 95# This parameter supports the following '%' expansions: 96# .RS 97# .IP "\fB%%\fR" 98# This is replaced by a literal '%' character. 99# .IP "\fB%s\fR" 100# This is replaced by the input key. 101# SQL quoting is used to make sure that the input key does not 102# add unexpected metacharacters. 103# .IP "\fB%u\fR" 104# When the input key is an address of the form user@domain, \fB%u\fR 105# is replaced by the SQL quoted local part of the address. 106# Otherwise, \fB%u\fR is replaced by the entire search string. 107# If the localpart is empty, the query is suppressed and returns 108# no results. 109# .IP "\fB%d\fR" 110# When the input key is an address of the form user@domain, \fB%d\fR 111# is replaced by the SQL quoted domain part of the address. 112# Otherwise, the query is suppressed and returns no results. 113# .IP "\fB%[SUD]\fR" 114# The upper-case equivalents of the above expansions behave in the 115# \fBquery\fR parameter identically to their lower-case counter-parts. 116# With the \fBresult_format\fR parameter (see below), they expand the 117# input key rather than the result value. 118# .IP "\fB%[1-9]\fR" 119# The patterns %1, %2, ... %9 are replaced by the corresponding 120# most significant component of the input key's domain. If the 121# input key is \fIuser@mail.example.com\fR, then %1 is \fBcom\fR, 122# %2 is \fBexample\fR and %3 is \fBmail\fR. If the input key is 123# unqualified or does not have enough domain components to satisfy 124# all the specified patterns, the query is suppressed and returns 125# no results. 126# .RE 127# .IP 128# The \fBdomain\fR parameter described below limits the input 129# keys to addresses in matching domains. When the \fBdomain\fR 130# parameter is non-empty, SQL queries for unqualified addresses 131# or addresses in non-matching domains are suppressed 132# and return no results. 133# 134# This parameter is available with Postfix 2.2. In prior releases 135# the SQL query was built from the separate parameters: 136# \fBselect_field\fR, \fBtable\fR, \fBwhere_field\fR and 137# \fBadditional_conditions\fR. The mapping from the old parameters 138# to the equivalent query is: 139# 140# .nf 141# SELECT [\fBselect_field\fR] 142# FROM [\fBtable\fR] 143# WHERE [\fBwhere_field\fR] = '%s' 144# [\fBadditional_conditions\fR] 145# .fi 146# 147# The '%s' in the \fBWHERE\fR clause expands to the escaped search string. 148# With Postfix 2.2 these legacy parameters are used if the \fBquery\fR 149# parameter is not specified. 150# 151# NOTE: DO NOT put quotes around the query parameter. 152# .IP "\fBresult_format (default: \fB%s\fR)\fR" 153# Format template applied to result attributes. Most commonly used 154# to append (or prepend) text to the result. This parameter supports 155# the following '%' expansions: 156# .RS 157# .IP "\fB%%\fR" 158# This is replaced by a literal '%' character. 159# .IP "\fB%s\fR" 160# This is replaced by the value of the result attribute. When 161# result is empty it is skipped. 162# .IP "\fB%u\fR 163# When the result attribute value is an address of the form 164# user@domain, \fB%u\fR is replaced by the local part of the 165# address. When the result has an empty localpart it is skipped. 166# .IP "\fB%d\fR" 167# When a result attribute value is an address of the form 168# user@domain, \fB%d\fR is replaced by the domain part of 169# the attribute value. When the result is unqualified it 170# is skipped. 171# .IP "\fB%[SUD1-9]\fR" 172# The upper-case and decimal digit expansions interpolate 173# the parts of the input key rather than the result. Their 174# behavior is identical to that described with \fBquery\fR, 175# and in fact because the input key is known in advance, queries 176# whose key does not contain all the information specified in 177# the result template are suppressed and return no results. 178# .RE 179# .IP 180# For example, using "result_format = smtp:[%s]" allows one 181# to use a mailHost attribute as the basis of a transport(5) 182# table. After applying the result format, multiple values 183# are concatenated as comma separated strings. The expansion_limit 184# and parameter explained below allows one to restrict the number 185# of values in the result, which is especially useful for maps that 186# must return at most one value. 187# 188# The default value \fB%s\fR specifies that each result value should 189# be used as is. 190# 191# This parameter is available with Postfix 2.2 and later. 192# 193# NOTE: DO NOT put quotes around the result format! 194# .IP "\fBdomain (default: no domain list)\fR" 195# This is a list of domain names, paths to files, or "type:table" 196# databases. When specified, only fully qualified search keys 197# with a *non-empty* localpart and a matching domain are 198# eligible for lookup: 'user' lookups, bare domain lookups 199# and "@domain" lookups are not performed. This can significantly 200# reduce the query load on the MySQL server. 201# .nf 202# domain = postfix.org, hash:/etc/postfix/searchdomains 203# .fi 204# 205# It is best not to use SQL to store the domains eligible 206# for SQL lookups. 207# 208# This parameter is available with Postfix 2.2 and later. 209# 210# NOTE: DO NOT define this parameter for local(8) aliases, 211# because the input keys are always unqualified. 212# .IP "\fBexpansion_limit (default: 0)\fR" 213# A limit on the total number of result elements returned 214# (as a comma separated list) by a lookup against the map. 215# A setting of zero disables the limit. Lookups fail with a 216# temporary error if the limit is exceeded. Setting the 217# limit to 1 ensures that lookups do not return multiple 218# values. 219# .IP "\fBoption_file\fR" 220# Read options from the given file instead of the default my.cnf 221# location. This reads options from the \fB[client]\fR option 222# group, optionally followed by options from the group given 223# with \fBoption_group\fR. 224# .sp 225# This parameter is available with Postfix 2.11 and later. 226# .IP "\fBoption_group (default: Postfix >=3.2: client, <= 3.1: empty)\fR" 227# Read options from the given group of the mysql options file, 228# after reading options from the \fB[client]\fR group. 229# .sp 230# Postfix 3.2 and later read \fB[client]\fR option group 231# settings by default. To disable this specify no \fBoption_file\fR 232# and specify "\fBoption_group =\fR" (i.e. an empty value). 233# .sp 234# Postfix 3.1 and earlier don't read \fB[client]\fR option 235# group settings unless a non-empty \fBoption_file\fR or 236# \fBoption_group\fR value are specified. To enable this, 237# specify, for example, "\fBoption_group = client\fR". 238# .sp 239# This parameter is available with Postfix 2.11 and later. 240# .IP "\fBrequire_result_set (default: yes)\fR" 241# If "\fByes\fR", require that every query returns a result 242# set. If "\fBno\fR", treat the absence of a result set as 243# "not found". 244# .sp 245# This parameter is available with Postfix 3.2 and later. 246# .IP "\fBtls_cert_file\fR" 247# File containing client's X509 certificate. 248# .sp 249# This parameter is available with Postfix 2.11 and later. 250# .IP "\fBtls_key_file\fR" 251# File containing the private key corresponding to \fBtls_cert_file\fR. 252# .sp 253# This parameter is available with Postfix 2.11 and later. 254# .IP "\fBtls_CAfile\fR" 255# File containing certificates for all of the X509 Certification 256# Authorities the client will recognize. Takes precedence over 257# \fBtls_CApath\fR. 258# .sp 259# This parameter is available with Postfix 2.11 and later. 260# .IP "\fBtls_CApath\fR" 261# Directory containing X509 Certification Authority certificates 262# in separate individual files. 263# .sp 264# This parameter is available with Postfix 2.11 and later. 265# .IP "\fBtls_ciphers\fR" 266# The list of permissible ciphers for SSL encryption. 267# .sp 268# This parameter is available with Postfix 2.11 and later. 269# .IP "\fBtls_verify_cert (default: no)\fR" 270# Verify that the server's name matches the common name in the 271# certificate. 272# .sp 273# This parameter is available with Postfix 2.11 and later. 274# USING MYSQL STORED PROCEDURES 275# .ad 276# .fi 277# Postfix 3.2 and later support calling a stored procedure 278# instead of using a SELECT statement in the query, e.g. 279# 280# .nf 281# \fBquery\fR = CALL lookup('%s') 282# .fi 283# 284# The previously described '%' expansions can be used in the 285# parameter(s) to the stored procedure. 286# 287# By default, every stored procedure call must return a result 288# set, i.e. every code path must execute a SELECT statement 289# that returns a result set (instead of storing its results 290# in a table). With "\fBrequire_result_set = no\fR", the 291# absence of a result set is treated as "not found". 292# 293# A stored procedure must not return multiple result sets. 294# That is, there must be no code path that executes multiple 295# SELECT statements that return a result (instead of storing 296# their results in a table). 297# 298# The following is an example of a stored procedure returning 299# a single result set: 300# 301# .nf 302# CREATE [DEFINER=`user`@`host`] PROCEDURE 303# `lookup`(IN `param` VARCHAR(255)) 304# READS SQL DATA 305# SQL SECURITY INVOKER 306# BEGIN 307# select goto from alias where address=param; 308# END 309# .fi 310# OBSOLETE MAIN.CF PARAMETERS 311# .ad 312# .fi 313# For compatibility with other Postfix lookup tables, MySQL 314# parameters can also be defined in main.cf. In order to do that, 315# specify as MySQL source a name that doesn't begin with a slash 316# or a dot. The MySQL parameters will then be accessible as the 317# name you've given the source in its definition, an underscore, 318# and the name of the parameter. For example, if the map is 319# specified as "mysql:\fImysqlname\fR", the parameter "hosts" 320# would be defined in main.cf as "\fImysqlname\fR_hosts". 321# 322# Note: with this form, the passwords for the MySQL sources are 323# written in main.cf, which is normally world-readable. Support 324# for this form will be removed in a future Postfix version. 325# OBSOLETE QUERY INTERFACE 326# .ad 327# .fi 328# This section describes an interface that is deprecated as 329# of Postfix 2.2. It is replaced by the more general \fBquery\fR 330# interface described above. If the \fBquery\fR parameter 331# is defined, the legacy parameters described here ignored. 332# Please migrate to the new interface as the legacy interface 333# may be removed in a future release. 334# 335# The following parameters can be used to fill in a 336# SELECT template statement of the form: 337# 338# .nf 339# SELECT [\fBselect_field\fR] 340# FROM [\fBtable\fR] 341# WHERE [\fBwhere_field\fR] = '%s' 342# [\fBadditional_conditions\fR] 343# .fi 344# 345# The specifier %s is replaced by the search string, and is 346# escaped so if it contains single quotes or other odd characters, 347# it will not cause a parse error, or worse, a security problem. 348# .IP "\fBselect_field\fR" 349# The SQL "select" parameter. Example: 350# .nf 351# \fBselect_field\fR = forw_addr 352# .fi 353# .IP "\fBtable\fR" 354# The SQL "select .. from" table name. Example: 355# .nf 356# \fBtable\fR = mxaliases 357# .fi 358# .IP "\fBwhere_field\fR 359# The SQL "select .. where" parameter. Example: 360# .nf 361# \fBwhere_field\fR = alias 362# .fi 363# .IP "\fBadditional_conditions\fR 364# Additional conditions to the SQL query. Example: 365# .nf 366# \fBadditional_conditions\fR = AND status = 'paid' 367# .fi 368# SEE ALSO 369# postmap(1), Postfix lookup table maintenance 370# postconf(5), configuration parameters 371# ldap_table(5), LDAP lookup tables 372# pgsql_table(5), PostgreSQL lookup tables 373# sqlite_table(5), SQLite lookup tables 374# README FILES 375# .ad 376# .fi 377# Use "\fBpostconf readme_directory\fR" or 378# "\fBpostconf html_directory\fR" to locate this information. 379# .na 380# .nf 381# DATABASE_README, Postfix lookup table overview 382# MYSQL_README, Postfix MYSQL client guide 383# LICENSE 384# .ad 385# .fi 386# The Secure Mailer license must be distributed with this software. 387# HISTORY 388# MySQL support was introduced with Postfix version 1.0. 389# AUTHOR(S) 390# Original implementation by: 391# Scott Cotton, Joshua Marcus 392# IC Group, Inc. 393# 394# Further enhancements by: 395# Liviu Daia 396# Institute of Mathematics of the Romanian Academy 397# P.O. BOX 1-764 398# RO-014700 Bucharest, ROMANIA 399# 400# Stored-procedure support by John Fawcett. 401# 402# Wietse Venema 403# Google, Inc. 404# 111 8th Avenue 405# New York, NY 10011, USA 406#-- 407