1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "http://www.w3.org/TR/html4/loose.dtd"> 3<html> <head> 4<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 5<link rel='stylesheet' type='text/css' href='postfix-doc.css'> 6<title> Postfix manual - verify(8) </title> 7</head> <body> <pre> 8VERIFY(8) VERIFY(8) 9 10<b>NAME</b> 11 verify - Postfix address verification server 12 13<b>SYNOPSIS</b> 14 <b>verify</b> [generic Postfix daemon options] 15 16<b>DESCRIPTION</b> 17 The <a href="verify.8.html"><b>verify</b>(8)</a> address verification server maintains a record of what 18 recipient addresses are known to be deliverable or undeliverable. 19 20 Addresses are verified by injecting probe messages into the Postfix 21 queue. Probe messages are run through all the routing and rewriting 22 machinery except for final delivery, and are discarded rather than 23 being deferred or bounced. 24 25 Address verification relies on the answer from the nearest MTA for the 26 specified address, and will therefore not detect all undeliverable 27 addresses. 28 29 The <a href="verify.8.html"><b>verify</b>(8)</a> server is designed to run under control by the Postfix 30 master server. It maintains an optional persistent database. To avoid 31 being interrupted by "postfix stop" in the middle of a database update, 32 the process runs in a separate process group. 33 34 The <a href="verify.8.html"><b>verify</b>(8)</a> server implements the following requests: 35 36 <b>update</b> <i>address status text</i> 37 Update the status and text of the specified address. 38 39 <b>query</b> <i>address</i> 40 Look up the <i>status</i> and <i>text</i> for the specified <i>address</i>. If the 41 status is unknown, a probe is sent and an "in progress" status 42 is returned. 43 44<b>SECURITY</b> 45 The address verification server is not security-sensitive. It does not 46 talk to the network, and it does not talk to local users. The verify 47 server can run chrooted at fixed low privilege. 48 49 The address verification server can be coerced to store unlimited 50 amounts of garbage. Limiting the cache expiry time trades one problem 51 (disk space exhaustion) for another one (poor response time to client 52 requests). 53 54 With Postfix version 2.5 and later, the <a href="verify.8.html"><b>verify</b>(8)</a> server no longer uses 55 root privileges when opening the <b><a href="postconf.5.html#address_verify_map">address_verify_map</a></b> cache file. The 56 file should now be stored under the Postfix-owned <b><a href="postconf.5.html#data_directory">data_directory</a></b>. As a 57 migration aid, an attempt to open a cache file under a non-Postfix 58 directory is redirected to the Postfix-owned <b><a href="postconf.5.html#data_directory">data_directory</a></b>, and a 59 warning is logged. 60 61<b>DIAGNOSTICS</b> 62 Problems and transactions are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>. 63 64<b>BUGS</b> 65 Address verification probe messages add additional traffic to the mail 66 queue. Recipient verification may cause an increased load on 67 down-stream servers in the case of a dictionary attack or a flood of 68 backscatter bounces. Sender address verification may cause your site 69 to be denylisted by some providers. 70 71 If the persistent database ever gets corrupted then the world comes to 72 an end and human intervention is needed. This violates a basic Postfix 73 principle. 74 75<b>CONFIGURATION PARAMETERS</b> 76 Changes to <a href="postconf.5.html"><b>main.cf</b></a> are not picked up automatically, as <a href="verify.8.html"><b>verify</b>(8)</a> pro- 77 cesses are long-lived. Use the command "<b>postfix reload</b>" after a config- 78 uration change. 79 80 The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for 81 more details including examples. 82 83<b>PROBE MESSAGE CONTROLS</b> 84 <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> ($<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b> 85 The sender address to use in address verification probes; prior 86 to Postfix 2.5 the default was "postmaster". 87 88 Available with Postfix 2.9 and later: 89 90 <b><a href="postconf.5.html#address_verify_sender_ttl">address_verify_sender_ttl</a> (0s)</b> 91 The time between changes in the time-dependent portion of 92 address verification probe sender addresses. 93 94<b>CACHE CONTROLS</b> 95 <b><a href="postconf.5.html#address_verify_map">address_verify_map</a> (see 'postconf -d' output)</b> 96 Lookup table for persistent address verification status storage. 97 98 <b><a href="postconf.5.html#address_verify_positive_expire_time">address_verify_positive_expire_time</a> (31d)</b> 99 The time after which a successful probe expires from the address 100 verification cache. 101 102 <b><a href="postconf.5.html#address_verify_positive_refresh_time">address_verify_positive_refresh_time</a> (7d)</b> 103 The time after which a successful address verification probe 104 needs to be refreshed. 105 106 <b><a href="postconf.5.html#address_verify_negative_cache">address_verify_negative_cache</a> (yes)</b> 107 Enable caching of failed address verification probe results. 108 109 <b><a href="postconf.5.html#address_verify_negative_expire_time">address_verify_negative_expire_time</a> (3d)</b> 110 The time after which a failed probe expires from the address 111 verification cache. 112 113 <b><a href="postconf.5.html#address_verify_negative_refresh_time">address_verify_negative_refresh_time</a> (3h)</b> 114 The time after which a failed address verification probe needs 115 to be refreshed. 116 117 Available with Postfix 2.7 and later: 118 119 <b><a href="postconf.5.html#address_verify_cache_cleanup_interval">address_verify_cache_cleanup_interval</a> (12h)</b> 120 The amount of time between <a href="verify.8.html"><b>verify</b>(8)</a> address verification data- 121 base cleanup runs. 122 123<b>PROBE MESSAGE ROUTING CONTROLS</b> 124 By default, probe messages are delivered via the same route as regular 125 messages. The following parameters can be used to override specific 126 message routing mechanisms. 127 128 <b><a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> ($<a href="postconf.5.html#relayhost">relayhost</a>)</b> 129 Overrides the <a href="postconf.5.html#relayhost">relayhost</a> parameter setting for address verifica- 130 tion probes. 131 132 <b><a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a> ($<a href="postconf.5.html#transport_maps">transport_maps</a>)</b> 133 Overrides the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting for address veri- 134 fication probes. 135 136 <b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b> 137 Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for address ver- 138 ification probes. 139 140 <b><a href="postconf.5.html#address_verify_virtual_transport">address_verify_virtual_transport</a> ($<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b> 141 Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting for address 142 verification probes. 143 144 <b><a href="postconf.5.html#address_verify_relay_transport">address_verify_relay_transport</a> ($<a href="postconf.5.html#relay_transport">relay_transport</a>)</b> 145 Overrides the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter setting for address ver- 146 ification probes. 147 148 <b><a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> ($<a href="postconf.5.html#default_transport">default_transport</a>)</b> 149 Overrides the <a href="postconf.5.html#default_transport">default_transport</a> parameter setting for address 150 verification probes. 151 152 Available in Postfix 2.3 and later: 153 154 <b><a href="postconf.5.html#address_verify_sender_dependent_relayhost_maps">address_verify_sender_dependent_relayhost_maps</a> ($<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_depen</a>-</b> 155 <b><a href="postconf.5.html#sender_dependent_relayhost_maps">dent_relayhost_maps</a>)</b> 156 Overrides the <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> parameter setting 157 for address verification probes. 158 159 Available in Postfix 2.7 and later: 160 161 <b><a href="postconf.5.html#address_verify_sender_dependent_default_transport_maps">address_verify_sender_dependent_default_transport_maps</a> ($<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_depen</a>-</b> 162 <b><a href="postconf.5.html#sender_dependent_default_transport_maps">dent_default_transport_maps</a>)</b> 163 Overrides the <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> parameter 164 setting for address verification probes. 165 166<b>SMTPUTF8 CONTROLS</b> 167 Preliminary SMTPUTF8 support is introduced with Postfix 3.0. 168 169 <b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b> 170 Detect that a message requires SMTPUTF8 support for the speci- 171 fied mail origin classes. 172 173 Available in Postfix version 3.2 and later: 174 175 <b><a href="postconf.5.html#enable_idna2003_compatibility">enable_idna2003_compatibility</a> (no)</b> 176 Enable 'transitional' compatibility between IDNA2003 and 177 IDNA2008, when converting UTF-8 domain names to/from the ASCII 178 form that is used for DNS lookups. 179 180<b>MISCELLANEOUS CONTROLS</b> 181 <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> 182 The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con- 183 figuration files. 184 185 <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b> 186 How much time a Postfix daemon process may take to handle a 187 request before it is terminated by a built-in watchdog timer. 188 189 <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b> 190 The time limit for sending or receiving information over an 191 internal communication channel. 192 193 <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b> 194 The process ID of a Postfix command or daemon process. 195 196 <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b> 197 The process name of a Postfix command or daemon process. 198 199 <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b> 200 The location of the Postfix top-level queue directory. 201 202 <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b> 203 The syslog facility of Postfix logging. 204 205 <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b> 206 A prefix that is prepended to the process name in syslog 207 records, so that, for example, "smtpd" becomes "prefix/smtpd". 208 209 Available in Postfix 3.3 and later: 210 211 <b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b> 212 The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process. 213 214<b>SEE ALSO</b> 215 <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server 216 <a href="cleanup.8.html">cleanup(8)</a>, enqueue Postfix message 217 <a href="postconf.5.html">postconf(5)</a>, configuration parameters 218 <a href="postlogd.8.html">postlogd(8)</a>, Postfix logging 219 syslogd(8), system logging 220 221<b>README FILES</b> 222 <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a>, address verification howto 223 224<b>LICENSE</b> 225 The Secure Mailer license must be distributed with this software. 226 227<b>HISTORY</b> 228 This service was introduced with Postfix version 2.1. 229 230<b>AUTHOR(S)</b> 231 Wietse Venema 232 IBM T.J. Watson Research 233 P.O. Box 704 234 Yorktown Heights, NY 10598, USA 235 236 Wietse Venema 237 Google, Inc. 238 111 8th Avenue 239 New York, NY 10011, USA 240 241 VERIFY(8) 242</pre> </body> </html> 243