1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "http://www.w3.org/TR/html4/loose.dtd"> 3<html> <head> 4<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 5<title> Postfix manual - verify(8) </title> 6</head> <body> <pre> 7VERIFY(8) VERIFY(8) 8 9<b>NAME</b> 10 verify - Postfix address verification server 11 12<b>SYNOPSIS</b> 13 <b>verify</b> [generic Postfix daemon options] 14 15<b>DESCRIPTION</b> 16 The <a href="verify.8.html"><b>verify</b>(8)</a> address verification server maintains a record of what 17 recipient addresses are known to be deliverable or undeliverable. 18 19 Addresses are verified by injecting probe messages into the Postfix 20 queue. Probe messages are run through all the routing and rewriting 21 machinery except for final delivery, and are discarded rather than 22 being deferred or bounced. 23 24 Address verification relies on the answer from the nearest MTA for the 25 specified address, and will therefore not detect all undeliverable 26 addresses. 27 28 The <a href="verify.8.html"><b>verify</b>(8)</a> server is designed to run under control by the Postfix 29 master server. It maintains an optional persistent database. To avoid 30 being interrupted by "postfix stop" in the middle of a database update, 31 the process runs in a separate process group. 32 33 The <a href="verify.8.html"><b>verify</b>(8)</a> server implements the following requests: 34 35 <b>update</b> <i>address status text</i> 36 Update the status and text of the specified address. 37 38 <b>query</b> <i>address</i> 39 Look up the <i>status</i> and <i>text</i> for the specified <i>address</i>. If the 40 status is unknown, a probe is sent and an "in progress" status 41 is returned. 42 43<b>SECURITY</b> 44 The address verification server is not security-sensitive. It does not 45 talk to the network, and it does not talk to local users. The verify 46 server can run chrooted at fixed low privilege. 47 48 The address verification server can be coerced to store unlimited 49 amounts of garbage. Limiting the cache expiry time trades one problem 50 (disk space exhaustion) for another one (poor response time to client 51 requests). 52 53 With Postfix version 2.5 and later, the <a href="verify.8.html"><b>verify</b>(8)</a> server no longer uses 54 root privileges when opening the <b><a href="postconf.5.html#address_verify_map">address_verify_map</a></b> cache file. The 55 file should now be stored under the Postfix-owned <b><a href="postconf.5.html#data_directory">data_directory</a></b>. As a 56 migration aid, an attempt to open a cache file under a non-Postfix 57 directory is redirected to the Postfix-owned <b><a href="postconf.5.html#data_directory">data_directory</a></b>, and a 58 warning is logged. 59 60<b>DIAGNOSTICS</b> 61 Problems and transactions are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>. 62 63<b>BUGS</b> 64 Address verification probe messages add additional traffic to the mail 65 queue. Recipient verification may cause an increased load on 66 down-stream servers in the case of a dictionary attack or a flood of 67 backscatter bounces. Sender address verification may cause your site 68 to be denylisted by some providers. 69 70 If the persistent database ever gets corrupted then the world comes to 71 an end and human intervention is needed. This violates a basic Postfix 72 principle. 73 74<b>CONFIGURATION PARAMETERS</b> 75 Changes to <a href="postconf.5.html"><b>main.cf</b></a> are not picked up automatically, as <a href="verify.8.html"><b>verify</b>(8)</a> pro- 76 cesses are long-lived. Use the command "<b>postfix reload</b>" after a config- 77 uration change. 78 79 The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for 80 more details including examples. 81 82<b>PROBE MESSAGE CONTROLS</b> 83 <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> ($<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b> 84 The sender address to use in address verification probes; prior 85 to Postfix 2.5 the default was "postmaster". 86 87 Available with Postfix 2.9 and later: 88 89 <b><a href="postconf.5.html#address_verify_sender_ttl">address_verify_sender_ttl</a> (0s)</b> 90 The time between changes in the time-dependent portion of 91 address verification probe sender addresses. 92 93<b>CACHE CONTROLS</b> 94 <b><a href="postconf.5.html#address_verify_map">address_verify_map</a> (see 'postconf -d' output)</b> 95 Lookup table for persistent address verification status storage. 96 97 <b><a href="postconf.5.html#address_verify_positive_expire_time">address_verify_positive_expire_time</a> (31d)</b> 98 The time after which a successful probe expires from the address 99 verification cache. 100 101 <b><a href="postconf.5.html#address_verify_positive_refresh_time">address_verify_positive_refresh_time</a> (7d)</b> 102 The time after which a successful address verification probe 103 needs to be refreshed. 104 105 <b><a href="postconf.5.html#address_verify_negative_cache">address_verify_negative_cache</a> (yes)</b> 106 Enable caching of failed address verification probe results. 107 108 <b><a href="postconf.5.html#address_verify_negative_expire_time">address_verify_negative_expire_time</a> (3d)</b> 109 The time after which a failed probe expires from the address 110 verification cache. 111 112 <b><a href="postconf.5.html#address_verify_negative_refresh_time">address_verify_negative_refresh_time</a> (3h)</b> 113 The time after which a failed address verification probe needs 114 to be refreshed. 115 116 Available with Postfix 2.7 and later: 117 118 <b><a href="postconf.5.html#address_verify_cache_cleanup_interval">address_verify_cache_cleanup_interval</a> (12h)</b> 119 The amount of time between <a href="verify.8.html"><b>verify</b>(8)</a> address verification data- 120 base cleanup runs. 121 122<b>PROBE MESSAGE ROUTING CONTROLS</b> 123 By default, probe messages are delivered via the same route as regular 124 messages. The following parameters can be used to override specific 125 message routing mechanisms. 126 127 <b><a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> ($<a href="postconf.5.html#relayhost">relayhost</a>)</b> 128 Overrides the <a href="postconf.5.html#relayhost">relayhost</a> parameter setting for address verifica- 129 tion probes. 130 131 <b><a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a> ($<a href="postconf.5.html#transport_maps">transport_maps</a>)</b> 132 Overrides the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting for address veri- 133 fication probes. 134 135 <b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b> 136 Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for address ver- 137 ification probes. 138 139 <b><a href="postconf.5.html#address_verify_virtual_transport">address_verify_virtual_transport</a> ($<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b> 140 Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting for address 141 verification probes. 142 143 <b><a href="postconf.5.html#address_verify_relay_transport">address_verify_relay_transport</a> ($<a href="postconf.5.html#relay_transport">relay_transport</a>)</b> 144 Overrides the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter setting for address ver- 145 ification probes. 146 147 <b><a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> ($<a href="postconf.5.html#default_transport">default_transport</a>)</b> 148 Overrides the <a href="postconf.5.html#default_transport">default_transport</a> parameter setting for address 149 verification probes. 150 151 Available in Postfix 2.3 and later: 152 153 <b><a href="postconf.5.html#address_verify_sender_dependent_relayhost_maps">address_verify_sender_dependent_relayhost_maps</a> ($<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_depen</a>-</b> 154 <b><a href="postconf.5.html#sender_dependent_relayhost_maps">dent_relayhost_maps</a>)</b> 155 Overrides the <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> parameter setting 156 for address verification probes. 157 158 Available in Postfix 2.7 and later: 159 160 <b><a href="postconf.5.html#address_verify_sender_dependent_default_transport_maps">address_verify_sender_dependent_default_transport_maps</a> ($<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_depen</a>-</b> 161 <b><a href="postconf.5.html#sender_dependent_default_transport_maps">dent_default_transport_maps</a>)</b> 162 Overrides the <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> parameter 163 setting for address verification probes. 164 165<b>SMTPUTF8 CONTROLS</b> 166 Preliminary SMTPUTF8 support is introduced with Postfix 3.0. 167 168 <b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b> 169 Detect that a message requires SMTPUTF8 support for the speci- 170 fied mail origin classes. 171 172 Available in Postfix version 3.2 and later: 173 174 <b><a href="postconf.5.html#enable_idna2003_compatibility">enable_idna2003_compatibility</a> (no)</b> 175 Enable 'transitional' compatibility between IDNA2003 and 176 IDNA2008, when converting UTF-8 domain names to/from the ASCII 177 form that is used for DNS lookups. 178 179<b>MISCELLANEOUS CONTROLS</b> 180 <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> 181 The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con- 182 figuration files. 183 184 <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b> 185 How much time a Postfix daemon process may take to handle a 186 request before it is terminated by a built-in watchdog timer. 187 188 <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b> 189 The time limit for sending or receiving information over an 190 internal communication channel. 191 192 <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b> 193 The process ID of a Postfix command or daemon process. 194 195 <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b> 196 The process name of a Postfix command or daemon process. 197 198 <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b> 199 The location of the Postfix top-level queue directory. 200 201 <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b> 202 The syslog facility of Postfix logging. 203 204 <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b> 205 A prefix that is prepended to the process name in syslog 206 records, so that, for example, "smtpd" becomes "prefix/smtpd". 207 208 Available in Postfix 3.3 and later: 209 210 <b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b> 211 The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process. 212 213<b>SEE ALSO</b> 214 <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server 215 <a href="cleanup.8.html">cleanup(8)</a>, enqueue Postfix message 216 <a href="postconf.5.html">postconf(5)</a>, configuration parameters 217 <a href="postlogd.8.html">postlogd(8)</a>, Postfix logging 218 syslogd(8), system logging 219 220<b>README FILES</b> 221 <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a>, address verification howto 222 223<b>LICENSE</b> 224 The Secure Mailer license must be distributed with this software. 225 226<b>HISTORY</b> 227 This service was introduced with Postfix version 2.1. 228 229<b>AUTHOR(S)</b> 230 Wietse Venema 231 IBM T.J. Watson Research 232 P.O. Box 704 233 Yorktown Heights, NY 10598, USA 234 235 Wietse Venema 236 Google, Inc. 237 111 8th Avenue 238 New York, NY 10011, USA 239 240 VERIFY(8) 241</pre> </body> </html> 242