verify.8.html   [plain text]

<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
<html> <head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - verify(8) </title>
</head> <body> <pre>
VERIFY(8)                                                            VERIFY(8)

       verify - Postfix address verification server

       <b>verify</b> [generic Postfix daemon options]

       The  <a href="verify.8.html"><b>verify</b>(8)</a>  address  verification  server  maintains a
       record of what recipient addresses are known to be  deliv-
       erable or undeliverable.

       Addresses  are  verified  by injecting probe messages into
       the Postfix queue. Probe messages are run through all  the
       routing and rewriting machinery except for final delivery,
       and are discarded rather than being deferred or bounced.

       Address verification relies on the answer from the nearest
       MTA  for  the  specified  address,  and will therefore not
       detect all undeliverable addresses.

       The <a href="verify.8.html"><b>verify</b>(8)</a> server is designed to run under  control  by
       the  Postfix  master server. It maintains an optional per-
       sistent database.  To avoid being interrupted by  "postfix
       stop" in the middle of a database update, the process runs
       in a separate process group.

       The <a href="verify.8.html"><b>verify</b>(8)</a> server implements the following requests:

       <b>update</b> <i>address status text</i>
              Update  the  status  and  text  of  the   specified

       <b>query</b> <i>address</i>
              Look  up  the  <i>status</i>  and  <i>text</i>  for the specified
              <i>address</i>.  If the status is unknown, a probe is sent
              and an "in progress" status is returned.

       The address verification server is not security-sensitive.
       It does not talk to the network, and it does not  talk  to
       local  users.  The verify server can run chrooted at fixed
       low privilege.

       The address verification server can be  coerced  to  store
       unlimited  amounts  of  garbage. Limiting the cache expiry
       time  trades  one  problem  (disk  space  exhaustion)  for
       another one (poor response time to client requests).

       With  Postfix  version 2.5 and later, the <a href="verify.8.html"><b>verify</b>(8)</a> server
       no  longer  uses  root   privileges   when   opening   the
       <b><a href="postconf.5.html#address_verify_map">address_verify_map</a></b>  cache  file.  The  file  should now be
       stored  under  the  Postfix-owned  <b><a href="postconf.5.html#data_directory">data_directory</a></b>.   As  a
       migration  aid,  an  attempt  to open a cache file under a
       non-Postfix directory is redirected to  the  Postfix-owned
       <b><a href="postconf.5.html#data_directory">data_directory</a></b>, and a warning is logged.

       Problems and transactions are logged to <b>syslogd</b>(8).

       Address verification probe messages add additional traffic
       to the mail queue.  Recipient verification  may  cause  an
       increased  load  on  down-stream  servers in the case of a
       dictionary attack  or  a  flood  of  backscatter  bounces.
       Sender  address  verification  may  cause  your site to be
       blacklisted by some providers.

       If the persistent database ever gets  corrupted  then  the
       world  comes  to  an end and human intervention is needed.
       This violates a basic Postfix principle.

       Changes to <a href="postconf.5.html"><b></b></a> are not  picked  up  automatically,  as
       <a href="verify.8.html"><b>verify</b>(8)</a> processes are long-lived. Use the command "<b>post-</b>
       <b>fix reload</b>" after a configuration change.

       The text below provides  only  a  parameter  summary.  See
       <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.

       <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> ($<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b>
              The  sender  address to use in address verification
              probes; prior to Postfix 2.5 the default was "post-

       Available with Postfix 2.9 and later:

       <b><a href="postconf.5.html#address_verify_sender_ttl">address_verify_sender_ttl</a> (0s)</b>
              The time between changes in the time-dependent por-
              tion   of   address   verification   probe   sender

       <b><a href="postconf.5.html#address_verify_map">address_verify_map</a> (see 'postconf -d' output)</b>
              Lookup  table  for  persistent address verification
              status storage.

       <b><a href="postconf.5.html#address_verify_positive_expire_time">address_verify_positive_expire_time</a> (31d)</b>
              The time after which  a  successful  probe  expires
              from the address verification cache.

       <b><a href="postconf.5.html#address_verify_positive_refresh_time">address_verify_positive_refresh_time</a> (7d)</b>
              The time after which a successful address verifica-
              tion probe needs to be refreshed.

       <b><a href="postconf.5.html#address_verify_negative_cache">address_verify_negative_cache</a> (yes)</b>
              Enable caching of failed address verification probe

       <b><a href="postconf.5.html#address_verify_negative_expire_time">address_verify_negative_expire_time</a> (3d)</b>
              The  time  after  which a failed probe expires from
              the address verification cache.

       <b><a href="postconf.5.html#address_verify_negative_refresh_time">address_verify_negative_refresh_time</a> (3h)</b>
              The time after which a failed address  verification
              probe needs to be refreshed.

       Available with Postfix 2.7 and later:

       <b><a href="postconf.5.html#address_verify_cache_cleanup_interval">address_verify_cache_cleanup_interval</a> (12h)</b>
              The  amount of time between <a href="verify.8.html"><b>verify</b>(8)</a> address veri-
              fication database cleanup runs.

       By default, probe messages  are  delivered  via  the  same
       route  as  regular messages.  The following parameters can
       be used to override specific message routing mechanisms.

       <b><a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> ($<a href="postconf.5.html#relayhost">relayhost</a>)</b>
              Overrides  the  <a href="postconf.5.html#relayhost">relayhost</a>  parameter  setting   for
              address verification probes.

       <b><a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a> ($<a href="postconf.5.html#transport_maps">transport_maps</a>)</b>
              Overrides  the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting for
              address verification probes.

       <b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b>
              Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for
              address verification probes.

       <b><a href="postconf.5.html#address_verify_virtual_transport">address_verify_virtual_transport</a> ($<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b>
              Overrides  the  <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting
              for address verification probes.

       <b><a href="postconf.5.html#address_verify_relay_transport">address_verify_relay_transport</a> ($<a href="postconf.5.html#relay_transport">relay_transport</a>)</b>
              Overrides the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter setting for
              address verification probes.

       <b><a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> ($<a href="postconf.5.html#default_transport">default_transport</a>)</b>
              Overrides  the  <a href="postconf.5.html#default_transport">default_transport</a> parameter setting
              for address verification probes.

       Available in Postfix 2.3 and later:

       <b><a href="postconf.5.html#address_verify_sender_dependent_relayhost_maps">address_verify_sender_dependent_relayhost_maps</a></b>
       <b>($<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>)</b>
              Overrides    the    <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
              parameter  setting for address verification probes.

       Available in Postfix 2.7 and later:

       <b><a href="postconf.5.html#address_verify_sender_dependent_default_transport_maps">address_verify_sender_dependent_default_transport_maps</a></b>
       <b>($<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>)</b>
              Overrides    the    <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_trans</a>-
              <a href="postconf.5.html#sender_dependent_default_transport_maps">port_maps</a>  parameter  setting for address verifica-
              tion probes.

       <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
              The default location of  the  Postfix  <a href="postconf.5.html"></a>  and
              <a href="master.5.html"></a> configuration files.

       <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
              How  much time a Postfix daemon process may take to
              handle a request  before  it  is  terminated  by  a
              built-in watchdog timer.

       <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
              The time limit for sending or receiving information
              over an internal communication channel.

       <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
              The process ID  of  a  Postfix  command  or  daemon

       <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
              The  process  name  of  a Postfix command or daemon

       <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
              The location of the Postfix top-level queue  direc-

       <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
              The syslog facility of Postfix logging.

       <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
              The  mail  system  name  that  is  prepended to the
              process name in syslog  records,  so  that  "smtpd"
              becomes, for example, "postfix/smtpd".

<b>SEE ALSO</b>
       <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server
       <a href="cleanup.8.html">cleanup(8)</a>, enqueue Postfix message
       <a href="postconf.5.html">postconf(5)</a>, configuration parameters
       syslogd(5), system logging

       <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a>, address verification howto

       The Secure Mailer license must be  distributed  with  this

       This service was introduced with Postfix version 2.1.

       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

</pre> </body> </html>