Postfix/master.cf

About
The following text is heavily based on instructions found in the default installation of master.cf.

master.cf is the Postfix "master process configuration file" (manpage). It is a text file in which each logical line describes how a particular Postfix daemon program should be run.


 * A logical line starts with non-whitespace, non-comment text.
 * Empty lines and whitespace-only lines are ignored, as are comment lines whose first non-whitespace character is a '#'.
 * A line that starts with whitespace continues a logical line.

The fields that make up each line are described below. A "-" field value requests that a default value be used for that field.


 * Service: any name that is valid for the specified transport type (the next field). With INET transports, a service is specified as host:port.  The host part (and colon) may be omitted. Either host or port may be given in symbolic form or in numeric form. Examples for the SMTP server: localhost:smtp receives mail via the loopback interface only; 10025 receives mail on port 10025.
 * Transport type: "inet" for Internet sockets, "unix" for UNIX-domain sockets, "fifo" for named pipes.
 * Private: whether or not access is restricted to the mail system. Default is private service. Internet (inet) sockets can't be private.
 * Unprivileged: whether the service runs with root privileges or as the owner of the Postfix system (the owner name is controlled by the mail_owner configuration variable in the main.cf file). Only the pipe, virtual and local delivery daemons require privileges.
 * Chroot: whether or not the service runs chrooted to the mail queue directory (pathname is controlled by the queue_directory configuration variable in the main.cf file). Presently, all Postfix daemons can run chrooted, except for the pipe, virtual and local delivery daemons.
 * The proxymap server can run chrooted, but doing so defeats most of the purpose of having that service in the first place.
 * The files in the examples/chroot-setup subdirectory describe how to set up a Postfix chroot environment for your type of machine.
 * Wakeup time: automatically wake up the named service after the specified number of seconds. A ? at the end of the wakeup time field requests that wake up events be sent only to services that are actually being used. Specify 0 for no wakeup. Presently, only the pickup, queue manager and flush daemons need a wakeup timer.
 * Max procs: the maximum number of processes that may execute this service simultaneously. Default is to use a globally configurable limit (the default_process_limit configuration parameter in main.cf). Specify 0 for no process count limit.
 * Command + args: the command to be executed. The command name is relative to the Postfix program directory (pathname is controlled by the daemon_directory configuration variable). Adding one or more -v options turns on verbose logging for that service; adding a -D option enables symbolic debugging (see the debugger_command variable in the main.cf configuration file). See individual command man pages for specific command-line options, if any.

General main.cf options can be overridden for specific services. To override one or more main.cf options, specify them as arguments below, preceding each option by "-o". There must be no whitespace in the option itself (separate multiple values for an option by commas).

In order to use the "uucp" message tranport below, set up entries in the transport table.

In order to use the "cyrus" message transport below, configure it in main.cf as the mailbox_transport.

Important:
 * Specify only programs that are written to run as Postfix daemons. All daemons specified here must speak a Postfix-internal protocol.
 * Do not share the Postfix queue between multiple Postfix instances.

Format
========================================================================== service type private unpriv  chroot  wakeup  maxproc command + args (yes)  (yes)   (yes)   (never) (100) ==========================================================================

Example
smtp     inet  n       -       -       -       -       smtpd -o content_filter=spamassassin -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters spamassassin unix -    n       n       -       -       pipe user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient} dovecot  unix  -       n       n       -       -       pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d ${recipient}

pickup   fifo  n       -       -       60      1       pickup cleanup  unix  n       -       -       -       0       cleanup qmgr     fifo  n       -       -       300     1       qmgr rewrite  unix  -       -       -       -       -       trivial-rewrite bounce   unix  -       -       -       -       0       bounce defer    unix  -       -       -       -       0       bounce trace    unix  -       -       -       -       0       bounce verify   unix  -       -       -       -       1       verify flush    unix  n       -       -       1000? 0      flush proxymap unix  -       -       n       -       -       proxymap smtp     unix  -       -       -       -       -       smtp relay    unix  -       -       -       -       -       smtp showq    unix  n       -       -       -       -       showq error    unix  -       -       -       -       -       error local    unix  -       n       n       -       -       local virtual  unix  -       n       n       -       -       virtual lmtp     unix  -       -       n       -       -       lmtp anvil    unix  -       -       n       -       1       anvil maildrop unix  -       n       n       -       -       pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} uucp     unix  -       n       n       -       -       pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail   unix  -       n       n       -       -       pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp    unix  -       n       n       -       -       pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient scalemail-backend unix	-	n	n	-	2	pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
 * 1) submission inet n     -       -       -       -       smtpd
 * 2) 	-o smtpd_etrn_restrictions=reject
 * 3) 628     inet  n       -       -       -       -       qmqpd
 * 1) qmgr    fifo  n       -       -       300     1       oqmgr
 * 1)       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
 * 1) Interfaces to non-Postfix software. Be sure to examine the manual
 * 2) pages of the non-Postfix software to find out what options it wants.
 * 3) maildrop. See the Postfix MAILDROP_README file for details.
 * 1) maildrop. See the Postfix MAILDROP_README file for details.
 * 1) maildrop. See the Postfix MAILDROP_README file for details.

tlsmgr   unix  -       -       -       1000? 1      tlsmgr vacation   unix  -       n       n       -       -       pipe flags=Rq user=vacation argv=/usr/bin/groupoffice-vacation -f ${sender} -- ${recipient}
 * 1) only used by postfix-tls
 * 2) tlsmgr	 fifo	-	-	n	300	1	tlsmgr
 * 3) smtps	 inet	n	-	n	-	-	smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
 * 4) 587	 inet	n	-	n	-	-	smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
 * 1) scache   unix  -       -       -       -       1       scache
 * 2) discard  unix  -       -       -       -       -       discard

Links

 * Rejecting Unknown Local Recipients with Postfix involves configuring master.cf