MEMCACHE_TABLE(5)                                            MEMCACHE_TABLE(5)

NAME
       memcache_table - Postfix memcache client configuration

SYNOPSIS
       postmap -q "string" memcache:/etc/postfix/filename

       postmap -q - memcache:/etc/postfix/filename <inputfile

DESCRIPTION
       The  Postfix  mail system uses optional tables for address rewriting or
       mail routing. These tables are usually in dbm or db format.

       Alternatively, lookup tables can be specified  as  memcache  instances.
       To  use memcache lookups, define a memcache source as a lookup table in
       main.cf, for example:

           virtual_alias_maps = memcache:/etc/postfix/memcache-aliases.cf

       The file /etc/postfix/memcache-aliases.cf has the same  format  as  the
       Postfix main.cf file, and specifies the parameters described below.

       The  Postfix  memcache  client  supports the lookup, update, delete and
       sequence (first/next) operations. The  sequence  operation  requires  a
       backup database that supports the operation.

MEMCACHE MAIN PARAMETERS
       memcache (default: inet:localhost:11211)
              The  memcache  server  (note: singular) that Postfix will try to
              connect to.  For a TCP server  specify  "inet:"  followed  by  a
              hostname or address, ":", and a port name or number.  Specify an
              IPv6 address inside "[]".   For  a  UNIX-domain  server  specify
              "unix:" followed by the socket pathname. Examples:

                  memcache = inet:memcache.example.com:11211
                  memcache = inet:127.0.0.1:11211
                  memcache = inet:[fc00:8d00:189::3]:11211
                  memcache = unix:/path/to/socket

              NOTE:  to  access  a  UNIX-domain  socket  with  the proxymap(8)
              server, the socket must be accessible by the unprivileged  post-
              fix user.

       backup (default: undefined)
              An optional Postfix database that provides persistent backup for
              the memcache database. The Postfix memcache client  will  update
              the  memcache  database whenever it looks up or changes informa-
              tion in the persistent database. Specify a Postfix  "type:table"
              database. Examples:

                  # Non-shared postscreen cache.
                  backup = btree:/var/lib/postfix/postscreen_cache_map

                  # Shared postscreen cache for processes on the same host.
                  backup = proxy:btree:/var/lib/postfix/postscreen_cache_map

              Access to remote proxymap servers is under development.

              NOTE  1:  When  sharing  a persistent postscreen(8) or verify(8)
              cache,     disable     automatic     cache     cleanup      (set
              *_cache_cleanup_interval  =  0) except with one Postfix instance
              that will be responsible for cache cleanup.

              NOTE 2: When multiple tables share the same  memcache  database,
              each  table  should  use  the  key_format feature (see below) to
              prepend its own unique string to  the  lookup  key.   Otherwise,
              automatic postscreen(8) or verify(8) cache cleanup may not work.

              NOTE 3: When the  backup  database  is  accessed  with  "proxy:"
              lookups,  the  full backup database name (including the "proxy:"
              prefix)   must   be   specified   in   the   proxymap   server's
              proxy_read_maps   or   proxy_write_maps  setting  (depending  on
              whether the access is read-only or read-write).

       flags (default: 0)
              Optional flags that should  be  stored  along  with  a  memcache
              update. The flags are ignored when looking up information.

       ttl (default: 3600)
              The expiration time in seconds of memcache updates.

              NOTE  1:  When  using  a memcache table as postscreen(8) or ver-
              ify(8)  cache  without  persistent  backup,   specify   a   zero
              *_cache_cleanup_interval  value  with all Postfix instances that
              use the memcache, and specify the  largest  postscreen(8)  *_ttl
              value  or  verify(8) *_expire_time value as the memcache table's
              ttl value.

              NOTE 2: According to memcache protocol  documentation,  a  value
              greater  than  30 days (2592000 seconds) specifies absolute UNIX
              time. Smaller values are relative to the time of the update.

MEMCACHE KEY PARAMETERS
       key_digest (default: empty)
              After processing the key_format setting, and  before  sending  a
              request  to  the  memcache server, run the key through the named
              message digest algorithm and convert  the  result  to  lowercase
              hexadecimal  characters.  This  prevents a database access error
              when keys may exceed the  memcache  server's  key  length  limit
              (usually, 250 bytes). Specify the name of a message digest algo-
              rithm that is supported by OpenSSL, for example, sha256.

              This feature  is  available  in  Postfix  3.11  and  later,  and
              requires that Postfix is built with TLS support.

       key_format (default: %s)
              Format  of  the lookup and update keys that the Postfix memcache
              client sends to the memcache server.  By default, these are  the
              same  as  the  lookup  and  update keys that the memcache client
              receives from Postfix applications.

              NOTE 1: The key_format feature is not used for  backup  database
              requests.

              NOTE  2:  When multiple tables share the same memcache database,
              each table should prepend its own unique string  to  the  lookup
              key.   Otherwise,  automatic  postscreen(8)  or  verify(8) cache
              cleanup may not work.

              Examples:

                  key_format = aliases:%s
                  key_format = verify:%s
                  key_format = postscreen:%s

              The key_format parameter supports the following '%' expansions:

              %%     This is replaced by a literal '%' character.

              %s     This is replaced by the memcache client input key.

              %u     When the input key is an address of the form user@domain,
                     %u  is  replaced  by  the  SQL  quoted  local part of the
                     address.  Otherwise, %u is replaced by the entire  search
                     string.   If the localpart is empty, a lookup is silently
                     suppressed and returns no results (an update  is  skipped
                     with a warning).

              %d     When the input key is an address of the form user@domain,
                     %d is replaced by the domain part of the address.  Other-
                     wise,  a  lookup  is  silently  suppressed and returns no
                     results (an update is skipped with a warning).

              %[SUD] The upper-case equivalents of the above expansions behave
                     in   the   key_format   parameter  identically  to  their
                     lower-case counter-parts.

              %[1-9] The patterns %1, %2, ... %9 are replaced  by  the  corre-
                     sponding  most  significant  component of the input key's
                     domain. If the input key is  user@mail.example.com,  then
                     %1 is com, %2 is example and %3 is mail. If the input key
                     is unqualified or does not have enough domain  components
                     to  satisfy  all  the  specified  patterns,  a  lookup is
                     silently suppressed and returns no results (an update  is
                     skipped with a warning).

       domain (default: no domain list)
              This  feature  can  significantly  reduce  database server load.
              Specify a list of domain names, paths to files, or  "type:table"
              databases.   When  specified,  only  fully qualified search keys
              with a *non-empty* localpart and a matching domain are  eligible
              for  lookup  or update: bare 'user' lookups, bare domain lookups
              and "@domain" lookups are silently skipped (updates are  skipped
              with a warning).  Example:

                  domain = example.com, hash:/etc/postfix/searchdomains

MEMCACHE ERROR CONTROLS
       data_size_limit (default: 10240)
              The maximal memcache reply data length in bytes.

       line_size_limit (default: 1024)
              The maximal memcache reply line length in bytes.

       max_try (default: 2)
              The  number of times to try a memcache command before giving up.
              The memcache client does not retry a command when  the  memcache
              server accepts no connection.

       retry_pause (default: 1)
              The time in seconds before retrying a failed memcache command.

       timeout (default: 2)
              The  time limit for sending a memcache command and for receiving
              a memcache reply.

BUGS
       The Postfix memcache  client  cannot  be  used  for  security-sensitive
       tables such as alias_maps (these may contain "|command and "/file/name"
       destinations), or virtual_uid_maps, virtual_gid_maps and  virtual_mail-
       box_maps (these specify UNIX process privileges for "/file/name" desti-
       nations).  In a typical deployment a memcache database is  writable  by
       any  process  that  can talk to the memcache server; in contrast, secu-
       rity-sensitive tables must never be writable by the unprivileged  Post-
       fix user.

       The Postfix memcache client requires additional configuration when used
       as postscreen(8) or verify(8) cache.  For details see  the  backup  and
       ttl  parameter  discussions  in  the  MEMCACHE  MAIN PARAMETERS section
       above.

SEE ALSO
       postmap(1), Postfix lookup table manager
       postconf(5), configuration parameters

README FILES
       DATABASE_README, Postfix lookup table overview
       MEMCACHE_README, Postfix memcache client guide

LICENSE
       The Secure Mailer license must be distributed with this software.

HISTORY
       Memcache support was introduced with Postfix version 2.9.

AUTHOR(S)
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

       Wietse Venema
       Google, Inc.
       111 8th Avenue
       New York, NY 10011, USA

                                                             MEMCACHE_TABLE(5)